Privacy Policy

Everything you need to know about how we use your data

CreditorWatch Privacy Policy

Creditor Watch Pty Limited ACN 144 644 244 (CreditorWatch, us, we, our) takes your privacy seriously and is committed to responsible privacy practices. 

Please read the following privacy policy (Privacy Policy) to understand how how we collect, use, disclose, store, handle and protect your personal information.  We hope that this will help you make an informed decision about sharing personal information with us.  As well as applying to our interactions with you, this Privacy Policy also applies to all information collected through this website and any and all other websites, platforms and/or mobile apps operated by us.

This Privacy Policy sits alongside our Terms of Service, and any other terms and conditions that apply to the products and services we provide to you.

What is personal information?

In this Privacy Policy, ‘personal information’ has the meaning set out in the Privacy Act 1988 (Cth) (Privacy Act).  In general terms, personal information is information (whether fact or opinion) about an individual who is identified or reasonably identifiable that information or other information combined in with that information.

Some types of personal information are classified as ‘sensitive information’ and/or ‘health information’, which are subject to additional protection under the Privacy Act. Sensitive information may include information about your racial origin and health status, and health information may include information about a health-related service you have had or will receive, including test results and appointment details.

What types of personal information do we collect?

The types of personal information we collect about you will depend on the purpose for which the personal information is collected.  This can include:

  • in the case of customers procuring our products and/or services – your name, billing or shipping address, email address, telephone number(s), payment information (including credit card information or alternative payment method account information, Australian Business Number (ABN), Australian Company Number (ACN), your order details. Some products and/or services require further information to complete police checks, property transactions, government-issued identifiers (see “Adoption, use and disclosure of government related identifiers” below) and other personal information required to provide our products and/or services;
  • technical information and general analytics, such as web browser type and browsing preferences, referring/exit pages, date/time stamps, IP address, time zone and geolocation data (if applicable), some of which is collected automatically, arising from your use of our website and/or platforms, as well as information about your usage of our website and/or platforms when browsing (see: “How do we collect personal information” below);
  • if you have requested to receive news about exclusive offers, promotions, or events from, CreditorWatch – your name, mailing or street address, email address, and telephone number(s);
  • if you have contacted CreditorWatch to make a complaint, provide feedback, submit an enquiry or request a call-back – your name, mailing or street address, email address, and telephone number(s);
  • in the case of prospective employees or contractors – information contained in your application or résumé, recorded during any interview, or obtained through any pre-employment checks, and government-issued identifiers such as tax file numbers; and
  • in the case of our suppliers and distributors – your name, mailing or street address, email address, and telephone number(s).

Generally, we will not collect sensitive information about you.  However, in certain circumstances such as in order to provide specific services to you, we may need to collect limited sensitive information about you. 

We do not, and will not, collect personal information on individuals under the age of 18 (a minor) and you should refrain from providing any such information to us. If you do provide us with personal information on a minor, either deliberately or accidently, we will immediately remove and destroy this from our servers and systems.

How do we collect personal information?

We collect your personal information directly from you, including when you:

  • access or use our website;
  • subscribe to or purchase our products or services;
  • sign up to receive news and exclusive offers, promotions, or events;
  • enter surveys, competitions, promotions or requesting information or material from us, including by filling and returning to us a signed client form;
  • make inquiries about us or our products or services or otherwise communicate with us by email, by telephone, via a website or otherwise;
  • connect to a third party or connect to our services via a third party e.g. an integration partner, a third party provider of modules, software or other integration services; and
  • apply to work with us or are engaged by us as a contractor.

Where it is reasonable and practicable to do so, we will only collect personal information about you from you directly and not from third parties. 

In limited circumstances, we may collect personal information about you from publicly available sources (such as the Internet and government databases) and from third parties (such as mutual contacts, or if someone makes a purchase on your behalf, or your referees provided during the recruitment process if you apply for a job with us).  We may also collect personal information through third parties such as our service providers or through promotional and marketing activities.

We may also use the following technologies to collect technical information and general analytics:

  • cookies, which are data files that are placed on your device and often include an anonymous unique identifier;
  • log files, which track actions occurring on our website; and
  • web beacons, tags, and pixels, which are electronic files used to record information about how you browse our website.

You may disable your web browser from accepting cookies and other tracking technologies used to collect technical information and general analytics on you when browsing our website.  If you do so, you can still access our website, but it may impact your user experience.

In addition to CreditorWatch’s cookies, certain third parties may deliver cookies to your device for a variety of reasons. For example, we sometimes use various web analytics tools that help us understand how visitors engage with our website. Any third party links on our website may also use cookies; you may receive these cookies by clicking on the link to the third party site or advertising. We do not control the collection or use of information by these third parties, and these third party cookies are not subject to this Privacy Policy.  You should contact these companies directly if you have any questions about their collection and/or use of information. When linking to any other site, you should always check the relevant website’s privacy policy before providing any personal information.

