Privacy Policy.

1. About This Policy

This Privacy Policy outlines how Blackfort Pty Ltd (ABN 38 648 606 222), Australian Credit Licence 566996 (referred to as “Blackfort”, “we”, “our”, “us”) manages your personal information in compliance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). By accessing our website or using our services, you agree to this Privacy Policy.

We take your privacy seriously and are committed to maintaining the confidentiality and security of your personal information.

2. What is Personal Information?

Personal information is any information or opinion (whether true or not) about an identified individual, or an individual who is reasonably identifiable. This includes your name, contact details, identification documents, and other relevant data.

3. Types of Personal Information We Collect

We may collect and hold the following personal information:

• Full name, date of birth, and gender
• Contact details (e.g., address, email, phone number)
• Employment and income details
• Financial and credit information
• Identification documents (e.g., driver's licence, passport)
• Superannuation or insurance information (if applicable)
• Any other information you provide directly or indirectly

We may also collect sensitive information with your consent, such as health information relevant to financial hardship applications.

4. How We Collect Your Personal Information

We collect personal information from:

• Direct interactions with you (e.g., phone, email, online forms)
• Our website and digital services
• Third parties such as brokers, agents, employers, and credit reporting bodies
• Publicly available sources
• Cookies and other web tracking technologies

We will take reasonable steps to notify you when collecting information indirectly, as required by law.

5. Why We Collect, Hold, Use and Disclose Your Information

We use your personal information to:

• Provide and manage our financial services and products
• Verify your identity and assess credit applications
• Administer loans, payments, and customer accounts
• Comply with legal and regulatory obligations
• Prevent fraud and respond to complaints or disputes
• Conduct research and improve our services

6. Who We Disclose Your Information To

We only disclose your personal information to third parties when:

• It is necessary to provide our services to you
• You have given consent (express or implied)
• Required or permitted by law

Third parties may include:

• Related entities of Blackfort Pty Ltd
• Lenders and mortgage insurers
• Identity verification providers and payment processors
• Mailing houses, technology providers, or research consultants
• Lawyers, accountants, debt collectors, and professional advisors
• Credit reporting bodies (e.g., Equifax)
• Government authorities, courts, or regulators
• Your authorised representatives (e.g., broker, financial advisor)
• Document issuers (e.g., for ID verification)
• Valuation & Quantity Surveyor firms

Credit reporting bodies: We may disclose your credit information to credit reporting bodies if you fail to meet repayment obligations or commit serious credit infringements.

7. Overseas Disclosure

We may disclose your personal information to third-party service providers located overseas, including but not limited to the United States and Singapore, for the purposes of supporting service delivery. Reasonable steps are taken to ensure these third parties adhere to privacy obligations equivalent to those under Australian law.

8. How We Protect Your Personal Information

8.1 Physical Security

• Restricted access to physical records
• Customer identity checks
• Staff training on data handling and confidentiality

8.2 Digital Security

• Secure servers and encryption protocols
• Access controls for authorised personnel only
• Security measures for online platforms and websites

We take reasonable steps to destroy or de-identify personal information that is no longer required, unless retention is required by law (e.g., keeping transaction records for 7 years as per legal obligations).

8.3 Unsolicited Information

If we receive personal information we did not request, we will determine if it is necessary to retain. If not, we will securely destroy or de-identify it.

8.4 Data Breaches

We comply with the Notifiable Data Breaches (NDB) Scheme. If a data breach occurs that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC).

9. Access to and Correction of Your Personal Information

You may request access to or correction of your personal information at any time by contacting us (see Section 11).

• We will respond within 30 days of receiving your request.
• If we refuse access or correction, we will provide written reasons and outline your options to challenge the decision.
• We may charge a reasonable fee to cover processing time and costs, but we will notify you in advance.

10. Policy Updates

We may update this Privacy Policy from time to time. The most current version is always available at www.blackfort.com.au or by calling 1300 307 777.

11. How to Contact Us

If you have questions, concerns, or requests relating to your personal information, please contact our Privacy Officer:

12. Complaints and Feedback

12.1 How to Lodge a Complaint

To help us resolve your complaint efficiently, please provide:

• Your full name and contact details
• Details of the complaint (what happened, when, and why)
• Desired outcome or resolution

How to lodge:

12.2 How We Handle Complaints

• We aim to resolve complaints on the spot where possible.
• If further investigation is required, we'll keep you informed throughout the process.
• We aim to resolve complaints within 21 days, and no later than 45 days.
• If delays occur, we will inform you of the reasons.

If we do not receive a response from you when additional information is requested, we may consider the matter resolved, but we are happy to re-open the matter upon your response.

12.3 External Dispute Resolution

If you are not satisfied with our handling of your complaint, you may escalate the matter to:

Or contact the Office of the Australian Information Commissioner (OAIC):