Trusted Adviser BankStatements Service | Terms & Conditions

for Trusted Advisers under an Aggregator arrangement

Last Update: August 2024

 

  1. What are these Terms & Conditions about?
    1. These Trusted Adviser BankStatements Service Terms & Conditions (Terms) apply to Trusted Advisers who access the Services under an arrangement with their Aggregator.
    2. These Terms set out the terms and conditions that apply to your access to and use of the Services.
    3. These Terms commence on the date that you are first provided with access to the Services and continue until terminated in accordance with these Terms. By accessing and using the Services, you agree to be bound by these Terms. If you agree to these Terms on behalf of an entity, including but not limited to a company or other organisation, you represent and warrant that you have the power and authority to enter into this agreement, bind such entity, and act on behalf of the entity.
    4. We may amend these Terms from time to time by giving you at least 30 days’ prior notice. If you do not agree to the amended Terms, you may contact your Aggregator to discuss this and request your access to the Services be terminated prior to the end of our notice period. If you continue to access the Services from the end of our notice period, you agree to be bound by the amended Terms. Unless expressly stated otherwise, any new features that augment or enhance the Services are subject to these Terms.
  2. What are the Services?
    1. The Services are:
      • the CDR Trusted Adviser Service, being the service where we collect an End User’s CDR Data from relevant CDR Participants on their behalf and disclose the collected CDR Data to you under CDR Rule 1.10C, as authorised by the End User; and
      • the Digital Data Capture Service (DDC Service) (for where we are unable to obtain CDR Data), being the data retrieval service where an End User authorises us to retrieve their Account Information using digital data capture technology, to share their Account Information with you. The DDC Service is not governed by the CDR Laws and you must not state or represent that this service is offered under the CDR or that the data obtained using the DDC Service is CDR Data.
    2. The Services are currently available only to mortgage brokers within the definition of Trusted Adviser under Rule 1.10C of the Competition and Consumer (Consumer Data Right) Rules 2020 (Cth) (CDR Rules), where an individual nominates you as a Trusted Adviser for the provision of goods or services to that individual.
    3. The Services are provided by our Related Body Corporate, illion Open Data Solutions Pty Ltd (ACN 166 277 845) (ADR Number: ADRBNK000017) (illion ODS). illion ODS is an accredited data recipient (ADR) under the Consumer Data Right (CDR). References to "illion, we, our or us" in relation to CDR Data in these Terms means illion ODS.
  3. How are the Services provided?
    1. We will:
      • provide the Services to you in accordance with these Terms, subject to our services agreement with the Aggregator; and
      • where retained, store any End User Data on servers and/or in the cloud located in Australia.
    2. We will only provide the Services in respect of an End User if the End User has provided their End User Authorisation to your access to and use of their Account Information or CDR Data (as applicable). We will request the End User Authorisation directly from the End User prior to accessing their Account Information or CDR Data (as applicable).
    3. You acknowledge and agree that:
      • the Services are supplied to you on an "as is" and "as available" basis; and
      • where the Services are supplied online or use communication links or networks, we are not responsible nor liable for the unavailability of those links or networks.
    4. You understand that, from time to time, the availability of the Services may be impacted by Downtime and the occurrence of this does not constitute a breach of these Terms. We use reasonable endeavours to ensure any Downtime has a minimal impact on the availability of the Services.
    5. Your use of the Services is charged by us under our agreement with your Aggregator.
  4. Terms relating to the CDR Trusted Adviser Service
    1. To receive CDR Data, you must ensure that at all times:
      • you are a mortgage broker within the definition of Trusted Adviser under CDR Rule 1.10C and that you will remain within the definition of this specified class of Trusted Adviser;
      • you are: (i) a current Australian Credit Licence (ACL) holder; or (ii) an authorised Credit Representative of a current ACL holder who has signed a services agreement for the supply of CDR Data to you as its authorised Credit Representatives;
      • you comply with the professional duties and obligations that apply to the mortgage broker class of Trusted Adviser and any applicable Laws and regulatory requirements;
