Privacy Policy

CreditBank PNG understands your right to privacy under the relevant laws of the countries that we operate within and is committed to respecting and protecting the privacy of your personal information.

This Customer Privacy Policy applies to our website operated by us at the following domain name, and any other website/s operated by us or on our behalf which we authorise to provide a link to this Policy.

When you use a link from our website or from any other website to which this Privacy Policy applies, to the websites of third parties, those websites are not subject to our privacy standards. Those third parties are responsible for informing you of their own privacy policies.

We collect your personal information when you apply for one of our products or services or visit our website. The type of personal information we collect from you will depend on the type of product or service and how you use our website.

Why do we collect customer personal information?

We collect, hold, and use a customer’s personal information (including credit information and credit eligibility information) to comply with legislative and regulatory requirements and to provide our customers with the relevant products and services. This includes:

  • consideration of any application a customer makes to us
  • providing the product or service • performing administrative functions
  • conducting customer risk review or research • improving our products and developing new products
  • telling customer about our other products and services

How is a customer’s personal information collected?

We collect personal information directly from a customer or where it is provided to us with customer authority (e.g. from a person appointed to act on a customer’s behalf) when they fill out forms when applying for our products and services or through ongoing interaction with us by telephone, mail, and electronic communications, when visiting a branch or when making a transaction.

We may be required to collect personal information (including credit information and credit eligibility information) about a customer from a third party. These parties may include other credit providers or financial institutions, your representatives such as financial advisers or accountants, insurers, publicly available sources, brokers, referrers or other intermediaries, government agencies (e.g. Investment Promotions Authority) and credit reporting bodies (e.g. Credit & Data Bureau Limited).

Sometimes we may be required to collect sensitive health information about a customer from a third party, for example a doctor or a hospital.

  • We may collect personal information electronically, for instance:
  • We may use technology called “cookies” to collect statistical information on our website use.
  • We may monitor and, in some cases, record telephone conversations for record-keeping purposes and staff training.
  • When we communicate with a customer by email, we may use technology to know when they opened the email or clicked on a link in the email.
  • We may also collect or have access to information provided to third parties on any website accessed through our websites.

We may collect basic personal information about third parties (e.g. an employer, directors, or a health provider) if provided by a customer as part of providing our services.

We may receive information that we have not asked for from third parties. We will only keep, use, and disclose this information as permitted by law.

How is personal information kept and stored?

We store your personal information in a number of ways including:

  • in electronic systems and devices.
  • in telephone recordings.
  • in paper files; and
  • document retention services on and off-site.

This may include storage on our behalf by third party service providers.

How is personal information protected?

We take all practical steps to protect customer personal information from misuse, loss and unauthorised access, modification, or disclosure. We do this by:

  • using appropriate processes and adequate information technology.
  • controlling and restricting access to your personal information to our employees and those who perform services for us.
  • safeguarding paper documents from unauthorised access or use through security systems we deploy over our physical premises.
  • utilising computer and network security systems with appropriate firewalls, encryption technology and passwords for the protection of electronic files.
  • correctly and securely destroying personal information if we no longer require it subject to our legal obligations to keep some information for seven (7) years or certain prescribed periods; and
  • requesting certain personal information from customers to validate identity when discussing any issues relating to the products and services we provide.

Whilst we take reasonable measures, that no data transmission over the internet can be guaranteed as fully secure and accordingly, we cannot guarantee or warrant the security of any information sent to us using our online forms or products.

Who do we disclose personal information to and why?

We may share a customer’s personal information within CreditBank PNG.

We may disclose a customer’s personal information to certain organisations and third parties in connection with the establishment and administration of customer accounts. This may include:

  • other credit providers (particularly when a customer is seeking finance from them)
  • regulatory bodies and government agencies, courts, and external dispute resolution schemes
  • agents, brokers, referrers, guarantors, insurers, and other intermediaries
  • credit and debt agencies, payments systems participants, agents, contractors, and professional advisers who assist us in providing our services
  • third parties for securitisation purposes
  • organisations that carry out functions on our behalf including mailing houses, data processors, researchers, debt collectors, system developers or testers, accountants, auditors, valuers, and lawyers.

We may disclose personal information to third parties where a customer requests us to or consents to us doing so or in order to fulfil our legal obligations.

The information we provide to other organisations will be limited to what is required to provide the service or comply with the law.

Do we exchange personal information overseas?

We may send a customer’s information overseas in order to process transactions instructed us to make by the customer, such as international money transfers. The countries to which we disclose information will depend on the transaction details.

What credit-related information is exchanged with Credit Reporting Bodies?

If a customer applies for credit or offers to act as a guarantor, we may exchange certain credit-related personal information with Credit Reporting Bodies, such as the Credit & Data Bureau.

The types of information we may disclose to Credit Reporting Bodies may include.

  • that we provide credit to a new or existing customer, • the type of credit a customer holds,
  • the amount of credit provided to a customer,
  • when a customer’s credit account is opened and closed,
  • how a customer repays their debts,
  • that a customer makes payments on time or corrected a default,
  • the fact that a customer fails to meet repayment obligations or has committed a serious credit infringement.

Credit Reporting Bodies may include information in reports provided to credit providers like other Banks and Financial Institutions to assist them to assess credit worthiness.

We have signed an Agreement for Supply Service with Credit & Data Bureau which is permitted to assist member credit providers like CreditBank PNG. Customers can request that Credit Reporting Bodies not use their credit-related information for this purpose by contacting them using the details below (see 3.7f).

Customers can request the Credit & Data Bureau not to use or disclose credit-related information if they believe that there has been a victim of fraud (including identity fraud) and the right to check, to change and or amend credit-related information by contacting them using the details below (see 3.7f).

We exchange information with the Credit Reporting Body below, here in Papua New Guinea.

We will not be liable for the manner in which the Credit & Data Bureau or any other established Credit Reporting Body uses the information provided by us.

Do we use or disclose personal information for marketing?

From time to time, we may use your personal information to let you know about other products and services from us, our partners, and other companies that you might be interested in.

If you do not want to receive advertising materials, please contact us on [email protected]

Can a customer access and correct personal information?

We take reasonable steps to ensure that a customer’s personal information is accurate, complete, and up to date. A customer may request access to their personal information (including credit information and credit eligibility information) we hold at any time by contacting us on [email protected]

In certain circumstances, we may be unable to give access to all of a customer’s personal information in our possession. This may include:

  • where giving access would compromise some other person’s privacy.
  • where giving access would disclose commercially sensitive information of ours or any of our agents or contractors.
  • where we are prevented by law from giving a customer access; or
  • where the personal information request relates to existing or anticipated legal proceedings.

If we are unable to give a customer access, we will consider whether the use of an intermediary is appropriate and would allow sufficient access to meet the needs of both parties.

Where we do grant access to a customer’s information, we may charge customers a fee for accessing personal information.

Customers have a right to request that we correct information that they believe to be inaccurate, out of date, incomplete, irrelevant, or misleading.

If at any time a customer believes that the personal information, we have is inaccurate, out of date, incomplete, irrelevant, or misleading, please contact us on [email protected]

How does a customer lodge a complaint with us?

A customer may make or register a complaint about our services, product, or the conduct of an employee at any time by contacting us on [email protected]

Lodging complaints

We are committed to resolving any complaint customers may have. Complaints can be lodged with us through any of the following modes:

  • in person
  • by phone
  • via email
  • via our website