The Mutual is proud to offer Verified by Visa protection to our members.
Verified by Visa is a programme created to make it safe for consumers to shop online using their Visa card at participating merchants. Once you "activate" your Visa card in the Verified by Visa programme you will be asked to create your own unique answers to security questions.
Every time you pay with your Visa card at a participating online retailer, you will be prompted to enter your Password during checkout.
Your Personal Message (shown in the middle of the previous screen) will appear on the screen that asks for your Password when you shop online. If you prefer to create your own unique Personal Message, click on the designated link on The Mutual 's website and follow the directions to access the "Self-Service Option". This feature will let you define your own Personal Message.
1. Key Terms
Key terms are explained at the end of this policy document.
In handling members’ personal information, Maitland Mutual Building Society Limited (the Society) is committed to complying with the Privacy Act 1988, the National Privacy Principles (NPPs) and the Mutual Banking Code of Practice.
2.1 What is Privacy
Privacy is about protecting our sense of self – who we are, what we know, what we think, what we have done, and what we want to do.
Privacy is not about protecting wrongdoing or encouraging secrecy. As Australians we accept that there are public interest reasons for certain limitations on individual’s right to privacy, such as law enforcement, fraud control and public safety.
In most relationships that we as individuals have with other people or organisations there is a certain amount of sharing and our right to privacy must be balanced against any benefit that we receive from the relationship.
3. Privacy Ethic
The Society recognises and supports its members’ right to privacy and accepts its obligations under the National Privacy Principles and as such we have adopted the following “Privacy Ethic” which is to be displayed in the public areas of the Society as appropriate and made available to members on request.
“At Maitland Mutual Building Society we value and respect your right to Privacy.
We view the Privacy Act and National Privacy Principles as an integral part of our relationship with you and we are committed to treating any personal information that we collect from you with due care and confidentiality.
Any personal information we require will be gathered in an ethical and lawful manner.
We will be open with you about your personal information that we hold and how we intend to use it.
You have the right to access and correct where necessary any personal information that we have about you, however, we will not disclose your information to a third party without your written consent.
If you have any concerns regarding your privacy or the manner in which your personal information has been dealt with, please contact our Privacy Officer in order that we may investigate the matter and make any necessary improvements.”
4. Collecting Personal Information
The Society views its obligations in the collection of personal information very seriously and we believe that the actual collection process should always be undertaken with due care and consideration for the individual’s rights and our legal responsibilities.
4.1 Limits to collection
Personal information collected by the Society will be limited to such information which is necessary to allow the Society to function as a financial services provider.
4.2 Collection to be lawful and fair
The Society will only collect personal information by fair and lawful means.
4.3 Consent and disclosure
It is the Society’s policy that wherever possible we will obtain an individual’s written consent before we collect any personal information.
Any time the Society collects personal information a Collection Statement will be given or made to the individual.
4.4 Collection Statements
The Society’s Collection Statements shall contain as a minimum:-
• the Society’s full name and contact details
• that the individual can get access to their information
• the reason why the information is being collected and who else might get the information
• any other purpose for which Maitland Mutual Building Society might use the information
• any law requiring the collection
• what will happen if the information is not provided. For example, “we won’t be able to process your application”.
4.5 Information We Collect from our Website
The information that we collect about you will depend on how you use the facilities offered by our website. When you visit this site, we make a record of your visit and record the following type of information:
• Your server address;
• Your computer operating system;
• The web addresses and pages you access;
• The date, time and duration of the access; and
• The type of Web Browser you are using.
This list is not exhaustive, and we may collect additional information from time to time. However, any additional information recorded will be of a similar nature, and we will not collect personally identifiable information without your knowledge and express permission.
For example, if you complete an online contact form, you may be requested to provide personal information to help us respond to your query. Information provided through an online contact form will be recorded only if you choose to transmit the information.
Where password access is required (for example, to access Internet Banking), your log in name and the number of log in attempts will be recorded for validation and security purposes.
Your email address is recorded if you send us a message or otherwise provide that information to us. We may use your email address to:
• respond to your enquiry;
• provide information about Society products and services that we believe may be of interest to you;
• provide any other notice that we are required to give you where delivery of that notice by electronic means is permitted by the relevant statute, code of conduct and our constitution.
However, we will only email you if you give us permission to do so. In some circumstances we may imply your consent to email information to you (for example, if you email us, we may imply your consent to reply by email). If we send you an email for commercial purposes, we will give you the option of not receiving further emails of this nature. In addition, we may monitor your email content for security issues including where email abuse is suspected. Our response to you may also be monitored for quality assurance purposes.
