Privacy Policy

Privacy Policy How Trade Collect collects, uses, stores and discloses personal information

Service Provider

Service Provider

ABN / ACN

ABN / ACN

Privacy Contact

Privacy Contact

Privacy Email

Privacy Email

Privacy Phone

Privacy Phone

Effective Date

Effective Date

Trade Collect

23 614 234 182

Luke Mead | Partner

info@tradecollect.com.au

02 7255 9987

01/05/2026

Plain-English Client Summary

Plain-English Client Summary

Plain-English Client Summary

This summary is provided for convenience. The full Policy below applies in the event of any inconsistency.

Trade Collect is a debt recovery service that helps trade businesses recover overdue invoices. To do that, we handle personal information about three main groups of people:

  • Our clients (the trade businesses that engage us) — including their owners, directors and staff contacts.

  • Debtors (the individuals or businesses who owe our clients money) — including their directors, guarantors and contacts.

  • Other people we deal with along the way — for example, witnesses, professional advisers, complainants, website visitors, job applicants and our own staff.

Here's the short version of what we do with that information:

  • We collect only what we need to recover debts, run our business, and meet our legal obligations.

  • Where we can, we collect from you directly. Sometimes we have to collect from third parties (mostly our clients) — for example, the contact details and payment history of a debtor.

  • We use the information for debt recovery, communicating with you, running our business, complying with the law, and (with your consent where required) marketing.

  • We share information only where necessary — for example, with our clients, lawyers, courts, mercantile agents, IT providers, and regulators.

  • We comply with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and the ACCC/ASIC Debt Collection Guideline.

  • You can ask to access or correct your personal information, and you can complain if you think we've got something wrong.

1. About this Policy

  1. This Privacy Policy explains how Trade Collect (“Trade Collect”, “we”, “us”, “our”) collects, holds, uses and discloses personal information.

  2. Trade Collect is bound by the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs). Where we engage in credit reporting activities, we are also bound by Part IIIA of the Privacy Act and the Privacy (Credit Reporting) Code (CR Code).

  3. In performing debt collection services, we also have regard to the Australian Competition and Consumer Commission (ACCC) and Australian Securities and Investments Commission (ASIC) publication “Debt collection guideline: for collectors and creditors” as updated from time to time.

  4. This Policy applies to all personal information handled by Trade Collect, regardless of how it was collected — whether through our website, by phone, by email, in person, or from third parties.

2. Who this Policy applies to

This Policy is written primarily for our clients (the trade businesses that engage us to recover debts) and for our own internal use. It also explains, in section 7, how we handle the personal information of debtors when our clients place debts with us.

If you are:

  • A client or potential client — sections 1 to 10, 12 to 19 and 21 to 22 are most relevant to you.

  • A debtor — section 7 contains the information you specifically need. Other sections may also apply.

  • A staff member, contractor or job applicant — section 20 covers how we handle your information.

  • A website visitor — section 15 covers cookies and analytics.

3. What is personal information

Under the Privacy Act, “personal information” means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether or not the information is true and whether or not it is recorded in a material form.

Information about a company or other corporate entity is generally not personal information. However, information about the directors, employees, contractors, guarantors or sole traders connected with a corporate debtor is personal information about those individuals.

“Sensitive information” is a special category of personal information that includes health information, racial or ethnic origin, criminal record, religious beliefs, and similar categories. Trade Collect does not generally collect sensitive information, and will only do so with consent or where required or authorised by law.

4. The kinds of personal information we collect

The personal information we collect depends on the role you play in our business. Typical examples include:

4.1 Clients and prospective clients

  • Names, positions, business contact details (email, phone, address).

  • ABN/ACN, business name, business structure.

  • Bank account details for remittance of recovered funds.

  • Information about your business operations, terms of trade, and payment history with debtors (where this includes information about individuals).

  • Records of communications, instructions and authorities you give us.

