This policy applies to all employees, contractors, and clients of Specialist Broking, and outlines how we manage privacy and data security across our operations. 

This policy defines how Specialist Broking collects, uses, stores, secures, and discloses personal and sensitive information in line with Australian law and financial services obligations. 

• Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) 

• Notifiable Data Breaches (NDB) Scheme 

• Consumer Data Right (Open Banking) 

• ASIC and OAIC guidance on financial and personal information handling 

We collect only what we need to provide lending and financial services. This may include: 

• Personal identification (e.g. name, DOB, contact details) 

• Financial details (e.g. income, assets, liabilities) 

• Employment and credit information 

• Sensitive information (e.g. health data if relevant to an application) 

• Directly from you (e.g. forms, calls, emails) 

• From third parties with your consent (e.g. accountants, real estate agents, employers) 

• Through secure digital services and integrations (e.g. bank feeds) 

We use this information to: 

• Provide you with tailored credit assistance 

• Submit and manage applications with lenders 

• Meet compliance, legal, and regulatory obligations 

We may disclose your information: 

• To lenders, aggregators (including Specialist Finance Group), and service providers 

• With your explicit consent 

• To legal or regulatory bodies as required 

• To offshore providers where necessary, ensuring APP 8 compliance* 

We apply layered physical, administrative, and technical security controls: 

• Multi-factor authentication (MFA) for system access 

• Data encryption in transit and at rest 

• Regular secure backups with redundancy 

• Internal staff access control and training 

• Device and software patching 

You have the right to: 

• Access personal information we hold about you 

• Request corrections or updates 

• Withdraw consent (where applicable) 

• Make a complaint if you believe your privacy has been breached 

If you have questions about this policy or wish to access, correct, or lodge a concern regarding your personal information, please contact our Privacy Officer: 

Daniel Jones, CEO & Founder 

Email: daniel@specialistbroking.com.au 

In the event of a data breach likely to cause serious harm: 

• We will contain and assess the breach immediately 

• Notify affected individuals and the OAIC as required by the NDB Scheme 

• Review and adjust systems to prevent recurrence 

This policy is reviewed annually or in response to major changes in regulation, technology, or business process. 

This policy is consistent with: 

• The MFAA's Code of Practice 

• Specialist Finance Group's credit reporting obligations 

• Current cybersecurity and privacy standards applicable to credit licensees and financial intermediaries in Australia