1. What are personal information and sensitive information?

Personal information is defined in the Privacy Act 1988 (Cth). Generally, it is information or an opinion about an identified individual or an individual who is reasonably identifiable. This may include your name, address, telephone number, email address, profession or occupation.

Sensitive information includes:

•    information about your racial or ethnic background, political opinions, membership of political, professional or trade associations or trade unions, religious beliefs or affiliations, philosophical beliefs, sexual orientation or practices or criminal record (where that information is personal information); 

•    health information and genetic information; and

•    biometric templates and biometric information that is used for the purpose of automated biometric verification or biometric identification.

2. Types of personal information and sensitive information we collect

The types of personal information we may collect (depending on the nature of our relationship and dealings with you) include: 

•    your name  

•    your country of birth, passport details, visa details and drivers’ licence;  

•    address (residential and mailing address);  

•    contact details (telephone number, fax number and email address);  

•    age, date of birth, marital status and occupation;  

•    employment details and financial information (your salary, the name and address of your employer, and details of your work history and remuneration);  

•    information about your financial affairs (e.g. payment details, bank account details, and information about business and financial interests);  

•    government identifiers;  

•    profession, occupation and job title; and  

•    employee number 

We may also collect the following information depending on the products and services we provide you: 

•    credit card details; 

•    bank account numbers; 

•    details of income, assets, liabilities, expenses, credit history, credit worthiness; and 

•    other information as required by the Anti-Money Laundering Counter-Terrorism Financing Act 2006 (Cth). 

Generally, most MMS companies do not collect sensitive information about you. However, we may collect information about your memberships if required to provide you with a specific product or service or where required by law. 

If you are a client of Plan Partners or Plan Tracker, we may collect or hold: 

1. a range of sensitive information about you including: 

•    racial or ethnic origin; 

•    health information (including information about your medical history and any disability or injury you may have); 

•    criminal activities you may have been involved in; and 

•    your biometrics (including photographs and voice or video recordings of you, where these materials are collected, stored and used for their biometric properties). 

2. other types of sensitive information if the information is required to provide you with a specific product or service, or where required by law. In some circumstances, we may collect sensitive information about you from a third party.

Plan Partners and Plan Tracker generally do not collect other types of sensitive information about you that are not necessary to aid in service delivery, including:

•    religious beliefs or affiliations; 

•    philosophical beliefs; 

•    sexual preferences or practices; and 

•    membership of political and professional or trade associations or trade unions. 

When you visit MMS websites, we may collect statistics on the number, date and time of your visit, the number of pages viewed and the manner in which you navigate through our sites.

When you call us, we may collect statistics on the number, date and time of your call and the manner in which you navigated through our telephony system. We may also monitor and/or record in-coming and out- going telephone calls for taxation, verification, substantiation and quality assurance purposes.

3. Why we collect your personal information and sensitive information

We collect your personal information (and, where applicable, your sensitive information) to perform our business activities and functions. We collect, hold, use and disclose your personal information (and, where applicable, sensitive information) to provide you with products and services you have requested, and for the administration of those products and services. 

We may also collect, hold, use and disclose your personal information (and, where applicable, sensitive information) to:

•    conduct our business administration and operations (such as accounting, risk management, record keeping, statistical analysis, research, planning, systems development, testing and staff training);  

•     conduct our marketing (including direct marketing and Internet-based targeted advertising), planning, new product or service development, quality control and research;  

•     conduct customer satisfaction surveys / Net Promoter Score;  

•     answer your enquiries and respond to any complaints made by you;  

•     send you material (or show you advertisements) about other products and services offered by us;  

•     assess and monitor the use and performance of our websites and provide you with access to secure areas of our websites;  

•     up-date our records and keep your contact detail updated; and  

•     comply with any law, rule or regulation or request or direction from any Court, regulator, law enforcement body or governmental authority.

