Privacy Policy

Borrow Well Privacy Policy (Australia)

Effective Date: November 19, 2025

This Privacy Policy explains how Borrow Well (referred to as “we,” “us,” or “our”) manages your Personal Information (PI) when you use our website, mobile app, and financial services (the “Services”) in Australia.

By using our Services, even just to provide your contact information, you agree to how we collect, use, and share your PI as described in this Policy, in compliance with the Australian Privacy Principles (APPs). This document also provides information required under Part IIIA (Credit Reporting) of the Privacy Act 1988 (Cth).

1. Personal Information We Collect (APP 3)

We collect PI necessary for two stages: first, gathering lead information to communicate with you, and second, collecting extensive financial data if you proceed with a full application.

2A. Information You Provide Directly (Lead & Application Data)

This is the information you give us when you express interest, sign up, or apply.

  • Contact Data (Leads): Your full Name, primary Email address, and Phone number. This is the core information we use to communicate with you about our Services and offers.

  • Application Data: If you move forward, we collect your physical mailing address, date of birth, and government identifiers (e.g., Driver’s Licence number, passport details). (Note: The collection and use of government identifiers is strictly controlled under APP 9.)

  • Financial Data: When applying for a loan, we collect sensitive data including income details, employment history, bank account numbers, transaction history, debt obligations, and financial statements.

2B. Information Collected Automatically

When you use our app or website, we automatically collect:

  • Device & Usage Data: IP address, operating system, application version, access times, pages viewed, and crash reports.

  • Location Data: Geolocation data may be collected and used for security purposes and fraud prevention.

2C. Information from Third Parties (APP 4)

We collect PI from outside sources to support our operations:

  • Credit & Financial Services: We obtain Credit Eligibility Information (CEI), including credit history, repayment history, and scores, from Credit Reporting Bodies (CRBs).

  • Financial Institutions: Information from your linked bank accounts, subject to your explicit permission (via services like open banking providers).

  • Marketing & Research Partners: Demographic data, interests, and public information to assist us in market analysis and sending relevant offers.

2D. Unsolicited Personal Information (APP 4)

If we receive Personal Information that we did not ask for (unsolicited PI), we will determine within a reasonable period whether or not we could have collected the information lawfully under APP 3. If we determine that we could not have, we will destroy or de-identify the information as soon as practicable, provided it is lawful to do so.

3. How We Use and Disclose Your Information (APP 6)

We use your PI for a broad range of purposes, including those essential to providing our financial Services and those supporting our commercial strategy. We will only use or disclose your PI for the primary purpose for which it was collected, or for a secondary purpose that you would reasonably expect or consent to.

Purpose Category

Description of Use

Core Services

To process your loan application, assess credit risk, verify your identity, service and manage your loan or account, and facilitate payments and collections.

Credit Reporting

To obtain Credit Eligibility Information (CEI) from CRBs to assess your credit application, manage your credit account, and report repayment history and credit defaults to CRBs.

Marketing & Communication

To send you updates, promotional materials, special offers, and information about our own products and services, and those of our partners. We may share contact details with third parties for their direct marketing campaigns, subject to your opt-out rights (see Section 5).

Research & Model Development

To conduct market research, develop and refine our credit scoring models and algorithms, and create aggregated, anonymized reports for internal analysis and external publication.

Security & Fraud Prevention

To detect, investigate, and prevent fraud, money laundering, and other illegal activities; to protect the security and integrity of our systems and data.

Broad Business Operations

For internal auditing, accounting, record-keeping, training, and complying with all regulatory and compliance requirements, including those imposed by AUSTRAC and ASIC.

4. How We Share and Disclose Your Information

We engage in extensive sharing and disclosure of your PI to enable our wide range of business operations and uses described above.

A. Disclosure to Service Providers and Vendors

We share your PI with third-party vendors and service providers who perform services for us, including:

  • Cloud hosting and data storage providers.

  • Credit Reporting Bodies (CRBs): We disclose certain information to CRBs as required for credit reporting purposes.

  • Payment processing and collections services.

  • Customer support and communication providers.

  • Auditing, legal, and compliance advisors.

B. Sharing with Business Partners and For Marketing

We may share your PI with our third-party business partners for joint product offerings, co-branded services, or for their own marketing purposes. This includes:

  • Advertising Networks and Analytics Providers: We share certain identifiers and usage data to facilitate targeted advertising and measure advertising effectiveness across other websites and apps.

  • Data Monetization: We may share or sell aggregated, de-identified, and in some cases, pseudonymized data to data brokers or researchers for monetization purposes.

C. Overseas Disclosure (APP 8)

We may disclose your PI to recipients located outside of Australia, including those based in [Insert Specific Countries, e.g., the United States, Philippines, Ireland] where our third-party service providers operate. Where we disclose your PI to an overseas recipient, we take reasonable steps to ensure that the overseas recipient handles your PI in accordance with the APPs, unless we have your express consent not to do so.

D. Corporate Transactions

If Borrow Well is involved in a merger, acquisition, sale of assets, or bankruptcy, your PI will be transferred as part of that transaction. We will notify you of any such transfer and any change in the controlling entity.

E. Legal Obligations and Protection

We may disclose your PI if required or authorised to do so by an Australian law or court/tribunal order.

5. Your Rights and Choices (APP 7, 12, 13)

Under the Australian Privacy Principles, you have specific rights regarding your PI.

  • Access to Information: You have the right to request access to the PI we hold about you (APP 12). We will respond to your request within a reasonable time and may charge a reasonable fee for access.

  • Correction of Information: You have the right to request that we correct any inaccurate, incomplete, or outdated PI we hold about you (APP 13). We will take reasonable steps to correct it.

  • Opt-Out of Direct Marketing (APP 7): You can opt-out of receiving direct marketing communications from us by following the unsubscribe instructions in those emails or contacting us directly. We must cease direct marketing to you upon request.

  • Withdraw Consent: Where we process your data based on your consent, you have the right to withdraw that consent at any time.

How to Make a Complaint (APP 1)

If you believe we have breached the Privacy Act or the APPs, you can make a complaint to us by contacting the Privacy Office details below. We will investigate the complaint and respond to you within a reasonable time.

  • Credit Reporting Complaints: If your complaint relates to our handling of credit information (CEI) or credit reporting, and you are not satisfied with our response, you may refer your complaint to the Australian Financial Complaints Authority (AFCA) or the Office of the Australian Information Commissioner (OAIC).

6. Data Security and Retention (APP 11)

We implement commercially reasonable technical and organizational security measures designed to protect your PI from misuse, interference, loss, unauthorised access, modification, or disclosure.

We retain your PI for as long as necessary to fulfill the purposes outlined in this Policy, typically for the duration of your account plus a mandatory retention period required by Australian regulatory bodies (e.g., seven years after account closure). We take reasonable steps to destroy or permanently de-identify PI when it is no longer needed for any purpose for which it was collected.

7. Contact Us

If you have questions or concerns about this Policy, our data practices, or wish to exercise your rights of access or correction, please contact our Privacy Office:

Borrow Well Privacy Office

  • Email: hello@borrowwell.com.au

  • Address: 70 King William Road, Goodwood, SA