About this Privacy Policy
This Privacy Policy explains how the Jefferson Automotive Group manages your personal information.
It provides you with a general overview of:
- The type of information we may collect and how we collect this information from you;
- The ways and purposes we may use and disclose your information;
- Our approach to disclosing your information to third party recipients;
- The ways we hold, store and secure your information;
- How you may access and change information we hold about you;
- How you may raise any issues with our management of your information in accordance with the APPs.
This Privacy Policy will apply to any personal information we may collect directly from you or other sources (where relevant and legally permissible).
We may update this Privacy Policy from time to time.
This Privacy Policy was last updated on 30 November 2022.
1. Collecting your personal information
Types of personal information we collect
We collect and hold the following types of information:
- ID information such as your name, postal or email address, telephone numbers, and
- date of birth;
- other contact details such as social media handles;
- government ID information such as your driver’s licence and vehicle registration;
- credit information such as details relating to credit history, credit capacity, and eligibility for credit (‘credit worthiness’); and
- other information we think is necessary
Collection required by law
In some circumstances the law authorises us or requires us to collect certain information about you. There are laws that affect motor car dealers, including company and tax law and the Motor Car Traders Act which require us to collect personal information.
Government Related Identifiers
In certain circumstances we may be required to collect government-related identifiers such as your tax file number. We will not use or disclose this information unless we are authorised by law.
How we collect your personal information
Unless impracticable or unreasonable to do so, we will collect information directly from you. This may occur, for instance, when you make use of our website, or when you contact us through telephone, email, online or hard copy communication in order to complete a product or service application or any other kind of administrative form.
How do we notify and obtain your consent?
In most cases we will obtain your consent to the purposes for which we intend to collect, use and disclose your personal information either at the time you engage us to provide you with a product or service, or as soon as practicable. Otherwise, unless we hear from you by one of the means set out in this Privacy Policy, by visiting a Group Website or using any of our products or services, or otherwise by providing us with your information, you agree to your information being managed in accordance with this Privacy Policy.
You may modify or withdraw your consent at any time by contacting us directly. If you do not give us consent or subsequently modify or withdraw your consent, we may not be able to provide you with the products or services you want. If you provide us with information about other individuals (such as employees, family members etc.) you must obtain their consent for us to use their information in accordance with our Privacy Statement prior to your disclosure to us or otherwise let us know if this is not the case.
Consequences of not providing your personal information
If you do not provide us with your personal information we may not be able to:
- provide you with a product or service you want
- support or maintain a product or service you have
- verify your identity
- let you know about complimentary services offered by the Group
Anonymity and Pseudonyms
If you have general enquiry type questions, you can choose to engage with the Group anonymously or use a pseudonym.
We might not always be able to interact with you this way however as we are often governed by strict regulations that require us to know who we’re dealing with. In general, we won’t be able to deal with you anonymously or where you are using a pseudonym when:
- it is impracticable; or
- we are required or authorised by law to deal with you personally.
2. Using your personal information
We will generally only use and disclose your personal information for the purpose that it was collected, any related purpose that you would reasonably expect us to use or disclose it for, or as permitted under this Privacy Policy or under law. The Group otherwise has a duty to maintain the confidentiality of its customer's information unless disclosure is permitted with your consent or compelled under law.
Your information may be used for the following purposes:
- Consider an application or proposal made by you to us;
- Process a sales contract or any other transaction between you and us;
- Evaluate and monitor credit worthiness;
- Process receipts and payments and send invoices;
- Respond to enquiries about applications, accounts or services;
- Complete an application for the provision of financing facilities relating to the purchase of a New or Used motor vehicle. In this case the information requested is the minimum required by the finance providers;
- Complete an application for the provision of Insurance cover;
- Provide after-sales service for your vehicle;
- Perform our internal administration and operations including: accounting, risk management, record keeping, archiving, systems development and testing;
- Conduct credit scoring;
- Offer you new products and services that we believe may interest you;
- Conduct market research in relation to the products and services offered by the Group;
- Consider information concerning prospective employees and make offers of employment; and
- Meet legal and regulatory requirements.
