Credit Reporting Policy (Consumer Finance)

Breeze Capital Pty Ltd ACN 147 671 949

Breeze Payment Plans Pty Ltd ACN 665 267 792

Automated Collections Services Pty Ltd ACN 144 738 796
(and our related businesses)

Purpose

This Credit Reporting Policy explains how we manage credit information and credit eligibility information in accordance with:

• Part IIIA of the Privacy Act 1988 (Cth)
• the Privacy (Credit Reporting) Code 2014 (CR Code)
• applicable consumer credit and regulatory obligations

This Policy applies to our consumer finance products and credit-related activities.

Scope

This Policy applies to:

• applicants for consumer credit
• current and former consumer credit customers
• credit information we obtain from or disclose to credit reporting bodies
• credit reporting information we hold or use in connection with consumer finance

Types of Credit Information We Handle

We may collect, hold, use and disclose the following credit-related information:

• identification information
• credit application information and enquiries
• consumer credit liability information
• repayment history information (RHI)
• default information (where permitted under law)
• hardship arrangement information (where applicable and permitted)
• credit eligibility information received from credit reporting bodies
• information derived from credit reporting data
• fraud prevention and identity verification information

We only collect and use credit information that is reasonably necessary for our consumer lending functions.

Sources of Credit Information

We obtain credit information from:

• credit reporting bodies (Equifax, Illion, Experian)
• credit applications and supporting documentation provided by you
• internal account and repayment systems
• identity verification and fraud prevention services
• other credit providers (where permitted by law)

Use of Credit Information

We use credit information to:

• assess consumer credit applications
• verify identity and prevent fraud
• manage existing credit accounts
• monitor repayment performance
• meet legal and regulatory obligations
• comply with credit reporting obligations under Part IIIA

We do not use credit information for unrelated purposes.

Disclosure of Credit Information

We may disclose credit information to:

• credit reporting bodies (Equifax, Illion, Experian)
• service providers assisting with credit assessment or account management
• other credit providers (where permitted by law)
• internal staff and authorised representatives
• professional advisers (legal, accounting, compliance)
• regulators or law enforcement where required or authorised by law
• entities involved in sale, assignment or transfer of finance assets or business operations

We take reasonable steps to ensure disclosures are made in accordance with applicable legal requirements.

Credit Reporting Bodies

We may exchange credit information with:

• Equifax
• Illion
• Experian

These credit reporting bodies may use credit information to:

• maintain credit reports
• provide credit reporting services to other credit providers
• support fraud prevention and credit assessment functions as permitted by law

Accuracy and Data Quality

We take reasonable steps to ensure that credit information we report is:

• accurate
• up-to-date
• complete
• relevant
• not misleading

Our controls include:

• validation of account and repayment data prior to reporting
• review of account status before reporting defaults
• internal reconciliation processes
• investigation of discrepancies raised by customers or credit reporting bodies

Where we identify incorrect information, we take reasonable steps to correct it.

Access to Credit Information

You may request access to credit information we hold about you.

We will:

• verify your identity
• respond within a reasonable period in accordance with legal requirements
• provide access unless a legal exception applies

Requests should be made using the contact details in this Policy.

Correction of Credit Information

You may request correction of credit information you believe is:

• inaccurate
• out-of-date
• incomplete
• irrelevant
• misleading

Our process:

Upon receiving a correction request, we will:

1. acknowledge receipt of the request
2. verify identity
3. investigate the information in question
4. review internal records and relevant supporting information
5. consult with relevant credit reporting bodies where required
6. determine whether correction is required

Timeframes:

We will respond within the timeframes required under:

• Part IIIA of the Privacy Act 1988 (Cth)
• the Privacy (Credit Reporting) Code 2014 (generally within 30 days unless extended as permitted)

If correction is required:

We will take reasonable steps to:

• correct our records
• notify relevant credit reporting bodies
• ensure updated information is reflected where required

Credit Reporting Complaints and Disputes

If you believe credit information we hold is incorrect or has been improperly handled, you may lodge a complaint with us.

We will:

• investigate your complaint in accordance with this Policy
• review internal records and supporting documentation
• consult credit reporting bodies where required
• keep you informed of progress
• provide a written outcome with reasons

Defaults and Consumer Credit Reporting

We may report default information to credit reporting bodies where permitted under law.

We take reasonable steps to ensure:

• the debt is valid and payable
• required notices have been issued (where applicable)
• default amounts are accurate
• updates or removals are made where required

Where a default is disputed, we will investigate and take appropriate action under this Policy.

Hardship Information

Where applicable, we may record hardship arrangements in accordance with the Privacy Act and CR Code.

We ensure hardship information is:

• accurately recorded
• kept up to date
• corrected where arrangements change or conclude
• handled in accordance with legal requirements

Security of Credit Information

We take reasonable steps to protect credit information from:

• misuse
• interference
• loss
• unauthorised access, modification or disclosure

Safeguards include access controls, staff confidentiality obligations, encryption where appropriate, and system security protections.

Retention and Destruction

We retain credit information only for as long as necessary to:

• manage credit relationships
• comply with legal obligations
• meet credit reporting requirements

When no longer required, we take reasonable steps to securely destroy or de-identify the information.

Overseas Disclosure

We do not routinely disclose credit information overseas unless required for operational purposes and permitted by law.

Where overseas disclosure occurs, we take reasonable steps to ensure compliance with applicable Australian privacy requirements.

Relationship with Privacy Policy

This Credit Reporting Policy should be read together with our Privacy Policy.

In the event of any inconsistency, this Policy prevails to the extent of credit reporting information.

Availability of this Policy

This Policy is available on our website or upon request.

Contact Us

Operations Manager

Breeze Finance

PO Box 7795

Cloisters Square WA 6850

Alternatively you can call us on 1300 290 240

Review of Policy

We review this Policy periodically to ensure ongoing compliance with:

• the Privacy Act 1988 (Cth)
• the Privacy (Credit Reporting) Code 2014
• applicable regulatory guidance