      • you will only request us to collect and disclose an End User’s CDR Data to you if the End User has nominated you as a Trusted Adviser as required under the CDR Laws and you have obtained consent from the End User to obtain their CDR data as a Trusted Adviser. We will collect the End User’s consent on our own behalf and to the extent necessary, as your agent;
      • your use of any CDR Data we provide to you is used to undertake your role as a Trusted Adviser in accordance with a written agreement for your provision mortgage broker services to the End User; and
      • even if you are not bound by the Privacy Safeguards under the CDR Laws or the Privacy Act, you will ensure that you comply with the requirements of the Privacy Act including providing privacy notifications to the End User for the collection, use, and disclosure of their CDR Data and you will take all reasonable steps to keep the CDR Data provided to you secure.
    2. You acknowledge and agree that in relation to the CDR Trusted Adviser Service:
      • upon our request, you must provide proof that you are and continue to be a Trusted Adviser which may include providing an attestation or statutory declaration that you belong to the mortgage broker class of Trusted Adviser;
      • we may make enquiries with the regulatory body of your specified class of Trusted Adviser to confirm or verify your membership from time to time;
      • if you are no longer a member or your membership of the specified class of Trusted Advisers is suspended, you must immediately notify your Aggregator and us (by emailing us at odssupport@illion.com.au), and must immediately cease use of the Service;
      • if you are suspended or cease to be an ACL holder or the authorised Credit Representative of the ACL holder , you must immediately notify your Aggregator and us (by emailing us at odssupport@illion.com.au) and must immediately cease using the Service;
      • if clause 4.2(c) or clause 4.2(d) applies, we (or your Aggregator) will immediately suspend or terminate your account and no further disclosures of CDR Data will be made to you until you provide us with proof or we can verify that you comply with clause 4.1(a) and clause 4.1(b); and
      • on request, you will provide all reasonable assistance and information to us if a Regulator or an End User makes an inquiry or complaint in relation to the CDR Data provided to you.
    3. Where we collect CDR Data on an End User’s behalf:
      • collection service logs and data sharing/use and disclosure consents are retained in accordance with our legal obligations;
      • the CDR Data is disclosed to you by encrypted email;
      • If authorised by the End User, we may de-identify and retain the data for use and disclosure as permitted by CDR Laws; and
      • no CDR Data is retained by us after it has been disclosed to you.
      Authorisation to forward data disclosed to you to additional locations
    4. You authorise us to forward a copy of the data disclosed to you under clause 4.3(b) above, which once disclosed is under your control, to:
      • a temporary secure storage facility (Brokerflow). The data will be retained in Brokerflow for 30 days, after which it will be automatically deleted; and
      • your Aggregator.
    5. To the extent you authorise us to forward data we have disclosed to you as part of the CDR Trusted Adviser Service to Brokerflow:
      • the data held in Brokerflow is wholly under your control via the access key which we provide to you by email under clause 4.3(b). illion does not have any access to the data in Brokerflow;
      • the data is not subject to CDR Laws; and
      • you agree to handle the data in accordance with clause 4.1(f).
  5. Terms relating to the Digital Data Capture (DDC) Service
    1. Where we retrieve Account Information from an End User on your behalf:
      • retrieval service logs are retained for 24 hours;
      • the Account Information is encrypted to pass to you; and
      • any End User Credentials are destroyed after use.
    2. We may de-identify and use the data retrieved by the DDC Service for the purpose of improving the Services and other illion Services and creating other data products (including those offered by our Related Bodies Corporate).
    3. You must, in connection with the DDC Service:
      • only use the Services in accordance with applicable Laws;
      • implement and maintain industry best practice security measures and safeguards in relation to your computer systems, network and internet connectivity and the Services;
      • keep all Credentials and decryption keys provided to you secure and confidential and promptly notify us if you become aware of any unauthorised use or access of any Credentials or decryption keys, and immediately change the affected Credentials and take any other security action we reasonably direct;
      • change your passphrase/password immediately if it is compromised or suspected to have been compromised;
      • only use unique passphrases/passwords for single-factor authentication, which must not be the same as any passphrase/password used to authenticate your access to other services with us or your accounts with third parties;
