Skip links

UCFSA Privacy Policy

Download in a pdf form here.

UCFSA (“we”, “us”, “our”) is concerned about your privacy, including on the internet and within its Consumer and Merchant Portals and Website (collectively, the “Site”). We are bound by the Australian Privacy Principles (“APPs”) contained in the Privacy Act 1988 (Cth) (the “Privacy Act”).  The APPs govern the way in which we collect, use, disclose, store, secure and dispose of your personal information, as defined in the Privacy Act (“Personal Information”).  A copy of the APPs can be obtained from the website of The Office of the Australian Information Commissioner, located at


We have created this Privacy Policy to let you know how UCFSA collects, uses and safeguards the Personal Information that is collected in the course of providing services to you, including through the Site, and otherwise in the course of our business activities.


This Privacy Policy (the “Policy”) works and should be read in conjunction with the Terms and Conditions of Use but does not modify or supersede them. Terms which are capitalized but not defined herein shall have the meaning ascribed to them in the Terms and Conditions.

  1. UCFSA Collection of Your Information

Where reasonable and practicable to do so, we will collect your Personal Information only from you. However, in some circumstances we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.


In the course of using the Site or providing services to you, UCFSA may ask you for the following types of information which is Personal Information:

  1. ID information such as your name, e-mail address, postal address, telephone numbers, date of birth, and other information to conduct business with; and
  2. Certain financial information as part of your application

We may also obtain Personal Information about you from third parties for the purpose of contacting you, verifying information you provided to us, credit information as part of your application, information to help us with fraud prevention, and prospective employment, if you apply to work for us.


Over the course of our relationship with you, we may collect and hold additional Personal Information about you, including transactional information, account or policy information, complaint or enquiries about your product or service.


Particularly (but not limited to) if you are applying to work for us, we may also collect and hold Sensitive Information about you, including:

  1. health information;
  2. your racial or ethnic origin;
  3. your sexual orientation;
  4. your religious beliefs or affiliations;
  5. genetic information; and
  6. your membership of any trade unions, professional or trade associations, or political parties.


We only collect Sensitive Information (as defined in the Privacy Act) about you with your consent, or otherwise in accordance with the Privacy Act. Sensitive information will be used by us only:

(a)  for the primary purpose for which it was obtained;

(b)  for a secondary purpose that is directly related to the primary purpose;

(c)  with your consent; or where required or authorised by law.


Credit Information: When we’re checking your credit worthiness and at other times, we might collect Personal Information about you from, and give (disclose) it to, credit reporting bodies. This information can include:

  1. ID information: a record of your name(s) (including an alias or previous name), date of birth, gender, current or last known address and previous two addresses, name of current or last known employer and drivers licence number.
  2. Information request: a record of a lender asking a credit reporting body for information in relation to a credit application, including the type and amount of credit applied for.
  3. Default information: a record of your consumer credit payments being overdue.
  4. Serious credit infringement: a record of when a lender reasonably believes that there has been a fraud relating to your consumer credit or that you have avoided paying your consumer credit payments and the credit provider can’t find you.
  5. Personal insolvency information: a record relating to your bankruptcy or your entry into a debt agreement or personal insolvency agreement.
  6. Court proceedings information: an Australian court judgment relating to your credit.
  7. Publicly available information: a record relating to your activities in Australia and your credit worthiness.
  8. Consumer credit liability information: certain details relating to your consumer credit, such as the name of the credit provider, whether the credit provider has an Australian Credit Licence, the type of consumer credit, the day on which the consumer credit was entered into and terminated, the maximum amount of credit available and certain repayment terms and conditions.
  9. Repayment history information: a record of whether or not you’ve made monthly consumer credit payments and when they were paid.
  10. Payment information: If a lender gave a credit reporting body default information about you and the overdue amount is paid, a statement that the payment has been made.
  11. New arrangement information: If a lender gave a credit reporting body default information about you and your consumer credit contract is varied or replaced, a statement about this.


We base some things on the information we get from credit reporting bodies, such as:

  • our summaries of what the credit reporting bodies tell us; and credit scores (a credit score is a calculation that lets us know how likely a credit applicant will repay credit we may make available to them).

