Thomas Finance Consulting
Privacy Policy
This Privacy Statement tells clients how their personal information is collected and used by Thomas Finance Consulting in the course of performing services and doing business with you.​
​
‘We’, ‘us’ and ‘our’ refer to Katherine Thomas & Associates Pty Ltd trading as Thomas Finance Consulting ABN 38 106 453 301.
​​
Our commitment to protect your privacy
We understand how important it is to protect your privacy and the security of your personal information. This policy sets out our commitment in respect of personal information we hold about you and what we do with that information.
Thomas Finance Consulting's objective is to ensure compliance with the Privacy Act 1988. The Privacy Amendment (Enhancing Privacy Protection) Act 2012 made many significant changes to the Privacy Act. These changes commenced in March 2014. The Privacy Act now includes a set of 13 Australian Privacy Principles (APPs).
​
We recognise that any personal information we collect about you will only be used for the purposes we have collected it or as allowed under the law. It is important to us that you are confident that any personal information we hold about you will be treated in a way which ensures protection of your personal information.
​​​
What information do we collect? ​
We collect most personal information directly from you, whether in person, on the phone, electronically or if you deal with us in some other way.
​
When we refer to personal information we mean information or an opinion from which your identity is reasonably apparent.
Typically this will refer to:
-
Identification Information - this may include your name, date of birth, address, account details, employment history, qualifications and any other information we may need to identify you.
-
Financial Information - this typically includes details such as your tax file number and bank account, superannuation or insurance policy information. If we collect government identifiers, such as your tax file number, we do not use or disclose this information other than required by law. We will never use a government identifier in order to identify you.
-
Credit related information - information such as details relating to credit history, credit capacity, and eligibility for credit (‘credit worthiness’).
-
Sensitive Information - the personal information we collect may also include sensitive information — such as information about your religion, ethnicity, health or criminal record. The Privacy Act protects your sensitive information and we will generally only collect this information from you if it is reasonably necessary and with your consent.
​
Over the course of our relationship with you, we may also collect and hold additional personal information about you, including transactional information, complaint or enquiries about your product or service.
​​
Why we collect your personal information
We collect personal information so we can:
-
give you credit assistance;
-
give you information about loan products or related services including help, guidance and advice;
-
consider whether you are eligible for a loan or lease or any related service you requiested inclucing identifying or veryfying you or your authority to act on your behalf
-
assist you to prepare an application for a lease or a loan;
-
administer services we provide, for example, to deal with complaints; and
-
administer payments we recieve, or payments we make, relating to your loan or lease.
​
​
Do we disclose your personal information?
We may disclose your personal information:
-
to prospective funders or other intermediaries in relation to your finance requirements;
-
to other organisations that are involved in managing or administering your finance, such as third party suppliers, printing and postal services, call centres, lenders, mortgage insurers, trade insurers and credit reporting bodies;
-
to associated businesses that may want to market products or services to you where the Thomas Finance Consulting has authorised it;
-
to companies that provide information and infrastructure systems to us; to our agents, contractors, external service providers to outsource certain functions, such as for example: statement production, debt recovery and information technology support;
-
to anybody who represents you, such as lawyers, guardians, persons holding power of attorney and accountants;
-
to anyone, where you have provided us consent;
-
to other borrowers or guarantors (if more than one);
-
to borrowers or prospectiove borrowers, including in relation to any credit you guarantee or propose to guarantee;
-
to our auditors, insurers, re-insurers;
-
to claims related providers, such as assessors and investigators who help us with claims;
-
where we are authrosied to do so by law, such as under the Anti-Money Laundering and Couter Terrorism Financing Act 2006 (Cth), government and law enforcement agencies or regulators;
-
to any entity that has an interest in your finance or our business;
-
to financial institutions;
-
to your employer, former employer, referres or identify verification services.
​
We will disclose your personal information only for the purposes for which we collected the personal information.
​
Prior to disclosing any of your personal information to another person or organisation, we will take all reasonable steps to satisfy ourselves that:
(a) the person or organisation has a commitment to protecting your personal information at least equal to our commitment, or if required,
(b) you have consented to us making the disclosure.
​
The parties to which we disclose your personal information be be located in The Philippines and other countries.
