Protecting your privacy
Capkon Investments Pty Ltd (ACN 138 052 847) (Capkon) is committed to providing you with the highest levels of customer service experience. This includes protecting your privacy and we comply with the Privacy Act 1988 (Cth), the Notifiable Data Breach scheme established under the Act and the Australian Privacy Principles.
Set out below is information that we are required to communicate with our customers. We have also supplied additional information about our company. By accessing our website and using our services, you consent to the terms of this Policy and agree to be bound by it. Your privacy matters to us, so whether you are new to Capkon or a long-time user, please take the time to get to know our practices.
Capkon is the trading name of Capkon Investments Pty Ltd and is an authorized representative of the licensed credit assistance provider, Vow Financial Pty Ltd (ACN 138 789 161), the holder of Australian Credit Licence 390261.
In this document, 'Capkon', 'we', 'us' and 'our' are references to Capkon and Vow Financial
How to contact us
You may contact us during Australian Eastern Standard Time (AEST) business hours on the details below:
Your personal information
Your personal information and its protection are of utmost importance to us. When we refer to personal information, we mean information or an opinion from which your identity is apparent or can reasonably be ascertained. Personal information held by us may include your name, age or date of birth, current and previous addresses, telephone or mobile phone number, email address, bank details, professional job title or occupation, driver's license number, passport details, and financial details. We may hold details of your products and services you have acquired from us or have inquired about (including their status) together with any additional information necessary to deliver those products and services and to respond to your inquiries.
The personal information we hold about you may also include credit information. Credit information is a subset of personal information and is information which is used to assess your eligibility to be provided with finance. It may include any finance that you have outstanding, your repayment history in respect of those loans, and any defaults. Usually, credit information is exchanged between credit and finance providers and credit reporting bodies (CRBs). Personal information derived by a CRB from credit information held by the CRB that has any bearing on an individual's creditworthiness and is or has been or could be used to establish the individual's eligibility for credit is known as "CRB Derived Information".
If you choose not to provide certain personal information (i) we may not be able to provide you with the services you require or the level of service on which we aim to offer, (ii) we may be unable to tailor our offering to your preferences and (iii) your experience of our offering may not be as enjoyable or as useful.
Sensitive information is any information about your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or health information. We may seek, collect, use, or disclose sensitive information about you but only if that sensitive information is required for one of the purposes noted under the 'How we use your personal information' section of this Policy. This will generally be for the purpose of verifying your identity or income.
You expressly provide your consent to us receiving this information and holding it for the purposes outlined in this policy.
About credit information and 'notifiable matters'
You authorize us to obtain a copy of your credit report from a CRB in accordance with the rules set out in the Privacy Act 1988 (Cth) regarding access seekers. You consent to us providing information contained in that report (including any credit-related information, arrears information, credit worthiness information, and personal information) to any credit provider who may be able to provide credit to you.
We exchange your credit information with CRBs. We use the credit information that we exchange with the CRBs to assess your creditworthiness, assess your application for finance and manage your finance. If you fail to meet your payment obligations in relation to any finance that we have provided or arranged, or you have committed a serious credit infringement, we may disclose this information to a CRB.
We may disclose your Credit Reporting Information to joint applicants or co-borrowers with your consent. Under the Privacy Act, "Credit Reporting Information" means credit information or CRB Derived Information.
You have the right to request access to the credit information that we hold about you and make a request for us to correct that credit information if needed. We explain how you can do this below. Sometimes, your credit information will be used by CRBs for 'pre-screening' credit offers on the request of other credit providers. You can contact the CRB at any time to request that your credit information is not used in this way.
You may contact the CRB to advise them that you believe that you may have been a victim of fraud. For 21 days after the CRB receives your notification, the CRB must not use or disclose that credit information. You can contact any of the following CRBs for more information: illion Australia Pty Ltd (www.illion.com.au), Experian (www.experian.com.au) and Equifax Pty Limited (www.equifax.com.au).
