Privacy Policy

Home » Privacy Policy

You must really like reading fine print if you want to read our privacy policy.
Privacy policies can be a dry read. Rest assured, we take your privacy seriously and keep your information secure and private. We don’t share your information with outsiders and we protect your information. We got your back.

For a full explantion of our policy, read below.


Direct Plasterboard Outlet Pty Ltd (DPO) ABN 26 150 449 282 and all its related business entities (including Direct Insulation Outlet or DIO) privacy policy outlines the way personal information is collected and managed.
DPO is bound by the Australian Privacy Principles (Principles) applicable to private sector organisations under the Privacy Act 1988 (Cth). In summary, the Principles apply to ‘personal information’ as information (or an opinion) relating to an individual that can be used to identify that individual. DPO sometimes handles personal information relying on exemptions under the Privacy Act, for example in relation to employee records. Any handling of personal information permitted under such exemptions will take priority over this privacy policy to the extent of any inconsistency.

Why does DPO collect personal information?
DPO is a supplier of building materials. We collect personal information about people we deal with or potentially deal with in order to operate our businesses. Collecting personal information is also necessary in some circumstances to meet our legal obligations.

What kind of personal information does DPO collect and how does DPO collect it?
DPO generally collects and holds personal information about:
• Our employees;
• Contractors who provide services to DPO;
• Our customers;
• Our suppliers;
• Job applicants; and
• Other people who may come into contact with DPO or one of entities.
The type of information we collect varies, depending on the purpose, and may include (but is not limited to) their name, address, contact details, organisation, identification, positions held, payment details, credit information and marketing information.
This information may be obtained by way of completed documentation, information provided in person by telephone, email or online, and from an individual or business, public source or third party (for example, referees, your organisation, your representatives and information service providers).

How do we use personal information and to whom may we disclose it?
In general, DPO collects, uses personal information to:
• Provide products or services that have been requested;
• Maintain relationships with suppliers, contractors and other parties;
• Communicate;
• Verify your identity and personal information;
• Maintain and update our records;
• Provide ongoing information and marketing communications about DPO products and services to customers and prospective customers by telephone, email, online and other means as permitted by law, unless they opt out; and
• Comply with legal obligations and protect our lawful interests.
We may not be able to do these things without your personal information. For example, we may not be able to respond to your enquiries or provide you a product or service that you have requested.
We may also collect, use and disclose your personal information in connection with:
• Reasonable information requests from courts, government agencies and lawyers
• Suspected fraud, misconduct and unlawful activity, and
• Acquisitions or potential acquisitions of our business.
Depending on the product or service concerned, personal information may be disclosed to:
• Other entities within DPO,
• Service providers and specialist advisers to DPO who have been contracted to provide DPO with administrative, archival, auditing, accounting, customer contact, legal, business consulting, banking, payment, debt collection, delivery, data processing, data analysis, information broking, research, investigation, website, technology or other services;
• Insurers, credit providers, courts, tribunals and regulatory authorities as agreed or authorised by law;
• Credit reporting or reference agencies or insurance investigators; or
• A person authorised by an individual.
It is possible that some of the third parties described above may be located in New Zealand and other countries. While those third parties will often be subject to confidentiality or privacy obligations, they may not always follow the particular requirements of the Privacy Act.
Generally, we require that organisations outside DPO who handle or obtain personal information as service providers to DPO acknowledge the confidentiality of this information and undertake to comply with the Principles.

