Privacy Policy

The Affordable Car Leasing Pty Ltd Group of companies (ACL Group*) (“we” / “us”/ “our”) take your right to privacy seriously. We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (“APPs”) (together, “the Privacy Act”).

About this Privacy Policy

This Privacy Policy outlines how we manage your personal information. It also describes generally the sorts of personal information we hold and for what purposes, and how that information is collected, held, used and disclosed.

Our Privacy Policy applies to all your dealings with us whether through our call centre, via our websites or a third party. However, depending on the ACL Group organisation with which you deal, further privacy information may apply in addition to the matters discussed in this Privacy Policy.

We encourage you to check our websites regularly for any updates to our Privacy Policy.

The kinds of personal information we collect and hold about you

Personal information is information or opinion that allows others to identify you. It includes your name, age, gender, contact details, as well as your health and financial information.

As a group of companies offering a wide range of products and services, we collect and hold personal information about you.

We collect information from our customers, prospective customers, prospective employees, contractors, suppliers, brokers, introducers, merchants, agents, service providers and the people who represent the businesses we deal with.

The types of personal information that we collect and hold about you could include:

  • identification: a record of your name(s) (including an alias or previous name), date of birth, gender, current or last known address and previous two addresses, name of current or last known employer and drivers licence number.
  • contact details: including phone numbers, email address and social media handles
  • consumer credit liability information such as credit accounts you hold/ have held with financial institutions
  • credit information such as details relating to credit history, credit capacity, and eligibility for credit (‘credit worthiness’); and
  • repayment History Information including whether a payment was overdue or paid
  • health information;
  • other information we think is necessary.

We will only collect personal information with your consent or when permissible under Australian law and will only use this information for a legitimate purpose where this is reasonably necessary.

How we collect your personal information

Wherever it is possible and practical to do so, we will collect personal information directly from you. This may be in person, over the telephone, by mail, through our website, by e-mail or fax, or by completion of a form (such as an application form).

We may also collect your personal information from a third party. This will be limited to circumstances where it is impracticable or unreasonable for us to collect it directly from you. The type of third party who might provide information to us will vary depending on the nature of the business and interaction with you.

Third parties could be:

  • a credit reporting body;
  • an authorised representative (e.g. brokers, agents, accountants or solicitors);
  • a referee;
  • an employer;
  • a government body; or
  • another financial institution.

How we hold your personal information

We store information in different ways, including in paper and electronic form. The security of your personal information is important to us and we take reasonable steps to protect it from misuse, interference, loss, unauthorised access, modification or disclosure. Some of the ways we do this are:

  • confidentiality requirements of our employees;
  • document storage security policies;
  • security measures for access to our systems;
  • only giving access to personal information to a person who is verified to be able to receive that information;
  • control of access to our buildings; and
  • electronic security systems, such as firewalls and data encryption on our websites.

We can store personal information physically or electronically with third party data storage providers. Where we do this, we use contractual arrangements to ensure those providers take appropriate measures to protect that information and restrict the uses to which they can put that information.

The purposes for collecting, holding, using and disclosing your personal information

We collect, hold, use and disclose your personal information in order to manage and administer the products and / or services we provide to our customers.

As a credit provider a major purpose for which we hold, use or disclose personal information is to assess credit applications, manage credit agreements, for planning, product and service development, research purposes and to analyse the risk profiles of our customers or potential customers.

Marketing our products and services

Personal information may also be used or disclosed to advise you of products and services that may be of interest to you by means of direct marketing.

We may conduct these marketing activities via email, telephone, SMS, IM, mail, or any other electronic means. We may also market our products to you through third party channels (such as social networking sites).

You can let us know at any time if you no longer wish to receive direct marketing offers from the Group (see ‘Contact Us’). We will process your request as soon as practicable.

How you may access your personal information held by us and seek correction of that information where it is incorrect

You are entitled to access and make enquiries about the information we hold about you. Simple requests are best handled by speaking to us. More complex requests may be better detailed in writing to ensure we fully understand and are able to respond accurately to your request. The ‘Contact Us’ section of our website contains details of the ways you can contact us.

