Claims Funding Australia Pty Ltd (CFA) (we, us, our) respect your privacy and aim to avoid interference with your privacy in your dealings with us. We will collect, handle and process your personal data with the utmost care and in accordance with the law.

This statement explains our obligations and how we manage information about you.


How we handle and process information about you is governed by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (‘APP’) (collectively, the ‘Privacy Laws’).

In some circumstances, European Union (‘EU’) data protection laws may apply to the processing of your personal data. For the purposes of EU data protection law, including the General Data Protection Regulation (EU 2016/679) (‘GDPR’), the data controller is CFA.


We collect, receive, use, disclose and manage the following types of information:

Type of information

What it means


Personal information

Information or an opinion about you where you can be reasonably identified (directly or indirectly). It does not have to be true.

  • Name
  • Date of birth
  • Signature
  • Address
  • Contact details
  • Occupation
  • Employment history
  • Family situations
  • Bank account details
  • Financial and tax information
  • IP address
  • Government Related Identifiers (see below)

Sensitive information

A subcategory of personal information which is more sensitive in nature.

  • Racial or ethnic origin
  • Political opinions and affiliations
  • Religious or philosophical beliefs
  • Membership of professional or trade associations or of a trade union
  • Sexual orientation or practices
  • Criminal record
  • Health information including physical and mental health, notes on symptoms, diagnosis, disability and treatment, information about suitability for work and other health related information

Government Related Identifiers

Number or letters assigned by a government authority to identify you.

  • Tax File Numbers
  • Medicare numbers
  • Centrelink References
  • Driver’s Licence Numbers
  • Passport details


3.1 We collect, receive, use, disclose and otherwise process the kinds of personal information set out above only where it is reasonably necessary for us to do so. The general purposes for processing your personal information, the main consequences (if any) if the information is not provided and the legal basis for such processing are set out below.

3.2 We collect, hold, use and disclose personal information for the purposes of:

(a) providing litigation funding and related services including funding the establishment, exercise or defence of a legal or equitable claim including the utilisation of a confidential alternative dispute resolution process;

(b) assessing and processing inquiries and requests for the provision of our services;

(c) marketing, including direct marketing and market research and analysis;

(d) the general conduct and management of our business, including provision and enhancement of our services and purchasing goods and services from others; and

(e) meeting our legal and compliance obligations.

3.3 Clients/Prospective Clients

(a) If you are a client or prospective client we collect, receive, use, generate, disclose and otherwise process information about you that is reasonably necessary for the primary purpose of providing litigation funding services. If we are required to process special categories of personal information in order to provide litigation funding services to you, we will obtain your consent prior to doing so.

Legal basis: it is in our legitimate interest to use your personal information for the above related purposes in  order to provide services and conduct and manage our business.

(b)  We may also use or process your personal information to comply with legal requirements, such as taxation or financial reporting requirements.

Legal basis: we will process your information where necessary to comply with a legal obligation to which we are subject.

(c) We may monitor and record telephone calls from prospective clients for training and security purposes.

(d) You are not obligated to provide the requested information about you. However, if you do not provide the requested information, we will be unable to provide the services you require.

3.4 Careers and Recruitment

(a) If you apply for a job or work placement with us, you may need to provide information to CFA about your education, employment, salary expectations, and other relevant information required to assess your application. In Australia, your application will constitute your consent for our use of this information to assess your application and to allow us to carry out any monitoring requirements under law as an employer. In addition, we may also carry out various screening checks (including reference, eligibility to work, police checks and skills/experience suitability) and consider you for other positions.

(b) For applications made by individuals located in the EU, it is in our legitimate interests to process your personal data for the purpose of reviewing applications and maintain an appropriately skilled workforce. If we are required to carry out any monitoring which involves processing of special categories of personal data, we will obtain your consent prior to doing so.

(c) You are not obligated to provide the requested information about you. However, if you do not provide the requested information, we may not be able to consider your application.

3.5 Service Providers

(a) We may also collect information about service providers engaged by us to perform services.

Legal basis: it is in our legitimate interests to engage third party service providers to administer and manage our business.