We will only use and disclose your sensitive information for the purpose it was collected or for any other directly related purpose that you would reasonably expect us to use it for.
With your consent, we may use or disclose your information for additional purposes from time to time.
3. Who can access your personal information?
Sharing your information
We may disclose your information to other companies within the Group and the following affiliates or third party service providers to assist us in providing, managing and administering our services and products:
- Outsourced service providers who manage the services we provide to you including: Mailing systems; Debt recovery functions; or Information technology services.
- Your representatives (e.g.: your authorised representatives or legal advisors);
- Insurance companies, their subsidiaries or agents for the purpose of processing insurance applications;
- Finance providers in connection with an application for finance for the purchase of a new or used motor vehicle;
- Our professional advisors, including our accountants, auditors and lawyers;
- Government and regulatory authorities and other organisations, as required or authorised by law;
- Organisations involved in: A transfer / sale of all or part of our assets or business (including accounts and trade receivables); and Managing our corporate risk and funding functions (e.g.: securitisation).
- Car manufacturers, retailers, dealers and insurers for purposes of maintaining your car, customer satisfaction measurement, marketing, product development and warranty maintenance;
- Third parties who provide services relevant to our customers such as: Mechanics; Insurers; Financiers; and Other third parties.
- Potential investors, joint venturers or acquirers, and
- Other companies within the Jefferson Automotive Group
As indicated above, unless you notify us otherwise, we may use your personal information to let you know about products and services from across the Group or our affiliates and business partners that we think may be of interest to you. You can choose not to receive this information from us by contacting us.
Overseas disclosure of your information
The Group may disclose personal information to overseas third parties who we believe are necessary to assist us in providing the relevant services and products to our clients or to enable them to offer their products and services to you. For instance, we may disclose personal information to the relevant vehicle manufacturer. We generally limit, however, the use and disclosure of any personal information provided by us to such third parties for the specific purpose for which it was supplied. We may also disclose personal information to third parties such as contractors, agents and service providers when we outsource certain functions, including market research, direct marketing, claims handling and recruitment. This would also include our third party storage providers whom we may use from time to time to store information physically or electronically. Countries that we may disclose your information to include:
• Japan
• United States of America
• Korea
Disclosure may also be made to government, law enforcement, dispute resolution, statutory or regulatory bodies, or as required by law (including the Corporations Act and the Anti-Money Laundering & Counter-Terrorism Financing Act) In these circumstances, we will generally take reasonable steps to ensure we have contracts in place that contain an obligation for them to comply with the Act and the Privacy Policy (to the extent applicable). We will also make every effort to ensure that we only have business dealings with third parties that value privacy and information security the same way as us. However, by providing us with your consent to collect, use, disclose and hold your information in accordance with this Privacy Policy, you acknowledge that we will no longer be required to take reasonable steps to ensure the overseas recipient's compliance with the Act in relation to the handling of your information and we will not be liable to you for any breach of any Australian privacy law by these overseas recipients under the Act or otherwise, and on this basis, you consent to such disclosure.
4. How we store and hold your personal information
How do we store your information?
Your information may be held in physical format, as electronic data, or in our software or systems. In particular, we may store your information in cloud or other types of networked or electronic storage.
How long do we hold your information for?
When all of our legal obligations to retain your information have expired or we no longer need your information for a purpose that it was collected, we will take such steps as are reasonable to destroy or de-identify it.
5. Accessing and correcting your personal information
Accessing your personal information
We take reasonable steps to ensure your personal information that we collect, hold and disclose is accurate, up to date and complete. However, we also rely on you to let us know of any changes or corrections required to your information. You should contact us at any time to update your personal information or advise us that the information we hold is not accurate, up to date or complete.