We may share personal information about you with our related bodies corporate, contractors and service providers for any of the purposes outlined above.

If you are a client of Plan Partners or Plan Tracker, we:

•    will generally only collect personal and sensitive information if you consent and it is reasonably necessary for, or directly related to, one or more of Plan Partners' or Plan Tracker’s functions or activities. Sometimes we may collect sensitive information without your consent, such as when it is required or authorised by a law, or court or tribunal order; and

•     may collect, hold, use and disclose your information for purposes including the administration of your NDIS funds, co-ordination of your disability support and liaising with your support providers and with the National Disability Insurance Agency (NDIA), as well as the other purposes specified in this Privacy Policy and the Plan Partners Privacy Policy or the Plan Tracker Privacy Policy (as applicable).

4. How we collect your personal information and sensitive information

Where it is reasonable and practical to do so, we will always collect personal information and sensitive information directly from you. How we collect your personal information will depend on how you interact with us. For example, we may collect it through your access and use of our websites, during your conversations with our representatives or from application forms you complete. 

There are occasions when we may need to collect your personal information or sensitive information from third parties, with or without your direct involvement. We will generally obtain your prior consent if we need to obtain your sensitive information from third parties (unless a relevant exception applies). Depending on the products or services you request or receive, the third parties from whom we may collect personal information include your employer, market research organisations, third party brokers and agents, credit reporting bodies, government agencies, your representatives and your advisers and other organisations who, jointly with us, provide products or services to you. We may also collect sensitive information from medical practitioners, health and disability support providers.

5. Disclosing your personal information and sensitive information

We may disclose your personal information to another person or organisation. Depending upon the products or services you have requested, we may disclose personal information about you to: 

•    your employer; 

•    our employees and related bodies corporate; 

•    our agents, contractors and service providers, including mail houses (including third parties who help us to send our emails), technology service providers (including web hosting and web analytics), advertising service providers (including online advertising networks and social media platforms that we use to serve our ads), IT systems administrators or professional advisers such as accountants, solicitors, business advisers and consultants; 

•    regulatory bodies, government agencies and law enforcement bodies, including the Australian Taxation Office, Centrelink, the NDIA and the NDIS Quality and Safeguards Commission (NDIS Commission); 

•    financial institutions, payment systems operators, credit reporting bodies or debt collection agencies in relation to the processing, administration and management of products and services requested by you; 

•    persons acting on your behalf, including your legal adviser, financial adviser, executor, administrator, trustee, guardian or attorney; 

•    insurers and reinsurers in relation to insurance products and services requested by you; 

•    superannuation funds in relation to the processing of contributions; 

•    other organisations or firms, who jointly with us, provide products or services to you; 

•    motor vehicle dealers in relation to the sourcing and remarketing of your motor vehicle; 

•    State and Territory road authorities in relation to motor vehicle registration and compulsory third party insurance; 

•    guarantors and prospective guarantors in relation to any applications for credit or lease applications made by you; and 

•    fuel companies to enable those companies to properly record fuel purchases made by you. 

If you are a client of Plan Partners or Plan Tracker, we will not give your personal information to government agencies, private sector organisations, or anyone else unless you consent, or we are permitted to do so by law, or one of the following other exceptions applies: 

•    it is legally required or authorised, such as by an Australian law, or court or tribunal order; 

•    formally requested by regulatory bodies, government agencies and law enforcement bodies, including the NDIA and the NDIS Commission; 

•    we reasonably believe that it is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety; and 

•    we have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to our functions or activities has been, is being or may be engaged in and we reasonably believe that it is necessary for us to take appropriate action in relation to the matter. 

In the unlikely event that the assets and operations of our business are sold to another party, our records of personal information and sensitive information will be transferred to that party.