(b) Where you provide us with personal information about someone else, you must have their consent to provide their personal information to us in accordance with this privacy policy.


4.1 Clients/Prospective Clients

Most information about you is collected directly from you either verbally, in writing or from documents provided by you. We also collect and receive, with your authority, information about you from third parties, including:

(a) material provided under freedom of information, health records and other legislation;

(b) taxation records from the Australian Taxation Office;

(c)  information from other government agencies;

(d) medical records and information from treating doctors and other health professionals;

(e) statements from policing authorities and witnesses, if relevant;

(f) employment records and information from employers and former employers;

(g) financial information from accountants and financial advisors;

(h) claims records and other information from insurers; and

(i)  data from our website and the internet as a result of receiving subscription applications and emails.

4.2 Careers and Recruitment

(a) Most information about you is collected directly from you in writing or verbally via an application form, resume and covering letter, recruitment agency applications, during face to face and video interviews and phone calls, and from publicly available sources such as LinkedIn or other social media sites.

(b)  We may also collect information from third parties when we conduct reference, and background and other checks.

(c) We use appropriate technical and organisational measures to ensure appropriate security of personal data we hold about you, either in paper based hard copy files and/or electronically. This includes protecting information about you from unauthorised or unlawful processing, access or disclosure, accidental loss, destruction, damage or modification by providing physical security to the hard copy files and restricted access to electronic records. Sometimes information about you is stored with secure third party storage providers.

(d) We require our employees and service providers to respect the confidentiality of any personal information held by CFA.

(e) If we receive unsolicited information about you that we are not lawfully entitled to, it will be destroyed or de- identified as soon as practicable if lawful and reasonable to do so.

4.3 Website and Cookies

(a) We also collect information about you from our website or social networking service and we use that information and feedback to improve our services and web content.

Legal basis: it is in our legitimate interests to use your personal data which may be collected or generated on our website to improve our services and enhance the user experience on our website. We also use third parties to analyse web browsing and traffic on our website, which may involve the use of software, such as cookies, to collect information.


5.1  We disclose your information to the following third parties where it is reasonably necessary for the purposes in Section 3 above:

(a) courts, tribunals, ombudsmen, commissions and regulatory authorities (information provided to courts and tribunals may be made available to other parties to the litigation and will be on the public record);

(b) other parties involved in your matter and their solicitors (for example, counter parties to litigation or a transaction);

(c) third parties who help us in providing legal services or who provide services to you including recruitment services, data storage, distribution and mailing services, direct marketing, technology support services, and business development services;

(d) insurers;

(e) litigation and disbursement co-funders;

(f) unions;

(g) market researchers and analysts; and

(h) any entity or person with your authority.

5.2 We have contracts with service providers that require them to comply with privacy laws.


6.1  If you give us consent (and do not unsubscribe), we may send you marketing information about:

  • changes and improvements to our services; and
  • changes to the law or potential legal claims that you may have.

We may provide your name and address to a mailing house for this. If you do not want us to use your information in this way, please tell the lawyer handling your matter or our Privacy Officer on +613 9605 2700 or by emailing

6.2  We may also use information about you within CFA or provide it to a related body corporate to help enhance the quality of the services we offer to other clients or to the wider community.


7.1 We do not generally transfer personal information from Australia to overseas parties, unless working with international service providers or as required by law.

7.2 By continuing to engage with us during our provision of services, you consent to us transferring information to overseas parties, which may include your personal information. You may withdraw your consent at any time by letting us know in writing. This may impact the services you receive from us, and we will discuss this with you.

7.3 We have contractual arrangements with service providers that have overseas-based data centres which require them to protect your personal information against unauthorised disclosure and to only use it for the purpose for which it is disclosed.

7.4 Clients/Prospective Clients

There may be situations where we consult overseas-based experts and/or law practices regarding your claim. We may also engage overseas-based services providers. At this time and to the best of our knowledge the overseas recipients could be located in Canada, Ireland, the Netherlands, Singapore, the United Kingdom, Europe, New Zealand or the United States.

7.5 Careers and Recruitment

Some of our recruitment technology service providers may have their data centre located outside of Australia. At this time and to the best of our knowledge the overseas data centre could be located in the United States, Singapore and in other countries.


