Privacy Policy

Privacy Policy

Updated: September 2018

Marbut Stone Pty Ltd ABN 31 129 140 629 (Marbut Stone, we, us, our) owns and operates the website (Website).

Marbut Stone is strongly committed to protecting your right to privacy. Accordingly, Marbut Stone is committed to full compliance with its obligations under the Privacy Act1988 (Cth) (Act). In particular, Marbut Stone will comply with the Australian Privacy Principles (APPs) and credit reporting provisions contained in the Act.

The APPs regulate the manner in which personal information, including credit-related personal information, is handled throughout its life cycle, from collection to use and disclosure, security, accessibility and disposal. This Privacy Policy explains some of these APPs and how they may apply to you.

The Act also includes a data breach notification regime, which requires Marbut Stone to address data breaches involving personal information held by Marbut Stone.

A copy of this Privacy Policy is available on our Website or you can request a copy by contacting us using the below contact details.

What information do we collect?

In the course of using the Website, Marbut Stone may collect personal information in a variety of ways. (Personal information means information or an opinion about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion).

Marbut Stone may collect the following types of personal information about you:

  • name;
  • mailing or street address;
  • email address;
  • telephone number;
  • company/business name;
  • company director’s name (if any), contact details and credit-related information about you;
  • age or birth date;
  • address of the home you are building or renovating;
  • if you are building a new home, renovating, a builder, retailer, wholesaler or other;
  • details relating to the contract or arrangement pursuant to which you have engaged a builder to provide you with building services;
  • details of the product that you are interested in or have agreed to purchase;
  • what prompted you to purchase our products; and/or
  • how you heard about us.

Marbut Stone will not collect sensitive information such as your race, religion, beliefs or sexual preference, except where you have consented or as permitted under the Act.

If you do not provide us with the personal information described above, some or all of the following may happen:

  • we will not be able to provide you with access to protected areas of the Website;
  • we will not be able to provide you with promotional information about goods and services that you may be interested in; and/or
  • your experience of the Website may not be as enjoyable or useful.

How do we collect personal information?

Methods of collection

Marbut Stone may collect personal information about you in a number of ways, including:

  • if you are a purchaser or prospective purchaser of a Marbut Stone product;
  • if you are a credit customer and entering into a Credit Agreement with us for the provision of goods and services;
  • directly from you in person (for example, if you visit our sales office, or at events or at conferences);
  • when you ask us to send you information about our products and services;
  • when you register to use the Website or parts of the Website;
  • when you log into the Website;
  • when you complete and submit online forms in relation to product preferences that you have viewed on the Website;
  • through our social media pages (for example, through Instagram, Twitter, LinkedIn or our Facebook page);
  • over the telephone;
  • through written correspondence (such as letters, faxes and emails);
  • when you contact us about the service provided via the Website for any reason including reporting a problem with the Website or seeking our assistance; and
  • on hard copy forms (for example, credit applications).

Marbut Stone may also collect your personal information through Marbut Stone (including its related entities) and other third parties including:

  • the builder you have engaged to provide you with building services;
  • from third parties that refer you to us for the purpose of enabling you to access the services provided via the Website;
  • third party service providers that we have partnered with to advertise goods or services that you can browse on the Website; or
  • credit reporting bodies and other credit providers, government departments or address validation software providers

Site visit information

When you visit our Website, some of the information that is collected about your visit is not personal information, as it does not reveal your identity. 

For example, we record your server address, the date and time of your visit, the pages you visited, any documents you downloaded and the type of device, browser and operating system you used.

We use and disclose this information in anonymous, aggregated form only, for purposes including statistical analysis and to assist us to improve the functionality and usability of our website. You are not individually identified, however we reserve the right to use or disclose this information to try to locate an individual where we reasonably believe that the individual may have engaged in any unlawful or inappropriate activity in connection with our website, or where we are otherwise required or authorised by law to do so.

Information provided by “cookies” technology

When you visit the Website, “cookies” technology allows us to identify your movements around our site. This information provides us with constructive feedback about our site so that we can identify the most effective areas and improve the less popular ones.

Cookies cannot determine the identity of individual users.  It is a feature of your internet browser which you can disable at any time. 