How do we handle credit-related personal information?
While we do not provide credit to consumers, we sometimes handle personal information from Credit Reporting Bodies (CRBs) and certain other consumer Credit-Related Personal Information as described below (CRPI) in the context of commercial credit arrangements. For example, information about an individual’s consumer credit worthiness may be handled where:
• We provide commercial credit accounts to sole traders, or;
• Individuals such as directors provide personal guarantees in relation to commercial credit accounts.
We may collect and hold the following types of CRPI, both in relation to your arrangements with us and those with third parties such as other credit providers:
• Name;
• Sex;
• Date of birth, driver’s licence number, employer and three most recent addresses; Confirmation of previous information requests about the individual to CRBs made by other credit providers and credit insurers;
• Details of previous credit applications, including the amount and type of credit and credit limit;
• Details of current and previous credit arrangements, including credit providers, start/end dates and certain terms and conditions;
• Permitted payment default information, including information about related payment arrangements and subsequent repayment;
• Information about serious credit infringements (e.g. fraud);
• Information about adverse court judgments and insolvency;
• Publicly available information about the individual’s credit worthiness;
• Any credit score or credit risk assessment indicating a CRB’s, credit provider’s or our analysis of the individual’s eligibility for consumer credit; and
• Any other types of Credit-Related Personal Information about an individual permitted under the Privacy Act.
We may disclose CRPI to CRBs to assist the CRBs to maintain information about you to provide to other credit providers for credit assessments. We may collect CRPI from CRBs for purposes including, to the extent permitted by law, to assess your application for credit or to be a guarantor, manage your credit/guarantee, assign debts and collect overdue payments. We may also exchange CRPI with debt buyers, credit insurers and other credit providers.
The CRBs we may use may include:
• Dun & Bradstreet, Level 7, 479 St. Kilda Road Melbourne 3004. Tel: 1300 734 806
• Veda, PO Box 964 North Sydney 2059. Tel: 1300 762 207
• National Credit Insurance (Brokers) Pty Ltd, Level 1, 53 Berry Street North Sydney NSW 2060. Tel: 02 9458 2600
• Creditor Watch, Level 13, 109 Pitt Street Sydney NSW 2000. Tel: 1300 501 312
You have the right to request CRBs not to:
• Use your Credit-Related Personal Information to determine your eligibility to receive direct marketing from credit providers; and
• Use or disclose your Credit-Related Personal Information, if you have been or are likely to be a victim of fraud.
In some cases, we are subject to further obligations under the Privacy Act regarding Credit-Related Personal Information, and this Privacy Policy is not intended to limit or exclude those obligations. Additional privacy consents and notifications may also apply for our credit-related services.

How do we manage personal information?
DPO trains all its employees to handle personal information and respect the confidentiality of that information with the privacy of individuals.

How do we store personal information?
DPO is required by the Principles to safeguard the security and privacy of your information, whether you interact with us personally, by telephone, mail, over the internet or other electronic medium. This includes an obligation to take reasonable steps to protect the personal information we hold from misuse, loss, unauthorised access, modification or disclosure. We hold information on our premises and with the assistance of our service providers.
The Principles also require DPO not to store personal information longer than necessary and to take reasonable steps to destroy that personal information or remove details which may identify individuals.

How do we keep personal information accurate and up-to-date?
DPO takes reasonable steps to ensure that the personal information it holds is accurate and up-to-date. We encourage you to contact DPO as soon as possible in order to update any personal information we hold about you. DPO contact details are set out below.

Can you check and update the personal information about you that is held by us?
You may obtain access to or correct any personal information which DPO holds about you, unless one of the exceptions in the Principles applies.

To make a request to access or correct information DPO holds about you, please contact DPO in writing. DPO will require you to verify your identity and to specify what information you require. We will provide reasons if we deny any requests for access to or correction of personal information. DPO may charge a fee to cover the cost of providing access including locating, retrieving, reviewing and copying any material requested. Where we decide not to make a requested correction to your personal information and you disagree, you may ask us to make a note of your requested correction with the information.

What if you have a complaint?
If you consider that any action of DPO breaches this privacy policy or the Australian Privacy Principles, you can make a complaint. In the first instance, please direct your complaint to the particular DPO business or activity concerned – they are likely to be in the best position to deal with the matter quickly and effectively. Each DPO business or activity has an officer appointed to handle complaints. In most cases, this will be the manager of the business. If the matter is not resolved to your satisfaction, please make contact with the relevant officer below. DPO takes your privacy seriously and endeavours to respond promptly to complaints.

Privacy Officer
Direct Plasterboard Outlet Pty Ltd
Level 1, 12a Rose Street
Campbelltown NSW 2560

For information about privacy generally, or if your concerns are not resolved to your satisfaction, you may contact the Office of the Australian Information Commissioner at or on 1300 363 992.

Updates to this Policy
This privacy policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and practices and the changing business environment. All personal information held by DPO will be governed by DPO’s most recent policy. If you are unsure whether you are reading the most current version, please contact us using the contact information above.