Privacy and Credit Reporting Policy

Find out how we collect and handle personal information about you, and how to contact us if you have questions or would like to make a privacy complaint.

Privacy and Credit Reporting Policy


This Privacy and Credit Reporting Policy explains how we handle personal information.

Teachers Mutual Bank, Health Professionals Bank, Firefighters Mutual Bank, UniBank and Hiver Bank are divisions of Teachers Mutual Bank Limited. It is relevant for our Members and customers, who have products and services via the following brands:

  • Firefighters Mutual Bank
  • Health Professionals Bank
  • Teachers Mutual Bank
  • UniBank
  • Hiver Bank

It is also relevant for other individuals with whom we deal in the course of our business — such as prospective Members and customers, account signatories, holders of powers of attorney, legal personal representatives and the like.

Meaning of words

In this policy, the following applies:

“We”, “us” and “our” means Teachers Mutual Bank Limited ABN 30 087 650 459 AFSL/Australian Credit Licence 238981. 

'You' and 'your' includes our Members and customers as well the other individuals referred to above with whom we deal in the course of our business.

1. Our commitment

We value your trust in us. It is important for us to keep personal information about you secure and confidential.
That’s why protecting your information and being clear about what we do with it is a vital part of our relationship with you.

To achieve this, we comply with the Privacy Act 1988 (which includes the Australian Privacy Principles and Part IIIA, the latter relating to credit information.)

During the course of our dealings with you, we may provide more information about how we handle personal information about you. If that further information provides that we may do this in a way that is different from this Policy, then the terms of that further information will prevail.

2. About us

We operate under the brands Firefighters Mutual Bank, Health Professionals Bank, Teachers Mutual Bank, UniBank, and Hiver Bank. This policy may be viewed on our websites.

3. Information we collect

Information we collect from you

Generally, we collect personal information about you directly from you. We do so when you open a membership, open an account, or perform a transaction with us. The kind of information we collect will vary according to whether, for example, you wish to open a membership, apply for credit, act as a signatory or as a guarantor, or open an account as a customer. When you open accounts with us, we collect information about your transactions, such as payments to and from your account and the details of those payments, including source and destination.

We have “KYC” obligations under the Anti-Money Laundering and Counter Terrorism Financing Act 2006. “KYC” stands for “Know Your Customer” which means we are required to verify that our members and customers are who they say they are and to monitor account and transaction activity.

When you open a transaction or savings account, we usually ask for, at least, your full name, date of birth, residential address and contact details.  We also ask for evidence of your identity. We may also ask for your occupation and source of income and/or wealth. If you apply for credit, we ask for details of your financial history and position. In all cases, we may collect further information at any time to meet our obligations under the “Know Your Customer” requirements of the anti-money laundering and counter-terrorism legislation.

When you use our website or mobile applications we may collect information about your location or activity. Some of this website information we collect using cookies. Please refer to our website terms and conditions for more information about cookies.

Information we collect from third parties

We also collect information about you from third parties such as brokers or your employer.

If you apply for credit, we may need to obtain a credit report from a credit reporting body. Our Privacy Consent - Lending has more information about credit reports and your credit information.

Sensitive information

We may need to collect sensitive information, such as health information, where necessary for insurance or hardship applications. We may also collect details of your membership of a professional or industrial association to determine whether you are eligible to become a member.

What happens if you do not provide us with sufficient personal information about you?

If you do not provide us with the personal information we need, we may not be able to provide (or continue to provide) you with the products or services you are seeking or using. This means that we may close your accounts and terminate our relationship with you.  

4. How do we use your information?

We collect, use, hold and disclose personal information so that we can:

  • establish your identity as required by the Anti-Money Laundering and Counter Terrorism Financing Act 2006 and, if you are providing real property security, relevant State or Territory real property legislation.
  • assess your eligibility for membership
  • process applications for products and services, including loans
  • design our products and services
  • manage our relationship with you, including in relation to registration of security interests in property under the Personal Property Securities Act 2009
  • manage our risks and help identify and investigate inappropriate or illegal activity, such as fraud
  • contact you
  • improve our products and services and your experience with us
  • comply with our legal obligations (including to assist law enforcement agencies or regulators where we are required to do so) and
  • inform you about products or services that we think may be of interest to you, including those of our business partners.