Why we collect personal information

Marbut Stone collects, holds, uses and discloses your personal information for the following purposes:

  • to verify your identity when you register or log into the Website;
  • to provide you with access to protected areas of the Website;
  • to provide you with a better and more relevant service via the Website;
  • to assess the performance of the Website and to improve the operation of the Website;
  • outlining our products and services to prospective and existing purchasers;
  • to enable us to facilitate the communication of your preferences for joinery and stone options including kitchen, laundry, bathroom, alfresco, outdoor and/or any other part of the home and various upgrade options in relation to same that you browse on the Website to sales representatives of third parties from whom you may acquire those things;
  • providing you with information and the products that you have requested;
  • to communicate with you, including by email, mail or telephone;
  • establishing and operating credit accounts for our customers, conducting credit and identification checks;
  • complying with obligations required or authorised by or under law including our obligations under the Anti-Money Laundering and Counter Terrorism Financing Act 2006;
  • obtaining credit reports and assessing the financial position of a credit applicant (including a representative, director or shareholder of an applicant);
  • for administrative, marketing (including direct marketing), planning, product or service development, quality control and research purposes;
  • to administer our website and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • performing research and statistical analysis, including for customer satisfaction and service improvement purposes;
  • to assist you with enquiries, resolving complaints or to improve our customer service; and
  • to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulatory, or in co-operation with any government authority.

We may also collect, hold, use and disclose personal information for other purposes explained at the time of collection or:

  • which are required or authorised by or under law; or
  • for which you have provided your consent.

Direct Marketing

Marbut Stone may use or disclose your personal information for the purpose of informing you about our goods and services and third-party goods and services (including those provided by our related entities), promotions or other opportunities that may interest you, either where we have your express or implied consent, or where we are otherwise permitted to do so.  We may contact you for these purposes in a variety of ways, including by email, SMS and telephone.

Where you have consented to receiving marketing communications from Marbut Stone, your consent will remain current until you advise us otherwise.  However, you can opt out at any time, by unsubscribing via the marketing materials themselves or by contacting us.

Who we may share your personal information with

We may share personal information, and you consent to Marbut Stone disclosing your personal information, with third parties where appropriate for the following purposes:

  • if you have registered to access the Website to browse product options and various upgrade options in relation to same, to communicate your selection preferences to sales representatives of third parties from whom you may acquire those things;
  • our related entities including (without limitation) Anmar Group Pty Ltd ABN 55 129 579 406 and any of its subsidiaries;
  • our contractors and builders and their consultants and contractors who assist in providing our products and services to you;
  • suppliers and other third parties with whom we have commercial relationships, for business, marketing and related purposes;
  • credit reporting bodies and other credit providers;
  • financial institutions for payment processing;
  • third parties who support our information technology or handle mailings on our behalf;
  • our professional advisers;
  • law enforcement agencies, other governmental agencies or third parties if we are required by law to do so, or in other limited circumstances (for example if required by a court order or regulatory authority, or if we believe that such action is necessary to prevent fraud or cyber-crime or to protect our website, our products or our technology assets or the rights, property or personal safety of any person).

We may combine or share information that we collect from you with information collected by any of our related entities.

What if you don’t provide us with your personal information?

We will provide individuals with the option of not identifying themselves, or of using a pseudonym, when dealing with us if it is lawful and practicable to do so.  A pseudonym is a name or other descriptor that is different to an individual’s actual name.

For example, you can access our website, view our products and make general phone queries without having to identify yourself.

In some cases however, if you don’t provide us with your personal information when requested, we may not be able to provide you with the product or service that you are seeking. For example, you must identify yourself to enter into a Credit Agreement with us.

Credit-related personal information

We may provide credit within the meaning of the Act to our customers in connection with the supply of our products and services (for example, if you are a representative, director or shareholder of a credit applicant).  If we share credit-related personal information about you with credit reporting bodies (CRBs) or other participants in the credit reporting system (including other credit providers), we are required to comply with the credit reporting provisions in Part IIIA of the Act and the Privacy (Credit Reporting) Code 2014 (CR Code). 

Why we collect credit-related personal information

We collect, hold, use and disclose credit-related personal information for the purposes permitted by the Act and the CR Code, including:

  • to assess an application for credit and verify your identity;
  • if you are a representative, director or shareholder of a credit applicant:
    • to assess an application for credit;
    • to collect payments that are overdue in relation to credit provided;
  • to derive assessments, evaluations, scores, ratings and summaries relating to your credit worthiness;
  • to undertake debt recovery and enforcement activities;
  • to participate in the credit reporting system (including by providing credit-related personal information to CRBs and other credit providers); and
  • for other purposes required or authorised by law.