6. What if we can’t collect your personal information?

If you do not provide us with the personal information (and, where applicable, sensitive information) described above then, depending on the circumstances and the nature of our relationship and dealings with you, some or all of the following may happen: 

•    we may be unable to provide the requested products or services to you, either to the same standard or at all; 

•    we may be unable to provide you with information about products and services you may want, including information about discounts, sales or special promotions; or 

•    we may be unable to tailor the content of our websites to your preferences and your experience of our websites may not be as enjoyable or useful.

7. Marketing and advertising

We may use your information to offer you products or services we believe may be of interest to you. These may include products and services of MMS companies and brands, and products and services of carefully selected third party companies and brands that we work with. We may contact you by various means including telephone, mail, SMS, fax or email. You can notify us at any time if you no longer wish to receive marketing communications. Our contact details are set out at the end of this policy.

We do not sell personal information to other organisations to allow them to send their direct marketing to you.

How we conduct Internet advertising

We may also collect and use information about you for the purposes of online targeted advertising services that help our advertisements (ads) to reach you (and other people who may be interested in our products and services) on websites, apps and social media platforms across the Internet.

These online targeted advertising services are operated by third party vendors.

The advertising service providers that we currently use include Meta (which includes Facebook and Instagram), Google, LinkedIn, Microsoft Bing and Adobe.

Some of these services work by using non-identifying data about your behaviour and demographics that has been collected through cookies and other tracking technologies (such as pixels, web beacons and device identifiers (such as Android Advertising Identifier or Advertising Identifier for iOS)) when you use the Internet, including when you move between different websites and apps and use different devices. For example, third-party vendors may use cookies and/or device identifiers to serve ads based on your past visits to our websites.

Other services require us to use limited amounts of your personal information. For example, we may include your information in a customer list that we provide to selected online advertising service providers (such as Meta, LinkedIn, Google, Microsoft Bing and Adobe) so that we can conduct audience-based advertising. This allows us to show our ads to you (if you also use those platforms) and to other users of those platforms who share similar characteristics with you. The customer list is usually hashed (to improve security and confidentiality) before it’s processed by the service provider to target and serve our ads. 

For example, we may use Microsoft's Universal Event Tracking (UET) feature for online advertising. Where we do so, Microsoft will collect or receive personal information from the user or us to provide the relevant Microsoft advertising services. Microsoft's Privacy Statement can be found here: https://privacy.microsoft.com/en-au/privacystatement

The data that is collected through these cookies and other tracking technologies, or provided by us, may be combined with other data (supplied by our advertising service provider, or third parties) to improve the targeting and serving of ads.

Our online advertising service providers also help us by measuring the effectiveness of our ad campaigns (e.g. conversion tracking) and providing us with analytics data that we use to inform and optimise our ad campaigns. These analytics are based on data that may be collected through cookies and other tracking technologies. The analytics data we receive is generally aggregated and non-identifying.

We may permit third party vendors (including the advertising service providers listed above) to deploy cookies and other tracking technologies on and through our website and emails to collect or receive information about you from our websites, our emails and your activities elsewhere on the Internet. This information may be used to provide measurement / analytics services and to target and deliver ads, as described above.

By using our websites and social media pages or otherwise interacting with us, you consent to our third party advertising service providers collecting, receiving and processing data about you in the manner and for the purposes set out above.

Your choices in relation to Internet Advertising

When we use any advertising service that requires us to use or disclose your personal information, we will only do so if we are permitted to do so by applicable privacy laws. You can notify us at any time if you would like us to stop using your personal information for these targeted advertising purposes. Our contact details are set out at the end of this policy.

Your web browser and/or mobile device may provide you with settings that allow you to disable or opt-out of some of the tracking technologies that are used to collect data that is used for analytics and ad targeting and serving purposes (such as cookies, device identifiers and advertising identifiers). These options may vary depending on the specific web browser or mobile device that you are using. Please refer to your web browser or mobile device manual for further information.