We may also obtain certain non-personally identifiable information when you visit many of our Web pages such as the type of browser you are using (e.g. Internet Explorer, Chrome, Firefox, Safari), the type of operating system you are using, (e.g. Windows, Chrome OS, Android or Mac OS), the domain name of your Internet service provider (e.g. Telstra, Optus, TPG, iiNet, etc), aggregate data about the number of visits to the Site and/or aggregate data about the pages visited, and IP and location information. Together, this information is called “Aggregate Data”, and it is not Personal Information to which this Policy applies.

If you have general enquiry type questions, you can choose to do this anonymously or use a pseudonym. We might not always be able to interact with you this way, however, as we are often governed by strict regulations that require us to know who we’re dealing with.

  1. How UCFSA collects information

There are many ways we seek information from you. We might collect your information when you fill out a form with us, when you’ve given us a call, used our websites (including the Website) or sent us information through other means. In addition, when you use our Website we may collect information about your IP address, location or activity.


When we collect Personal Information we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it.


As a general rule, we only process Personal Information for purposes that would be considered relevant and reasonable in the circumstances, including providing you with our goods and services.


When we collect Personal Information from you, we will take such steps (if any) as are reasonable in the circumstances to notify you or ensure you are aware:

  • of our identity and contact details;
  • that we have collected your Personal Information, and whether that collection is required or authorised by law;
  • of the purposes of collection;
  • of the consequences if Personal Information is not collected (such as if this will affect our ability to provide products or services to you);
  • of the manner in which we may disclose Personal Information of the kind collected;
  • of this Privacy Policy; and
  • whether we are likely to disclose Personal Information to overseas recipients, and if practicable, the relevant countries in which they are located.


Some of the above information is included in this Privacy Policy.


If we collect Personal Information about you from a third party we will, where appropriate, request that the third party inform you that we are holding such information, how we will use and disclose it, and that you may contact us to gain access to and correct and update the information.

  1. How UCFSA Uses the Information

UCFSA uses the Aggregate Data to improve the design and content of the Site. UCFSA may use the Aggregate Data to analyze Site usage as well as create products and services to fit your needs. Also, UCFSA may share this Aggregate Data with UCFSA’s affiliates and third-party vendors. UCFSA shall owns Aggregate Data, and might maintain copies as part of its records.


We collect your Personal Information for the primary purpose of providing our services to you and our other clients, providing information to you and our clients generally, and marketing (unless you advise us that you do not want to receive marketing material from us). We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure.


Specifically, UCFSA uses the Personal Information you provide:

  1. to process your application—whether a consumer or independent merchant—and provide you with the products or services you requested;
  2. to service your account with us, and communicate with you regarding your account;
  3. for general business management and reporting purposes;
  4. internal training, and other purposes related to operation of our business; and
  5. to communicate with you and to assist you with any questions you have about the Site or our offerings.


UCFSA may use the Personal Information that it collects to offer you other products or services that UCFSA believes may be of interest to you (unless you advise us that you do not want to receive such communications from us).


We will not use or disclose your Personal Information for any other purpose unless we believe that you would reasonably expect this to occur, you have consented to such use or disclosure, or the use or disclosure is otherwise required or permitted by law.

  1. Marketing Communications and Opting Out

Like most businesses, marketing is important to our continued success. We believe we have a unique range of products and services that we provide to customers at a high standard.  We therefore like to stay in touch with customers and let them know about new opportunities. We may provide you with information about new products, services and promotions either from us (such as where you have signed up to receive our email newsletter), or from third parties which may be of interest to you.


We may disclose your Personal Information to third party service providers for the purposes of assistance with our own marketing activities. We will not otherwise disclose your Personal Information to third parties for marketing purposes without your consent.


You can let us know at any time if you no longer wish to receive direct marketing offers (see ‘Contact Us’). We will process your request as soon as practicable.

  1. With Whom Do We Share Your Personal Information.

Generally speaking, we do not share your Personal Information with anyone unless it is necessary for the product or service you have requested, you consent to the disclosure to a third party, or if the sharing is required or permitted by law.


We may disclose Personal Information within our organisation (including to other members of our corporate group) or to third parties such as our suppliers, organisations that provide us with technical and support services, or our professional advisors, where permitted by the Privacy Act.  We may also contract with third party service providers to assist us in better understanding our website visitors.  These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business.