  • Identity verification information where required by law.

4.2 Debtors and individuals connected with debtors

  • Names, contact details (residential and postal addresses, phone, email), and date of birth (where required for identification).

  • Employer or business information, role, and ABN/ACN.

  • Information about the debt — invoices, statements, contracts, work histories, payment histories, dispute history.

  • Information about guarantees, security, or the Personal Property Securities Register (PPSR).

  • Records of communications and any explanations or representations made about the debt.

  • Information obtained from public sources (e.g. ASIC, court records, land titles registries) for the purposes of recovery.

  • Skip-tracing information, where lawful and reasonably necessary to locate a debtor.

  • Where applicable, credit reporting information obtained from a credit reporting body (see section 11).

4.3 Other individuals

  • Witnesses, complainants, or professional advisers we deal with in the course of recovery.

  • Website visitors — see section 15.

  • Job applicants and our own staff — see section 20.

5. How we collect personal information

  1. Wherever practicable, we collect personal information directly from you. For example: when you sign up as a client, complete a Debt Submission Form, send us an email, call us, or correspond with us during a recovery.

  2. In the nature of debt collection, we often collect personal information about debtors from our clients (the creditor). This is permitted under APP 3.6(b) where it is unreasonable or impracticable to collect the information directly from the debtor.

  3. We may also collect personal information from:

    1. public registers and sources, including ASIC, AFSA (insolvency records), the PPSR, court and tribunal records, land titles offices, and publicly available business directories;

    2. skip-tracing services and search providers (where lawful and proportionate);

    3. credit reporting bodies (where applicable — see section 11);

    4. guarantors, related parties, professional advisers and witnesses connected with a debt;

    5. our own service providers (for example, IT, payment, telephony and analytics providers);

    6. our website, including via cookies and analytics tools (see section 15); and

    7. our recruitment processes (see section 20).

  4. We do not generally accept unsolicited personal information. If we receive personal information that we did not solicit and could not have collected lawfully, we will destroy or de-identify it as soon as practicable.

6. Why we collect personal information

  1. We collect, hold, use and disclose personal information for purposes connected with running our debt recovery business. The main purposes are:

    • Providing debt recovery and related services to our clients.

    • Communicating with clients, debtors, guarantors, advisers and other relevant parties.

    • Verifying identity, contact details and the validity of debts.

    • Locating debtors (skip-tracing) and assessing recovery prospects.

    • Negotiating, settling and documenting payment of debts.

    • Instructing lawyers, mercantile agents, process servers and other Third-Party Providers.

    • Administering our client accounts, billing, trust accounting and remittance of recovered funds.

    • Maintaining records as required by the ACCC/ASIC Debt Collection Guideline and other laws.

    • Managing risk, fraud, complaints, disputes, and legal proceedings.

    • Improving our services, training our staff, and quality assurance.

    • Direct marketing to clients and prospective clients (subject to section 12).

    • Complying with our legal and regulatory obligations.

    If we are unable to collect personal information that is reasonably necessary for one of the purposes above, we may not be able to provide our services or respond to your enquiry.

7. Notice to debtors (collection from a third party)

This section sets out the matters required by APP 5 where we collect personal information about a debtor from a third party (typically the creditor who placed the debt with us).

  1. If you are an individual who has had a debt referred to Trade Collect, your personal information has been provided to us by the creditor (our client) for the purpose of recovering that debt.

  2. We will, when we first contact you, identify ourselves and explain the purpose of contact in accordance with the ACCC/ASIC Debt Collection Guideline.

  3. The personal information we hold about you typically includes your name, contact details, the details of the debt, your communications with the creditor and us, and (where relevant) information about guarantees, your employer, or assets relevant to recovery. It may also include information from public registers and, where applicable, credit reporting information (see section 11).

  4. We use this information only for purposes connected with recovery and our other lawful business purposes (see section 6).

