This Credit Reporting Policy sets out how AUSSIE EXCAVATORS PLANT HIRE PTY LTD (ACN 164 004 148) including, but not limited to any related body corporate, any subsidiary or associated entity and as trustee of any trust from time to time (individually and together called “Aussie”) (referred to as “we”, “our”, or “us” in this policy) manages the personal information we obtain from credit reporting bodies (“CRBs”) and other types of credit-related personal information. We are committed to protecting your privacy and ensuring that we comply with the Privacy Act and Privacy (Credit Reporting) Code (“CR Code”).

This Credit Reporting Policy does not apply to the commercial credit we provide to companies. However it will apply to an individual who applies to us for commercial credit, and to other individuals we deal with in connection to the provision of commercial credit (such as directors and individual guarantors). If you are unsure whether this Credit Reporting Policy applies to you, please contact our Privacy Officer using the contact details set out below.

This Credit Reporting Policy should be read in conjunction with our Privacy Policy.

We conduct regular reviews of our policies and procedures, and we may change our Credit Reporting Policy from time to time. The most current version of our Credit Reporting Policy will be available on our website. A copy of our Credit Reporting Policy is also available free of charge by contacting our Privacy Officer using the contact details set out below. We will take reasonable steps to provide a copy of our Credit Reporting Policy in the form requested.

What types of credit-related information do we collect and hold?

The types of information we collect and hold may include:

• Identification details, such as your name, address(es), telephone number(s), date of birth, driver’s licence number, and current or last known employer
• Details of consumer and commercial credit you have applied for (including the type and amount of credit), where we have requested that information in connection with an application
for credit and/or a guarantee
• Information about payment(s) of $150 or more which become more than 60 days overdue
• Information about new credit arrangements you may have made with a credit provider (such as variation of existing credit terms and conditions or the provision of new credit)
• Information about your current or terminated credit accounts (including the name of the credit provider, the date on which the credit was entered into and/or terminated, and the
limit of the credit account)
• Advice that payments that were previously notified as unpaid are no longer overdue
• That we have made an information request about you to a CRB to assess a credit application and/or a guarantee
• That another credit provider, or a trade insurer, or a mortgage insurer, has made an information request about you to a CRB
• Information provided to us by a CRB, including information about you which assists us to assess your suitability for commercial credit or as a guarantor of commercial credit
• The type and amount of commercial credit we provide to you or that you have sought from us in a commercial credit application
• That you have offered to act as guarantor in relation to a commercial credit application made to us, or that you are acting as guarantor in relation to commercial credit provided by
us
• That commercial credit we provided (to you, or an entity associated with you, or in your capacity as guarantor) has been paid or otherwise discharged
• Whether, in our opinion or the opinion of another credit provider, you have committed a serious credit infringement
• Publicly available information that relates to your activities in Australia and your credit-worthiness
• Information about you on the National Personal Insolvency Index
• Information about court judgment(s) which relate to credit you have obtained or applied for

The Privacy Act has detailed definitions describing the types of information set out above. However in this Credit Reporting Policy we collectively refer to these types of information as “credit-related information”. We will only collect credit-related information about you by lawful and fair means, and in accordance with the Privacy Act and CR Code.

How do we collect your credit-related information?

We may obtain credit-related information about you from:

• Veda, Dun & Bradstreet, CreditorWatch, Experian, Tasmanian Collection Service (the CRBs we may deal with at any one time)
• Information about your commercial credit-worthiness from businesses that provide that type of information
• Information you provide to us, including the information contained in a completed application for commercial credit and/or guarantee (such as your name, date of birth, residential
and/or business address, contact details, trade references, banking details, assets, income, and financial position)
• Other credit providers (where you consent to us collecting that information or we are permitted to do so under the Privacy Act)
• Information we collect in the course of our dealings with you in connection with credit, such as when you make payments to us

Where we outsource our functions to third party services providers, those providers may also collect credit-related information from you on our behalf.
Why do we collect, hold, use and disclose your credit-related information?

We may collect, hold, use, and disclose credit-related information about you that is reasonably necessary for our business purposes and as permitted by law. Those purposes may include:

