Privacy Policy & Data Protection

Last updated: 2026-02-01

Privacy Policy & Data Protection

Effective Date: January 1, 2026
Last Revised: February 1, 2026
Policy Version: 2.0
Privacy Officer: privacy@apexbank.com.au

Apex Bank Ltd ABN 00 000 000 000 ("Apex Bank," "we," "our," or "us") is committed to safeguarding the privacy and confidentiality of personal information entrusted to us by our customers, prospective customers, and website visitors. This Privacy Policy describes our practices concerning the collection, use, disclosure, retention, and protection of personal information in compliance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), the Consumer Data Right (CDR) framework under the Competition and Consumer Act 2010, and the Notifiable Data Breaches (NDB) scheme.

1. Information We Collect

1.1 Personal Information

In the course of establishing and maintaining banking relationships, Apex Bank collects the following categories of personal information:

  • Identity Data: Full legal name, date of birth, Tax File Number (TFN), government-issued identification numbers (driver's licence, passport), nationality, and residency status.
  • Contact Data: Residential and postal addresses, telephone numbers, email addresses, and emergency contact information.
  • Employment & Income Data: Employer name, occupation, annual income, and employment history.
  • Financial Profile Data: Assets, liabilities, existing bank accounts, loan commitments, credit history, and transaction records.

1.2 Transaction Data

We collect and maintain records of all banking transactions, including deposits, withdrawals, transfers, BPAY payments, direct debits, card transactions, loan repayments, and international remittances.

1.3 Usage & Technical Data

When you interact with our digital banking platforms, we automatically collect device information, IP addresses, session data, login timestamps, and behavioural data such as pages viewed and features used.

2. How We Use Information

Apex Bank processes personal information for the following purposes:

  • Providing banking products and services including transaction accounts, savings accounts, home loans, personal loans, credit cards, and term deposits.
  • Assessing credit applications under responsible lending obligations (National Consumer Credit Protection Act 2009).
  • Complying with KYC/AML obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act).
  • Detecting and preventing fraud or unauthorised access.
  • Meeting regulatory reporting obligations to APRA, ASIC, AUSTRAC, and the ATO.
  • Improving our products, services, and customer experience.

We do not sell personal information to third parties. We will only use personal information for direct marketing purposes where we have consent or a reasonable expectation exists, and you may opt out at any time.

3. Information Sharing & Disclosure

3.1 Service Providers

We engage third-party service providers who process personal information on our behalf, including payment processors, cloud hosting providers, credit reporting bodies (Equifax, Illion, Experian), identity verification services, and card scheme operators (Visa, Mastercard).

Apex Bank may disclose personal information without consent when required by law, including disclosures to APRA, ASIC, AUSTRAC (for suspicious matter reports and threshold transaction reports), the Australian Taxation Office (for TFN and CRS reporting), and law enforcement agencies pursuant to valid court orders.

3.3 Consumer Data Right

Under the CDR regime, accredited data recipients may request access to your banking data with your explicit consent. We share CDR data only with accredited persons in accordance with the CDR Rules and data standards.

4. Your Rights

Under the APPs, you have the right to:

  • Access your personal information held by us (APP 12).
  • Correction of inaccurate, out-of-date, or incomplete personal information (APP 13).
  • Opt out of direct marketing communications at any time (APP 7).
  • Complain about a breach of the APPs (see Section 7 below).

To exercise these rights, contact us at privacy@apexbank.com.au or call 1300 APEX BK (1300 273 925).

5. Data Security

Apex Bank maintains a comprehensive information security program including AES-256 encryption at rest, TLS 1.3 encryption in transit, multi-factor authentication, role-based access controls, 24/7 security monitoring, and regular penetration testing. We comply with APRA Prudential Standard CPS 234 (Information Security).

6. Notifiable Data Breaches

In the event of an eligible data breach likely to result in serious harm, Apex Bank will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as soon as practicable in accordance with Part IIIC of the Privacy Act 1988.

7. Contact & Complaints

Apex Bank Ltd
Attn: Privacy Officer
Level 30, 120 Collins Street
Melbourne VIC 3000

Email: privacy@apexbank.com.au
Telephone: 1300 APEX BK (1300 273 925)

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or call 1300 363 992.

Privacy Policy Terms of Service SLA Compliance