Can you choose not to disclose your personal information?

If you contact us to make a general enquiry about us or our business, you do not have to identify yourself or provide any personal information.  Alternatively, you can also notify us that you wish to deal with us using a pseudonym. 

If we cannot collect personal information about you or if you use a pseudonym, we may not be able to provide you with the information or assistance you require.  For example, we will not be able to send you information you have requested if you have not provided us with a valid email address or telephone number.

Do we adopt, use and disclose of government related identifiers?

CreditorWatch, or its related body corporates, may collect some personal information that is a government related identifier.  We do not adopt a government related identifier of an individual as our own identifier unless required or authorised to do so by or under an applicable Australian law or an order or direction from a Court or Tribunal.

Personal information from identity documents may be provided to the document issuer or an official record holder via third party systems for the purpose of confirming your identity, for example, the Australian Government’s Document Verification Service (DVS).  Where CreditorWatch does collect government related identifiers, they are maintained on a separate database for audit and compliance purposes.

CreditorWatch may use or disclose a government related identifier where:

  • it is reasonably necessary for us to verify the identity of the individual for the purposes of our business activities or functions; or
  • it is reasonably necessary for us to fulfil our obligations to a government agency or a State or Territory authority;
  • as required or authorised by or under Australian law or in accordance with the order of a Court or Tribunal; or
  • it is a permitted general situation (see Items 1 and 2 in subsection 16A(1) of the Privacy Act) or otherwise permitted to do so under the Privacy Act.

How do we use your personal information?

We use your personal information for purposes collected including managing our business and providing our products and services to you, including to:

  • provide our products and services to our customers or to receive goods or services from third parties;
  • enable the proper operation and functionality of our products and services;
  • verify your identity (for example, if you request access to the personal information we hold about you);
  • consider you for a job at CreditWatch (whether as an employee or contractor) or other relationships with us;
  • communicate with you, and to address any issues or complaints that we or you may have regarding our relationship and our products and/or services;
  • prevent, detect and investigate suspicious, fraudulent, criminal or other activity that may cause you, us or others harm, including in relation to our products and services;
  • comply with our legal obligations such as notifying you of matters that we may be required by law to do so;
  • identify opportunities to improve our products and services and to improve our service to you;
  • gain insights about you so that we can serve you better, understand your preferences and interests, personalise your experience and/or enhance products and services you are offered and receive;
  • for direct marketing purposes which includes notifying you about our new services and products, detailing meetings, events and seminars that may be of interest to CreditorWatch customers and clients, sending newsletters and other marketing publications and administering our database for client service, marketing and financial accounting purposes (see “Direct Marketing Communications” below); and
  • contact you regarding any of the above, including via electronic messaging such as SMS and email, by mail, by phone or in any other lawful manner.

We may also use or disclose your personal information for our administrative, marketing (including direct marketing), planning, product or service development, quality control, survey and research purposes and for other purposes to which you have consented, or as otherwise permitted or required by law.

Technical information and general analytics is used for the purpose of gauging visitor traffic, trends and delivering personalised content to you while you are on our website, and to improve our website and our products and services.

To whom do we disclose personal information?

We may disclose your personal information to third parties in connection with the purposes described above (see the “How do we use your personal information?” section).

This may include disclosing your personal information to the following types of third parties:

  • our integration partners which includes Infrotrack Pty Ltd, LEAP Legal Software Pty Ltd and their related body corporates, and other partners as mentioned on our website and updated from time to time;
  • third party service providers which includes integration partners, third party provider of modules, software and other integration services;
  • public authorities;
  • any potential third party acquirer of our business or assets, and advisors to that third party;
  • our professional advisers (such as lawyers, accountants or auditors) and insurers;
  • our employees, contractors and third party service providers who assist us in performing our functions and activities e.g. payment systems operators and financial institutions, cloud service providers, data storage providers, shipping companies, telecommunications providers and IT support services providers;
  • organisations authorised by us to conduct promotional, research or marketing activities which includes providers of customer relations management database services and marketing database services;
  • third parties to whom you have authorised us to disclose your information (e.g. referees); and
  • any other person as required or permitted by law.

If we disclose your personal information to third parties we will use reasonable commercial efforts to ensure that such third parties only use your personal information as reasonably required for the purpose of disclosure and in a manner consistent with applicable laws, for example (where commercially practical) by including suitable privacy and confidentiality clauses in our agreement with a third party service provider to which we disclose your personal information.

Direct marketing communications

We will only send you direct marketing communications (either through mail, SMS or email), including offers any news and exclusive offers, promotions, or events, where you have consented to do so.

You may opt-out of receiving direct marketing communications at any time by contacting us or by using opt-out facilities provided in the direct marketing communications.

How to we store personal information?

We store your personal information in computer storage facilities, paper-based files and other electronic record keeping methods in secure databases.  Personal information may be collected in paper-based documents and converted to electronic form for use or storage (with the original paper-based documents either archived or securely destroyed). We may combine or link personal information we hold about you with other personal information about you from third party sources.