      • protect the Services from unauthorised use, alteration, adoption, modification, reproduction, access, publication and distribution; and
      • only use the Services on hardware, network and software that meets the Minimum Specifications.
  6. Can you share the Services with anyone else?
    1. We grant you a non-exclusive, non-sub-licensable, non-transferable, revocable, limited licence to use the Services in the Territory for the Service Term for the Authorised Use in accordance with these Terms (Licence). You agree that: (i) the Licence is exclusive to you; and (ii) you must not sub-licence, resell, transfer, grant or otherwise permit access to or use of the Services to any Third Party, other than agreed under these Terms.
    2. The Licence is not transferable to any Third Party for any reason. You must not rent, lease, assign, transfer, loan or otherwise distribute the Licence granted to you under these Terms.
  7. What are your obligations?
    1. In accessing and using the Services, you must provide and maintain true, accurate, current and not misleading information.
    2. You must not and must not attempt to, in connection with the Services:
      • permit any person (other than an End User) to access or use the Services;
      • except as reasonably required for the Authorised Use: (i) reuse, copy, download, upload, modify, translate, adapt, make any improvement or enhancement to or in any other way reproduce, the Services; (ii) incorporate any Information in a database, marketing list or report; (iii) use the Services to generate any statistical, comparative or other information that may be provided to any Third Party (including as the basis for providing recommendations to others); or (iv) permit a Third Party to do any of (i), (ii) or (iii) above;
      • reverse engineer, derive the source code of, tamper with the Services;
      • circumvent any technological measures that are designed to prevent unauthorised use or access to any part of the Services;
      • introduce, directly or indirectly, any virus, worm, trojan or other harmful or malicious code into any of the Services or otherwise corrupt, degrade or disrupt the Services;
      • unless required by law; (i) voluntarily produce any Information in legal proceedings; or (ii) identify us, our Related Bodies Corporate, the Services or our confidential publications as a source of reference; or
      • use the Services in a manner that is unreasonable, unlawful or contrary to how the Services are intended to be used, as reasonably determined by us.
    3. You agree that you are solely responsible for any decisions made or not made by you in relation to your use of the Services.
  8. How do we manage Intellectual Property?
    1. You and we each own and continue to own all of our respective Pre-Existing IP. If any of your Pre-Existing IP forms part of any of our Services, you grant us a non-exclusive, perpetual, irrevocable, royalty-free licence to use and modify that Pre-existing IP only to the extent required to deliver the illion Services.
    2. We, or our licensors, own all right, title and interest, including Intellectual Property Rights, in the Services at all times. We do not, at any time, transfer any ownership rights in the Services and we reserve all rights not expressly granted.
    3. All right, title and interest, including Intellectual Property Rights, in any Enhancements or Joint IP vests in us on creation. If you acquire any Intellectual Property Rights in any of our Services, Enhancements or Joint IP you assign those Intellectual Property Rights to us with effect from acquisition, and agree to do all things reasonably required by us to give effect to such assignment.
    4. To the extent required to provide the Services, you grant us a non-exclusive, non-transferable licence to use your Intellectual Property Rights for the Service Term for the exclusive purpose of providing the Services, integrating your trade names, trademarks or other intellectual property into any software interface.
    5. Notwithstanding clause 7.2(f)(ii), we grant you a limited, non-exclusive, revocable, non-transferable licence for the Service Term to use the following trademarks and logo in the Territory on your business website and marketing documents solely in connection with the use of the Services (whether published by you or a third party):
      (i) “illion” trade marks 1997235, 1874825 and 1874828 (Australia); and
      (ii) “illion BankStatements” logo;
      for the exclusive and limited purpose of representing that you are using the Services. Any use of the above must be in accordance with our reasonable directions (as advised to you from time to time).
  9. How is liability determined?
    1. To the extent permitted by Law, each party’s maximum aggregate liability (excluding the liability to pay the Fees) for any Loss suffered or incurred in connection with the Services must not exceed the total Fees paid by your Aggregator to us in connection with your use of the Services in the 12 months preceding the date of the event giving rise to the relevant Loss and/or Claim.
