Privacy & Credit Reporting Policy

Privacy Policy (Effective on and from 22nd of July 2016)

"Personal information" is information or an opinion about an identifiable person or a person who is reasonably identifiable. Custom Fleet Entities ("we" / "us" / "our") take our obligations to protect personal information seriously. We are bound by the Australian Privacy Act 1988 (Cth), including the Australian Privacy Principles,  and New Zealand Privacy Act 1993, including the New Zealand Privacy Principles and the Credit Reporting Privacy Code. 

About this Privacy Policy

The purpose of this Privacy Policy is to tell you how we manage your personal information. This includes:

  • the kinds of personal information that we collect and hold about you;
  • how we collect your personal information;
  • how we hold your personal information;
  • the purposes for collecting, holding, using and disclosing your personal information;
  • whether we will (or are likely to) disclose your personal information to overseas recipients and the countries where such recipients may be located;
  • how you may access your personal information held by us and correct that information where it is incorrect;
  • how you may make a complaint about the way we collect, hold, use or disclose personal information, and how we will deal with privacy related complaints;
  • our contact details;
  • the consequences of not providing personal information; and
  • how we use your information for direct marketing activities.

You may interact with us anonymously or by using a pseudonym if the interaction is general in nature. However, if the interaction is specific to an account or relates to your personal information we will need to identify you before we can engage in further discussions and correspondence.

This Policy will be kept up to date and published on the and

The kinds of personal information we collect and hold about you

As a company providing leasing facilities and management services, we collect and hold personal information about you. The types of personal information we collect and hold may vary depending on the nature of our interactions with you. We may not collect all the personal information listed below about you.  For example though, where we are providing a lease facility we would collect and hold :

  • your full name and contact details, including your residential address;
  • your date of birth;
  • financial information;
  • banking details;
  • employment information;
  • drivers licence number;
  • number of dependents;
  • spouse details;
  • assets and liabilities ;
  • transaction and repayment history information;
  • credit-related information (please also refer to our Credit Reporting Policy, which sets out how we handle your credit-related information); and
  • information about your preferences relevant to any marketing activities.

In order to satisfy our legal obligations, we may need to retain your information after a transaction or a relationship has ended. However, we will not retain your identifiable personal information longer than is reasonably necessary and permitted under relevant Australian and New Zealand privacy laws.

Some elements of personal information are also referred to as sensitive information, these include:

  • membership of a political association;
  • membership of a professional or trade association or union membership; or
  • criminal history.

We will only collect sensitive information with your consent or when permissible under the applicable privacy legislation and will only use this information for a legitimate purpose where this is reasonably necessary.

How we collect your personal information

Wherever it is possible and practical to do so, we will collect personal information directly from you. We may collect this information in person, over the telephone, by mail, over the internet, by e-mail or fax, or by completion of a form (such as an application form).

We may also collect your personal information from a third party. This will be limited to circumstances where it is impracticable or unreasonable for us to collect it directly from you or you have authorised us to collect the information from them. The type of third party who might provide information to us will vary depending on the nature of the business and interaction with you.

While this is not an exhaustive list, third parties include:

  • a credit reporting body (please also refer to our Credit Reporting Policy for more details on how we handle credit reporting information).
  • one of our  authorised representatives (e.g. brokers and agents);
  • a referee;
  • a current or past employer;
  • a government body;
  • another financial institution and credit providers;
  • someone authorised to act on your behalf (e.g. financial adviser, executor, administrator, trustee, guardian, attorney, solicitor, accountant or consumer advocate);
  • recruitment consultants (e.g. for job applicants); and
  • an introducer such as a broker, agent, dealer and  our retail partners  (who are not otherwise our authorised representatives).

How we hold your personal information

We understand the importance of protecting the personal information we hold about you. We take reasonable steps to ensure your personal information is free from misuse, interference, loss, unauthorised access or modification, which include:

  • securing all personal information;
  • limiting access to personal information only to those that need access; and
  • protecting our systems with appropriate technology solutions.

The purposes for collecting, holding, using and disclosing your personal information

We collect, hold, use and disclose your personal information in order to manage and administer the products and / or services we provide to our customers, whether they are individuals or businesses. You may be a customer, contractor, job applicant, supplier, service provider, partner or party with whom we do or have done business, or may do business with in the future.

