PRIVACY STATEMENT

PRIVACY STATEMENT, PRIVACY POLICY, CREDIT REPORTING POLICY AND STATEMENT OF NOTIFIABLE MATTERS

This Privacy Statement, Privacy Policy, Credit Reporting Policy and Statement of Notifiable Matters is applicable in Australia and sets out the privacy information policy of JBT Holdings Pty Ltd (ACN 143 074 159) and JBT Holdings (NSW) Pty Ltd (ACN 601 572 123) (collectively “Phoenix Traffic Management”) and their related, associated, subsidiary and parent companies, divisions, successors and assigns that conduct business in Australia (all of which are referred to in this document as “We, Us or Our”).

PRIVACY STATEMENT
Privacy Laws
We are committed to complying with the Privacy Act 1998 (Cth) (“the Act”), the Australian Privacy Principles (“the APPs”) and the Credit Reporting Code as amended from time to time. In this document, these statutes and codes are collectively referred to as “the Privacy Laws”.

Our Privacy Statement – We Respect Your Privacy
We are committed to your privacy. Our policy on handling Personal Information (any information that identifies you or could reasonably identify you) and Credit Information (your repayment and default history, amount and type of credit provided and any default information) is to comply with the Privacy Laws as amended from time to time for the fair handling of Personal Information. Our Privacy Policy is outlined in this document and you can obtain a copy of it on Our website at www.phoenixtraffic.com.au.

We may collect types of Personal Information from you during Our relationship and We will advise you of this (and other matters about the collection of Personal Information) before, at or as soon as possible after the time of collection. We use the Personal Information collected for several purposes, including:
Providing you with Our products and services and/or information about Our products and services;
Assessing applications for commercial credit and guarantee documents;
Assessing applications for employment (where applicable);
Administering Our business activities;
Communicating with you by telephone, email, SMS or mail;
Managing, researching and developing Our products and services;
Managing, servicing and reviewing accounts, including overdue accounts;
Managing client payment information, including credit card information and bank account details;
Distributing articles or publications to you;
Investigating any complaints; and
Insurance and debt collection purposes.

This information may be disclosed to Our related or associated entities, overseas recipients in locations such as Pakistan, parties related to your employment (e.g. referees and others as set out in Our Privacy Policy), parties related to your services including contractors, other credit providers whether or not your account is overdue, credit reporting bodies including Creditor Watch Pty Ltd (“CreditorWatch”) and others, and, if necessary, Our professional advisors including risk insurers, solicitors and financial institutions.

You have a right not to provide information that can identify you. However, if all or part of the Personal Information that We request from you is not provided, then We may not be able to do certain things (including supply you with goods, consider any application for goods made by you, or process your request for a commercial credit account).

In accordance with the Privacy Laws and Our Privacy Policy, you will be given access to your Personal Information on request. If you have any questions or concerns about Our Privacy Policy, the types of Personal Information We may hold about you, or for corrections or complaints about a breach of your privacy, please direct your requests to Our Privacy Officer at P.O. Box 33 Oakleigh VIC 3166 or telephone (03) 9569-5000 or e-mail privacy@phoenixtraffic.com.au.

PRIVACY POLICY
Our Privacy Policy – Collection of your Personal Information
We are committed to the protection of your Personal Information. Personal information is any information or an opinion about an identified individual or an individual who is reasonably identifiable. We may collect types of Personal Information from you throughout Our relationship and We will advise you of this (and other matters about the collection of Personal Information) before, at or as soon as possible after the time of collection.

Generally, the kinds of information We will collect about an individual may include an individual’s name, signature, residential address, telephone number, date of birth, gender, details of your financial circumstances (including bank account details or credit card information), government identifiers such as tax file numbers, employment details and employment history, insurance policy information, and commentary or opinion about a person, for example credit commentary, eligibility or information received from Creditor Watch.

The specific types of Personal Information that We collect from you and how We collect that information will depend on the services you require from Us and how you interact with Us. We usually collect Personal Information directly from the individual concerned. Where this is not practical, We will take reasonable steps to ensure that the individual is informed about the collection unless the individual has previously consented to the collection (either expressly or impliedly). In some cases, We may collect information from a third party, such as an insurance company, recruitment agency, wholesale and retail suppliers or via social media.

When you request goods from Us We will ask you many details about you and your business. That information assists Us in making decisions about Our intended relationship with you and the terms of that relationship. You have a right not to provide information that can identify you. However, if all or part of the Personal Information that We request from you is not provided, We may not be able to do certain things (including supply you with goods, consider any application for goods made by you, or process your request for a commercial credit account).