    2. Notwithstanding any other provision in these Terms, no party will be liable for Indirect Loss in connection with the Service.
    3. You acknowledge and agree that we and our Related Bodies Corporate will not be liable or responsible to you, the End User or any Third Party for your use of the Account Information or CDR Data disclosed to you in accordance with these Terms.
    4. To the extent permitted by Law, these Terms exclude all Implied Terms.
    5. Nothing in these Terms excludes, restricts or modifies any Implied Term that cannot lawfully be excluded, restricted or modified (Mandatory Term). To the extent permitted by Law, our liability for a breach of a Mandatory Term is limited at our option to resupply the relevant Service, or payment of the reasonable cost of having the relevant Service resupplied.
    6. No party will be liable to the other for non-performance or delays caused by an external event beyond the parties’ reasonable control. In such event, both parties will use reasonable endeavours to minimise delays or interruptions.
    7. Each party must take all reasonable steps to mitigate any Loss which it might suffer or incur in relation to the Services. A party’s liability under these Terms will be reduced proportionately to the extent that the liability was caused by the other party or by a Related Body Corporate of that other party.
  10. How do these Terms terminate?
    1. You may terminate your access to the Services by contacting your Aggregator to request termination of the Services.
    2. We will suspend or terminate your access to the Services (as applicable) if: (i) your Aggregator terminates, or requests we suspend or terminate, your access to the Services; or (ii) the contract between us and your Aggregator under which you access the Services is suspended, expires, or terminates.
    3. We may terminate the Services immediately by written notice, if our ability to provide the relevant Services is revoked, terminated, restricted or otherwise materially adversely impacted by a change of Law, Regulator action or the action of a supplier.
    4. We may suspend or terminate your access to the Services if you breach, or we reasonably suspect you have breached, a material term of these Terms. We will give you 5 Business Days’ prior notice unless the breach is determined by us to be sufficiently material to warrant urgent suspension or cancellation, or we are otherwise required by a court, third party or Regulator to suspend Services sooner. If the circumstances that gave rise to a suspension are rectified and are unlikely to be repeated, we will reinstate your access to the Services.
    5. These Terms will automatically terminate upon termination of your access to the Services.
    6. On termination or suspension of the Service:
      • the Licence in respect of the Services terminates, or in the event of a suspension, is suspended, immediately; and
      • you must immediately cease using the Services.
    7. Termination of the Services does not affect any rights accrued prior to termination.
  11. Are there any other terms which apply?
    1. These Terms, including the Aggregator terms where applicable, constitute the entire agreement between you and us concerning your use of the Services. No delay or failure by a party to exercise a right under these Terms prevents the exercise of that right or any other right on that or any other occasion.
    2. Each party will comply with all applicable Laws, including Privacy Laws. Where Privacy Laws do not apply to you, you agree to comply as if you were bound.
    3. If, in connection with your actions or use of the Services, a Regulator makes enquiries, conducts an investigation or otherwise takes action that requires us to provide assistance or information, we will do so (at your cost and to the extent legally required).
    4. If you become aware of a suspected or actual data security breach in connection with the CDR Data, End User Data or Information, then you must immediately take all necessary steps to contain the breach in accordance with Privacy Laws and notify us as soon as possible (and no later than 48 hours) after becoming aware.
    5. You agree that to use our Services, our Privacy Policy (accessible here) and CDR Policy (accessible here) form part of these Terms.
    6. These Terms are governed by the laws of Victoria, Australia.
    7. Each party submits to the exclusive jurisdiction of the courts of Victoria, Australia.
    8. An exercise or partial exercise or waiver of a right relating to these Terms does not prevent any other exercise of that right or any other right.
    9. Nothing in these Terms creates any partnership, joint venture or employment relationship between the parties. These Terms are not exclusive and you agree there are no restrictions on us providing the Services to any other person.
    10. If any part of these Terms are illegal or unenforceable, they will be severed and the remaining terms continue in full force and effect. Any term which is by its nature a continuing obligation, will survive termination including clauses 8, 9, 10.6 and 10.7.
  12. Definitions