5. To whom do we disclose personal information?

Third parties

The types of people and entities we disclose personal information about you to include:

  • people and entities with whom we have outsourcing or service arrangements, including statement production and delivery, card production, identity confirmation and verification, loan origination, verifying loan applications, auto credit decisioning, payment processing and systems, banking services, data and transaction processing, information technology support, document storage, legal and accounting services
  • lenders’ mortgage insurers and valuers
  • contractors who assist us with direct marketing and market research
  • brokers, agents and advisers acting for you
  • persons and organisations who assist us in monitoring recorded calls for the purposes of quality assurance, training and acknowledgement
  • persons acting on your behalf, for example guardians, financial managers and persons holding power of attorney
  • guarantors and proposed guarantors
  • persons involved in arrangements that provide funding to us, including trustees and managers of securitised loan programs
  • ratings agencies
  • other financial institutions, for example so that we can process a claim for mistaken payment    
  • our auditors, insurers and re-insurers
  • employers or former employers (to verify employment in the case of loan applications)
  • government and law enforcement agencies or regulators
  • credit reporting bodies and other credit providers
  • organisations that help identify and investigate inappropriate or illegal activity, such as fraud and
  • Consumer Data Right accredited data recipients where you have consented to the accredited data recipient collecting the personal information from us and us disclosing the personal information to the accredited data recipient (see our Consumer Data Right Policy available on our website and on request for more information).

Under 16s and special needs

If you are under 16 or have special needs, we may share your information with your parent or legal guardian, any person appointed to manage your affairs or a Government agency providing trustee or guardian services to you.

Sending information overseas

Depending on our commercial arrangements, we may disclose personal information about you to business partners with operations overseas or who store personal information overseas (e.g. providers of Lenders’ Mortgage Insurance (“LMI”).

Electronic verification of identity

Section A: 

We are required under the Anti-Money Laundering and Counter-Terrorism Financing Act to collect and verify information relating to your identity. Subject to your consent, we will disclose your name, address and date of birth in order to access identification information electronically held by credit reporting bodies, the government’s Documentation Verification Service (DVS)1 and other public records.

To access such information, we use a service provider registered under the DVS. The service provider, may, for verification purposes on our behalf:

  • request that a credit reporting body provide us with an assessment as to whether your personal information matches that held in their credit information files. (In preparing this assessment, the credit reporting body may use the personal information of other individuals);
  • disclose your personal information to the DVS;
  • search other public records.

Section B:

We are also required under the State based real property laws to collect personal information and verify the identity of mortgagors for mortgages (VOI). These laws are: the Electronic Conveyancing (Adoption of National Law) Act 2012 (NSW), Electronic Conveyancing (Adoption of National Law) Act 2013 (Victoria), Electronic Conveyancing National Law (Queensland) Act 2013 (Queensland), Electronic Conveyancing Act 2014 (Western Australia), Electronic Conveyancing National Law (South Australia) Act 2013 (South Australia), Electronic Conveyancing (Adoption of National Law) Act 2013 (Tasmania), Electronic Conveyancing (National Uniform Legislation) Act 2013 (Northern Territory) and Electronic Conveyancing National Law (ACT) Act 2020 (Australian Capital Territory).

In this sub-section, “you” or “your” mean the proposed mortgagor(s). Subject to your consent, our identity verification is performed by a service provider, OCR Labs Pty Ltd (ACN 603 823 276) trading as IDVerse. To verify your identity, information about you, including data from your identity document(s), your biometric data and information about your device and location will be provided to IDVerse. For further details about how IDVerse may collect, hold, use or disclose your personal and sensitive information please refer to IDVerse’s privacy policy.

If you do not consent to these processes, alternative forms of verifying your identity are available on request.

If we are unable to verify your identity using the above methods, you will be provided with a notice to that effect. You may then be asked to provide further evidence of your identity. If we are unable to verify your identity to our satisfaction, we will not be able to admit you to membership or provide you with the services or products you seek.

1. The DVS is a national online system that allows personal identifying information about individuals to be compared against government records. Your information will be matched against that held by the relevant government department or agency. You can find out more about the DVS on their website.

6. Credit checks and credit reporting

When you apply for credit, then, under the responsible lending obligations in the National Consumer Credit Protection Act, credit providers need to see your credit history and present position in order to assist them in meeting their obligations.

Consequently, we may obtain a credit report about you from a credit reporting body when you apply for credit with us.

Credit reports

A credit report contains information about your credit history. This helps us assess your credit worthiness, credit applications, verify your identity and manage the loan accounts and credit facilities you have with us.

What information can we exchange with credit reporting bodies?