At the time of collecting Personal Information about an individual, or as soon as practicable after that time, We take reasonable steps to ensure the individual is aware of:
The identity and contact details of Us and Our Privacy Officer;
The purposes for which the information is being collected;
Any organisations to which We may disclose the information to;
The fact that an individual has a right to gain access to the personal information collected; and
The main consequences (if any) for the individual if all or part of the information is not provided.
We will not collect any sensitive Personal Information from you revealing racial or ethnic origin, political opinions or political association memberships, religious or philosophical beliefs, professional or trade union membership, or details of health, disability information, genetic or biometric information, or sexual activity or orientation. Exceptions to this include:

Where you have given express consent to Us to do so and where is it necessary for Us to carry out one of Our primary functions;
Where there are reasonable grounds to believe that disclosure is necessary to prevent a threat to life or health;
The use is authorised by law or reasonably necessary to enforce the law; or when the information is necessary for the establishment, exercise or defence of a legal claim.

If We receive Personal Information which We did not solicit, We will determine as quickly as possible whether or not that Personal Information could have been lawfully collected by Us in accordance with the Privacy Laws and Our Privacy Policy. If so, We will only use the unsolicited Personal Information as if that information had been solicited by Us (that is, lawfully and fairly in accordance with the Privacy Laws and Our Privacy Policy). If not, We will take reasonable steps to de-identify or destroy the information.

When you use Our website at www.phoenixtraffic.com.au, Our Internet Service Provider (ISP) may make a record of your visit and log your server address, your domain name, the date, time and duration of your visit, the pages and documents you accessed, the previous site you had accessed (i.e. the referring URL) and the type of browser you are using. This information is collected for statistical purposes only, and We will not make any attempt to identify users according to their browsing activity.

In the unlikely event of an investigation, a law enforcement agency or other government agency may exercise its legal authority to inspect Our business records or ISP’s logs. It is also possible that your ISP is logging your activity while you visit Our site. This is beyond Our control.

While you are visiting Our site, We may use cookies to facilitate a more personalised web browsing experience. Except where you volunteer personal or business information, We will not procure information about you via any alternative means while you visit Our website.

In some circumstances, We will provide you with an option of not identifying yourself, or of using a pseudonym, when dealing with Us (unless We are required or authorised by Australian law or a Court/Tribunal order to deal with individuals who have identified themselves, or where it is impracticable to do so).

Our Privacy Policy – How We use and disclose personal information
The Personal Information that you provide to Us is used for a number of primary purposes. These purposes include:
Providing you with Our products and services and/or information about Our products and services;
Assessing applications for commercial credit and guarantee documents;
Assessing applications for employment (where applicable);
Administering Our business activities;
Communicating with you by telephone, email, SMS or mail;
Managing, researching and developing Our products and services;
Managing, servicing and reviewing accounts, including overdue accounts;
Managing client payment information, including credit card information and bank account details;
Distributing articles or publications to you;
Providing you with better service for the supply of Our products and services;
Investigating any complaints; and
Insurance and debt collection purposes.
We will not sell, rent or trade your Personal Information.

Any Personal Information which you do supply will only be used internally by Us and will not be divulged to a third party unless that third party is associated or integral to the purpose for which you gave Us the information or where required by law. We will only use and disclose Personal Information about you for the purpose for which you gave Us that information. We may use and disclose Personal Information about you for a purpose other than the purpose for which you gave Us the information where:
That other purpose is related to the purpose for which you gave Us the Personal Information;
You have given Us your consent for the Personal Information to be used or disclosed for the additional purpose;
Where there are reasonable grounds to believe that use or disclosure is necessary to prevent a threat to life or health;
Where We suspect that unlawful activity is or has been engaged in and We use or disclose the Personal Information to investigate the suspected unlawful activity; or
The use or disclosure is authorised by law or reasonably necessary to enforce the law.

During the ordinary course of business, We may disclose your Personal Information as required by law or to third parties related to your services, including:
government departments such as courts, tribunals and regulatory authorities as permitted by law;
Our contractors;
parties related to your employment, such as superannuation funds, leave entitlement organisations, industry specific organisations, referees or worker’s compensation insurers. Examples include Incolink, CoInvest, Long Service Corporation and Australian Construction Industry Redundancy Trust (ACIRT);
other credit providers (whether or not your account is overdue);
credit reporting bodies including Creditor Watch Pty Ltd (“CreditorWatch”) and others; and
if necessary, Our professional advisors including risk insurers, solicitors and financial institutions; and
anyone else to whom you consent.