You can learn more about opting out of receiving interest-based Internet ads in general at www.optout.aboutads.info, and www.networkadvertising.org/choices. You can also opt-out of certain online targeted advertising networks directly by visiting:

• the Digital Advertising Alliance’s opt-out portal at: http://optout.aboutads.info/; and
• the Network Advertising Initiative’s opt-out portal: https://optout.networkadvertising.org/

You can also learn more about how our advertising service providers collect and use data for interest-based advertising purposes (and what options they offer for managing how your data is collected and used as part of their services) by visiting the following pages on their websites:

• Facebook: https://www.facebook.com/help/109378269482053/?helpref=hc_fnav
• Instagram: https://help.instagram.com/1415228085373580
• Google (including YouTube): https://policies.google.com/technologies/partner-sites
• LinkedIn: https://www.linkedin.com/help/linkedin/answer/a1342443
• Microsoft Ads: https://account.microsoft.com/privacy/ad-settings/
• Adobe: https://www.adobe.com/au/privacy/opt-out.html

8. Protection of your personal information

We take reasonable steps to make sure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hard copy form. In some cases, we store records on third party servers, some of which may be located overseas.

We use a range of security measures to protect the personal information we hold, including by implementing IT security tools to protect our electronic databases.

We take reasonable steps to make sure that personal information is destroyed or de-identified when no longer needed.

When browsing our web sites, you acknowledge that the internet is not always a secure environment and that the computer and network you use contribute to the overall level of effective protection in place. You further acknowledge that any transmission of information over the internet is out of our control before it reaches our system. Only once we receive your transmission, we can take reasonable steps to safeguard its security

In order to protect your personal information online, we ask that you observe the security requirements relating to the protection of your user identification number and/or password used to access your online account. We recommend that you:

• change your password on initial access to our website;
• ensure the user identification number given to you is kept securely;
• destroy any documentation (including any email) we issue containing your password;
• memorise your user identification number and password;
• do not tell anyone of your user identification number and password;
• immediately telephone us if you suspect your online account or related email account has been breached.

9. Links

Our websites may contain hyperlinks to other sites maintained by different organisations. We do not claim any association with websites which are not clearly identified as our own and do not take any responsibility for their content. Hyperlink users should observe such websites’ terms of use, privacy policies and copyright, which may or may not comply with the same privacy standards that we do.

10. Accessing or correcting your information

You may request access to any personal information or sensitive information that we hold about you. The type of information you request will determine the length of time we take to respond. We will generally respond using the same communication method by which your request was originally made. 

If you believe that personal information or sensitive information that we hold about you is out-of-date, incomplete, inaccurate, irrelevant or misleading, then you may request that we correct it. If you wish to request access to, or correction of, your information please contact us using the contact details in section 14 of this Privacy Policy. 

On occasion we will ask that you put your request in writing. This may include instances where you want copies of material or access to archived information or if the nature of your application makes it necessary for us to retain a record of your request. 

You may be able to access some personal information via our customer service website. Access to personal information via the customer service website requires the use of your unique user identification number and password. No personal information is openly posted on the Internet. If you have difficulty finding the information you want or in using the website, please contact us. If you are a client of Plan Partners or Plan Tracker it is also possible to access, and correct documents held by us under the Freedom of Information Act 1982 (the FOI Act). In some circumstances we will suggest that you make your request for personal information under the FOI Act. This is because: 

•    an FOI access request can relate to any document in our possession and is not limited to personal information; 

•    the FOI Act contains a consultation process for dealing with requests for documents that contain personal or business information about another person; 

•    you can complain to the Australian Information Commissioner about what we do under the FOI Act; and 

•    if you are refused access under the FOI Act you have a right to apply for internal review or Information Commissioner review of the access refusal decision. 

Find out more information about how to make a request under the FOI Act on the Australian Information Commissioner’s Freedom of Information webpage: https://www.oaic.gov.au/freedom-of-information/the-foi- act/ 

You can also make a request under the FOI Act by emailing [email protected]. In some circumstances, we may charge an administration fee to retrieve and provide you with access to your information, based on our reasonable costs in providing the information to you. If we intend to charge an administration fee we will give you an estimate of this fee so you can confirm you still want us to proceed with your request. 

