ACM Group Limited Privacy Policy

This policy applies to ACM Group Limited (“ACM”) and any of its related entities.

Our commitment to our customers

At ACM we are committed to ensuring the privacy of our customers’ personal information is maintained in accordance with the Law. It is important our customers understand how we protect their privacy, as well as how, when and where we may use their personal information.

This privacy policy is our commitment to customers as to how we maintain their privacy. This privacy policy explains how we manage and protect their personal information. In protecting their privacy, we are bound by the Privacy Act (“the Act”), the Australian Privacy Principles (“APPs”), the Credit Reporting Privacy Code as well as other relevant laws and codes.

What information do we collect?

We only collect personal information as required or authorised by law. Personal information means any information or opinion about a customer as an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not.

For example, the kind of information we may collect includes, identity and contact details, gender, marital status and financial information such as account details, assets, liabilities and income, occupation and employment details, involvement as a party in pending or completed legal proceedings.

Other types of information that ACM may collect includes, customer credit history, credit liability information, types and amount of credit, credit balances, repayment history including when repayments were made and whether payments were made when due and default information

How does ACM collect customer personal information?

ACM collects customer personal information from various sources. For example, ACM may collect customer personal information from the following:

  • The customer personally;
  • In some cases from customers’ families, friends or other associates. For example, if we have difficulty locating or contacting a customer, we may collect their personal information by making discreet enquiries from third parties;
  • In some circumstances, a customer employer to verify employment status and income;
  • In some cases personal advisers such as legal or financial advisers;
  • Credit reporting bodies; and
  • Information in the public domain or through public searches.

Why does ACM collect customer personal information?

ACM collects, hold and stores customer personal information that is reasonably necessary for current or proposed business purposes and so that we can undertake our functions and activities effectively and efficiently. For example, we collect personal information about customers so that we may:

  • Identify and contact customers;
  • Provide customers with products and services;
  • Collect any debt owed by customers;
  • Determine whether to enter into any payment plan and monitor that plan;
  • Submit customer applications for credit;
  • Identify and communicate with customers via direct marketing communications about other products or services offered by us that may interest customers. We will not do this if customers tell us they are not interested in receiving marketing information;
  • Satisfy internal purposes including reporting, compliance and internal research and analysis;
  • Meet regulatory and legal reporting obligations;
  • Respond to customer enquiries; or
  • Establish a client marketing program.

If we do not collect customer personal information we are not able to identify customers, contact them or provide products or services to them.

Collection of sensitive information

From time to time we may also collect sensitive information about customers. Sensitive information has a particular definition under the Act. For example, sensitive information includes health information and this may be collected if health information is relevant to customer financial circumstances. We only collect sensitive information with customer consent and we are otherwise permitted to do so.

How ACM protects customer personal information

We are committed to ensuring the security of customer personal information. We store information mostly in electronic form.

We take steps to protect our customers’ personal information from misuse, loss and unauthorised access, modification and disclosure. The steps we take to protect personal information include:

  • Implementation of a database security system;
  • Password protection;
  • Authorised usage protocols, and secure data storage devices;
  • Continual staff training on privacy and confidentiality.
  • ACM is Quality Certified under International Standard ISO 9001:2015.

Disclosure of personal information

ACM only discloses personal information as authorised or required by law. This may involve disclosing such information to:

  • Related entities in the ACM Group;
  • Our authorised agents or third party suppliers and service providers, such as process servers, document storage;
  • Our legal representatives;
  • Customer authorised representatives;
  • Courts and tribunals;
  • Any entity that may obtain an interest in customer loan accounts; or
  • Other persons with customer consent.

Disclosure to credit reporting bodies

ACM may disclose certain credit related personal information to credit reporting bodies. For example, if customers do not make payments in accordance with a credit contract or a payment arrangement we may be entitled to disclose this to a credit reporting body.

When such information is disclosed to a credit reporting body, the credit reporting body may disclose such information in reports provided to credit providers to assist them in assessing whether to provide a customer with credit. We disclose information to the following credit reporting bodies:

PO Box 964
North Sydney NSW 2059
Phone 1300 850 211

Level 24, 201 Elizabeth Street, Sydney NSW 2000
Phone 13 23 33 or +61 39828 3333 for international callers.

Experian Australia Credit Services Pty Ltd
PO Box 1969
North Sydney NSW 2060
Phone 1300 784 134

Customers have the right to request any of the above credit reporting bodies not to:

  • Use credit reporting information for the purposes of pre screening of direct marketing by a credit provider; or
  • Use or disclose credit reporting information if customers reasonably believe that they have been or are likely to be a victim of fraud.

Disclosure of personal information overseas

We may disclose personal information to entities or branches which are part of the ACM Group which are located overseas, including the Philippines.

Also, if customers relocate overseas we may disclose personal information to our overseas agents in the particular country in which they reside.

If customers or clients would like more information about how the above credit reporting bodies manage credit related information they can contact them directly and request a copy of their privacy policy.


From time to time we may undertake direct marketing to customers of products and services that may be of interest.
If customers do not want their personal information used for direct marketing purposes, they should contact ACM to opt out.
Access to personal information

Customers can request access to their personal information by submitting a completed Identification and Information Access Request Form. Customers will need to provide identification in order to do so. This form is available on our website. Download an Identification and Information Access Request Form.
We will provide customers with a copy of their personal information within 30 days.

We are also entitled to charge a reasonable fee for the provision of customer personal information. We will endeavour to advise customers at the time of the request what the cost will be.

In certain circumstances we may be permitted to withhold or limit access to customer personal information. If this happens, we will inform customers of the reasons for this where possible.

Customers are entitled to seek correction of their personal information.

We will take all reasonable steps to ensure that customer personal information is correct, relevant and up to date. If customers believe that the personal information we hold about them is not correct, please contact our dispute resolutions team.

ACM Group by email at or in writing at the following address:

The Privacy Coordinator
C/- Compliance Department
ACM Group
Level 16, 1 Oxford St
Darlinghurst NSW 2010.

Information requests will need to include copies of appropriate identification such as passport or driver’s licence.

If we are unable to correct customer personal information, we will advise the customer of this in writing and provide the reason. We will endeavour to provide customers with a response within 30 days of receipt of the request.

Making a complaint and resolving customer concerns

Customers are entitled to make a complaint if they believe that their privacy has been compromised or that ACM has breached its obligations to protect their privacy as contained in the Act.

If customers wish to make a complaint, they can contact our Compliance & Ethics Department. Details are set out below

Please address the details of the complaint to:

Head of Compliance and Risk
ACM Group Ltd
Level 16, 1 Oxford Street
Darlinghurst NSW 2010

Other ways to lodge complaints:
Phone +61 1800 081 704
Facsimile +61 2 9025 6324
Customers can also contact the relevant External Dispute Resolution scheme or the Office of the Australian Information Commissioner.

External Dispute Resolutions Scheme

For the ACM Group, the applicable External Dispute Resolutions Scheme is:

Credit and Investments Ombudsman (CIO)
PO Box A252
South Sydney NSW 1235

Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001