  5. We may disclose your information to the creditor, our service providers, lawyers and other Third-Party Providers, courts and tribunals, and regulators — see section 9.

  6. If you would like to access or correct the personal information we hold about you, or make a complaint, please contact us using the details in section 18. We will respond promptly and professionally.

  7. If you believe the debt is not yours, has already been paid, or is otherwise disputed, please tell us — we will pause recovery activity in respect of the disputed amount while we investigate, in line with our obligations under the Debt Collection Guideline.

8. How we use personal information

  1. We use personal information for the primary purpose for which it was collected, and for related secondary purposes that you would reasonably expect.

  2. We will only use personal information for an unrelated secondary purpose where:

    1. you have consented;

    2. the use is required or authorised by law (for example, complying with a court order, statutory demand, or law enforcement request);

    3. the use is reasonably necessary for the establishment, exercise or defence of a legal claim; or

    4. the use is otherwise permitted under the APPs.

  3. We do not sell personal information.

9. When and how we disclose personal information

We disclose personal information where reasonably necessary for the purposes set out in section 6, including to:

  • Our clients — for example, providing updates, settlement proposals, or recovered funds in respect of debts they have placed with us.

  • Service providers — including IT, hosting, telephony, customer relationship management, document management, payment, mailing, telephony and analytics providers.

  • Third-Party Providers in the recovery process — including external lawyers, mercantile agents, process servers, skip-tracers, search providers, mediators, and field-call agents.

  • Courts, tribunals and law enforcement — in connection with proceedings, enforcement, or where required or authorised by law.

  • Regulators and ombudsman schemes — including the Office of the Australian Information Commissioner (OAIC), the ACCC, ASIC, AFCA (where applicable), and equivalent bodies.

  • Insolvency practitioners — in respect of debtors who are or may be in external administration or bankruptcy.

  • Professional advisers and insurers — including our own lawyers, accountants, auditors and insurance brokers.

  • Credit reporting bodies — where applicable (see section 11).

  • A purchaser or successor of our business — in the event of a sale, merger or restructure, subject to appropriate confidentiality protections.

  • Anyone else — with your consent or as required or authorised by law.

We require our service providers and Third-Party Providers to protect personal information consistently with the Privacy Act and to use it only for the purposes for which it was disclosed.

10. Overseas disclosure

  1. Some of the service providers and Third-Party Providers we engage may be located outside Australia, or may host or process information on servers located outside Australia.

  2. Where we disclose personal information to an overseas recipient, we will, before disclosing, take steps that are reasonable in the circumstances to ensure the overseas recipient does not breach the APPs in relation to the information, except where:

    1. the recipient is subject to a law or binding scheme that has the effect of protecting the information in a substantially similar way to the APPs, and you can take action to enforce that protection;

    2. you have given informed consent to the disclosure; or

    3. the disclosure is required or authorised by Australian law or a court/tribunal order.

  3. As at the effective date of this Policy, the countries in which our overseas recipients are likely to be located include:

11. Credit reporting information (conditional)

  1. Where Trade Collect accesses credit reporting information from credit reporting bodies (CRBs), we are bound by Part IIIA of the Privacy Act and the Privacy (Credit Reporting) Code (CR Code).

  2. Credit reporting information may include:

    1. identification information;

    2. information about consumer credit accounts (where relevant), including type, term, and credit limit;

    3. default information, payment information and serious credit infringements;

    4. court proceedings information; and

    5. information about previous credit applications.

  3. We use credit reporting information only for purposes permitted under the Privacy Act, including assessing recovery prospects, locating debtors, and (where authorised) listing default information against a debtor.

  4. We may disclose credit information to CRBs only as permitted under the Privacy Act and the CR Code, and only after issuing required notices to the affected individual.

  5. Trade Collect maintains a separate Credit Reporting Policy that contains the matters required under section 21B of the Privacy Act. A copy is available on request in writing via the contact details in section 18 prior to any work commencement.