4.6 Collection by a Third Party
Collection of personal information will usually be undertaken directly by the Society, however there may be occasions where a third party collects information on behalf of the Society. Any third party acting on behalf of Maitland Mutual Building Society shall agree to keep all information confidential, to use it only for the purposes agreed with the Society and as disclosed to the person supplying the information.
5. Use and Disclosure of Personal Information
Individuals usually give their personal information to the Society for a particular reason (the primary purpose). They expect it to be used for that reason, however if the information is used or disclosed for another reason (secondary purpose) without their consent they may not expect or like it.
5.1 Meaning of use and disclosure
“use” refers to handling personal information within Maitland Mutual Building Society
“disclosure” refers to when the Society releases information to another organisation to use.
5.2 Primary Purpose
When collecting personal information, by whatever means, we must ensure that individuals are informed of the primary purpose of collecting the information and of its proposed uses or disclosures. This will usually be contained within the Collection Statement.
5.3 Secondary Purpose
The Society can use or disclose personal information for a secondary purpose provided we have the individual’s express or implied consent. Any secondary uses and disclosures will usually be contained in the Collection Statements, however consent may be implied if an individual fails to “opt out” of a proposed use or disclosure.
The opportunity to opt out must be clearly stated, freely available at no cost, easy to do and not tied in with other purposes. The consequences of opting out must be harmless and the individual must be able to opt out later with the same effect.
If the use or disclosure has serious consequences for the individual then we will obtain express consent (opt in), preferably in writing.
5.4 Third Party Disclosure
The Society may also disclose personal information to external service providers who conduct specific activities for us such as our mailing and cheque imprinting functions. However the information remains the property of the Society and the external service provider will be subject to strict confidentiality and non–disclosure obligations.
5.5 Direct Marketing
The Society may use non-sensitive information for direct marketing where:-
• obtaining consent is impracticable; and
• there is no charge to “opt out” of direct marketing; and
• we have not received a request to “opt out” of direct marketing; and
• an easy to see “opt out” notice, is included in the same print size in each communication.
The use of non-sensitive information for direct marketing does not mean the Society can disclose personal information to others for direct marketing purposes.
The Society’s preferred option is to include the individual’s consent to use information about them (opt in) for direct marketing purpose, in the Collection Statement.
5.6 Unlawful Activity and Law Enforcement
The Privacy Act does not override specific legal obligations relating to the use or disclosure of personal information for law enforcement and regulatory purposes or for reporting or investigating unlawful activity.
If the Society is required by law to use or disclose personal information then it must do so.
6. Sensitive and Health Information
The Society will only collect sensitive information about an individual in the following circumstances:-
• the individual must have consented
• collection is required by law
• in emergencies – where an individual is incapable of giving consent (e.g. psychological state or age) or physically can’t communicate it and there is serious and imminent threat to health and life of any individual.
• collection is necessary for a legal or equitable claim.
6.1 What is sensitive information
Sensitive information includes information about an individual’s:-
• race or ethnicity
• political opinion or association membership
• religious beliefs or affiliations
• philosophical beliefs
• professional, trade association or trade union membership
• sexual preferences or practices
• criminal records
• health information
6.2 Health information
Health information will only be collected if in health related service is to be provided and then only in accordance with the National Privacy Principles and any other Laws.
6.3 What is Health information
Health information is personal information or opinions about:-
• health or disability of an individual
• an individual’s expressed wishes about the future provision of health services
• a health service to an individual or generally
• organ or body donation.
7. Information Quality
The Society considers the quality of data to be of paramount importance as the use or disclosure of inaccurate, incomplete or out of date information can create a false picture and lead to an incorrect, possibly damaging, conclusion.
At Maitland Mutual Building Society Limited we expect:-
• accuracy at the time of collection, use or disclosure of information
• completeness of data when collecting information, as incomplete data can be misleading at a later date.
• data to be collected in a manner that will enable it to remain current (eg. date of birth in lieu of age).
• amendments to be made to any personal information held as soon as we are made aware of them.
Active checks of data quality are not required if the probability of inaccuracy is low or if the consequences to the individual are insignificant.