We may also disclose your personal information to organisations involved in a transfer or sale of all or part of Our business or its assets or one involved in managing Our corporate risk and funding requirements.

We have well-documented, detailed procedures in managing personal data relating to the administration of customer accounts which are compliant with the APPs. Compliance to these procedures is monitored by Us on an ongoing basis.

Our Privacy Policy – Overseas Disclosure
In the normal course of business, We may disclose Personal Information to overseas recipients in Pakistan such as third party suppliers or Our related, associated, subsidiary and parent companies. This disclosure may occur if Our service providers are located overseas, if any transactions, information, products or services have an overseas connection, where the individual consents, where the disclosure is for the benefit of the individual, or is for the performance of a contract with Us. We will take reasonable steps to protect an individual’s privacy if this disclosure occurs. You agree and consent to the possible use and disclosure of this information to overseas recipients from time to time in accordance with this Privacy Policy and Privacy Statement.

Our Privacy Policy – Direct Marketing
We may also use your Personal Information, including e-mail addresses, for the purpose of direct marketing. We may only use your Personal Information or data for the purpose of direct marketing in relation to promotional activities where it is impracticable for Us to obtain your prior express consent. However, when We do this, We will provide an express opportunity when We first contact you to decline receiving any further marketing communications from Us, via an opt-out mechanism. Please contact Us if you do not want to receive any direct marketing information or if you do not want your information disclosed for direct marketing purposes.

Our Privacy Policy – Security of your personal information
We will take all reasonable steps to ensure that all Personal Information We collect, use or disclose is stored both physically and electronically in a secure environment accessed only by authorised persons. We will take reasonable steps to protect any Personal Information that it holds from misuse, loss, unauthorised access, modification or disclosure, and to destroy or permanently de-identify Personal Information if it is no longer needed for any purpose. We require any third party, service provider, or other entity to which We disclose Personal Information to comply with this Privacy Statement and Privacy Policy and to comply with the APPs.

We maintain sophisticated IT systems to keep its customer, vendor and employee data on master files. We have security measures designed to protect against the loss, misuse and/or alteration of the information under its control, including restricted access, firewalls and encryption.

While We employ anti-virus software and encryption technology when interfacing with its customers, suppliers, contractors and other parties, you should be aware that there is a residual risk in transmitting any data electronically. This risk is inherent in any internet dealings.

Our Privacy Policy – How to access, correct or update your information
We will take all reasonable steps to ensure that all Personal Information We collect, use or disclose is accurate, complete and up-to-date. We will review Personal Information on its databases at regular intervals to ensure all information kept is up to date.

You have a right to seek access to your Personal Information and to correct that information. Please contact Us if your details change or if you believe the Personal Information We have about you is not accurate or complete. We will provide you with reasonable opportunity to access your Personal Information and have it corrected or updated. A fee may apply to access and you will be required to provide the appropriate identification.

Exceptions to your access rights may include:
Where providing access will pose a serious threat to the life or health or any individual or pose an unreasonable impact on the privacy of an individual;
Your request for access is frivolous or vexatious;
Where the information relates to existing legal proceedings between Us and you and the information would not be discoverable in the process of those legal proceedings; or
Where providing access would be unlawful, may prejudice an investigation of possible unlawful activity, may prejudice enforcement of laws, or denying access is specifically authorised by law.
Where We refuse a request for correction or access, you will be provided with written reasons for the refusal and details of complaint mechanisms.

Our Privacy Policy – Complaints
We take your complaints seriously. If you believe that We have not dealt with your Personal Information in a manner that complies with the Privacy Laws as amended from time to time, please contact Us at PO Box 33 Oakleigh VIC 3166 or e-mail privacy@phoenixtraffic.com.au or via any of Our contact details listed at www.phoenixtraffic.com.au. You must submit your complaint in writing. We will use our best endeavours to provide a response in writing within a timely manner, and to correct any Personal Information and notify any other entity required with updated information.

We have detailed procedures for dealing with Privacy Law breaches. If you are dissatisfied with the outcome of your complaint, or if We refuse to provide access to, or correction of, your Personal Information, you may complain to the Office of the Australian Information Commissioner at http://www.oaic.gov.au.

Our Privacy Policy – Transparency
This Privacy Statement and Privacy Policy is available on Our website at www.phoenixtraffic.com.au and will be made available free of charge to anyone who requests a copy. This Privacy Statement and Privacy Policy may be reviewed and amended from time to time, and any updated version will be made available on Our website or on request and will apply from the date the updated version is so published or provided.