As a lease facility and management services provider the major purposes for which we hold, use or disclose personal information are:

  • to assess applications for lease facility or management services;
  • to establish and manage lease and services arrangements;
  • to establish and administer any credit-related insurance product;
  • for fraud and crime prevention and investigation;
  • to collect payments which are overdue;
  • to report to various credit reporting bodies;
  • for planning, product and service development;
  • for research purposes;
  • to conduct risk modelling; and
  • to comply with any applicable laws.

Who we may disclose personal information to

We may disclose personal information to:

  • manufacturers, distributors and / or suppliers of goods in connection with your lease facility or management services;
  • insurers who provide insurance in relation to the lease facility;
  • service providers, such as customer service organisations, repairers, IT service providers, fuel card and other payment product providers, telematics providers, mobile and telecommunication providers, call centres, mailing houses, researchers, collections agents, statement producers, asset disposal service providers, property valuers, data analysts, professional advisers, auditors, organisations providing services and delivery companies;
  • other organisations as required or authorised by law, for example, to government or regulatory bodies for the prevention or detection of unlawful activities;
  • members of the Custom Fleet Entities and their affiliates overseas;
  • credit reporting bodies or other businesses or organisations that provide personal credit or commercial credit information consistently with the relevant Australian and New Zealand privacy laws;
  • other financial institutions and credit providers;
  • any current employee who you have named to verify your personal information;
  • organisations through whom you choose to make payments to us;
  • organisations wishing to acquire an interest in any part of our business for assessing or implementing any such acquisition;
  • lenders, trustees, investors and other entities in connection with our funding activities; and
  • any person who guarantees or proposes to guarantee your obligations to us or provide security in relation to such obligations for the purpose of allowing that person to assess whether to act as your guarantor and / or security provider.

We take steps to ensure that all of these businesses and our suppliers comply with relevant Australian and New Zealand privacy laws. If you are our customer (or a representative of a customer) there is additional information about our disclosure of personal information specific to that type of product in the relevant Important Privacy Notice.

Consequences for you if your personal information is not provided to us

If personal information about you is not provided to us, it may result in us being unable to process the application or provide services to you.

When we may disclose personal information to overseas recipients and the countries where such recipients may be located

As is the case throughout the financial services industry and other major industries, technology allows for services to be provided by different service providers including some that are located overseas. We utilise overseas service providers for some of our activities and to do so may need to disclose personal information to those service providers. We may also disclose such information to other overseas recipients for the purposes listed above when permitted to do so by the applicable privacy legislation.

It is likely that the countries to which your personal information may be disclosed will include Australia, New Zealand, United States and Canada, countries which we believe have privacy laws substantially similar to Australia and New Zealand or where the recipients are subject to restrictions that provide equivalent protection. If we disclose your personal information to recipients in any other jurisdiction we will take reasonable steps in the circumstances to ensure the recipient does not breach relevant Australian and New Zealand privacy laws. 

Direct Marketing

Personal information may also be used or disclosed to let  you know about products and services that may be of interest to you (for example, by letter, email or phone).

If you do not want your personal information to be used for direct marketing purposes please contact us so that we can action this request. This is referred to as "opting out" of direct marketing. You can "opt-out" of direct marketing by contacting us using the details in the 'Contact Us' section of our AU website or ‘Contact Us' section of our NZ website.

How you may access and correct the personal information held by us

You are entitled to access the personal information we hold about you. Simple requests are best handled by speaking to your relationship manager. More complex requests may be better detailed in writing to ensure we are able to respond accurately to your request. The 'Contact Us' section of our AU website or ‘Contact Us' section of our NZ website contains details of the ways you can contact us.

If there is a reason we are unable to agree to a request for access to your personal information we will advise you of this in writing. Some examples of why we may refuse a request for access include where providing the information:

  • may pose a threat to the health or safety of an individual or the public;
  • may have an unreasonable impact on the privacy of another individual;
  • is not allowed by law; or
  • may reveal internal information relating to a commercially sensitive decision making process.

If information we hold about you is incorrect we would like to know so that we can promptly correct this. The 'Contact Us' section of our AU website or ‘Contact Us' section of our NZ website contains details of the ways you can contact us and request a correction. In certain situations, we may not agree to a request to correct information we hold about you, if this occurs we will advise you of this and our reason for not agreeing to the correction request.

How you may make a complaint about the way we collect, hold, use or disclose personal information and how we will deal with privacy-related complaints

If you want to make a complaint about our handling of personal information we ask that you contact us first. We will then follow our Internal Dispute Resolution (IDR) process.