• data was only recently collected or checked
• information was collected directly from the individual
• information is not critical to a decision to be made
• data is not sensitive information
• there are no clear inconsistencies in the information
8. Data Security
The Society will take reasonable precautions and security measures to keep members’ personal information secure and protect it from loss and misuse and from unauthorised access, modification and disclosure.
Personal information that is no longer required will be retained for the statutory periods then destroyed by a secure means. The means of destruction will depend on how the information is stored.
Paper based records - will usually be destroyed by shredding, pulping or disintegration either “in house” or
by a contractor.
Electronic records - will depend on the medium on which data is stored and the methods available for
The Society’s policies for the handling and management of the personal information it collects are detailed in this document, which is to be made available to anyone who asks for it.
On request we will let any person know, generally, what sort of personal information we hold about them and will allow that person access to their personal information, unless the request is unreasonable or is access that should be denied in terms of NPP6.
10. Access and Correction
The Society acknowledges the individual’s right to access their own personal information as a fundamental part of the protection of personal information.
10.1 Meaning of Access
Access refers to an individual’s right to see and have a copy of personal information that is held by the Society.
10.2 Requests for Access
Individuals do not have to give a reason in order to access their own personal information, however they must satisfy the Society as to their identity before access is granted.
The Society will usually respond to requests for access within 14 days unless exceptional circumstances apply, and then within 30 days.
10.3 Denial of Access
The Society is not obliged to provide access to commercially sensitive decision making processes, such as methods used to approve or decline loans.
There are other instances where the Society may deny access, such as where the Society is required to by law.
Where access is denied the individual will be informed under which exemption of NPPs the denial is based.
10.4 Correcting Information
Where an individual establishes that the personal information held by the Society is not accurate, complete or up to date then in most instances it will be corrected.
The Society believes that right of correction gives our members confidence in the quality and integrity of the personal information we hold.
10.5 Refusal to Correct
There may be instances, where the Society considers it inappropriate to alter its records and refuses to do so.
On such occasions we will advise the individual requesting the alteration the reasons the request was denied and of their right to attach a statement outlining the claim of inaccuracy.
11. Maitland Mutual Building Society Limited Employees’ Privacy
Current and former employees of the Society have the same rights in relation to their personal information as the members that we serve, subject to any exemption contained within the Act. Any applicant for employment must be informed of their rights in relation to the use of disclosure of any personal information provided with their application.
12. Complaint and Dispute Resolution
Any complaints or disputes relating to or arising from the collection, handling, access to, or correction of personal information should be referred to the Society’s Privacy Officer.
The Society’s Privacy Officer may be contacted as follows:-
Maitland Mutual Building Society Limited
PO Box 50
MAITLAND NSW 2320
Telephone : 1300 MUTUAL (1300 688825)
Fax : 02 4933 8996
If we are unable to resolve the matter or you are not satisfied with our handling of your complaint then the matter should be referred to the Office of the Federal Privacy Commissioner.
You can telephone the Office on the Privacy Hotline 1300 363 992 (local call charge).
13. Changes to this Policy Document
14. Key Terms
Collection An organisation collects personal information if it gathers, acquires or obtains personal information from any source and by any means. Collection includes personal information which is retained, even if the information was discovered by accident or was not asked for.
Consent Consent means voluntary agreement to some act, practice or purpose. It has two elements: knowledge of the matter agreed to, and voluntary agreement. Consent can be expressed or implied. Express consent is given explicitly, either orally or in writing. Implied consent arises where consent may reasonably inferred in the circumstances from the conduct of the individual and the organisation. Consent is invalid if there is extreme pressure or coercion.
(NPPs)are a set of 10 high level principles that are intended to form the basis for the protection of personal information. The NPPs cover matters such as the collection, use and disclosure of personal information, data quality, access and data security.
Information means information or opinion about an individual who identity is apparent, or can reasonably be ascertained from that information or opinion. It includes all personal information regardless of its source. Personal information relates to a natural living person.
Act Refer to the Privacy Act 1988 (Cth).
Information Means information or opinion about an individual’s racial or ethnic origin, political
opinions, membership of a political association, religious beliefs or affiliations,
philosophical beliefs, membership of a professional or trade association, membership
of a trade union, sexual preferences or practices, criminal record or health
information about an individual.
1. ACCEPTANCE OF TERMS
We provide this service to you, subject to the terms contained in this TOU and your applicable Card Member Agreement with you governing the card transactions for which Verified by Visa or MasterCard SecureCode is used. We may amend this TOU from time to time without notice to you. Your use of Verified by Visa or MasterCard SecureCode will be subject to all guidelines or rules applicable to Visa existence at that time.
