Privacy Policy
Last updated in March 2019

1 : Introduction

Sail Funding Pty Ltd ACN 610 069 415 (we, us or our) know that how we collect, use and handle your personal information is important to you. That’s why we are committed to protecting and maintaining the privacy, accuracy and security of your personal information in accordance with the Privacy Act 1988 (Cth) (Privacy Act), and specifically the Australian Privacy Principles.

This Privacy Policy sets out our policy for the collection, use, disclosure and storage of your personal information, including your credit-related information.  We may, from time to time, amend and update this policy.

This privacy policy applies to all Information collected by us and is provided to make you aware of how and why we collect, use, manage and protect your Personal Information and what controls you have over our use of that Information.

All third parties (including customers, suppliers, sub-contractors, or agents) that have access to or use Personal Information collected and held by us must abide by this Policy.


  1. Cookie(s) is a small amount of information sent from a web server to your computer, enabling your computer to be recognised the next time you visit a website and to improve your experience of our website.
  2. Disclosing means information means providing information to persons outside of us.
  3. Commercial Credit Related Purpose, Consumer Credit Related Purpose, Credit Eligibility Information, Credit Guarantee Purpose, Credit Information, Credit Provider(s), Credit Reporting Code, Credit Reporting Body(ies), Personal Information, Credit Reporting Information and Sensitive Information each have the same meaning as under the Privacy Act.
  4. Privacy Officer means the contact person for questions or complaints regarding our handling of personal information.
  5. Creditworthiness Information means information that is both positive (eg. payment information) and negative (eg. defaults or serious credit infringements).
  6. Information means Personal Information, Sensitive Information, Credit Eligibility Information, Credit Reporting Information and Credit Information, both severally and collectively.
  7. IP Address means the address which identifies your computer on the internet and which is automatically recognised by our web server
  8. Primary Purposes means assessment of a credit application and verification of your identity, reviewing existing credit terms, assessing Credit Worthiness and for fraud, collecting overdue payments, assessing credit guarantees (current and prospective), internal management purposes, marketing, sales and business development purposes and direct marketing; exchange Information with Credit Reporting Bodies as to the status of your credit facility, both in respect of positive Information (like payment information) and negative Information (like defaults); assist you with enquiries; provision of products and services to you, customer service, issue accounts to you for products and services, administer your account and to maintain records following termination of our services to you, review and meet your ongoing needs and compliance with relevant laws, regulations and other legal obligations.
  9. Use of information means our use of information.
  10. We, our, us means Sail Funding Pty. Ltd.

2 : What kinds of personal information & credit-related information do we collect and hold?

We may collect and hold a range of personal information about you and/or your guarantor(s) that is reasonably necessary for, or directly related to, one or more of our functions, activities or our Primary Purpose.

Personal information includes any particulars which would be required for identification purposes or any information which would be required to assist us in assessing your query with us.

Credit-related information collected includes information about your credit history or creditworthiness.  It includes:

  1. Information about your loan experience with us and other lenders;
  2. The kinds of credit products you have had or sought;
  3. How you have managed your obligations, including such things as your repayment history and arrears you have cleared;
  4. Information contained in a credit report about you which is obtained by us from a credit reporting body (CRB); and
  5. Information about your creditworthiness that has been derived by us from such a credit report about you.

3 : How we collect and hold your information

We generally collect Personal Information directly from you through our application processes, forms and other interactions with you in the course of providing you with our products and services, including when you visit our website, call us or send us correspondence.

We may also obtain Personal Information from the public domain and from third parties such as our related companies, service providers or suppliers, your own representatives (lawyers, accountants etc) and Credit Reporting Bodies.

Information collected by us is held on our premises and systems or offsite using trusted third parties. For more information on the security measures we employ to keep your information safe, see “Management of Information”.

4 : Why do we collect information?

We only collect Information that we need to carry on our business and for our Primary Purpose. Without certain details from you we would not be able to carry on our business and provide you with services. We may also use such Information for any purpose related to the Primary Purpose where it would reasonably be expected by you that we would use this Information in such a way.

Sensitive Information will be used and disclosed only for the purpose for which it was provided (or a directly related secondary purpose), unless you agree otherwise or we are permitted by law to use such information for an alternate purpose.