    The following definitions apply in, and form part of, these Terms:
    • Account Information means information including Personal Information retrieved using the Digital Data Capture Service relating to an End User’s Online Account, such as an End User’s account name/s, addresses, account details, account balances, credit limits, transaction amounts, details including amounts and details of benefits, grants or subsidies received by the End User, income, tax and superfund details.
    • Aggregator means the aggregator under which you operate to access lenders and business platforms to help you manage your customers and processes in accessing and using the Services.
    • Australian Credit Licence has the meaning given to it under the National Consumer Credit Protection Act 2009 (Cth).
    • Accredited Data Recipient or ADR has the meaning given to it in the CDR Laws.
    • Authorised Use means your lawful internal business purposes only.
    • Trusted Adviser BankStatements Service means either or both of: (a) the CDR Trusted Adviser Service; and (b) the Digital Data Capture Service.
    • Business Day means Monday to Friday, excluding public holidays in Melbourne, Australia.
    • CDR Consumer has the meaning given to it in the CDR Laws.
    • CDR Data has the meaning given to it in the CDR Laws.
    • CDR Laws means the Treasury Laws Amendment (Consumer Data Right) Act 2019 (Cth), Part IVD of the Competition and Consumer Act 2010 (Cth), CDR Rules, the Consumer Data Standards and any other applicable laws, rules, regulations, standards, and guidelines which govern CDR Data.
    • CDR Participant has the meaning given to it in the CDR Laws.
    • CDR Policy means our CDR policy accessible at https://www.illion.com.au/consumer-data-right-policy/, as amended from time to time.
    • CDR Rules means the Competition and Consumer (Consumer Data Right) Rules 2020 (Cth).
    • CDR Trusted Adviser Service means the service where we collect an End User’s CDR Data from relevant CDR Participants on their behalf and disclose the collected CDR Data to you under CDR Rule 1.10C, as authorised by the End User.
    • Claim means any claim, demand, legal proceedings or cause of action whether based in contract, tort, under common law or statute.
    • Credentials means any security identifier, access credentials, logins, passwords, passphrases or account details used by you to access the Services.
    • Credit Representative has the meaning given to it in the National Consumer Credit Protection Act 2009 (Cth).
    • Digital Data Capture Service (DDC Service) means the data retrieval service where consumers authorise us to retrieve their Account Information using digital data capture technology, to share their Account Information with you.
    • Downtime means a period of time when any Software or Service is not available due to: (a) installation of updates or fixes; (b) security patch management; (c) testing our disaster recovery or business continuity protocols; (d) a telecommunications failure; (e) failure of the PCs or other devices which you use to access the system; (f) a power failure; (g) external events beyond our reasonable control; and (h) outages of Third Party services.
    • End User means your individual customer over the age of 18 and (in the case of the CDR Trusted Adviser Service, is a CDR Consumer), who authorises you to use our Service in accordance with the End User Authorisation.
    • End User Authorisation means authorisation from an End User for access to, use and retention (as applicable) of: (a) their Account Information and credentials for the purpose of the Digital Data Capture Service, in accordance with the End User Terms; or (b) the End User’s CDR Data for the purpose of the CDR Trusted Adviser Service, as authorised by the End User and in accordance with our CDR Policy.
    • End User Credentials means any access credentials, logins and passwords of the online accounts of the End User provided to us as part of the Digital Data Capture Service.
    • End User Data means all data and information supplied to us by or on behalf of an End User in connection with the Services.
    • End User Terms means the end user terms for the Digital Data Capture Service (as amended from time to time), available at https://bankstatements.com.au/about/terms.
    • Enhancements means enhancements, variations, improvements or modifications to our Service or Intellectual Property Rights and/or any Third Party products and services and related Intellectual Property Rights.
    • Illion, we, our or us means: illion Australia Pty Ltd (ACN 006 399 677).
    • Illion ODS has the meaning given at clause 2.3.
    • Illion Services means the products and services offered and made available by us (including our Related Bodies Corporate) from time to time, including the Service.
    • Implied Terms means any right, representation, remedy, warranty, condition, guarantee, term or undertaking that would be conferred on your or implied into these Terms by Law, including any implied terms, conditions or warranties of satisfactory quality, fitness for a particular purpose, non-infringement, compatibility, security and accuracy.