  6. If you wish to access or correct credit reporting information we hold, or make a complaint about our handling of credit information, please contact us using the details in section 18. We will respond within the timeframes required by the CR Code.

12. Direct marketing

  1. We may use personal information to send marketing communications about our services — for example, service updates, newsletters, recovery insights, and promotional offers — to clients and prospective clients.

  2. We will only send direct marketing where permitted by the Privacy Act, the Spam Act 2003 (Cth), and the Do Not Call Register Act 2006 (Cth).

  3. Every marketing email or SMS we send will include a functional unsubscribe option. You can also opt out at any time by emailing info@tradecollect.com.au or using the contact details in section 18.

  4. We do not send unsolicited direct marketing to debtors. Communications with debtors are limited to those reasonably necessary for the recovery of the debt.

13. Data quality, storage and security

  1. We take reasonable steps to ensure that the personal information we hold is accurate, up to date, complete, relevant and not misleading, having regard to the purpose for which it is held.

  2. We hold personal information in a combination of secure electronic and (where unavoidable) physical formats. Our protective measures include:

    1. access controls (role-based access, multi-factor authentication, password policies);

    2. encryption in transit and (where reasonably practicable) at rest;

    3. secure data centre and cloud hosting arrangements;

    4. staff training on privacy and information security;

    5. contractual confidentiality and security obligations on our service providers;

    6. logging, monitoring and incident response procedures;

    7. secure disposal of records when they are no longer required (see section 14).

  3. Despite our reasonable steps, no system is entirely secure. We cannot guarantee that personal information will never be subject to unauthorised access, loss or disclosure, but we will respond to any incident in accordance with section 19.

14. How long we keep personal information

  1. We retain personal information only for as long as we reasonably need it for the purposes set out in this Policy, or as required by law.

  2. Typical retention periods include:

    1. client and debt files: at least seven (7) years from the closure of the file, consistent with our limitation period and tax record-keeping obligations;

    2. financial records: at least seven (7) years from the date of the relevant transaction;

    3. complaints records: at least seven (7) years from the resolution of the complaint;

    4. call recordings: typically twelve (12) to twenty-four (24) months, unless retained longer for evidentiary or compliance purposes; and

    5. staff and contractor records: in line with our employment-related obligations.

  3. When personal information is no longer required and is not subject to a legal

15. Cookies, analytics and our website

  1. Our website may collect technical information from visitors, including IP address, browser type and version, operating system, pages visited, and referring URL. This information is generally not personal information, but may become personal information when combined with other information.

  2. We use cookies and similar technologies to:

    1. operate and secure the website;

    2. remember preferences and settings;

    3. analyse usage and improve performance (e.g. via Google Analytics or similar tools); and

    4. (where applicable) deliver and measure marketing.

  3. You can configure your browser to refuse cookies, but parts of the website may not function correctly as a result.

  4. Our website may contain links to third-party websites. This Policy does not apply to those websites — please review their own privacy policies.

16. Telephone call recording

  1. We may record inbound and outbound telephone calls for training, quality, evidentiary, complaints handling and compliance purposes.

  2. Where we record a call, we will give an appropriate notification before the recording begins, in accordance with applicable surveillance and listening device laws and the ACCC/ASIC Debt Collection Guideline.

  3. Call recordings are stored securely and accessed only by authorised personnel for the purposes for which they were collected.

17. Access and correction

  1. Subject to limited exceptions in the Privacy Act, you have the right to:

    1. ask what personal information we hold about you;

    2. ask for access to that information; and

    3. ask us to correct information you believe to be inaccurate, out of date, incomplete, irrelevant or misleading.

  2. To make an access or correction request, please contact us using the details in section 18. We may ask you to verify your identity before responding.

  3. We will respond to access requests within thirty (30) days where reasonably practicable. We will respond to correction requests within thirty (30) days. If we refuse a request, we will give you written reasons and information about how to complain.