If you choose not to provide us with any Personal Information we request, we may not be able to provide you with our products or services, provide you with credit account facilities or assess persons to be a guarantor of the credit facility. It may also restrict or impede us trading with, extending credit to, continuing to extend credit to or extending further credit to you or your related bodies corporate.

When you visit our websites we use common internet technologies, such as cookies, to collect general statistical information and to assist you in using our online services and to enable us to serve you better. The information in the cookies lets us track the various paths followed by users of our website as they move from one page to another while on our website. Web server logs allow us to assess site visits and site visit capacity. These methods are not used to capture individual e-mail addresses or any personally identifying information about you.

5 : Unsolicited Personal Information

We may receive unsolicited Personal Information about you. We destroy or de-identify all unsolicited Personal Information we receive, unless it is relevant to our purposes for collecting Personal Information. We may retain additional Information we receive about you if it is combined with other Information we are required or entitled to collect. If we do this, we will retain the Information in the same way we hold your other Personal Information.

6 : Disclosure of personal information

We may give Credit Reporting Bodies Personal Information about your credit application and also disclose any default Information. The Information which may be given to a Credit Reporting Body includes, but is not limited to:

  1. Your identity particulars;
  2. The fact that you have applied for credit and the amount;
  3. The fact that you have applied to be a guarantor for the credit facility;
  4. The fact that we are a current Credit Provider to you;
  5. Payments which become overdue more than 60 days and for which collection has commenced;
  6. Advice that payments are no longer overdue;
  7. That credit provided to you by us has been paid or otherwise discharged;
  8. In specified circumstances that, in our opinion, you have committed a serious credit infringement;
  9. A Commercial Credit Related Purpose;
  10. A Consumer Credit Related Purpose; and
  11. A Credit Guarantee Purpose.

We may also disclose your Personal Information to other organisations, for example:

  1. Our related companies;
  2. External organisations that are our assignees, agents or contractors;
  3. External service providers to us, such as organisations which we use to verify your identity,
  4. Credit reporting bodies, including disclosing that you are in default under a finance agreement or have committed a serious credit infringement, if that is the case;
  5. Business credit reporting agencies;
  6. Debt collecting agencies, if you have not repaid a loan as required;
  7. Our professional advisors and service providers, such as accountants, lawyers, auditors, IT contractors and marketing companies;
  8. Organisations involved in a transfer or sale of our assets or business;
  9. Financial institutions involved in managing our payments, such as banks;
  10. Certain entities that have bought or otherwise obtained an interest in your finance product, or that are considering doing so, and their professional advisors;
  11. Your representative(s), for example, lawyer, mortgage broker, financial advisor or attorney, as authorised by you; or
  12. Regulatory bodies, government agencies, law enforcement bodies and courts as permitted by law; and
  13. Anyone whom you authorise us to disclose it.

We may further disclose your Personal Information in circumstances where:

  1. You have consented to the use or disclosure;
  2. Such use or disclosure is required or authorised by law (for example, compliance with a subpoena, a warrant or Court order);
  3. We reasonably suspect that unlawful activity has been, is being or may be engaged in and the use or disclosure is a necessary part of our investigation or in reporting the matter to the relevant authorities;
  4. We reasonably believe that the use or disclosure is reasonably necessary:
    • To lessen or prevent a serious, immediate threat to someone’s health or safety or the public’s health or safety;
    • For the prevention, investigation, prosecution and/or punishment of crimes or wrongdoings; or
    • For the preparation or conduct of proceedings before any Court or Tribunal or the execution of the orders of a Court or Tribunal.

The Credit Reporting Bodies that we use are as follows:

1. Dun & Bradstreet
m: PO Box 7405, St Kilda Road, Melbourne, VIC, 3004.
t: 13 23 33

2. Equifax
t: 13 83 32

7 : Sending information overseas

Sometimes we store or disclose your personal information overseas. The location we send it to includes Israel.

Where your personal information has been disclosed overseas, there is a possibility that the recipient may be required to disclose it under a foreign law. Where this occurs, such disclosure isn’t a breach of the Act.

We will not disclose your Personal Information to overseas recipients without your consent unless:

  1. We have taken reasonable steps to ensure that the recipient does not breach the Act: or
  2. The recipient is subject to a privacy regime that has the effect of protecting the information in a way that, overall, is at least substantially similar to the way in which the APPs protect the information.