The information we exchange includes your identification details, what type of loans you have, how much you’ve borrowed, whether or not you’ve met your payment obligations and if you have committed a serious credit infringement.

We also ask the credit reporting body to provide us with an overall assessment score of your creditworthiness.
The credit reporting bodies we use are:

  • Equifax Australia Information Services and Solutions Pty Ltd (Equifax Australia)
  • Experian Australia Credit Services Pty Ltd (Experian Australia)
  • illion Australia Pty Ltd (illion)  

You can download copies of these organisations’ privacy policies as follows:

Comprehensive credit reporting

We can pass to a credit reporting body or bodies (the ones we use are Equifax Australia, Experian Australia or illion or all of them) details of your credit information and history — including credit you have applied for, the amounts you have borrowed, whether or not payments have been made on time.

Pre-screening and restricting disclosure in cases of fraud

Credit providers may ask credit reporting bodies to use their credit-related information to pre-screen you for direct marketing. You can ask a credit reporting body not to do this. Also, if you’ve been, or have reason to believe that you may have been, are, or likely to become, a victim of fraud (including identity fraud), you can ask the credit reporting body not to use or disclose the credit-related information it holds about you.

Accessing your information and making a complaint

You can access your credit information, request that we correct any information and make a complaint in the same manner as you can with the remainder of the personal information we hold. See Clauses 8 and 9.

7. Keeping your information secure

We hold personal information in our banking system, either as electronic, voice or paper files.

As we have a commitment to ensure all personal information is held securely, we have in place security systems to protect information from unauthorised access. We also limit access to our authorised personnel.

Where personal information is no longer needed for any of our functions or activities, we ensure that the information is securely destroyed or de-identified.

8. Accessing and correcting personal information (including credit information) about you

Accessing personal information about you

You can do this by downloading and completing the Request for Access to Personal Information form included at the end of this Policy.

You can forward the form to us using the contact details set out at that end of this Policy.

You can also access some of the personal information we hold about you through the Consumer Data Right. Our Consumer Data Right Policy is available on our website and on request and contains information about accessing your CDR data through the Consumer Data Right including what data you can access and how you can access it.

Is a fee charged?

We may charge you a fee for providing access to personal information about you. That covers our time spent in locating and putting the information together.

Updating and correcting information

It’s important that we have your correct details, such as your current address and telephone number. Please ensure that your details with us are always current.

You can also ask us to correct any information we hold if it is inaccurate. If we have passed that information on to third parties (e.g. a credit reporting body), then you can ask us to contact those other parties.

If your request for access and correction involves credit-related information provided to us by others (e.g. credit reporting bodies or other credit providers), we will need to contact them. We’ll try to have the information corrected within 30 days. If we can’t meet that, we’ll let you know the reason for the delay and try to agree a timeframe with you to extend the period.

We’ll contact you when the process is complete.

What if we cannot agree that the information should be corrected?

If we do not agree with you that information should be corrected, we’ll advise in writing with our reasons. You can ask us to include a statement with the relevant information, indicating your view that the information is inaccurate, misleading, incomplete, irrelevant or out-of-date. We will take reasonable steps to comply with such a request.

9. Making a privacy complaint

How do I complain about a privacy matter?

To lodge a complaint please contact us at [email protected] and we will deal with the matter via the internal complaints process.

External review

If an issue has not been resolved to your satisfaction, you can lodge a complaint with the Australian Financial Complaints Authority (AFCA). AFCA provides fair and independent financial services complaint resolution that is free to consumers.

You can contact AFCA as follows

Email:    [email protected]
Phone:    1800 931 678 (free call)
Mail:    Australian Financial Complaints Authority GPO Box 3, Melbourne VIC 3001

You may also contact the Office of the Australian Information Commissioner at:

1300 363 992
online at or
Office of the Australian Information Commissioner,
GPO Box 5218, SYDNEY NSW 2001

10. Amending this Policy

We may amend this Policy at any time. The new version will be published on our website.

11. How to contact us or find out more

For all privacy related queries, requests for access and correction, complaints or any other requests, or to request a printed version of this Policy, use any of the methods set out below.

You can also contact us to change your marketing preferences.

If you have any queries regarding privacy, use any of the methods set out below:

Teachers Mutual Bank Limited

Address: 28-38 Powell Street, HOMEBUSH NSW 2140
Phone:     1800 862 265 or 13 12 21
Email:     [email protected]
Post:    PO Box 7501, SILVERWATER NSW 2128                           

Download a copy of our Privacy and Credit Reporting Policy (PDF)

V14 2023 08 23