Privacy Policy

ABC Mercantile Pty Ltd t/a ACS Debt Collection

ABC Mercantile Pty Ltd trading as ACS Debt Collection, including its subsidiaries, commits to open, transparent, and lawful compliance with the Privacy Act 1988 (Cth).

ACS operates as an established Australian debt recovery agency with over 30 years of industry experience. We take our privacy obligations seriously and embed privacy governance into our daily operations.

ACS trains all staff regularly on privacy obligations, legislative updates, and the Australian Privacy Principles (APPs). Senior management actively oversees privacy compliance, data handling practices, and risk management.

Trust, Accountability and Governance

ACS Debt Collection manages personal information in a way that promotes trust, accountability, and transparency.

Our leadership team maintains responsibility for:

• Privacy governance and oversight

• Staff education and compliance training

• Secure data handling systems

• Ongoing review of legislative and regulatory changes

This Privacy Policy explains how we manage personal information and how individuals can engage with us about their privacy rights.

Our Privacy Commitment

ACS adopts and applies the Australian Privacy Principles contained in the Privacy Amendment (Enhancing Privacy Protection) Act 2012.

We govern how we collect, use, store, and dispose of personal information. In addition, we maintain reasonable systems and procedures to:

• Ensure compliance with the APPs

• Respond promptly to privacy inquiries

• Address complaints fairly and effectively

Collection of Personal Information

ACS collects personal information only when it is reasonably necessary for our business activities or directly related to them.

This information may include details about an individual’s or business’s financial position, location, or other factual information required to support informed decision-making.

The type of information we collect depends on the matter we manage and may include:

• Name and contact details

• Date of birth and gender

• Marital and household information

• Occupation and employment details

• Financial information

Where possible, ACS collects personal information directly from the individual concerned. However, we may collect information from other sources when it is unreasonable or impracticable to do so.

ACS collects information without an individual’s knowledge only where lawful and necessary for our business functions.

Marketing and Disclosure

ACS may collect personal information for marketing purposes. However, we do not use or disclose personal information without consent unless:

• We investigate suspected unlawful or fraudulent activity

• The law requires or authorises disclosure

• Law enforcement requests the information

• An emergency requires disclosure

Use of Personal Information

ACS uses personal information to:

• Provide evidence and reports to clients

• Communicate relevant legal developments

• Manage administration and service delivery

• Meet legal and regulatory obligations

We use information only for the purpose for which we collected it, unless the individual consents or would reasonably expect another related use.

Where appropriate, ACS de-identifies information to reduce privacy risk.

Unsolicited Information

If ACS receives unsolicited personal information, we take reasonable steps to:

• Notify the individual of the collection, or

• De-identify or destroy the information where possible

We use unsolicited information only when it directly relates to our lawful business activities and complies with the APPs.

Information Quality

ACS takes reasonable steps to ensure personal information is:

• Accurate

• Complete

• Current

• Relevant to its intended purpose

Information Security

ACS stores personal information in secure environments and limits access to authorised personnel only.

We protect information from misuse, interference, loss, unauthorised access, modification, or disclosure. Our systems operate within ISO 27001-certified environments.

When information is no longer required, ACS destroys or permanently de-identifies it where lawful and practical.

Before disclosing information overseas, ACS ensures the recipient complies with the Australian Privacy Principles.

Anonymity and Pseudonyms

Where lawful and practical, ACS allows individuals to:

• Remain anonymous, or

• Use a pseudonym when dealing with us

Sensitive Information

ACS collects sensitive information only when necessary to provide services.

Sensitive information may include details about:

• Race or ethnicity

• Political opinions

• Religious or philosophical beliefs

• Trade union membership

• Health or sexual orientation

ACS collects sensitive information only when:

• The law requires it

• The individual gives consent

• A legal or equitable claim requires it

Access and Correction

ACS complies with the Freedom of Information Act.

When an individual requests access to their personal information, we verify identity and respond within 14 days.

In limited circumstances, we may deny access where it would be unreasonable. If this occurs, we explain our reasons in writing.

If an individual identifies inaccurate or outdated information, ACS updates the record promptly. If disagreement remains, we associate the individual’s statement with the relevant record upon request.

Complaints and Contact Details

Individuals may complain if they believe ACS has breached their privacy obligations.

Please direct complaints or inquiries to:

Privacy Officer
ACS Debt Collection
PO Box 122
Cranbourne VIC 3977
📧 complaints@acsdebtcollection.com.au

ACS requests 30 days to review and respond to any complaint.

If an individual remains dissatisfied or receives no response, they may contact the Office of the Australian Information Commissioner (OAIC):
https://www.oaic.gov.au/about-us/contact-us

Website Privacy and Data Collection

This section explains how ACS collects and uses information when users visit our website.

ACS does not sell personal information to third parties. We use information only for the purpose provided.

Website Visit Recording

ACS does not attempt to identify individual users. However, we record the following for statistical purposes:

• IP address

• Top-level domain name

• Date and time of visit

• Pages accessed and files downloaded

• Browser type and operating system

Cookies

Our website does not use cookies to collect personal information.

Email Addresses

ACS records email addresses only when users send us a message. We use the address solely to respond and do not add it to mailing lists.

Online Forms and Requests

Some website forms allow users to request information. When forms require personal details, ACS collects them only to respond to the request.

Commitment to Trust and Transparency

ACS Debt Collection recognises that privacy underpins trust. We welcome questions and feedback and aim to resolve privacy matters promptly, fairly, and transparently.