Privacy Policy

Introduction

‘We’, ‘us’ and ‘our’ refer to Doma Finance Holdings Pty Ltd ACN 677 688 916

This privacy policy (Policy) outlines how we collect and use your personal information in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles.

We will collect and handle your personal information in accordance with our legal obligations, including those under the Privacy Act and the Australian Privacy Principles. Where applicable, we also adhere to Division 3 of Part IIIA of the Privacy Act and the Privacy (Credit Reporting) Code 2014.

This Policy describes how your personal and credit information is collected, used, disclosed and held by us.

Why we collect personal information

We collect and hold your personal information for the purposes of:

• assessing your application for finance and managing that finance;
• letting you know about our other products and services;
• direct marketing;
• managing our relationship with you;
• processing applications to join our network; and
• complying with legal and regulatory obligations including anti-money laundering, counter-terrorism financing, and consumer credit laws.

Information we collect from you

The type of personal information we may collect includes, but is not limited to:

• Name, phone number, residential or postal address, email address, and date of birth
• Certified identification documents (e.g., driver’s licence, passport)
• Tax File Number and country of tax residency
• Employment, income, assets, and liabilities
• Bank account details
• Credit history

If applying for finance, we may also collect details such as dependents, living arrangements, employment duration, and financial proof. If applying for insurance, we may collect health information (with your consent). We do not collect sensitive information such as political or religious beliefs unless legally required.

Information we collect from others

We may collect information from third parties, such as finance brokers, accountants, lawyers, or credit reporting bodies. This may include credit reports or publicly available data to meet regulatory requirements.

How personal information is collected

We collect information directly from you or third-party sources (e.g., brokers). Where legally required, we will notify you about information obligations and consequences of non-disclosure. Information may also be collected through verification services or public registers.

If you provide personal information about another person, you must ensure you are authorised and that the other person is aware of this Policy and consents to it.

Can you deal with us anonymously?

You may visit our website anonymously. However, we may be required to collect identifying details by law, depending on the service you seek.

How do we use and disclose your personal information?

We use your personal information to:

• assess and manage your finance applications;
• provide financial products or services;
• process network membership or employment applications;
• handle complaints;
• conduct direct marketing (unless opted out);
• fulfil legal obligations;
• any other purpose stated in this Policy or consented by you.

External organisations we may disclose information to include:

• funders or intermediaries
• service providers (e.g., print/postal, call centres)
• associated businesses for marketing
• IT providers and infrastructure services
• your representatives (e.g., brokers, lawyers, accountants)
• regulators (e.g., AUSTRAC, ASIC)
• identity verification services
• overseas support entities

We may also disclose your personal information if required or authorised by law, or with your express or implied consent.

Direct marketing

We may use your information to tell you about products, services, or updates relevant to you. You can opt out at any time by emailing support@domafinance.com.au or by using the unsubscribe link in our emails.

Credit Information

Credit information may be used to assess your finance eligibility and may include repayment history, defaults, and other relevant details.

Security of Collected Information

We take reasonable steps to protect your personal information from misuse, interference, or unauthorised access. Information is stored electronically, and only authorised personnel can access it.

When no longer required, we will securely destroy or de-identify the data unless we are legally obligated to retain it (e.g., under AML/CTF or Archives legislation).

Social Media

We collect aggregated social media statistics and follower lists. This information is non-personalised and used for marketing analysis only.

Cross-border disclosure

We may disclose your personal information to overseas service providers, such as those in the Philippines. We take steps to ensure overseas parties comply with our Privacy Policy. However, they may not be subject to the same privacy laws.

Access to and correction of personal information

You have the right to access and correct your personal information. To request access or a correction, please contact us using the details below. We will respond within 30 days. There may be a reasonable fee for access. If we deny your request, we will explain why in writing.

Lodging a Question or Complaint

If you have a complaint or question about how your information is handled, contact us using the information below. If unresolved, you may contact the Office of the Australian Information Commissioner.

Notifiable Data Breaches

We are required to notify you and the OAIC if a data breach occurs that is likely to cause serious harm. If you suspect a breach, contact us immediately.

Changes to this Policy

This Policy is subject to change. We will publish updated versions on our website. Last updated: July 2025.

Contacting Us

Access, Correction or Complaints

If unsatisfied with our response:
Office of the Australian Information Commissioner
Email: enquiries@oaic.gov.au
Phone: 1300 363 992
Mail: GPO Box 5218, Sydney NSW 2001

Last Update: July 2025