    • Indirect Loss includes loss of profits, loss of revenue, loss of goodwill, loss of customers, loss or opportunity, loss of anticipated savings, loss of use of data or loss of or damage to reputation and any other indirect, special or consequential loss or damage, even if it was reasonably foreseeable, arose naturally, or was contemplated by the parties in relation to the events giving rise to that Loss.
    • Information means any information provided by us to you in connection with the Services, including information provided as data output, documentation, report or compilation of information.
    • Intellectual Property Rights means all intellectual and industrial property rights and interests throughout the world, whether registered or unregistered, including trademarks, designs, patents, inventions, databases, discoveries, circuit layouts, copyright (including source code), rights in software, know-how, business names, domain names, all analogous rights and all other intellectual property rights as defined in Article 2 of the convention establishing the World Intellectual Property Organisation of 14 July 1967 as amended from time to time.
    • Joint IP means any Intellectual Property Rights (excluding Enhancements) in any developed, created, produced or contributed to by us jointly with you in connection with the Service during the Subscription Period.
    • Law includes any statute, regulation, order, rule, subordinate legislation, rule of common law, principle of equity, mandatory code or standard or other document enforceable under any statute, regulation, order, rule or subordinate legislation, as amended from time to time.
    • Licence has the meaning given to that term in clause 6.1 of these Terms.
    • Loss means losses, liabilities, damages, Claim, costs, charges and expenses, whether arising under statute, in tort (for negligence or otherwise) or any other basis in Law or equity and including under any indemnity.
    • Online Account means an End User’s online account held with a bank, credit union, financial services provider, government agency, or any online portal in Australia.
    • Minimum Specifications means any hardware, network, software or system requirements or specifications required to use or access the Service, as reasonably notified by us.
    • Personal Information has the meaning to that term in the applicable Privacy Laws.
    • Pre-existing IP means any Intellectual Property Rights owned by a party at the Commencement Date.
    • Privacy Act means the Privacy Act 1988 (Cth) as amended or replaced from time to time.
    • Privacy Code means the Privacy (Credit Reporting) Code 2014 as amended or replaced from time to time.
    • Privacy Laws means all legislation, principles, industry codes and policies, as amended or replaced from time to time, which relate to the collection, use, disclosure, storage or granting of access rights to Personal Information, and includes the Privacy Act 1988 (Cth) (AU), the Privacy Code, the Spam Act 2003 (Cth), and the privacy laws of each other country in which Personal Information is received, collected, held, used or disclosed by a party in connection with the Services, as applicable.
    • Privacy Policy means our privacy policy accessible at https://www.illion.com.au/privacy-policy-risk-marketing-solutions/.
    • Privacy Safeguards has the meaning given under the CDR Laws.
    • Regulator means any authority, commission, government, department, agency, court, tribunal, or similar having regulatory or supervisory authority over the parties or the Services.
    • Related Body Corporate means where a body corporate is: (a) holding company of another body corporate; (b) a subsidiary of another body corporate; (c) a subsidiary of a holding company of another body corporate; or (d) controlled by, under common control with, or controls, another body corporate, the first-mentioned body and the other body are related to each other.
    • Services means the Trusted Adviser BankStatements Service.
    • Software means a software, computer program, application, SaaS, including updates, new releases, specifications, documentation and media supplied or made available by us to you.
    • Terms means these terms and conditions.
    • Territory means Australia.
    • Third Party means any person or entity other than illion and illion ODS (including our Related Bodies Corporate) and you.
    • Trusted Adviser has the meaning given under CDR Rule 1.10C(2).
    • You, your means the Trusted Adviser who signs up to the Service and agrees to these Terms under clause 1.3.

Want to find out more?

Phone 13 23 33 / +61 3 9828 3443 | Press 2 when prompted, and then press 3 when prompted | 7am to 7pm Monday to Friday AEST

If you would like to learn more about our Open Banking offering or would like to provide feedback, please complete the form below and one of our team will respond to you as quickly as possible.

If you are applying for a loan through your lender or broker and you need to submit your bank statements, please contact your lender or broker directly and request the submission link.


For Mortage Broker Aggregators, we would love to have a conversation
with you about our various options.
Enter your information and we will have someone to contact you, or
alternatively you can call 13 23 33 / +61 3 9828 3443 | Press 2 when prompted, and then press 3 when prompted | 7am to 7pm Monday to Friday AEST

Name*
If you're not with an Aggregator, simply enter 'None'.
Form secured by Formstack
Form secured by Formstack
Cancel
Confirm