"You agree that by establishing Verified by Visa or MasterCard SecureCode credentials, you accept the terms of the TOU effect at that time. Your continued use of Verified by Visa or MasterCard SecureCode after amendments have been made to the TOU evidences your acceptance of such amendments. Unless explicitly stated otherwise, any new features that augment, enhance, or otherwise change Verified by Visa or MasterCard SecureCode shall be subject to the TOU."
2. DESCRIPTION OF VERIFIED BY VISA AND MASTERCARD SECURECODE
Using Verified by Visa or MasterCard SecureCode in Internet transactions reduces the chances of fraud and increases security for those transactions. Activating Verified by Visa or MasterCard SecureCode involves providing personal information to us, which is then used to confirm your identity in connection with future online transactions for which Verified by Visa or MasterCard SecureCode is used. Verified by Visa or MasterCard SecureCode also may be used for record keeping and reporting purposes, as well as to help settle any transaction disputes by The Mutual. Except as provided in Section 5 below, your Activation Data (as defined in Section 3) are not shared with merchants.
You agree to (i) provide true, accurate, current, and complete information about yourself as prompted by the activation form for Verified by Visa or MasterCard SecureCode (collectively, the “Activation Data”), and (ii) maintain and promptly update the Activation Data to keep it true, accurate, current, and complete with The Mutual. If you provide any Activation Data that is untrue, inaccurate, out of date, or incomplete, or if we have reasonable grounds to suspect that your Activation Data is untrue, inaccurate, out of date, or incomplete, we may suspend, terminate, or refuse your current or future use of Verified by Visa or MasterCard SecureCode. You represent and warrant that all information that you provide to us in connection with your activation is true and correct and that you have the legal right to use all of the cards you register for Verified by Visa or MasterCard SecureCode.
If you are unable to provide us with sufficient information to validate your identity, we will deny your activation. If you do not successfully activate for Verified by Visa or MasterCard SecureCode, the merchant may not accept your Visa card in payment for an Internet transaction subject to Verified by Visa or MasterCard SecureCode. To use Verified by Visa or MasterCard SecureCode, you must have the ability to access the World Wide Web (WWW) and must pay any service fees associated with such access. In addition, you must have access to the equipment necessary to make such a connection to the WWW, including a computer and modem or other access device.
During activation for Verified by Visa or MasterCard SecureCode, you may be prompted to create a password or you may be provided a hint about using an existing password. When engaging in a transaction for which Verified by Visa or MasterCard SecureCode is used, you may be asked to provide your Verified by Visa or MasterCard SecureCode username and password before the merchant accepts your Visa card in payment for the transaction. If you are unable to provide your Verified by Visa or MasterCard SecureCode password, or if the authentication through Verified by Visa or MasterCard SecureCode otherwise fails, the merchant may not accept your Visa card in payment for that transaction.
By activating Verified by Visa or MasterCard SecureCode, you agree to use Verified by Visa or MasterCard SecureCode to check your identity, which includes the validation of any pre-authorized recurring transactions occurring at substantially regular intervals.
6.CARDHOLDER SECURITY CREDENTIALS
You are solely responsible for maintaining the confidentiality of your credentials, Activation Data and other verification information established by you with, or provided by you to, Verified by Visa or MasterCard SecureCode, and all activities that occur using your credentials. You agree not to transfer or sell your use of, or access to, Verified by Visa or MasterCard SecureCode to any third party. You agree to immediately notify us of any unauthorized use of your password or other verification information, or any other breach of security.
You acknowledge and agree that, except as otherwise provided by Applicable Law or in the Cardholder Agreement provided to you with your Visa card, we will not be liable for any loss or damage arising from your failure to comply with this TOU.