  4. Access is generally free, but in limited circumstances we may charge a reasonable cost-recovery fee for processing complex requests. We will tell you in advance if a fee will apply.

  5. Where we have disclosed personal information to a third party and you ask us to correct that information, we will (on request and where reasonably practicable) notify the third party of the correction.

18. Complaints and how to contact us

  1. If you have a question, complaint or request about how we handle personal information, please contact our Privacy Officer:

Privacy Officer
Email
Phone

Luke Mead | Partner

info@tradecollect.com.au

02 7255 9987


  1. We take privacy complaints seriously. We will:

  1. acknowledge your complaint within five (5) Business Days;

  2. investigate it promptly and fairly;

  3. aim to provide a substantive response within thirty (30) days; and

  4. explain our findings and any steps we propose to take.

    1. If you are not satisfied with our response, you may refer the matter to the Office of the Australian Information Commissioner (OAIC):

  • Website: oaic.gov.au

  • Phone: 1300 363 992

  • Post: GPO Box 5288, Sydney NSW 2001

  1. If your complaint relates to credit reporting and you remain dissatisfied after our response, you may also be able to refer the complaint to an external dispute resolution scheme of which we are a member (if any) — see section 11.

19. Notifiable data breaches

  1. We have an internal data breach response plan to identify, contain, assess and respond to suspected data breaches.

  2. If we suspect that an eligible data breach has occurred (within the meaning of the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act), we will:

    1. assess the suspected breach within thirty (30) days;

    2. take steps to contain and remediate the breach;

    3. if the breach is an eligible data breach, notify affected individuals and the OAIC as soon as practicable; and

    4. notify any client whose information is involved, in accordance with our contractual and legal obligations.

20. Information about our staff, contractors and applicants

  1. We collect personal information about our staff and contractors for purposes connected with their engagement, including recruitment, payroll, performance management, training, compliance, and workplace health and safety.

  2. Most personal information about employees in the course of their employment falls within the “employee records exemption” under section 7B(3) of the Privacy Act. However, we still aim to handle employee information in accordance with the principles of this Policy.

  3. Information about job applicants is handled in accordance with the APPs. We use applicant information only for recruitment, role assessment, reference checking, and (where consented to) retention in our talent pool.

  4. Contractors and Third-Party Providers are required to comply with the Privacy Act and our security and confidentiality requirements.

21. Changes to this Policy

  1. We may update this Policy from time to time. The current version will always be available at https://tradecollect.com.au/privacy-policy.

  2. Material changes will be notified by updating the “Last Reviewed” date on the cover page and, where appropriate, by direct notice to clients.

  3. Continued use of our services after a change to this Policy constitutes acceptance of the updated Policy.

22. Definitions

"APPs" means the Australian Privacy Principles set out in Schedule 1 to the Privacy Act.

"Business Day" means a day other than a Saturday, Sunday or public holiday in [State/Territory], Australia.

"Client" means a person, partnership, company or other entity that engages Trade Collect to provide debt recovery or related services.

"CR Code" means the Privacy (Credit Reporting) Code as in force from time to time.

"Credit reporting body or CRB" means a credit reporting body within the meaning of the Privacy Act.

"Debtor" means an individual or entity from whom a debt is sought to be recovered.

"Debt Collection Guideline" means the publication “Debt collection guideline: for collectors and creditors” published by the ACCC and ASIC, as updated from time to time.

"OAIC" means the Office of the Australian Information Commissioner.

"Personal information" means has the meaning given in the Privacy Act.

"Privacy Act" means the Privacy Act 1988 (Cth).

"Sensitive information" means has the meaning given in the Privacy Act.

"Trade Collect" means the trading name of [Legal Entity Name] ABN [ABN].

Go back to Homepage

Go back to Homepage

We use cookies to improve your experience. By continuing, you agree to our cookie policy.