Privacy Policy

ARCA’s APP Privacy Policy

The Australian Retail Credit Association (ARCA) and its related bodies corporate (we, our, us) recognise the importance of protecting the privacy and the rights of individuals in relation to their personal information. This document is our “APP privacy policy” and it tells you how we collect and manage your personal information.

We respect your rights to privacy under the Privacy Act 1988 (Cth) (Act) and we comply with all of the Act’s requirements in respect to the collection, management and disclosure of your personal information.

What is your personal information?

Personal information has the meaning given to it in the Act. In general terms, it is any information that can be used to personally identify you. This may include your name, address, telephone number, email address and profession or occupation. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.

What personal information do we collect and hold?

We may collect the following types of personal information:

  • identification and contact details, such as your name, email, mailing address and telephone number
  • information about your role in your organisation
  • payment details and preferences in relation to our training courses and events.

We may also collect any additional information relating to you that you provide to us directly through our website or indirectly through use of our website.

We do not usually collect any sensitive information about you unless it relates to food allergies (medical information) which may be collected in relation to one of our events.

You may choose to interact with us anonymously or using a pseudonym, except in relation to matters where we need to identify you, such as for payment or Member website portal access. 

If you do not provide information we request about you, we may not be able to register your access to our Members website portal and you may not be able to enjoy or participate in the full range of our services effectively or at all.

How do we collect your personal information?

We collect your personal information directly from you unless it is unreasonable or impracticable to do so. At times we may also collect your personal information from third parties with your consent.

When collecting your personal information, we may collect it in ways including:

  • through your access and use of our website
  • when your employer registers for membership
  • when you register for or attend any of our events
  • if you tell us about your areas of professional interest
  • you undertake any of our training events or courses
  • if you send us contributions for publication
  • if you speak at our events
  • if you participate in our surveys
  • if you nominate for or are appointed to our Board or join one of our working groups
  • when you inquire about or apply for a position with us
  • at any time that you communicate with us.

For what purpose do we collect, hold, use and disclose your personal information?

We collect personal information about you so that we can perform our business activities and functions and to provide best possible quality Member engagement.

We collect, hold, use and disclose your personal information for the following purposes:

  • to verify your identity, process your application and manage your membership, including your membership of different working groups
  • to send communications requested by you
  • to answer enquiries and provide information or advice about our association
  • to exchange information with you about ARCA’s activities, including information relevant to your participation in a working group or the Board
  • to retain a record of your attendance at events and attendance at training or courses
  • to communicate with you about our website and publications (for example, to inform you about new discussions, blogs, materials, information, news and site features that we believe may interest you and to send you our updates)
  • where you have registered for access to the Australian Credit Reporting Data Standard (ACRDS), to communicate with you about the standard and any versions that have been released subsequent to your registration to access the ACRDS
  • to inform you of our upcoming conferences, training programs and events (unless you elect not to receive such information)
  • to send you promotional material about conferences and events, organisational membership renewals or to inform you about the products or services of any of our sponsors. You may tell us at any time using the contact details at the end of this Policy if you do not wish to receive promotional information from us and we will stop sending it to you.

To whom do we disclose your personal information?

We are administered from Australia and our website and email exchange is hosted in Australia.

We may disclose your personal information to:

  • our employees, related bodies corporate, contractors or service providers for the purposes of the operation of our association, including, without limitation, web hosting providers, IT systems administrators, couriers, payment processors, data entry service providers, electronic network administrators, and professional advisors such as accountants, solicitors, business advisors and consultants
  • event and professional development programs in Australia or New Zealand to manage events and programs you have registered to attend, including, without limitation, RFI Group Pty Ltd (ACN 160 048 760), Retail Finance Intelligence Pty Ltd (ACN 121 015 192), RFI Roundtables Pty Ltd (ACN 158 636 821) and their Related Bodies Corporate and Kaplan Education Pty Ltd (trading as Kaplan Professional) (ACN 089 002 371) and its Related Bodies Corporate
  • Sponsors for ARCA events including the ARCA National Conference and Executive Breakfasts, with each of these organisations listed in the separate event notification statement.
  • our Australia-based service providers such as Nerdster, in relation to the operation, administration and maintenance of our website and your membership
  • any government or regulatory authority which requires us to do so.

We also take reasonable steps to protect your personal information. We restrict access to your personal information to those people or service providers who need to know that information to provide services. In addition, we train our employees about the importance of protecting the privacy and security of your information.

Do we disclose your personal information to overseas recipients?

We may disclose your personal information to overseas recipients, for example, to our cloud document storage facility (Microsoft) located in United States, Netherlands, Ireland, Singapore, Hong Kong (China).

How can you access and correct your personal information?

You may request access to any personal information we hold about you at any time by contacting us (see details below). Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you). We will not charge for simply making the request and will not charge for making any corrections to your personal information.

There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.

If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will let you know.

What if you have a complaint about a breach of privacy?

If you believe that your privacy has been breached, please contact us using the contact information below and provide details of the incident so that we can investigate it.

We will attempt to confirm as appropriate with you your understanding of the conduct relevant to the complaint and what you expect as an outcome. We will inform you whether we will conduct an investigation, the name, title and contact details of the investigating officer and the estimated completion date for the investigation process.

After we have completed our enquiries, we will contact you, usually in writing, to advise the outcome and invite a response to our conclusions about the complaint. If we receive a response from you, we will assess it and advise if we have change our view. If you are unsatisfied with the outcome, we will advise you about further options including, if appropriate, review by the Privacy Commissioner within the Office of the Australian Information Commissioner.

Contacting us

If you have any questions about this policy, any concerns or complaints regarding the treatment of your privacy or a possible breach of your privacy, please contact our Privacy Officer using the details set out below.

We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.              

Please contact our Privacy Officer at:

Privacy Officer
Australian Retail Credit Association Ltd
Post:        GPO Box 526, Melbourne VIC 3001
Phone:     61 3 9863 7859
Email :

Changes to our Privacy Policy

We may change this policy from time to time. Any updated versions of this policy will be posted on our website.

This Policy was last updated on 28 May 2018