7. YOUR CONDUCT
You agree NOT to:
Impersonate any person or entity using Verified by Visa or MasterCard SecureCode; upload, post, e-mail, or otherwise transmit any material that contains software viruses or any other computer code, files, or programs designed to interrupt, destroy, or limit the functionality of any computer software or hardware or telecommunications equipment used to deliver the Verified by Visa or MasterCard SecureCode services; modify, adapt, sub-license, translate, sell, reverse engineer, decompile or disassemble any portion of the Verified by Visa or MasterCard SecureCode website, or service or the software used in connection with the Verified by Visa or MasterCard SecureCode service;
Remove, misappropriate, or misuse any copyright, trademark, or other proprietary right notices contained in this web site; "frame" or "mirror" any part of the Verified by Visa or MasterCard SecureCode website or service without the prior written authorization of Visa; use any robot, spider, site search/retrieval application, or other manual or automatic device or process to retrieve, index, "data mine," or in any way reproduce or circumvent the navigational structure or presentation of this website or service or its contents;
Otherwise interfere with, or disrupt, the Verified by Visa or MasterCard SecureCode service or servers or networks connected to Verified by Visa or MasterCard SecureCode, or violate this TOU or any requirements, procedures, policies or regulations of Verified by Visa or MasterCard SecureCode or of any networks connected to Verified by Visa or MasterCard SecureCode; or violate any applicable local, state, national or international statute, regulation, regulatory guideline or judicial or administrative interpretation (collectively, the "Applicable Law"), or any rule or requirement established by Verified by Visa or MasterCard SecureCode in connection with your use of Verified by Visa or MasterCard SecureCode.
You agree that we will not be liable to you or to any third party for any modification, suspension, or discontinuance of Verified by Visa or MasterCard SecureCode or this service. Under no circumstance will we be liable for consequential, incidental, special or indirect losses or other damages, such as any damage to your computer or telephone service resulting from your use of Verified by Visa or MasterCard SecureCode. We assume no responsibility for, and will not be liable for, any damages to, or any viruses which may affect your computer equipment or other property on account of your access to, use of, or downloading from, this web site.
9. DEALINGS WITH MERCHANTS
Your correspondence or business dealings with, or participation in promotions of, online retail or other merchants on or through Verified by Visa or MasterCard SecureCode, including payment and delivery for related goods or services, and any other terms, conditions, warranties or representations associated with such dealings, are solely between you and said merchant. You agree that, except as otherwise provided by Applicable Law or in the Cardholder Agreement provided to you with your Visa card, we will not be responsible or liable for any loss or damage of any sort incurred as the result of any such dealings. You understand that using Verified by Visa or MasterCard SecureCode does not in any way indicate that we recommend or endorse any merchant, regardless of whether the merchant participates in Verified by Visa or MasterCard SecureCode. For example, neither we nor Visa verify the identity of the merchant or the quality of the merchant's goods or services.
10. DISCLAIMER OF WARRANTIES
You understand and agree that any software that you obtain or use through or in connection with Verified by Visa or MasterCard SecureCode will be obtained and used at your own discretion and risk. Except as otherwise provided in this TOU, you will be solely responsible for any damage to your computer system or loss of data that results from the download or use of any such software or other materials through Verified by Visa or MasterCard SecureCode. EXCEPT AS OTHERWISE REQUIRED BY APPLICABLE LAW, WE MAKE NO REPRESENTATIONS OR WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, ANY WARRANTIES AS TO MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, ABOUT VERIFIED BY VISA OR MASTERCARD SECURECODE. APPLICABLE LAW MAY NOT ALLOW THE EXCLUSION OF IMPLIED WARRANTIES, SO THE ABOVE EXCLUSIONS MAY NOT APPLY TO YOU.
Notices may be sent to you via either e-mail to any address in your Activation Data or other information that you have provided to us in connection with any of your accounts with us, or your Visa card(s) issued by The Mutual.
12. AGE AND RESPONSIBILITY
You represent that you are of sufficient legal age to use Verified by Visa or MasterCard SecureCode and to create binding legal obligations for any liability you may incur as a result of the use of Verified by Visa or MasterCard SecureCode. Except as otherwise provided by Applicable Law or in the Cardholder Agreement provided to you with your Visa card, you understand that you are financially responsible for all uses of Verified by Visa or MasterCard SecureCode by you and those authorized by you to use your Activation Data, your password or other verification information. Verified by Visa or MasterCard SecureCode is a registered trademark and Verified by Visa or MasterCard SecureCode™ is the subject of a trademark application of Visa International Incorporated or its subsidiaries in the United States, or MasterCard Incorporated or its subsidiaries .
During the last few years, internet use has expanded as a new way of shopping across a wider expanse of merchants and products.
In 2001, Visa International introduced a new online payment programme as a way of keeping the card safe from online fraudulent use. Verified by Visa enables a cardholder to create unique answers to security questions that he or she will enter when shopping online as part of the checkout process. This Password is an 'electronic signature' for Internet transactions. Once you "activate" your card in Verified by Visa you will be able to 'sign' the transactions with your Password.