We do not impose any charge for submitting a request for access or correction, or for any activities required for us to correct information or update our records in response to a correction request. We are entitled to refuse you access to (or correction of) your information in certain circumstances. For example:

 •    you may not be able to access personal information that: 

•    would reveal personal information or sensitive information about another person and have an unreasonable impact on their privacy; 

•    impact a commercially sensitive decision making process; or 

•    which we are prevented by law from disclosing; and 

•    we may refuse to correct any of your personal information if we do not agree that it requires correction. If we refuse your request, we will provide you with our reasons for the refusal.

11. Cookies

We may use cookies and other tracking technologies on our websites to collect various information about how you interact with our websites. This website usage data is not intended to identify any particular user, but in some cases may include personal identifiers (e.g. IP address, device IDs and session details) and details of your user interactions on our website (e.g. what pages you visit and what you choose to click on).

When you access our website, we may send a “cookies” (which is a small summary file containing a unique ID number) to your computer or device. This enables us to recognise your computer and greet you each time you visit our website without bothering you with a request to register. It also enables us to keep track of products or services you view so that we can send you news about those products or services.

We also use cookies to conduct website analytics - for example, to measure traffic patterns, to determine which areas of our website have been visited and to measure transaction patterns in the aggregate. We use this to research our users’ habits so that we can improve our websites and other online products and services. If you do not wish to receive cookies, you can set your browser so that your computer does not accept them.

We may use cookies to log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track users movements, and gather broad demographic information.

We also use cookies as part of our online targeted advertising activities (see section 7 of this Privacy Policy above).

12. Do we disclose your personal information to anyone outside Australia?

MMS's business activities are conducted in Australia and overseas. In order to provide our services to our customers we may engage other Service Providers to perform certain functions. In the ordinary course of business (and unless we have specifically agreed otherwise with a particular individual or organisation), these functions may involve the hosting or accessing of personal information (which may also include credit information) by the Service Provider outside Australia. At the present time, certain MMS's Service Providers may disclose personal information outside of Australia to countries including: The United States of America, the Republic of Ireland, India, China, Sri Lanka and the Philippines.

The McMillan Shakespeare 's overseas service providers may be required to disclose certain personal information and sensitive information due to their own regulatory obligations under foreign laws. The Privacy Act 1988 (Cth) does not require the MMS to prevent such disclosures, where the disclosure is required by an applicable law of a foreign country.

13. Complaints

If you have any questions regarding this Privacy Policy or any concerns or complaints regarding our treatment of your personal information (including where you consider that we have breached the Australian Privacy Principles), or if you wish to request access to (or correction of) your information, we invite you to contact us. Contact details are set out in section 14 below. 

We will aim to answer your question, concern, request or complaint in a timely and satisfactory manner. If we cannot resolve the matter at the point of first contact, a representative will be in contact within a reasonable time to advise: 

•    who will be handling your enquiry; and 

•    how our investigations are progressing.

14. Contact details

Our contact details are:

Australia

All Customers

Email: [email protected] 

Mail: 

The Privacy Officer McMillan Shakespeare Ltd 

Locked Bag 18, 

Collins Street 

East Melbourne 8003 VIC, 

Australia 

Phone: 1300 649 515 

Facsimile: 1300 733 444

Maxxia (Australia) customers

Website: www.maxxia.com.au 

Email: [email protected] 

Mail: 

The Privacy Officer Maxxia Pty Ltd 

Locked Bag 18, 

Collins Street 

East Melbourne 8003 VIC, 

Australia 

Phone: 1300 649 515 

Facsimile: 1300 733 444

RemServ customers

Website: www.remserv.com.au 

Email: [email protected] 

Mail: 

