Privacy Policy
Last updated: April 2026
1. Introduction
Based Finance is committed to protecting your privacy and handling your personal information with care, transparency, and respect. We are bound by the Privacy Act 1988 (Cth) (Privacy Act), the Australian Privacy Principles (APPs) contained in that Act, and the Credit Reporting Code (CR Code) where applicable. This policy explains what personal information we collect, why we collect it, how we use and disclose it, and the rights you have in relation to that information. By engaging our services or using our website, you consent to the practices described in this policy.
2. Information We Collect
To provide mortgage broking and related financial services, we may collect a range of personal information. This includes identity information such as your full name, date of birth, and contact details; financial information such as income, assets, liabilities, expenses, and employment details; credit-related information including your credit history and credit score obtained from credit reporting bodies; identity verification documents such as passports and driver's licences; and information collected passively through your use of our website, including your IP address, browser type, pages visited, and the time and date of your visit.
3. How We Collect Your Information
We collect most information directly from you — for example, when you fill out an enquiry or application form, speak with us by phone, or correspond with us by email. We may also collect information from third parties where necessary, such as employers for income verification, accountants or financial advisers, or lenders in the course of processing your application. Information submitted through our website contact forms is processed via Brevo (formerly Sendinblue), our email marketing and CRM platform, in accordance with their privacy practices.
4. Why We Collect Your Information
We collect and use your personal information for the primary purpose of providing you with mortgage broking and credit assistance services, including assessing your borrowing capacity, sourcing suitable loan products, and lodging applications on your behalf. We also collect information to meet our obligations under applicable legislation, including the National Consumer Credit Protection Act 2009 (NCCP Act) and the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act). We may use your contact details to communicate with you about your application, send service updates, and, with your consent, provide information about other financial products or services that may be relevant to you. We also use website data in aggregate to improve our online presence and understand how visitors use our site.
5. Who We Share Your Information With
We disclose your personal information only to the extent necessary to provide our services or meet legal obligations. This may include lenders and credit providers to whom we submit loan applications on your behalf; our aggregator, who provides the platform and lender panel through which we operate; credit reporting bodies, including Equifax, Experian, and illion, for the purpose of obtaining credit reports; professional service providers such as accountants, lawyers, or financial planners engaged in relation to your matter; technology service providers including Hostinger (our web hosting provider) and Brevo (our CRM and email platform); and regulatory bodies such as ASIC and AUSTRAC where disclosure is required by law. We do not sell, rent, or trade your personal information to any third party for marketing or commercial purposes.
6. Credit Reporting
Where we handle credit-related information about you, we do so in accordance with Part IIIA of the Privacy Act and the CR Code. Credit information may include your repayment history, credit enquiries, defaults, and other data held by credit reporting bodies. You have the right to access credit information held about you by any credit reporting body and to request corrections if the information is inaccurate, out of date, or misleading. We will not use or disclose credit information for purposes beyond those permitted under the Privacy Act and CR Code.
7. Data Storage and Security
We take reasonable steps to protect your personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. Our records are stored using cloud-based systems, and we implement access controls, encryption, and other technical safeguards appropriate to the sensitivity of the information. Where we use overseas service providers — such as cloud infrastructure or software platforms — we take steps to ensure those providers handle your information in a manner consistent with the APPs. However, we cannot guarantee absolute security of data transmitted over the internet.
8. Cookies and Analytics
Our website may use cookies and similar tracking technologies to enhance your browsing experience and gather aggregate information about site usage. Cookies are small text files stored on your device by your browser. You can configure your browser to refuse cookies or alert you when cookies are being set, though some features of the website may not function correctly if cookies are disabled. We may use analytics tools to understand traffic patterns and user behaviour on our site; any data collected in this context is used in aggregate and is not linked to identifiable individuals without your consent.
9. Your Rights
You have the right to request access to the personal information we hold about you and to request correction of any information that is inaccurate, out of date, incomplete, or misleading. You may also opt out of receiving marketing communications from us at any time by contacting us directly or using the unsubscribe mechanism in any marketing email. Where your consent is the basis for our use of your information, you may withdraw that consent at any time, though this will not affect the lawfulness of prior use. We will respond to access and correction requests within 30 days. In some circumstances, we may be unable to provide access — for example, where disclosure would unreasonably affect the privacy of another individual — and we will explain the reason if this is the case.
10. Complaints
If you believe we have mishandled your personal information or breached the Privacy Act or CR Code, we encourage you to contact us in the first instance so we can attempt to resolve the matter directly. If you are not satisfied with our response, or if we fail to respond within 30 days, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC). The OAIC can be reached at www.oaic.gov.au, by phone on 1300 363 992, or by email at enquiries@oaic.gov.au.
11. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or the services we offer. Where we make material changes, we will update the "last updated" date at the top of this page. We encourage you to review this policy periodically. Your continued use of our services after any changes are posted constitutes your acceptance of the updated policy.
12. Contact Us
If you have any questions about this Privacy Policy, wish to access or correct your personal information, or want to make a privacy complaint, please contact us using the details below.
Based Finance
Email: hello@basedfinance.com.au
Phone: 0400 000 000
Hours: Monday – Friday, 8am – 6pm AEST
Have Questions?
If you'd like to understand more about how we handle your information, or simply want to get in touch, we're happy to help.
Get in Touch