8. Management of information

We recognise the importance of securing the Personal Information of our customers. We will take reasonable steps to ensure your Personal Information is protected from misuse, interference or loss, and unauthorised access, modification or disclosure.

Your Personal Information is generally stored in our computer database. Any paper files are stored in secure areas. In relation to Information that is held on our computer database, we apply the following guidelines:

  1. Passwords are required to access the system and passwords are routinely checked:
  2. Data ownership is clearly defined;
  3. We change employees’ access capabilities when they are assigned to a new position;
  4. Employees have restricted access to certain sections of the system;
  5. The system automatically logs and reviews all unauthorised access attempts;
  6. Unauthorised employees are barred from updating and editing personal information;
  7. All computers which contain personal information are secured both physically and electronically;
  8. Data is encrypted during transmission over the network;
  9. Print reporting of data containing personal information is limited; and
  10. When we no longer need your information, including when we are no longer legally obliged to keep records relating to you, we will destroy it or de-identify it.

9. Direct marketing

We may only use Personal Information we collect from you for the purposes of direct marketing without your consent if:

  1. The Personal Information does not include Sensitive Information; and
  2. You would reasonably expect us to use or disclose the Information for the purpose of direct marketing; and
  3. We provide a simple way of opting out of direct marketing; and
  4. You have not requested to opt out of receiving direct marketing from us.

If we collect Personal Information about you from a third party, we will only use that information for the purposes of direct marketing if you have consented (or it is impracticable to obtain your consent), and we will provide a simple means by which you can easily request not to receive direct marketing communications from us. We will draw your attention to the fact you may make such a request in our direct marketing communications.

You have the right to request us not to use or disclose your Personal Information for the purposes of direct marketing, or for the purposes of facilitating direct marketing by other organisations. We must give effect to the request within a reasonable period of time. You may also request that we provide you with the source of their information. If such a request is made, we must notify you of the source of the information free of charge within a reasonable period of time.

10. How we keep personal information accurate and up-to-date

We are committed to ensuring that the Personal Information we collect, hold, use and disclose is relevant, accurate, complete and up-to-date.

We encourage you to contact us (on the contact details set out under “Accessing your Information”) if any Personal Information we hold about you needs to be updated. If we correct Information that has previously been disclosed to another entity, we will notify the other entity of the correction within a reasonable period. Where we are satisfied Information is inaccurate, we will take reasonable steps to correct the Information within 30 days, unless you agree otherwise. We will not charge you for correcting your Personal Information.

If we do not agree with the corrections you have requested, we are not obliged to amend your information accordingly, however, we will give you a written notice which sets out the reasons for our refusal.

11. Accessing your information

Subject to any exceptions in the Act, you can access the Personal Information that we hold about you by contacting the Privacy Officer by telephone on 1300 007 245 or email at We will generally provide access within 30 days of your request. If we refuse to provide you with access to the Information, we will provide reasons for the refusal.

We will require identity verification and specification of what Information is required. An administrative fee for search and photocopying costs may be charged.

12.  Making a complaint

If you have any questions about this Policy or wish to make a complaint about how we have handled your Personal Information, you can lodge a complaint with us by telephoning us on 1300 007 245 or emailing us at

If you think that we have not complied with the Act you can make a complaint by contacting our office by tele-phone or email. We will acknowledge your complaint in writing within 7 days and we will aim to investigate and resolve your complaint within 30 days of receiving it. If you are not satisfied with our response to your com-plaint, you can also refer your complaint to the Office of the Australian Information Commissioner by:

Telephone: 1300 363 992

Mail: Director of Complaints, Office of the Australian Information Commissioner, GPO Box 5218, SYDNEY NSW 2001.

13. Our responsibilities

It is the responsibility of management to inform employees and other relevant third parties about this Policy. Management must ensure that employees and other relevant third parties are advised of any changes to this Policy. All new employees are to be provided with timely and appropriate access to this Policy, and all employees are provided with training in relation to appropriate handling of Personal Information. Employees or other relevant third parties that do not comply with this Policy may be subject to disciplinary action.

14. Updates or changes to this policy

We may occasionally update this privacy policy. If we do, the updated version will be posted on our website ( together with the updated date and it will apply to all of your Information held by us at the time.

You may request to have this Privacy Policy provided to you in an alternative form.


1800 00 SAIL

Last updated in March 2019