Correcting your personal information
You can access or update your personal information, including opting out of receiving any marketing from the Group, in the following ways:
- contact your Group Representative directly;
- if you receive electronic communications, such as an e-newsletter, you may unsubscribe at any time by following the instructions included in the communication;
- if you previously chose to receive notifications on your mobile device, you may manage your preferences either through your device or the application settings or by contacting us directly, and
- you may adjust your browser settings to accept or refuse cookies.
We are not always required to give you access to your personal information. If we do not provide you with access or refuse to update your information, we will provide you with the reason for refusal and inform you of any exceptions relied upon in writing. Some of the situations where we don’t have to give you access include when:
- we believe there is a threat to life or public safety;
- there is an unreasonable impact on other individuals;
- the request is vexatious or frivolous;
- the information wouldn’t be ordinarily accessible because of legal proceedings;
- it would prejudice negotiations with you;
- it would be unlawful;
- it would jeopardise taking action against serious misconduct by you;
- it would be likely to harm the activities of an enforcement body (e.g. the police); or
- it would harm the confidentiality of our commercial information.
Your request to provide information will be dealt with in a reasonable time from receipt of your request.
6. Resolving your privacy issues
Questions or queries
If you have any questions or would like further information about our privacy and information handling practices, please contact us by one of the following means:
- In writing via email to [email protected] with your contact details
or
- via mail to:
The Privacy Officer
Jefferson Automotive Group
P.O Box 206, Mentone, VIC 3194
Complaints
If you wish to make a complaint about a breach of the Act or this Privacy Policy, you may submit your complaint in writing:
- In writing via email to [email protected] with your contact details
or
- via mail to:
The Privacy Officer
Jefferson Automotive Group
PO Box 206 Mentone, Vic 3194
We are committed to respecting your privacy and we will respond to you as soon as reasonably possible and within 14 days.
If, however, you feel that your complaint has not been resolved, then you may contact the Office of the Australian Information Commissioner on the details below:
For more information - https://www.oaic.gov.au/privacy/privacy-complaints
7. Other relevant information
Information we collect when you visit our web sites
When you visit a Group website we use cookies for the purpose of improving your website experience, providing relevant advertising and assisting us with Google Analytics for statistical reporting.
In some instances when you visit a Group website we may automatically collect some information related to your visit including web server logs, date and time of your visit, your IP address, and the previous web site you visited. We collect this information to improve your browsing experience and our website(s).
The services we use, e.g., Google Analytics, may transfer this data to Google servers in other countries. No personally identifiable information is provided to Google.
Social media
You can engage with us through social media or through features such as plug-ins or applications on Group Websites that integrate with social media sites. You may also choose to link your account with us to third party social media sites. When you link your account or engage with us on or through third party social media sites, plug-ins, or applications, you may allow us and our affiliates to have ongoing access to certain information from your social media account (e.g., name, e-mail address, photo, gender, birthday, the posts or the 'likes' you make).
Information security
We take reasonable steps to protect personal information from misuse, interference and loss and implement physical, technical and administrative security standards to secure and protect your personal information from unauthorised access, modification or disclosure.
Our data handling security policies include but are not restricted to the following:
- Confidentiality requirements on our employees and other representatives, as well as third parties
- Policies on document storage security
- Security measures for access to our systems
- Identify controls, only providing access to information once proper identification has been given
- Physical security controlling access to our premises
- Website protection security measures
Please be aware that no data protection and security measures are completely secure. Despite all the measures we have put in place, we cannot guarantee the security of your information, particularly in relation to digital transmissions over the Internet. It may also not be practicable to know in which country your information may be held where networked or electronic storage solutions are adopted. Accordingly, any information which you transmit to us is transmitted at your own risk. You must take care to ensure you protect your information (for example, by protecting your usernames and passwords, policy details etc.) and you should notify us as soon as possible after you become aware of any security breaches.
Other web sites
This web site may contain links to other web sites. We are not responsible for the security, content, conduct, privacy policies and related practices of those sites.
Changes to this privacy policy
This Policy may change. We will let you know of any changes to this Policy by posting a notification on our website. Any information collected after an amended Privacy Policy has been posted on the site, will be subject to that amended Privacy Policy.