Our Privacy Policy – How to Contact Us
You can contact Us and Our Privacy Officer at Our head office PO Box 33 Oakleigh VIC 3166 or telephone (03) 9569-5000 or e-mail privacy@phoenixtraffic.com.au or via any of Our contact details listed at www.phoenixtraffic.com.au.

CREDIT REPORTING POLICY
This Credit Reporting Policy explains how We will manage your credit information and your credit eligibility information. Our handling of your credit information is in compliance with the obligation under the Privacy Act 1988 (Act) and the Credit Reporting Privacy Code (CR Code).

This document is to be read together with Our Privacy Policy and Statement of Notifiable Matters.

What credit information and credit eligibility do We collect?

We may collect, use, hold and disclose credit information about you. You consent to such collection, holding, use and disclosure of your credit information in accordance with the terms of this policy.

The terms “credit information “, “credit eligibility information”, “credit reporting information” and “personal information”, as used in this policy, are as defined in the Act.

If you apply for commercial credit or provide a guarantee for commercial credit, the kinds of credit information and credit eligibility information that We may collect and hold includes information used to identify you, your creditworthiness and any other related information necessary or incidental to the products and services which We provide or propose to provide to you. This may include:

identification information; or
consumer credit liability information; or
repayment history information; or
a statement that an information request has been made in relation to you by a credit provider; or
payment or default information; or
new arrangement information; or
court proceedings information; or
personal insolvency information; or
publicly available information in relation to your creditworthiness.

Sometimes, We may gather credit information and credit eligibility information about you from a third party, for example, from credit reporting bodies (CRBs) or intermediaries and spouses or from publicly available information.

The credit information that you provide allows Us to perform Our functions or activities. We may not be able to transact business with you if you do not provide all of the information requested or do not consent to how your credit information and credit eligibility information is managed in accordance with this policy.

How will We use your credit information and your credit eligibility information?

We will collect, hold, use and disclose credit information and credit eligibility information about you to:

assess applications for credit or whether to accept an individual as a guarantor in relation to credit;
assist you to avoid defaulting on your credit obligations;
notify other credit providers or a credit reporting agency body of a default by you;
assess your creditworthiness; or
offer you further services and products; or
comply with regulatory or legal requirements.

We will also collect, hold, use and disclose credit information and credit eligibility information about you to comply with Australian legislation, including the Corporations Act 2001, Proceeds of Crime Act 1987 and Anti-Money Laundering and Counter Terrorism Financing Act 2006 and any other similar Acts or regulations, together with any amendments to any such Acts.

Storage of your credit information and credit eligibility information

We use industry-standard methods and take such steps as are reasonable to protect your credit information and credit eligibility information from unauthorised access, modification or disclosure and from misuse, interference and loss.

Among other techniques, We usually:

store such information on a computer behind Our “firewall” in a secure location and/or with a trusted service provider who is in the business of providing data storage and processing services;
restrict the number of employees internally who can access such data; and
keep hard copies of documents in lockable cabinets in a secure location.

Once credit information is no longer required by Us for the purposes for which it was collected or held or otherwise in accordance with the Act, We will take all steps as are reasonable in the circumstances to ensure that it is either destroyed or de-identified.

Disclosure of credit information and credit eligibility information

We may disclose your credit information and credit eligibility information to any of the following third parties:

any regulatory, governmental organisation or industry or legal body which governs the conduct of any part of Our business in any jurisdiction or as required by law or regulation;
Our associated and related bodies corporate and entities;
a third party who is supplying a service to Us;
any other third party provided that We obtain your prior written consent;
your representatives (including your legal adviser, mortgage broker, financial adviser, executor, administrator, guardian, trustee, or attorney);
where permitted by law, debt collection agencies and/or financiers or other lenders; or
as otherwise permitted by law.

Disclosure outside of Australia

We may transfer your credit information and credit eligibility information to Our related, associated, subsidiary and parent companies in Pakistan, which are registered and governed by laws outside the Australian jurisdiction.

Credit Reporting Bodies (“CRBs”) and your credit information

CRBs are permitted under the Act and the CR Code to use and disclose your credit information. If you apply for commercial credit or offer to act as a guarantor, We may disclose your credit information to, or collect credit information about you from, a CRB. This information is used for the purpose of determining your eligibility for credit, and We may process the information to assess your creditworthiness and suitability for credit.