How we collect personal and credit information
We may collect personal information in a number of ways, including but not limited to:
- directly from you, for example, when you provide information by phone, in application forms, or other agreements, or when you submit your personal details through our websites (e.g. during an application or via capkon.com.au);
- from your joint applicants, co-applicants or guarantors;
- when you visit our websites;
- from third parties such as our survey or competition websites, marketing websites, related companies, or CRBs;
- from your representatives, e.g. solicitors, conveyancers, builders, agents;
- from referral partners, who refer your business to us;
- from the organisations and entities identified under the 'When we disclose your personal information' section below, including our related entities;
- from publicly available sources of information;
- from our own records; and/or
- when legally required to do so -- for example, in the provision of specific credit services.
If we have obtained your information through any of these methods and you would like a list of these entities or websites, please contact us at firstname.lastname@example.org.
If you feel you have not given us consent to use your details or would like to be removed from our call or email lists, please contact us at email@example.com.
How we use your personal information
The primary purpose for which we collect information about you is to enable us to perform our business activities and functions (primary credit activities) and to provide the best possible quality of customer experience.
Your personal information may be used to: verify your identity; assist you to gain approval or provision of a product or service; provide the services you require; administer and manage those services such as payments; inform you of ways the services provided to you could be improved or additional services that you may benefit from; Marketing Services (explained below); conduct appropriate checks for credit-worthiness and for fraud; research and develop our services provided, either directly or referred; gain an understanding of your information and credit or financial needs in order for us to provide you with a better service.
Your personal information is also collected so that we and our related entities can promote and market services to you (including by way of direct mail, telemarketing, email, SMS and MMS messages) (Marketing Services) in accordance with any applicable marketing laws (secondary purposes). This is to keep you informed of products, services and special offers and we may continue after you cease holding an active product or service through us. If you do not wish for this to take place or continue, please contact us via firstname.lastname@example.org.
When we disclose your personal information
Your information may be disclosed to persons or companies that are related to us for the purposes noted above.
We will never sell your information to any party outside of us. However, in order to deliver the services, you require we may disclose your personal information to people or organisations outside of Capkon. This may include:
- your joint applicants, co-applicants or guarantors;
- your representatives or advisers (e.g. your solicitors, accountants, conveyancers, builders, agents);
- our professional advisers, including our accountants, auditors, and lawyers;
- organisations who manage our business, marketing and corporate strategies and/or sponsors or
- promoters of any competition that we conduct to promote our services;
- credit providers, funders, agents, Australian Banks, and non-bank lenders (e.g. for credit-related purposes
- such as credit approval, credit-worthiness, credit rating, credit provision and financing);
- credit-reporting bodies and fraud-checking agencies;
- our related entities (e.g. Capkon, Vow Financial Pty Ltd, and their respective partnerships, joint venture entities, agents, contractors or external service providers for the operation of their business);
- our referral partners;
- providers of credit, financial, or insurance services;
- mortgage insurers and title insurers;
- other comparison sites, mortgage brokers, or providers of investment finance, or credit (where legal for us to do so);
- the police or other relevant authorities or enforcement bodies;
- government and regulatory authorities or organisations (such as our External Dispute Resolution Scheme or ASIC, as required or authorised by law); and/or
- internet service providers or network administrators (for example, if we have reason to suspect you have committed a breach of our terms and conditions or have otherwise been engaged in any unlawful activity and we reasonably believe such disclosure is necessary).
We may use external organisations for customer inquiries; mailing operations; billing and debt-recovery functions; information technology services; marketing and telemarketing market research; and website usage analysis. This means we disclose your personal information to them.
You expressly consent to us providing your information to the persons or organisations above for our primary credit activities or secondary purposes.
Your personal information is disclosed to these organisations only in relation to us providing our services to you. We take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information.
Transfer of information overseas
In order to supply you with the best service possible, we may transfer personal information we have collected about you to someone in a foreign country, but only if permitted to do so under the Australian Privacy Principles.
Some of the above external organisations and entities may be located outside of Australia. You should note that while they will often be subject to confidentiality or privacy obligations, they may not always follow the particular requirements of Australian privacy laws. Overseas organisations may be required to disclose the information we share with them under a foreign law. In those instances, we will not be responsible for that disclosure.
Capkon will soon have service providers based in the Philippines and Nepal, whose role is to assist in processing and reviewing credit applications.