If you would like to:

  • request access to your personal information held by us;
  • correct your personal information held by us because you believe that the information that we hold about you is incorrect in any way; or
  • raise a concern about our handling of your personal information,

you can contact us:

  • in writing at Attn: Privacy Officer, 92 Bell Street Preston, VIC 3072 or Attn: Privacy Officer, 8 Tangihua Street, Auckland 1010;
  • by phone, by contacting your Relationship Manager or employer (whichever is applicable).

The 'Contact Us' section of our AU website or ‘Contact Us' section of our NZ website contains details of the other ways you can contact us.

We aim to review and resolve your enquiries as quickly and fairly as possible.  We will keep you informed of our progress.  We will do all we can to provide you with the most suitable response specific to your situation and ensure, where possible, that your complaint is resolved to your satisfaction.

For more detailed information on our complaint handling process please refer to our Internal Dispute Resolution web page.

If the complaint remains unresolved you may refer it to the Financial Ombudsman Service ("FOS") in Australia or the Insurance & Financial Services Ombudsman (“IFSO”) in New Zealand (as applicable). FOS & IFSO independently and impartially resolve disputes between customers and participating members on matters including privacy matters. Their contact details are:


Financial Ombudsman Service
GPO Box 3
Melbourne Victoria 3001
Phone: 1300 780 808
Fax: 03 9613 6399



Insurance & Financial Services Ombudsman Scheme
PO Box 10-845 
Wellington 6143 

Freephone:         0800 888 202
Telephone:          04 499 7612

Alternatively, you may refer the matter to the Office of the Australian Information Commissioner (the "OAIC") in Australia or the Office of the Privacy Commissioner in New Zealand (the “OPC) (as applicable). The contact details for the OAIC and the OPC are:


The Office of the Australian Information Commissioner
GPO Box 2999 
Canberra ACT 2601
Phone: 1300 363 992
Fax: 02 9284 9666


The Office of the Privacy Commissioner
PO Box 10094,
Wellington 6143
Fax: 04 474 7595
email it to   
Phone: 0800 803 909


Online servicing or access

When you register to access products or services online, the information collected is compared with the details we may already have stored, this might include your name and date of birth. This allows us to verify who is seeking access. If this information is not provided you will not be able to access your personal information online.

Tracking information on the web

For statistical purposes, we collect information on website activity such as the number of users who visit our websites, the date and time of visits, the number of pages viewed, navigation patterns, what country and what systems users have used to access the site and, when entering one of our websites from another website, the address of that website. This information is obtained through the use of 'cookies' (refer below for more information about 'cookies').

Our websites may also contain links to non-Custom Fleet websites. While these links are provided for convenience, if you are navigating these sites please be aware that the information handling practices of the linked websites may differ from ours. While we try to link only to sites that share our high standards and respect for privacy, we are not able to guarantee the privacy practices of other websites.

Website security

Whenever personal information is sent via our website we use high security levels to protect it. These security levels are standard for internet banking and large scale e-commerce sites and involve the use of 128-bit encryption. The security level of a web page can be viewed by clicking on the internet browser's padlock or key icon.


A 'cookie' is a packet of information that allows a website to identify and interact more effectively with a computer. Cookies do not identify you, but they do identify your browser type and Internet Service Provider.

Your browser can be individually set to accept all cookies, reject all cookies, or notify when a cookie is sent. If cookies are rejected, there may be limits on how our websites can be used. To evaluate the effectiveness of our website advertising, we may use third parties such as Google Analytics and Company 360 to collect statistical data. No personal data is collected on these occasions.

Website advertisements

From time to time we place Custom Fleet advertisements on non-Custom Fleet websites. This may involve installing a cookie on a computer when our advertisement is viewed. This simply allows us to keep track of how many unique visitors we have to our site and from what advertisements they entered. This then allows us to measure the effectiveness of different advertisements. The privacy policies of the websites which install the cookies should provide additional information about the use of cookies.

It is important to remember that a browser can be set to reject cookies.

Custom Fleet Entities

The Custom Fleet entities are:

  • in respect of our Australian customers, Custom Service Leasing Pty Ltd ABN 60 073 245 084, Custom Fleet Pty Ltd ABN 69 005 093 701, Element Fleet Services Australia Pty Ltd ABN 14 119 426 612 Element Financial (Australia) Pty Ltd ABN 14 119 426 612 and EFN (Australia) Pty Ltd ABN 90 607 344 650; and
  • in respect of our New Zealand customers, Custom Fleet NZ Company no. 621355, EFN (New Zealand) Limited Company no. 5759228 and EFN Fleet NZ Limited Company no. 5869341.