Financial Services Complaints Limited
FSCL treats all personal information with care and respect. We actively protect the privacy of everyone we hold information about in the same way as we would expect our own information to be protected. In doing this we ensure we comply with the Privacy Act 1993 and any other obligations we have relating to personal information.
Personal information is any information about, or related to, a person.
This policy also covers how we look after confidential and/or commercial sensitive information provided by participants.
Financial Services Complaints Limited provides an independent and impartial dispute resolution service to resolve complaints between consumers and financial service providers that are our members (participants).
How the scheme works is set out in our Terms of Reference.
Information management standards (our policy)
We have separated this statement into sections to make it easier for you to the find the information most relevant to you. We initially set out the general policy applying to all our information. We then provide information on how we collect and use information about people who:
1. Make enquiries with us and use our website;
2. Make complaints to us; or
3. Are our scheme participants and/or sign up to our industry communications.
We will only collect information necessary for us to deliver services, administer our scheme, where required by law, or with your consent. Additional personal information may be collected under specific circumstances.
Source of information
We will ensure any personal information about you is collected only from you or your authorised representative. We will collect information from other individuals or organisations you have authorised us to collect the information from. This includes the scheme participant you have made a complaint about.
Where you provide us with information about someone else, you confirm you have the authority or approval to provide the information to us, or it is relevant to progress with our services or to make a complaint under the scheme.
Use and disclosure
We will use personal information to enable us to provide our services, effectively administer the scheme, promote and market the scheme, and where we are required to for law enforcement purposes.
We will use personal information only for the purpose(s) for which it was collected, unless there is good reason to use it for other purposes and this is allowed by the Privacy Act.
Storage and Security
We will store all personal information with reasonable safeguards against misuse, interference and loss, and from unauthorised access, modification and disclosure.
Only approved personnel will have access to complaint files and to any other personal information we hold.
We store personal information physically and digitally. Physical files are held securely in our offices, or off-site in internationally certified document storage facilities. Digital files are stored in secure cloud-based computer systems connected to our network. Our case management system is located in New Zealand and our participant database is located in Australia. We use a secure document storage system located in North America.
Our information communications systems are supported by experts and protected by technical security mechanisms to guard against unauthorized access and theft. All our security mechanisms are regularly reviewed.
We keep personal information only for as long as it is needed and will destroy it securely when it is no longer needed.
Access and correction
Anyone may request us to provide them with access to the personal information we hold that relates to them. We will make this information available in response to a request as quickly as possible.
We will ensure that personal information about you is provided only to you or to other individuals or organisations you have authorised us to provide your information to.
Any incorrect information we hold will be corrected as soon as we are made aware of an inaccuracy, including where information is out-of-date.
Accountability and responsibility
All FSCL staff and management are responsible for treating all personal information with care and respect, actively protecting the privacy of everyone we hold information about and complying with the Privacy Act. All staff and management are responsible for bringing anything that is not consistent with this to the attention of the Privacy Officer.
The Privacy Officer is responsible for supporting management and staff to understand and deliver good privacy practice and how to comply with the Privacy Act.
We have privacy training programmes, policies and supporting procedures, and monitoring processes to assist our staff and management to actively protect the privacy of everyone we hold information about in the same way as we would expect our own information to be protected.
1. Enquiries – calls, emails, and website browsing
If you contact us by phone seeking information on our scheme, how to complain or whether your financial services provider is a participant in our scheme, we will not collect and retain any personal information. We do not record phone calls.
Where your call relates to a financial services provider who is not a member of our scheme, we will keep a record of an enquiry related to that provider. This is used to identify trends or issues and informs any proactive steps we may need to take with other dispute resolution schemes and/or their participants.
If you make an enquiry by email, we will keep a record of our correspondence.
Cookies and communication tracking software
We use software (cookies) on our website for:
· Analytics – to track which pages are visited, to help us identify the most popular areas of our website. The information we access is aggregated and we cannot identify individual visitors.
· Function - identify and facilitate participants to log into the members areas of our website.