The Privacy Officer 

Remuneration Services (QLD) Pty Ltd 

Locked Bag 18, 

Collins Street 

East Melbourne 8003 VIC, 

Australia 

Phone: 1300 649 515 

Facsimile: 1300 733 444

Onboard Finance customers

Website: https://onboardfinance.com.au 

Email: [email protected] 

Mail: 

The Privacy Officer

The Privacy Officer McMillan Shakespeare Ltd

Locked Bag 18, Collins Street East Melbourne 8003

VIC, Australia 

Phone: 1300 649 515 

Facsimile: 1300 733 444

Plan Partners customers

Email: [email protected] 

Mail: 

The Privacy Officer 

Plan Partners 

Locked Bag 18, Collins Street 

East Melbourne 8003 

VIC, Australia 

Phone: 1300 333 700 

You may also make a complaint to the Office of the Australian Information Commissioner (OAIC). If you do so, the OAIC may recommend that you try to resolve your complaint directly with us in the first instance. 

The OAIC can be contacted on 1300 363 992 or via the Office of the Australian Information Commissioner website (https://www.oaic.gov.au/). 

The website also contains further information about making complaints relating to privacy. 

If you are still not satisfied with our response, you may also make a complaint to the NDIS Commission on 1800 035 544 or via the NDIS Commission website (www.ndiscommission.gov.au).

Plan Tracker customers

Email: [email protected] 

Mail: 

The Privacy Officer 

McMillan Shakespeare Ltd 

Locked Bag 18, 

Collins Street 

East Melbourne 8003 VIC, 

Australia 

Phone: 1300 649 515 

Facsimile: 1300 733 444 

You may also make a complaint to the OAIC. If you do so, the OAIC may recommend that you try to resolve your complaint directly with us in the first instance. 

The OAIC can be contacted on 1300 363 992 or via the Office of the Australian Information Commissioner website (https://www.oaic.gov.au/). 

The website also contains further information about making complaints relating to privacy. 

If you are still not satisfied with our response, you may also make a complaint to the NDIS Commission on 1800 035 544 or via the NDIS Commission website (www.ndiscommission.gov.au).

Oly customers

Website: www.oly.com.au 

Email: [email protected] 

Mail: 

The Privacy Officer 

Oly Pty Ltd 

Level 21, 360 Elizabeth St 

Melbourne VIC 3000 

Australia 

Phone: 1300 328 182 

Interleasing customers

Website: www.interleasing.com.au 

Email: [email protected] 

Mail: 

The Privacy Officer 

Interleasing (Australia) Ltd

Locked Bag 18, 

Collins Street 

East Melbourne 8003 VIC, 

Australia 

Phone: 1300 649 515 

Facsimile: 1300 733 444

Presidian Group customers

Includes Franklin Finance Group Pty Ltd 

ACN 166 741 564 

Money Now Pty Ltd 

ACN 156 544 455 

National Dealer Services Pty Ltd 

ACN 603 758 872 

Australian Dealer Insurance Pty Ltd 

ACN 158 647 271 

Motorsure Pty Ltd 

ACN 14 086 238 557 

National Insurance Choice Pty Ltd 

ACN 603 933 571 

Website: http://www.presidiangroup.com/ 

Email: [email protected] 

Mail: 

The Privacy Officer 

Locked Bag 18, 

Collins Street 

East Melbourne 8003 VIC, 

Australia 

Phone: 1300 649 515 

Facsimile: 1300 733 444

New Zealand

Interleasing (NZ) customers

Website: https://interleasing.co.nz 

Privacy Policy: https://www.interleasing.co.nz/privacy-policy 

Email: [email protected] 

Mail: 

The Privacy Officer Interleasing 

PO Box 302 451, 

North Harbour, 

Auckland 0751 

Phone: 0800 629 942

15. Changes to this policy

We reserve the right to change this Privacy Policy from time to time by posting updated an version on this website.