Does personal information leave Australia?

We store personal information in servers located in Australia and we do not disclose personal information to overseas recipients except where we have disclosed personal information to our service providers that are located in both Australia and overseas including the United Kingdom, the United States and New Zealand in order to provide its products and services and to obtain services connected with our business.  Except where an exception applies under the Privacy Act or other relevant legislation, we will take commercially reasonable steps to ensure that overseas recipients to whom we disclose personal information do not breach the Privacy Act and the Australian Privacy Principles in relation to such personal information.

European Union – General Data Protection Regulation (GDPR)

If you are a resident of the European Union for the purposes of the GDPR, then in addition to what is set out above, the following applies to you.

CreditorWatch is a data controller and processor for the purposes of the GDPR and by your consenting to this Privacy Policy, CreditorWatch is able to process your Personal Information in accordance with this Privacy Policy.

In providing services to you, CreditorWatch may make use of a number of automated processes using your Personal Information and your activity on our site as tracked by us, in order to provide more tailored and relevant services to you.

In addition to your rights set out above, you may update or rectify any of your Personal Information that we hold about you, in the manner described in the “How can you access and correct your personal information?” paragraph below.

How do we protect your personal information?

We implement reasonable measures to protect and safeguard your personal information from misuse, loss, theft and unauthorised access, modification or disclosure.  CreditWatch takes steps to protect your personal information which include:

  • maintaining physical security over paper and electronic data stores, such as through locks and security systems at our premises;
  • maintaining computer and network security, for example, we use firewalls (security measures for the internet) and other security systems such as user identifiers and passwords to control access to our computer systems;
  • requiring any third parties engaged by CreditorWatch to provide appropriate assurances to handle your personal information in a manner consistent with the Privacy Act; and
  • taking reasonable steps to destroy or de-identify personal information after we no longer need it for our business or to comply with the law.

However, particularly for electronic data stores and due to the fact that the Internet is inherently insecure, we cannot guarantee the security of transmission of personal information disclosed to us online.  Accordingly, you transmit your personal information to us online at your own risk and are encouraged to exercise care in sending personal information via the internet.  Please notify us immediately if you know or reasonably suspect that your personal information has been subject to any data breach, breach of security or other unauthorised activity.

To the maximum extent permitted by applicable law, we exclude all liability (including in negligence) for the consequences of any unauthorised access to, modification of, disclosure of, misuse of or loss or corruption of any personal information.  Nothing in this Privacy Policy restricts, excludes or modifies or purports to restrict, exclude or modify any statutory consumer rights under any applicable law, including the Competition and Consumer Act 2010 (Cth), or any liability that cannot be excluded due to the operation of applicable laws.

How long do we keep your personal information?

Generally, we will retain your personal information for the period necessary for the purposes for which your personal information was collected (as outlined in this Privacy Policy) unless a longer retention period is required by law or if it is reasonably necessary for us to comply with our legal obligations, resolve a dispute or maintain security.

When personal information is no longer required, we will take reasonable steps to delete the personal information from our systems or de-identify the personal information.

How can you access and correct your personal information?

You may request access to any personal information we hold about you at any time by contacting us at  We will provide access to that information in accordance with the Privacy Act, subject to any exemptions that may apply.  We may charge an administration fee in limited circumstances, but we will let you know in advance if that is the case.

If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it by contacting us at  Where we agree that the information needs to be corrected, we will update it. If we do not agree, you can request that we make a record of your correction request with the relevant information.

You can also ask us to notify any third parties that we provided incorrect information to about the correction. We’ll try and help where we can – If we can’t, then we’ll let you know.

Questions or complaints?

If you have any questions, concerns or complaints about our collection, use, disclosure or management of your personal information, please contact us at

We are committed to resolving any complaints reasonably and to ensuring that we are doing the right thing by our customers. We will make all reasonable inquiries and your complaint will be assessed with the aim of resolving any issue in a timely and efficient manner.

If you have raised a complaint with us and you are unsatisfied with the outcome or have further concerns about the way we handle your personal information, under the Privacy Act, you may complain to the Information Commissioner at the Office of the Australian Information Commissioner, whose contact details are set out below:

Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992

How to contact us

If you have a query, concern or complaint about the manner in which your personal information has been collected or handled by us or would like to request access to or correction of the personal information we hold about you, please contact using the details provided below:

Privacy Officer
GPO Box 276
Sydney NSW 2001
Phone: 1300 50 13 12

Changes to this Policy

We may change or update this Privacy Policy from time to time to keep up to date with legal requirements and the way we operate our business.  An up-to-date version of this Privacy Policy is available at any time on this page. You are responsible for reviewing this Privacy Policy periodically and informing yourself of any changes. We suggest that you check back regularly. If we make significant changes to our Privacy Policy, we will seek to inform you by notice on our website or by email.

Last updated: 7 March 2024