If we disclose information to a third party, we generally require that the third party protect your information to the same extent that we do.  However, non-personally identifiable visitor information may be provided to other parties for marketing, advertising, or other uses.

  1. Transfer of Data Overseas

We may use overseas facilities or contractors to process or backup our information or to provide certain services to us. This may involve your Personal Information being transferred to locations outside Australia. These firms, service providers and contractors may not be Australian entities or regulated by the Privacy Act, and may not be subject to privacy laws that provide the same level of protection as Australia’s. By providing us with your Personal Information, you consent to the disclosure of your Personal Information to such firms, service providers and contractors for such purposes necessary our useful in the course of operating our business, on this basis, and agree that Australian Privacy Principle 8.1 will not apply to such disclosure. For the avoidance of doubt, in the event that an overseas recipient breaches the Australian Privacy Principles, that entity will not be bound by, and you will not be able seek redress under, the Privacy Act.


Any such disclosure or transfer of information does not change any of our commitments to safeguard your privacy.

  1. Updating and Accessing Your Personal Information

It is an important to us that your Personal Information is up to date. We will take reasonable steps to make sure that your Personal Information is accurate, complete and up-to-date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.


You may access your Personal Information that we collect and store, or request that we update or correct it, or delete it entirely, at any time by making a request via the Contact Us information below. On the rare occasions when we refuse access or deletion, we will provide you with a written notice stating our reasons.

In limited circumstances where permitted we may withhold the information (e.g., where the disclosure would infringe on another’s rights). We are not obliged to correct any of your Personal Information if we do not agree that it requires correction and may refuse to do so.  If we refuse a correction request, we will provide you with a written notice stating our reasons for refusing.


If you make a request for access to, or deletion of, your Personal Information, we will require identification so we can verify who you are.


We will not charge any fee for your access or deletion request, but may charge an administrative fee for providing a copy of your Personal Information.


We will respond to all requests for access to or deletion or correction of Personal Information within a reasonable time.

  1. Making a Complaint

If you have any queries or concerns about our Privacy Policy, or how we handle your Personal Information, please contact our privacy officer via the Contact Us information below.

We take all complaints seriously, and will respond to your complaint within a reasonable period.


If you are dissatisfied with the handling of your complaint, you may contact the Office of the Australian Information Commissioner:


Office of the Australian Information Commissioner

GPO Box 5218

Sydney NSW  2001

Telephone: 1300 363 992



  1. Security

UCFSA has implemented security measures to help protect against the risk of loss, misuse and alteration of any information under its control. We will hold Personal Information as either secure physical records, electronically on our intranet system, in cloud storage, and in some cases, records on third party servers, which may be located overseas.


Personal Information provided to UCFSA is encoded using Secure Socket Layer (SSL) technology, a powerful encryption protocol that protects data as it travels over the Internet, provided your browser supports it.


We maintain appropriate physical, procedural and technical security for our offices and information storage facilities so as to prevent any loss, misuse, unauthorised access, disclosure, or modification of Personal Information.  This also applies to disposal of Personal Information.

When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Information. Any Personal Information stored in client files will be kept by us for a minimum of 7 years to comply with our business obligations.


Nevertheless, such security measures may not prevent all loss, misuse or alteration of information on the Site, and UCFSA and its third-party licensors are not responsible for any damages or liabilities relating to any such security failures. Furthermore, the Site contains links to other sites, including third party sites. UCFSA is not responsible for nor can UCFSA ensure the privacy practices or content of such other sites.

  1. Cookies

“Cookies” are pieces of data sent from a Web server to a Web browser that enable a Web server to identify users that visit a site hosted by that server. UCFSA may use Cookies in order to identify you to our Site so that UCFSA can provide more customized information and services to you. In general, if you choose, you can identify or disable the use of Cookies by reviewing your browser’s preferences and options; however, the Site may not function correctly if you disable the Cookies.

  1. Modification of Privacy Policy

UCFSA may change this Privacy Policy at any time, without notice to you. The current up-to-date version will always be available on the Site.

Your continued viewing of or use of the Site following the posting of any changes to this Privacy Policy will signify your assent to any such changes or amendments.

  1. Contact Us

You may contact UCFSA with questions or comments regarding this Policy or anything else related to UCFSA and/or the Site at or