Privacy Policy
XTO Capital Group Pty Ltd T/A Initio Finance Pty Ltd
Effective Date: 31/08/2025
At XTO Capital Group Pty Ltd T/A Initio Finance (“we”, “us”, “our”), we are committed to protecting your privacy and safeguarding your personal information. This Privacy Policy explains how we collect, use, disclose, and manage your information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
1. Information We Collect
We may collect the following types of personal information:
- Name, date of birth, and contact details (address, phone, email)
- Employment details and income information
- Financial details including assets, liabilities, expenses, and credit history
- Identification documents (e.g. driver’s licence, passport)
- Sensitive information where necessary (such as health or insurance details if relevant to a loan application).
2. How We Collect Information
We collect personal information directly from you when you:
- Complete an enquiry form on our website
- Engage with us via phone, email, or meetings
- Provide documents for a loan application
- Authorise third parties (such as accountants, solicitors, or employers) to share information with us.
- We may also collect information from third parties such as credit reporting bodies, lenders, and government agencies, with your consent.
3. Purpose of Collection
We collect, hold, and use your personal information for the purposes of:
- Assessing your eligibility for finance and providing credit assistance
- Submitting loan applications to lenders on your behalf
- Meeting our legal and regulatory obligations (including those under the National Consumer Credit Protection Act 2009 (NCCP Act))
- Communicating with you about products, services, and relevant updates
- Improving our services and customer experience.
4. Disclosure of Information
We may disclose your personal information to:
- Lenders, banks, and financial institutions
- Credit reporting bodies and credit providers
- Our professional advisors, auditors, and insurers
- Government agencies and regulators (where required by law)
- Third-party service providers (e.g. IT, data storage, marketing, cloud services).
- We do not sell your information to third parties.
5. Storage and Security
We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification, or disclosure. This includes the use of secure servers, encryption, and restricted staff access.
6. Overseas Disclosure
Some of our service providers may store information overseas (for example, cloud storage providers). If this occurs, we ensure they comply with equivalent data protection standards.
7. Access and Correction
You may request access to your personal information we hold, and request corrections if it is inaccurate or incomplete. We will respond within a reasonable timeframe and in accordance with the Privacy Act.
8. Marketing Communications
From time to time, we may use your information to provide you with updates or offers. You may opt out at any time by contacting us or using the unsubscribe option in our communications.
9. Complaints
If you believe your privacy has been breached, you may contact us using the details below. We will investigate your complaint and respond in writing. If you are not satisfied, you may refer the matter to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
10. Contact Us
For questions about this Privacy Policy or to exercise your rights, please contact:
Steven Christodoulos
Email: [email protected]
Phone: 0433 652 709