We may deal with the following CRBs:

Creditor Watch Pty Ltd
GPO Box 276, Sydney NSW 2001, www.creditorwatch.com.au, 1300 50 13 12;
Equifax Pty Limited
PO Box 964 North Sydney NSW 2059, www.equifax.com.au, 13 83 32; and
Illion Australia Pty Ltd
Level 20, 201 Elizabeth Street Sydney NSW 2000 (Phone 13 23 33)

Further information about how these CRBs manage credit related personal information can be found in their Privacy Policies available on their websites or by contacting them directly.

Access to and correction of your credit information and credit eligibility information

You may request access to the credit information and credit eligibility information that We hold about you. We may be able to provide you with access to this information in a manner that you request if this is reasonable and practicable.

You may request Us to correct the credit information and credit eligibility information held in relation to you if you believe that it is inaccurate, out of date, incomplete, irrelevant or misleading.

Please see Our contact details below to make an access or correction request. We will endeavour to respond to your request within 30 days.

If you are not satisfied with Our response to your access or correction request, please see Our Complaints section below for information on making a complaint.

Approach to complaints handling

You have the right to make a complaint if you believe that We have not complied with Our obligations under the Act and the CR Code. To make a complaint, please contact Us in writing using the contact details listed below.

We will endeavour to respond to your complaint within 30 days.

If you are not satisfied with Our response to your complaint, you may wish to refer your complaint to the Office of the Australian Information Commissioner. For contact details, please see www.oaic.gov.au.

Contact details

If you have any questions about this policy, please contact the Privacy Officer on (03) 9569-5000, by e-mail at privacy@phoenixtraffic.com.au or by mail to the Privacy Officer at PO Box 33 Oakleigh VIC 3166.

Changes to the credit reporting policy

We may, at Our discretion, change Our approach to the handling of credit information and will, in such instances, update the Credit Reporting Policy to reflect these changes. The most up-to-date copy of the Credit Reporting Policy will be available at www.phoenixtraffic.com.au.

STATEMENT OF NOTIFIABLE MATTERS

This statement has been prepared by Us to provide you with information on the credit reporting bodies that We deal with and to notify you about the rights you have in relation to your credit information.

Credit information

Credit information and credit eligibility information is personal information that may have a bearing on commercial credit that has been provided to you or that you have applied for or is about you as a guarantor of commercial credit. Credit information about you may include:
identification information; or
consumer credit liability information; or
repayment history information; or
a statement that an information request has been made in relation to you by a credit provider; or
default information; or
payment information; or
new arrangement information; or
court proceedings information; or
personal insolvency information; or
publicly available information in relation to your creditworthiness.

Credit information applies to both consumer credit and commercial credit.

Credit reporting bodies and your credit information

Credit reporting bodies are permitted under the Privacy Act 1988 and the Credit Reporting Privacy Code to use and disclose your credit information. If you apply for commercial credit or offer to act as a guarantor, We may disclose your credit information to, or collect credit information about you from, a credit reporting body. This information is used for the purpose of determining your eligibility for credit, and We may process the information to assess your creditworthiness and suitability for credit.

Credit reporting bodies that We may disclose credit information to:

We deal with the following credit reporting bodies:
Creditor Watch Pty Ltd
GPO Box 276, Sydney NSW 2001, www.creditorwatch.com.au, 1300 50 13 12;
Equifax Pty Limited
PO Box 964 North Sydney NSW 2059, www.equifax.com.au, 13 83 32; and
Illion Australia Pty Ltd
Level 20, 201 Elizabeth Street Sydney NSW 2000, www.illion.com.au, 13 23 33.

Further information about how these credit reporting bodies manage credit related personal information can be found in their privacy policies which can be obtained from their websites or by contacting them directly.

Our Credit Reporting Policy and how you may access your credit information
We manage credit information in accordance with Our Credit Reporting Policy.

Our Credit Reporting Policy contains further information on:
how you can access the credit information that We hold about you;
how you can correct the credit information that We hold about you;
how you can complain about a breach of regulatory obligations by Us;
the locations outside of Australia that We may disclose your credit information to.

Your rights in relation to your credit information
Credit reporting bodies offer a service to credit providers wishing to send direct marketing material about credit services to individuals. This is called “credit pre-screening”. You have the right to request the credit reporting bodies do not use your credit information for this purpose. To opt out of credit pre-screening, contact the credit reporting body, using the contact details provided above.

You can also ask a credit reporting body not to use or disclose your credit reporting information for a period if you believe on reasonable grounds that you have been or are likely to be a victim of fraud.