• Verifying your identity
• Assessing an application made to us for commercial credit (by you or an entity associated with you)
• Assessing whether we will continue to provide commercial credit (to you or an entity associated with you)
• Assessing your suitability as a guarantor where you have offered to provide us with a guarantee in relation to an application for commercial credit, or in relation to commercial
credit already provided by us
• Deriving scores, ratings, summaries, and evaluations relating to your credit-worthiness which are used in our decision-making processes
• Assisting you to avoid defaulting on your credit-related obligations to us
• Managing the credit we provide and our relationship with you
• Undertaking debt recovery and enforcement activities (including in relation to guarantors)
• Disclosing your credit-related information to a guarantor, or someone you have indicated is a prospective guarantor, in relation to an application for commercial credit or in
relation to commercial credit already provided by us
• Disclosing your credit-related information to our related bodies corporate that are also considering whether to provide credit (to you or an entity associated with you and/or in
your capacity as guarantor)
• Disclosing your credit-related information for our internal management purposes
• Disclosing your credit-related information to other third parties that provide services to us (including debt collectors, lawyers, and advisers)
• Dealing with any complaints, or access or correction requests you make to us
• Responding to a consultation request made to us by a CRB or another credit provider
• Conducting fraud assessments and dealing with serious credit infringements
• Exchanging information (including default information) with other credit providers, as permitted by the Privacy Act and CR Code
• Participating in the credit reporting system and exchanging information with CRBs as permitted by Part IIIA of the Privacy Act and CR Code.
• Satisfying legal and regulatory requirements
• Where you otherwise expressly consent to our collection, use and/or disclosure of your credit-related information

Some credit-related information may only be used or disclosed under the Privacy Act for some of these purposes, or in some of those circumstances. We are not likely to disclose your credit-related information to recipients located outside of Australia.

We may refuse an application for commercial credit and/or reject a guarantee based wholly or partly on your credit-related information.

Disclosing credit-related information to CRBs

We may disclose your credit-related information to a CRB for the purposes set out above and where the Privacy Act permits us to do so. The types of information we may disclose to a CRB include:

• That you have applied for credit with us (including the amount of credit) and/or that we are a current provider of credit to you
• That you have guaranteed credit to us (including the amount of credit guaranteed)
• That you have failed to meet your payment obligations to us (including the amount of an outstanding debt)
• Advice that payments that were previously notified as unpaid are no longer overdue
• That credit we provided to you has been paid or otherwise discharged
• That a guarantee you provided to us has been satisfied or otherwise discharged
• In some circumstances, that in our opinion you have committed a serious credit infringement

CRBs may include that information in reports provided to credit providers like us to assist them in assessing your creditworthiness.

Under the Privacy Act, CRBs are permitted to use credit reporting information to assist credit providers who wish to direct market to you by ensuring you meet certain criteria. This is known as “pre-screening”. You have a right to contact a CRB and request (at no cost to you) that a CRB does not use your information for this purpose.

You also have a right to request that a CRB not use or disclose your credit-related information if you reasonably believe that you have been, or are likely to be, a victim of fraud (including identity fraud).

You can contact the CRBs we exchange information with using the details below:

Equifax
Customer Resolutions
PO Box 964
North Sydney NSW 2059
1300 762 207
customercomplaintsAU@equifax.com

You may obtain a copy of Veda’s policy about their management of credit-related information by contacting them or visiting their website.

Illion (aka Dun & Bradstreet)
Attention: Public Access Centre
PO Box 7405
St Kilda VIC 3004
1300 734 806
pac.austral@dnb.com.au

You may obtain a copy of Dun & Bradstreet’s policy about their management of credit-related information by contacting them or visiting their website.

CreditorWatch
GPO BOX 276
Sydney NSW 2001
privacy@creditorwatch.com.au

You may obtain a copy of CreditorWatch’s policy about their management of credit-related information by contacting them or visiting their website.

Experian
Level 6, 549 St Kilda Road
Melbourne VIC 3004
1300 783 684
creditreports@au.experian.com

You may obtain a copy of Experian’s policy about their management of credit-related information by contacting them or visiting their website.

Tasmanian Collection Service
29 Argyle Street
Hobart TAS 7000
(03) 6213 5555
enquiries@tascol.com.au

You may obtain a copy of Tasmanian Collection Service’s police about their management of credit-related information by contacting them or visiting their website.

Exchange of credit-related information with trade insurers

In connection to an application for commercial credit, trade insurers may also obtain credit-related information about you from us or a CRB for the purpose of assessing whether to provide insurance to us in relation to the commercial credit we provide you (including assessment of the risk of insuring us, the risk of default by you and/or you in your capacity as a guarantor).

Use of third party service providers

We will disclose your credit-related information when we outsource certain of our functions to third party service providers. The functions we may outsource include:

• Managing the supply of our products and services
• Establishing credit accounts and managing credit provided to our customers
• Assessing credit applications and/or guarantees
• Responding to enquiries about applications, accounts, and our products and services
• Conducting checks for credit worthiness and/or fraud
• Debt collection

Where we disclose your credit-related information to our third party service providers, we require those providers to comply with the Privacy Act and CR Code. Our third party service providers will not collect, use, or disclose your personal information for any purpose other than our own, as set out in this Privacy Policy.

How do we store and protect your credit-related information?

