loan-o Privacy Policy

B.K Brokers Pty Ltd
ABN 40 669 144 218
trading as loan-o

Registered office: 303 Coronation Drive, Milton QLD 4064
Email: [email protected]

We aim to respond to privacy enquiries within 20 business days.

Last updated: 30/11/2025

1. Who we are and scope

This Privacy Policy explains how B.K Brokers Pty Ltd ABN 40 669 144 218 (loan-o) collects, uses, discloses and protects personal information in accordance with the Privacy Act 1988 (Cth), Australian Privacy Principles (APPs) and the Privacy (Credit Reporting) Code.

It applies to:

  • our website and analytics
  • our digital apply flow
  • phone, SMS and WhatsApp channels
  • email communications
  • document uploads and secure links
  • e-sign processes
  • credit assistance activities

It operates alongside our Privacy Disclosure Statement & Consent used during the application process. Where that consent form lists lenders, CRBs, service providers or overseas disclosure locations, those details are taken as incorporated.

2. What we collect

We may collect the following personal and credit-related information:

Identity and contact information

  • name, date of birth, address history
  • phone numbers, email
  • driver licence and identity documents

Business and commercial information

  • legal entity details, ABN/ACN
  • trading history
  • invoices, contracts, insurance, asset information

Financial information

  • bank statements (via illion bankstatements.com.au when authorised)
  • BAS statements, ATO summaries
  • income and expenses
  • liabilities, existing loans

Credit information and credit eligibility information

  • credit reports, scores and repayment history
  • enquiries, defaults, public record data
  • information from CRBs as allowed under the Privacy Act

Communications and call data

  • call recordings (calls are recorded by default for training, quality and compliance)
  • SMS, WhatsApp and email messages
  • website chat transcripts

Device and analytics data

  • IP address, device type, browser
  • cookies and pixels
  • browsing behaviour on our website (GA4, Meta, LinkedIn, YouTube)

Document uploads

  • files uploaded via our secure, time-limited upload links
  • documents sent by email or messaging

If you do not provide requested information, we may be unable to provide credit assistance or progress an application.

3. How we collect information

We collect information directly from you and from third parties:

  • online forms and our apply flow
  • Adobe Acrobat e-sign processes
  • secure upload links sent by SMS
  • phone calls, SMS, WhatsApp
  • bank-data retrieval via illion bankstatements.com.au (with your explicit consent)
  • referrers and introducers
  • publicly available sources (ASIC, ABN Lookup)
  • CRBs (Equifax, Experian, illion), as identified in your signed consent
  • lenders and service providers involved in your application

4. Why we collect information (purposes)

We collect, use and disclose information to:

  • provide credit assistance and match you with suitable lenders
  • assess your application, including credit and risk assessment
  • verify your identity, prevent fraud and comply with AML/CTF obligations
  • manage your account, settlement and post-settlement support
  • communicate with you and maintain service quality
  • train our staff and improve internal processes
  • meet our legal and regulatory obligations
  • perform analytics and improve website performance
  • provide direct marketing (you may opt out at any time)
  • handle complaints and dispute-resolution processes

5. Use of AI and automation

We use AI-assisted tools for:

  • extracting data from documents
  • summarising financial information
  • comparing lender options

All AI-assisted outputs are reviewed by a human broker before any recommendation or decision is made.

We:

  • minimise the personal information shared with AI tools
  • redact sensitive fields where practical
  • do not allow your information to train public AI models
  • allow you to opt out of AI-assisted processing (manual review may take longer)

6. Disclosures to third parties

We may disclose your personal and credit information to:

Credit providers/lenders

Listed in your signed consent form.

Credit Reporting Bodies (CRBs)

  • Equifax
  • Experian
  • illion

Service providers

  • illion bankstatements.com.au (bank-data retrieval)
  • Adobe Acrobat (e-signing)
  • Dialpad (telephony and call recording)
  • WhatsApp (messaging)
  • secure hosting, IT support and cloud services

Analytics and advertising partners

  • GA4
  • Meta
  • LinkedIn
  • YouTube

Professional advisers and introducers

  • accountants, solicitors, referrers (where authorised)
  • auditors, compliance advisers

Regulatory bodies

  • OAIC
  • ASIC
  • AFCA (for credit-assistance complaints)
  • law enforcement or courts, where legally required

Business transactions

  • potential acquirers of our business (subject to confidentiality obligations)

7. Overseas disclosures

Some of our third-party providers process or store information overseas.

Your privacy consent lists locations that may include:

  • Germany
  • New Zealand
  • United Kingdom
  • Philippines
  • Singapore
  • Malaysia
  • Vietnam
  • United States

We take reasonable steps to ensure overseas recipients handle information in accordance with the APPs.

8. Credit reporting (Part IIIA Privacy Act)

With your consent we may:

  • obtain credit reports from CRBs
  • exchange information with lenders and CRBs to assess your application
  • provide identification information to CRBs
  • use CRB information to assess you as a borrower or guarantor
  • disclose information permitted under the Credit Reporting Code

Your rights with CRBs include:

  • requesting access to your credit report
  • requesting corrections
  • opting out of pre-screening/offers
  • placing a ban if you suspect identity fraud

See our Privacy Disclosure Statement & Consent for the full list of CRBs and lenders.

9. Marketing and cookies

We may contact you by email, SMS or phone with updates or offers relevant to your finance needs.

You may opt out at any time by:

Our website uses essential and analytics cookies. Browser settings can be used to manage cookie preferences.

10. Security

We use technical and organisational measures to protect your information, including:

  • encryption in transit and at rest (where supported)
  • time-limited secure upload links
  • access controls and authentication
  • call recording controls
  • audit logging
  • staff training and internal policies

No system is entirely risk-free, but we take reasonable steps to protect your information.

11. Retention

We retain personal and credit information for at least 7 years, or longer where required for legal, regulatory or contractual purposes.

When information is no longer required, it is securely destroyed or de-identified.

12. Access and correction

To request access to, or correction of, personal or credit information we hold, contact:

[email protected]

or write to us at our Milton address.

We will respond within 20 business days.

If we refuse your request, we will provide written reasons and outline your options.

13. Complaints

If you have a privacy complaint, contact:

[email protected]

We will:

  • acknowledge your complaint
  • investigate
  • attempt resolution within 20 business days

If you are not satisfied, you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

For credit-assistance complaints, you may also contact AFCA (details in your Credit Guide).

14. Notifiable Data Breaches

Where a data breach is likely to cause serious harm, we will notify:

  • affected individuals
  • the OAIC

in accordance with the Notifiable Data Breaches scheme.

15. Changes to this policy

We may update this policy from time to time. The most current version will appear on our website with the “Last updated” date.