If EU data protection law applies your personal data, the following section applies:

  • We may collect your personal information in the EU and transfer it to outside the EU or European Economic Area (‘EEA’) in countries such as Australia, the United States, Canada, Singapore or the United Kingdom.
  • Your personal information may be processed by staff outside the EEA who work for us or our suppliers (for example, a data center located in the United States or Australia).
  • We will take all reasonable steps to ensure your personal information is secured in accordance with applicable data protection laws.
  • We will not transfer personal information outside the EEA unless we have a safeguard, for example, a data transfer agreement. This would have the European Commission’s published standard clauses. This won’t apply if the recipient is in a country that the European Commission has said is adequate (under Art. 45 GDPR). You can ask for a copy of the agreements (see contact details for our Privacy Officer in sections 6 and 9).


Your right



To access and correct your information

You can ask our Privacy Officer:

  • for access to your information; and
  • to correct incorrect information about you.

Privacy Officer:

Phone: +613 9605 2700


Post: P.O. Box 523, Melbourne VIC 3001.


To complain


If you are unhappy with how we manage your information or if you believe that we have breached the APP, you may write a complaint to our Privacy Officer.

If we don’t resolve your concerns as soon as reasonably possible, you can complain to the Office of the Australian Information Commissioner.

Privacy Officer:

Phone: +613 9605 2700


Post: P.O. Box 523, Melbourne VIC 3001.

Office of the Australian Information Commissioner:

Phone: 1300 363 992


To get a copy of this Privacy Policy


You can get a copy of this Privacy Policy from our website or by asking our Privacy Officer.


Privacy Officer:

Phone: +613 9605 2700


Post: P.O. Box 523, Melbourne VIC 3001.



If EU data protection law (including the GDPR) applies, you may have the following right/s:

Your right 


To access your personal information.

We will provide this in electronic form. We may ask you to prove your identity first.  If you require multiple copies, we may charge a reasonable administration fee.

To ask us to fix incorrect/inaccurate personal information

You have the right to ask us to fix your personal information if it is incomplete or inaccurate.

To ask us to delete your personal information

This does not apply where we need to keep it for legal obligations or to establish, exercise or defend legal claims.

To restrict our use of your personal information

This is where:

  • you believe the information to be inaccurate;
  •  our processing is unlawful; or
  • we no longer need to process such information for a particular purpose,

except where we are not able to delete the information due to a legal or other obligation or because you do not wish for us to delete it.

To get your personal information in a portable format

This is in a structured, electronic form. We can transfer information to another data controller, where this is:

  • personal information which you have provided to us; and
  • if we are processing that information on the basis of your consent (such as for direct marketing communications) or to perform a contract with you.

To object to us using your personal information based on your particular situation

We will agree unless we have compelling legitimate grounds which overrides your interests and rights, or if we need the information for the establishment, exercise or defence of a legal claim.

To withdraw consent for us to use your information

You can do this at any time, free of charge. This includes where you wish to opt out from marketing messages (see Section 5 above).

10.1 You can send us a request to our Privacy Officer by email at by mail to P.O. Box 523, Melbourne VIC 3001.

10.2 You can also lodge a complaint with the local data protection authority if you believe that we have not complied with applicable data protection laws. For a list of local data protection authorities in the other EEA countries go to

10.3 Our authorised representative in the EU is Claims Funding International Plc, Hamilton House, 28 Fitzwilliam Place, Dublin 2, D02 P283, Ireland.


11.1 Once we are no longer legally or contractually obliged to keep your information, we will either destroy or de-identify it. If you are a client, we must keep information collected about your legal matter for seven (7) years once your case is closed. In some cases, we keep documents for longer than this (if required).

11.2 Sometimes your information is held electronically and we can’t permanently destroy or de-identify it without compromising other information that we have to keep. If this happens, we will put your information “beyond use”. This means we:

  • won’t attempt to use your information;
  • can’t give another entity your information;
  • will restrict access to your information; and
  • will take reasonable steps to destroy your information once it is possible to do so.
Back to top

Get in touch

We’re here to help you. Speak to us today for a confidential discussion.