We store credit-related information in both paper-based records and in electronic form (such as on computer servers) on our systems or the systems of our service providers. We take all reasonable precautions to safeguard your information from misuse, interference and loss, any unauthorised access, modification or disclosure, including:

• Restricting access to credit-related information stored in our electronic and paper-based records
• Using technology products to prevent unauthorised access to our electronic databases (such as industry standard firewalls) and ensure the security of electronic transmissions
• Training, policies and procedures in relation to the use of our computers and management of credit-related personal information (including informing and training our employees who
handle credit-related information of the requirements of the Privacy Act, CR Code, and Privacy Regulations)
• Requiring all of our third party service providers to handle personal information in accordance with the Privacy Act, CR Code and Privacy Regulations

When we no longer need your credit-related information, and we are not required by law to retain the information, we will take reasonable steps to destroy that information or to ensure it is de-identified.

The internet is not a secure method of transmitting information. Other than where we use Secure Socket Layer (“SSL”) technology (such as for the transmission of credit card information), to the maximum extent permitted by law we cannot and do not accept responsibility for the security of information you send to or receive from us over the internet, or the unauthorised access or use of that information.

How can you access your credit-related information?

We take all reasonable steps to ensure that the credit-related information we collect, use, and disclose is accurate, up-to-date, complete, relevant, and is not misleading. If your personal details change at any time please contact our Privacy Officer.

Under the Privacy Act you have a right to access the credit-related information we hold about you, subject to some exceptions allowed by law. Factors affecting your right to access include:

• Giving access would be unlawful
• Denying access is required or authorised by law
• Giving access would be likely to prejudice an enforcement activity

If you would like access to your credit-related information, please contact our Privacy Officer using the contact details set out below. To ensure that you have access to the most up-to-date information you should additionally request access to credit-related information held by CRBs about you.

We will usually respond to requests for access to credit-related information within 30 days of receiving the request. If we refuse your request, we will give you a written notice setting out the reasons for our refusal (except to the extent it would be unreasonable to do so) and the mechanisms available to you to complain about that refusal.

There is no charge for an access request, although we may charge you a reasonable fee for retrieving your information. We will inform you of any fee and obtain your agreement to that fee before the information is provided to you.

How can you request correction of your credit-related information?

We take all reasonable steps to ensure that the credit-related information we collect is accurate, up-to-date, complete, relevant, and is not misleading. However if you believe that is not the case you have a right under the Privacy Act to request that we correct your credit-related personal information.

If you would like to do so, please contact our Privacy Officer using the contact details set out below.

If we are satisfied that your credit-related information is incomplete, inaccurate, out-of-date, irrelevant, or misleading we will take reasonable steps to correct that information within 30 days of your request, or within such longer period as you agree to in writing. Where it is necessary to resolve a correction request, we must consult with a CRB or another credit provider who holds or held that information.

We will notify you of our decision about a correction request within 5 business days of reaching that decision.

If we refuse your request, we will give you a written notice stating:

• That the corrections have not been made
• Our reasons for not correcting the information (including evidence substantiating the correctness of the information)
• How you can make a complaint to the Office of the Australian Information Commissioner (“OAIC”)

There is no cost involved for you to make a correction request or for the correction of your information.

How can you make a complaint?

If you believe that we have not complied with our obligations under Part IIIA of the Privacy Act or the CR Code, you have a right to complain. You must specify the nature of your complaint.

You can make a complaint to us by contacting our Privacy Officer using the contact details set out below.

You will receive a written acknowledgment of your complaint from us within 7 days after we receive the complaint together with details of how we will deal with the complaint. We investigate all complaints made to us and aim to resolve them within 30 days. If we cannot resolve your complaint within that period we will write to you explaining why we have been unable to resolve your complaint, the expected timeframe to resolve the complaint, and seeking your written agreement to extend the 30 day period. You may refer the matter to the OAIC if you wish to complain about delay in the handling of your complaint (using the contact details set out below).

If we consider it necessary in order to deal with your complaint, we must consult with a CRB or another credit provider. If, while your complaint remains unresolved, we disclose information the subject of the complaint to a third party, we may advise the third party of the complaint.

We will give you a written notice of our decision. If we find your complaint is justified, we will resolve it and, if necessary, change our policies and procedures. If you are not happy with the way your privacy-related complaint is being handled, or we fail to deal with your complaint to your satisfaction, you may refer the complaint to the OAIC under Part V of the Privacy Act.

Details of how to lodge a complaint with the OAIC may be found at www.oaic.gov.au or by calling 1300 363 992.

We will not charge you for making a complaint to us or for dealing with a complaint.

Contacting our Privacy Officer

If you have any questions regarding our Credit Reporting Policy, please contact:

The Privacy Officer:
In writing:
Aussie Excavators Plant Hire Pty Ltd
529 Redland Bay Road
CAPALABA QLD 4157

By telephone: (07) 3206 2800
By email: admin@aussieplanthire.com.au