In the course of our business in Australia, there are circumstances where we collect personal information. This privacy policy has been developed to ensure that such information is handled appropriately.
We are committed to complying with the Privacy Act 1988 (Cth) (Privacy Act) in relation to all personal information we collect. Our commitment is demonstrated in this policy. The Privacy Act incorporates the Australian Privacy Principles (APPs). The APPs set out the way in which personal information must be treated.
This privacy policy also incorporates our policy on managing credit information (see below).

Who does the privacy policy apply to?

This policy applies to any person for whom we currently hold, or may in the future collect, personal information.

What information does the privacy policy apply to?

This policy applies to personal information. In broad terms, 'personal information' is information or opinions relating to a particular individual who can be identified. Information is not personal information where the information cannot be linked to an identifiable individual.

How do we manage the personal information we collect?
We manage the personal information we collect in numerous ways, such as by:

  1. implementing security systems for protecting personal information from misuse, interference and loss from unauthorised access, modification or disclosure;

  2. providing staff with training on privacy issues;

  3. appropriately supervising anyone who regularly handle personal information;

  4. implementing procedures for identifying and reporting privacy breaches and for receiving and responding to complaints.

We will take reasonable steps to destroy or permanently de-identify personal information if that information is no longer needed for the purposes for which we are authorised to use it.

What kinds of information do we collect and hold?

Personal information

We might collect and hold personal information about you, which might include:

  1. sensitive information (see below);

  2. name;

  3. contact information including your email, home/delivery address and billing address;

  4. payment information

  5. insurance information;

  6. credit information;

  7. any other personal information required to perform and conduct our business .

Sensitive information

‘Sensitive information’ is a subset of personal information and includes personal information that may have serious ramifications for the individual concerned if used inappropriately. Sensitive information we may include any of the following:

  1. health information;

  2. racial or ethnic origins;

  3. genetic information; or

  4. political opinions and membership of political organisations.

We will not collect sensitive information without the individual’s consent to whom the information relates unless permitted under the Privacy Act.

How and when do we collect personal information?

Our usual approach to collecting personal information is to collect it directly from the individual to whom the information relates

We may also collect personal information in other ways, which may include:

  1. from friends, family members or associates of the individual;

  2. feedback surveys;

  3. through marketing and business development events; or

  4. from third party suppliers.

When you visit our website, we, and/or third parties, may place cookies on your browser to enhance and manage our website and improve our business and the products we offer.  We and/or third parties  may use this information to optimise and place advertisements, including advertisements of third-party sellers and remarketing advertisements based on past visits to this website.

In addition to personal information, we may collect other information about you or the device you use to access our platforms. By using the website and agreeing to this policy, you grant us permission to place and store cookies on your browser. Cookies may be used by us to collect information about how you use websites you visit, including the following information:

  1. your computer or mobile device's operating system

  2. your computer or mobile device's browser type and capabilities;

  3. your computer or mobile device's Internet Protocol (IP) address and geolocation;

  4. web pages visited, including how you were referred to each web page; and

  5. web page usage statistics, including the time spent on each web page.

Cookies can be managed by accessing the individual settings in your browser.

How do we hold personal information? 

Our usual approach to holding personal information includes:

  1. physically at our premises (securely); or

  2. electronically through secure internal servers and websites and a private cloud, or on electronic storage devices, including DVD and USB.

We will take all reasonable steps to ensure that all personal information we hold is secure from any unauthorised access, misuse or disclosure. However, we do not guarantee that personal information cannot be accessed by an unauthorised person (e.g. a hacker) or that unauthorised disclosures will not occur.

Why do we collect, hold, use or disclose personal information?

We take reasonable steps to use and disclose personal information for the primary purpose for which we collect it. The primary purpose for which information is collected varies, depending on the particular service being provided, but is generally to provide our products or services to you.

Personal information may also be used or disclosed by us for secondary purposes which are within your reasonable expectations and which are related to the primary purpose of collection. For example, we may collect and use your personal information for marketing and business development purposes.

We may disclose personal information to:

  1. government bodies;

  2. our advisors and consultants;

  3. other sellers;

Otherwise, we will only disclose personal information to third parties if permitted by the Privacy Act.

Will we disclose personal information outside Australia?

Your personal information will not be disclosed to an overseas recipient unless we are satisfied that the ……receiving party provides commitments to privacy and confidentiality which are at least equal to the Australian ……Privacy Principles or the recipient is subject to privacy protection laws that offer at least the same level of ……protection as required under the Privacy Act in Australia.

How do we manage your credit information?

What kinds of credit information may we collect?

The main kind of credit information we collect is an individual’s identification information.

However, in the course of providing products or services, we may be given (and subsequently hold) the following other kinds of credit information:

  1. a) information about any credit that has been provided to you;

  2. b) your repayment history;

  3. c) information about your overdue payments;

  4. d) if terms and conditions of your credit arrangements are varied;

  5. b) any publicly available information about your credit worthiness; and

How can you access and correct your personal information?

It is important the information we hold about individuals is up to date. Individuals should contact us if their personal information changes.

Individuals may request access to the personal information we hold or ask for their personal information to be corrected.

We will grant an individual access to their personal information as soon as possible, subject to the request ….circumstances.

In keeping with our commitment to protect the privacy of personal information, we will not disclose personal   ….information to an individual without proof of identity.

We may deny access to personal information if:

  1. a) the request is impractical or unreasonable;

  2. b) providing access would have an unreasonable impact on the privacy of another person;

  3. c) providing access would pose a serious and imminent threat to the life or health of any person;

  4. d) providing access would compromise our professional obligations; or

  5. e) there are other legal grounds to deny the request.

Notifiable Data Breaches Scheme

In the event of any loss, or unauthorised access or disclosure of your personal information that is likely to result in serious harm to you, Corrs will investigate and notify you and the Australian Information Commissioner as soon as practicable, in accordance with the Privacy Act 1988.


To make a complaint about a breach of the Australian Privacy Principles, which includes how we handle your personal information, you may contact us (details below) . We will endeavour to respond to your complaint within a reasonable time after it is received. If you are not satisfied by our response, you may acquire further information regarding privacy from the Office of the Australian Information Commissioner.

Person: Kitty Blomfield, Director


Email address:

Changes to the policy

We may update, modify or remove this policy at any time without prior notice. Any changes to the privacy policy will be published on our website.

This policy is effective from January 2020.