If there is a reason we are unable to agree to a request for access to your personal information we will advise you of this in writing. Some examples of why we may refuse a request for access include, where providing the information:

  • may pose a threat to the health or safety of an individual or the public;
  • may have an unreasonable impact on the privacy of another individual;
  • the information would not be ordinarily accessible because of legal proceedings;
  • is not allowed by law; or
  • may reveal internal information relating to a commercially sensitive decision-making process.

If information we hold about you is incorrect, we would like to know so that we can promptly correct this. The ‘Contact Us’ section of our website contains details of the ways you can contact us and request a correction.

How you may make a complaint about the way we collect, hold, use or disclose personal information and how we will deal with Privacy related complaints

If you have a complaint, you should contact us first, by using the Customer Care contact details shown on the ‘Contact Us’ section of our website.

Wherever possible we will seek to settle your complaint on the spot. If we can’t do this, we will advise you in writing within two business days of receiving your complaint about the procedures for investigating and handling the complaint.

If we cannot resolve your complaint on the spot, we will seek to deal with your complaint within 21 days. If we cannot notify you of a decision within 21 days and we need additional time, we will write to you advising that a further period, not exceeding 24 days, will be required for investigation. This will extend the complaint handling time to a total of 45 days from the initial date of lodgement. If the unresolved complaint exceeds 45 days, we will advise you in writing and specify a date when a decision can be expected and give you regular updates.

If you are unhappy with any decision or the handling of the complaint by us, you can refer your complaint for external resolution to the Australian Financial Complaints Authority (AFCA). This service is available at no cost to you. The contact details for AFCA are:

Australian Financial Complaints Authority
Post: GPO Box 3, Melbourne VIC 3001
Telephone: 1800 931 678

Alternatively, you may refer the matter to the Office of the Australian Information Commissioner (the “OAIC”). The contact details for the OAIC are:

The Office of the Australian Information Commissioner
Post: GPO Box 5218, Sydney NSW 2001
Telephone: 1300 363 992
Fax: 02 9284 9666

To whom we may disclose personal information

In order for ACL Group to best provide our products and services to our customers, from time to time, we share personal information with our related bodies corporate, as defined in the Corporations Act 2001 (Cth).

We may also disclose personal information to businesses who provide various services to us and are outside of the ACL Group, such as third party financiers, credit reporting agencies and merchant agents, both in and outside Australia, including to the Asia-Pacific, European Union or the United States of America. We require all of these businesses and our suppliers to comply with strict confidentiality requirements and the APPs. If you are our customer (or a representative of a customer) there is additional information about our disclosure of customer specific personal information in our Privacy Acknowledgement and Consent.

Tracking information on the web

For statistical purposes, we collect information on website activity such as the number of users who visit our websites, the date and time of visits, the number of pages viewed, navigation patterns, what country and what systems users have used to access the site and, when entering one of our websites from another website, the address of that website. This information is obtained through the use of ‘cookies’ (refer below for more information about ‘cookies’).

Our websites may also contain links to websites affiliated with, but not owned or run by ACL Group companies. While these links are provided for convenience, if you are navigating these sites please be aware that the information handling practices of the linked websites may differ from ours. While we try to link only to sites that share our high standards and respect for privacy, we are not able to guarantee the privacy practices of other websites.

Website security

Whenever personal information is sent via our website we use high security levels to protect it. These security levels are standard for internet banking and large-scale e-commerce sites and involve the use of 128-bit encryption. The security level of a web page can be viewed by clicking on the internet browser’s padlock or key icon.


A ‘cookie’ is a packet of information that allows a website to identify and interact more effectively with a computer. Cookies do not identify you, but they do identify your browser type and Internet Service Provider.

Your browser can be individually set to accept all cookies, reject all cookies, or notify when a cookie is sent. If cookies are rejected, there may be limits on how our websites can be used. To evaluate the effectiveness of our website advertising, we may use third parties to collect statistical data. No personal data is collected on these occasions.

Website advertisements

From time to time we place ACL Group advertisements on non-ACL Group websites. This may involve installing a cookie on a computer when our advertisement is viewed. This simply allows us to keep track of how many unique visitors we have to our site and from what advertisements they entered. This then allows us to measure the effectiveness of different advertisements. The privacy policies of the websites which install the cookies should provide additional information about the use of cookies.

It is important to remember that a browser can be set to reject cookies.

Last updated: October 2020