​
Data storage
We store your information using ‘cloud’ technology. We have taken reasonable steps to ensure that your personal information remains secure. Cloud computing is information technology infrastructure that hosts applications, software, computing platforms and/or data at offsite data centres. Data stored in this infrastructure is accessed via the internet, rather than being hosted on and accessed through a local computer’s hard drive or local dedicated server. The servers used in a cloud computing solution may be located in Australia or overseas, depending on the service provider.
​
Direct marketing & Opting-out
From time to time we may use your personal information to provide you with current information about finance, offers you may find of interest, changes to our organisation, new products or services being offered by us deemed relevant to our clients. We may provide this information using any contact number or address provided, including without limitation by post, phone, email or SMS.
​
We will assume that you consent to receive direct marketing communications in the above ways if you do not opt out when we offer you the opportunity to do so. We will always provide an opt-out message in all forms of direct marketing in line with the APPs. We will not charge you for giving effect to your request and will take all reasonable steps to meet your request at the earliest possible opportunity. You may also opt-out of receiving direct marketing at any time by contacting us via maree@thomasfinance.com.au.
​
We do not disclose personal information we have collected to organisations outside of the Thomas Finance Consulting for the purpose of direct marketing.
​
Updating your personal information
It is important to us that the personal information we hold about you is accurate and up to date. During the course of our relationship with you we may ask you to inform us if any of your personal information has changed.
If you wish to make any changes to your personal information, you may contact us. We will generally rely on you to ensure the information we hold about you is accurate or complete.
​
Access and correction to your personal information
If the request is reasonable and practical, we will provide you with access to the personal information we hold about you. You may reasonably request access to any of the personal information we hold about you at any time.
​
Depending on the type of request that you make we may respond to your request immediately, otherwise we usually respond to you within seven days of receiving your request.
​
There may be situations where we are not required to provide you with access to your personal information, for example, if the information relates to existing or anticipated legal proceedings, or if your request is vexatious.
An explanation will be provided to you if we deny you access to the personal information we hold about you.
​
If any of the personal information we hold about you is incorrect, inaccurate or out of date you may request that we correct the information. If appropriate we will correct the personal information at the time of the request otherwise, we will provide an initial response to you within seven days of receiving your request. Where reasonable, and after our investigation, we will provide you with details about whether we have corrected the personal information within 30 days.
​
If we refuse to correct personal information we will provide you with our reasons for not correcting the information.
​
Using government identifiers
If we collect government identifiers, such as your tax file number, we do not use or disclose this information other than required by law. We will never use a government identifier in order to identify you.
Business without identifying you
In most circumstances, it will be necessary for us to identify you in order to successfully do business with you, however, where it is lawful and practicable to do so, we will offer you the opportunity of doing business with us without providing us with personal information, for example, if you make general inquiries about membership, member activities and events or current promotional offers.
​
How do we protect your information?
We will take reasonable steps to protect your personal information by storing it in a secure environment. We may store your personal information in paper and electronic form. We will also take reasonable steps to protect any personal information from misuse, loss and unauthorised access, modification or disclosure.
​
We keep personal information only for as long as is reasonably necessary for the purpose for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements. We take reasonable steps to destroy or de-identify your personal information when it is no longer required for our business purposes.
​
All employees have confidentiality requirements and access to your information is restricted to those employees whose job requires that information.
​
Access to our premises are controlled and computer systems have electronic security systems such as firewalls and data encryption.​
​
Complaints & Further Information
If you are dissatisfied with how we have dealt with your personal information, or if you have a complaint about our compliance with the Privacy Act, please contact us at maree@thomasfinance.com.au.
​
We will acknowledge your complaint within seven days. We will provide you with a decision on your complaint within 30 days.
​
If you are dissatisfied with the response of our complaints officer you may make a complaint to the Privacy Commissioner which can be contacted via the Office of the Australian Information Commissioner website (www.oaic.gov.au) or on 1300 363 992.
​
You may also request further information about the way we manage your personal information by contacting us.
​
Change in our privacy policy
Technology is constantly changing, as is the law and market place practices. As a consequence, we may change this privacy policy from time to time or as the need arises.
​
This Privacy Policy was last updated in April 2025. ​​