When you make an enquiry or a complaint to us about a financial services provider that is a participant of our scheme, we will collect:
· Identifying and contact details (such as name, address, phone number, email address), as well as details of any authorised representatives (people acting on your behalf or supporting you)
· Demographic details including age (to the nearest decade), ethnicity, and employment status
· Details of your complaint, including your financial services and financial service provider, details of your interactions with the provider, and any unique identifier (such as customer number or loan reference number) used by your provider to identify you
· Financial information (such as your loan or investment details), to provide context to the complaint and help us to facilitate a resolution or make a decision on your complaint
· Details of other people involved in the complaint, including individuals contacted or corresponded with at the participant, their contact details, and their actions
· How you found out about our scheme
· Any further information provided through correspondence with us, including a record of
· any outcome of your complaint.
Use and disclosure
If you are making a complaint about a participant, we will use the information you provide and we collect from the participant to facilitate a resolution, and/or to make a decision on your complaint. This will be done in accordance with the our scheme’s terms of reference.
We use aggregated information to report on the performance of our scheme and may provide participants with trends, insights, and common concerns raised by complainants. We only use demographic information for statistics and reporting purposes.
We will provide personal information to other people or organisations if we need to do so to deliver our services, operate our scheme, and where required or authorised by law. Consent will be sought to share with others or to use the information for any other purpose. We may disclose your personal information to:
· Approved FSCL employees
· Your authorised representatives
· The scheme participant that is subject of your complaint, with your consent but excluding reasonably withheld confidential information provided
· Our business and service providers (such as IT providers)
· Our professional advisers (such as insurers, auditors and lawyers)
· Government and regulatory authorities, where required or authorised by law.
We will take all reasonable steps to ensure third parties protect your personal information with the same care and respect we do.
We publish anonymised case notes on our website to provide guidance to consumers and participants about the approach we are likely to take in a particular type of case or highlight some of the different ways in which a complaint can be resolved.
Case notes are published for selected cases as determined by our Chief Executive Officer. Case notes will never identify the individual making the complaint. These are published on our website, in newsletters, and used in outreach programmes in presentations to consumers and participants.
If you have concerns about being identifiable in a case note, please talk to us. We will consider your concerns in deciding whether to publish a case note or how the case note is presented.
When you register as a participant of our scheme, we will collect:
· Identifying and contact details, including the details of individuals notified as key contacts for communications and complaints of a participant company.
· Professional memberships
· Business information, including trading structure and type of financial services offered.
Participant and stakeholder newsletters
Each email distribution uses up-to-date contact details for our participants and people signing up to receive our newsletters. Contact details are deleted by MailChimp following the campaign. We monitor the effectiveness of our newsletters using the analytical tools offered by MailChimp that collect information:
· Unique opens – The number and email addresses of subscribers that have opened the email
· Email client usage – which email account (Gmail, Outlook, Hotmail) was used to open the email
· Regions – Where this email has been opened
· Bounced – The number of emails that weren’t successful due to an inactive address, DNS failure, or if the recipient’s mailbox was full
· Not opened – The number and email addresses of subscribers that didn’t open the email
· Shares – The number of times the newsletter has been shared via email, Facebook or Twitter by subscriber
· Most popular links – The most clicks on any links directing to other websites or information not contained in the email.
There is no ability to collect information beyond this, or to track the recipient outside of a specific newsletter. Once the recipient has closed the newsletter, no further information can be collected.
Use and disclosure
We will use the information we collect about you to administer our scheme and to communicate with you about enquiries and complaints from your customers, and to provide general news and information about our scheme, sector or industry trends and issues, updates at FSCL, and other information at our discretion.
We may publish case notes relating to a complaint about your services. These are anonymised and will not identify the financial service provider by name – whether an individual or company.
Who to contact
If you want to:
· talk to us about privacy or your personal information, or
· have a complaint about the way we have treated your personal information,
please contact us and we will respond as soon as possible to resolve the issue.
We also welcome any questions and comments you may have about our privacy practices.
You can contact us at:
Financial Services Complaints Limited
PO Box 5967
ph: 0800 347 257
If you are not satisfied with our response you can contact the Office of the Privacy Commissioner by clicking here.