We do not utilize offshore personnel for the purposes of marketing or sales. We will not share any of your credit information with a credit reporting body unless it has a business operation in Australia.
Sometimes people share information (including sensitive information) with us we have not sought out. This could be through using our website or, for example, requesting us to assess or assist in a hardship application.
If we receive unsolicited personal information (including sensitive information) about you, we will determine whether we would have been permitted to collect that information. If yes, then we will handle this information the same way we do with other information that we seek from you. If we determine that we would not have been permitted to collect that information, and the information is not contained in a Commonwealth record, then we will destroy or de-identify it as soon as practicable, but only if it is lawful and reasonable to do so. Often, it is not possible for us to neatly unbundle this information then destroy or de-identify only certain sections or parts of it, and we may need to store this information for future use, such as to help resolve disputes between us or assess future applications by you.
We have many security safeguards in place to protect the information from interference, misuse, loss, unauthorised access, modification or disclosure.
Sharing with CRBs
We will disclose information about you to a CRB when you are applying for credit, you have obtained credit from us, or if you guarantee or are considering guaranteeing the obligations of another person to us. When we give your information to a CRB, it may be included in reports that the CRB gives other organisations (such as other lenders) to help them assess your creditworthiness. Some of that information may reflect adversely on your creditworthiness, for example, if you fail to make payments or if you commit a serious credit infringement (like obtaining credit by fraud). That sort of information may affect your ability to get credit from other lenders.
We take pride in the products and services that we offer. And we love keeping you informed as to the best offers in the credit and financial market place. However, first and foremost we respect your privacy and understand that not everyone wants to be contacted regarding sales and marketing.
If you do not wish to be contacted by Capkon, we invite you to contact us via email@example.com and we will remove you from our call and email lists. We may conduct marketing activities via email, telephone, SMS, IM, mail, or any other electronic means.
We may also market our products to you through third party channels (such as social networking sites). We will always let you know that you can opt out from receiving our third-party marketing. Where we market to prospective customers, we will always provide an easy way to opt-out.
With your consent, we may disclose your personal information to third parties such as brokers or agents, or for the purpose of connecting you with other businesses or customers. You can ask us not to do this at any time. We will never sell your personal information to any external organisation. We will not use or disclose sensitive information about you for direct marketing purposes unless you have consented to that kind of use or disclosure.
You can let us know at any time if you no longer wish to receive direct marketing offers from Capkon by emailing your request to firstname.lastname@example.org. We will process your request as soon as we can.
Cookies and web beacons
We generally use this information to report statistics, analyse trends, administer our services, diagnose problems and target and improve the quality of our products and services.
A web beacon is typically a transparent graphic image invisible to the user that is placed on a website. The use of a web beacon allows the website to record the simple actions of the user (such as opening the page that contains the beacon) through a tracking pixel. We may use web beacons (and cookies) for purposes such as site usage analytics, advertising auditing and reporting, as well as content and "advertising/marketing personalisation". We may share any data collected from web beacon (and cookies) with third parties to provide you with relevant advertising when browsing Third-Party networks and websites (Third-Party Websites) such as Google and Facebook.
Information from third parties
Our website may contain links to Third-Party Websites (e.g. third-party providers of goods and services). We make no representations or warranties in relation to the privacy practices of any Third Party Website and we are not responsible for the privacy policies or the content of any third-party website. Third-Party Websites are responsible for informing you about their own privacy practices. If you access Third-Party Websites through our website and if those third parties collect information about you, we may also collect or have access to that information as part of our arrangements with those third parties.
Where you access a Third-Party Website from our website, cookie and web beacon information, information about your preferences or other information you have provided about yourself may be shared between us and the third party.
Advertising and tracking
When you send a completed online application to us, we retain the information contained in that application. We can then use that information to provide any services that you require. You may also be able to suspend and save online applications, so you can complete and send the applications at a later time. If you suspend or save your application, the information that you have entered will be retained in our systems so that you may recover the information when you resume your application. Online applications that have been suspended or saved may be viewed by us.
By providing your email address and then clicking submit on any online form, application, calculator, tool or query, you consent to receive notices and other documents from us by email to the email address provided, and you understand that if you give this consent: we may no longer send you paper copies of notices and other documents; you should regularly check your email address for documents; and you may withdraw your consent to receiving documents by email at any time. You also confirm that you have the facilities to print any notice or document that we send you by email if required.
