Privacy

Privacy - All

Last updated: 1 July 2026

This bundle is designed to enable licensees to comply with their privacy and data breach notification obligations.  The comprehensive policies and procedures comply with both the requirements of the Privacy Act 1988 (Cth), and with guidance provided by the Office of the Australian Information Commissioner.

The Privacy Policy Template sets out how licensees should collect, use and disclose personal information, and also covers data security arrangements and access requests.  The Data Breach Response Policy sets out a 4-stage process for preparing an effective data breach response, including containment, assessment of the breach, notification obligations and a review process, to prevent future incidents.

There is a Credit Information Policy, similar to the Privacy Policy and Collection Statement (Privacy Policy), that applies to both AFS and credit licensee holders.

Included documents

Document Version Type Date
Data Breach Register - ACL, AFSL, Wholesale 1.0 Register 1 June 2019
Data Breach Response Policy - ACL, AFSL, Wholesale 4.0 Policy 19 May 2025
Privacy Access Request Refusal Letter - ACL, AFSL, Wholesale 2.0 Tool 17 Feb. 2022
Privacy Management Policy - ACL, AFSL, Wholesale 6.0 Policy 1 July 2026
Privacy Policy and Collection Statement (Mortgage Brokers) - ACL 2.0 Policy 1 July 2026
Privacy Policy and Collection Statement (Privacy Policy) - ACL, AFSL, Wholesale 5.0 Tool 1 July 2026
Role and Responsibilities of the DBRT Template - ACL, AFSL, Wholesale 1.0 Tool 27 May 2020
Credit Information Policy - ACL, AFSL 1.2 Tool 1 July 2026