We take all reasonable precautions to ensure that the personal information we collect, use and disclose is accurate, complete and up-to-date. However, the accuracy of that information depends to a large extent on the information you or others provided to us. If you wish to make any changes to your personal information, please contact us at email@example.com.
We will generally rely on you to assist us in informing us if the information we hold about you is inaccurate or incomplete. You may request access to the personal information we hold about you by contacting us. We will respond to your request within a reasonable period. We will give access in the manner you have requested if it is reasonable to do so. We may charge you a fee to access the information. The fee will not be excessive and will not apply to the making of the request. We may deny you access to your personal information in certain circumstances, for example, if required or authorised by or under an Australian law or a court/tribunal order, or it would be likely to prejudice enforcement related activities by an enforcement body, if granting access would interfere with the privacy of others, or if it would result in a breach of confidentiality. If we decide not to give you access, we will provide reasons for the refusal and information on how you can complain about the refusal.
Storage and security
We store information in different ways, including in paper and electronic form.
The security of your personal information is important to us and we take reasonable steps to protect it from misuse, interference and loss, and from unauthorized access, modification or disclosure. Some of the ways we do this are: confidentiality requirements of our employees; document storage security policies; security measures for access to our systems; only giving access to personal information to a person who is verified to be able to receive that information; control of access to our buildings; and electronic security systems, such as firewalls and data encryption on our websites.
We take protecting the security of your personal information seriously. We have a response plan that is designed to enable us to contain, assess and respond to suspected data breaches in a timely fashion, and to help mitigate potential harm to affected individuals.
We may store your information in cloud or other types of networked or electronic storage. As electronic or networked storage can be accessed from anywhere via an internet connection, it is not always practicable to know in which country your information may be held. If your information is stored in this way, disclosures may occur in countries other than those listed here or those we referred to from time. In addition to the above, we also regularly review developments in security and encryption technologies. However, it is important to remember that the use of email and the internet may not always be secure, even with these safeguards in place.
Doing business without identifying you
In most circumstances, it will be necessary for us to identify you in order to successfully do business with you. However, where it is lawful and practicable to do so, we will provide you with the option to remain anonymous or to use a pseudonym, for example, when you make general inquiries about our business or current promotional offers. We do not adopt a government related identifier (such as your tax file number or your driver's license number) as a means of identifying you.
Complaints and further information
If you have a complaint about how we handle your personal information, we want to hear from you.
You are always welcome to contact us to let us know about your complaint at:
We have a formal procedure for investigating and dealing with privacy breaches or complaints. Once the Privacy Officer receives a complaint, whether it is in writing or verbal means, the Privacy Officer will commence an investigation with the relevant business unit from which the alleged breach stemmed. The investigator will endeavor to determine the nature of the breach and how it occurred. We may contact you during the process to seek any further clarification if necessary. If a breach is found, the Privacy Officer will escalate the matter to management so that the process can be rectified to prevent any further breaches from taking place. We will also contact you to inform you of the outcome of the investigation. We will endeavor to resolve all investigations within a reasonable time.
By giving us as much information as possible, you will help us resolve things faster. If you have any supporting documentation, please have it handy when you raise your concern(s). We will try to acknowledge your complaint within 5 business days and try to respond to your complaint within 45 days. Where we are unable to do so, we will send you an email or letter advising of the reasons for any delay, and your right to complain to our EDR scheme.
If you are dissatisfied with our Internal Dispute Resolution response, you can make a formal complaint to our External Dispute Resolution provider, the Australian Financial Complaints Authority (AFCA), which can be contacted on:
Tel: 1800 931 678
Post: Australian Financial Complaints Authority, GPO BOX 3, MELBOURNE VIC 3001
Time limits may apply to complain to AFCA and so you should act promptly or otherwise consult the AFCA website to find out if or when the time limit relevant to your circumstances expires.
Alternatively, you can make a complaint to the Office of the Australian Information Commissioner (OAIC) which can be contacted at either www.oaic.gov.au or by calling 1300 363 992.