The credit-related personal information we collect

The credit-related personal information that we may collect, and hold includes:

  • your current and prior names, date of birth, address, gender, and driver’s licence number or passport number;
  • your company name, trading name, company number, billing and physical address, email address and contact details;
  • the fact that you (or a borrowing entity) has applied for credit with us or other credit providers and the type and amount of credit sought;
  • the fact that you have agreed to guarantee the obligations of another under a credit facility offered by us;
  • the day that credit is entered into with us or other credit providers, the terms or conditions of that credit and the maximum amount of credit available;
  • the day on which credit provided to your business is terminated or otherwise ceases;
  • credit payments of $100 or more owed to us or another credit provider that are overdue for more than 21 days that you have been notified of (and whether you have subsequently repaid the overdue amount);
  • any cheques that have been written that have been dishonoured more than once;
  • advice that payments are no longer overdue and that the credit has been provided has been discharged;
  • whether you have committed a serious credit infringement;
  • whether you have entered into an arrangement with us or another credit provider in connection with credit provided to your business;
  • credit-related court proceedings and personal insolvency information;
  • publicly available credit-related information;
  • a credit rating or score that is calculated by a CRB (or by us using information from a CRB) and that has a bearing on your credit-worthiness; and
  • administrative information relating to credit provided by us.

How we collect and hold credit-related personal information

We collect credit-related personal information from you (directly or through the operation of your account with us), from CRBs and other credit providers and from other third parties where this is permitted under Part IIIA of the Act. We may also generate the information ourselves, through our own analysis.

The information will be held by us on our customer database, in physical and/or electronic form located in Australia.

Who we disclose credit-related personal information to

We may disclose credit-related personal information to third parties for the purposes outlined above, including to:

  • CRBs and other credit providers including any authorised agent deemed to be a credit provider under the Act;
  • our related entities;
  • third parties that manage credit applications for us;
  • debt collectors and credit management agencies;
  • third parties in connection with the potential assignment of debts, security for credit or purchase of an interest in us; and
  • other third parties where required or authorised by law.

CRBs may include the information we provide them in reports provided to other credit providers, to assist them in assessing your credit-worthiness.

The CRB we use

The CRB we deal with are QBE Insurance and/or Equifax (previously known as VEDA).  Contact details, and details about how you can obtain the CRB’s privacy policy, are set out below.

Name: QBE Insurance
Phone: 133 723
Privacy Policy:

Name: Equifax
Phone: 13 8332
Privacy Policy:

Your rights in relation to CRBs

(a) Pre-screening for direct marketing

Credit providers can ask CRBs to use your credit reporting information to “pre-screen” marketing lists for the credit provider. You can tell CRBs not to use your credit reporting information for this purpose by contacting them (details above).

(b) Victims of fraud

If you think you have been, or are likely to be, a victim of fraud (including identity fraud), you can contact the CRB (details above) and ask them to put a ban on using or disclosing your credit reporting information.

Access and correction of credit eligibility information

You have the right to access and correct the credit-related personal information that we hold about you.  If you wish to make an access or correction request, please refer to our contact details below. 

Complaints about credit-related personal information

If you have a complaint about our handling of credit-related personal information, please refer to our contact details below.

Disclosure of personal information outside Australia

We may disclose personal information to our related entities or our third party suppliers and service providers located overseas for some of the purposes listed above.

We take reasonable steps to ensure that overseas recipients of your personal information do not breach the privacy obligations relating to your information.

We may disclose your personal information to entities located outside of Australia, including to our website hosting providers and to other IT service providers, some of whom may be located overseas.

Data quality

Marbut Stone is committed to keeping your personal information secure and confidential. All reasonable precautions will be taken to protect personal information from loss, misuse, unauthorised access or alteration. Paper documents are held in secured drawers and cabinets. Paper files may also be archived in boxes and stored offsite in secure facilities.  Additionally, we also take reasonable steps to:

  • make sure that the personal information that we collect, use and disclose is accurate, up to date and complete and (in the case of use and disclosure) relevant;
  • protect the personal information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure; and
  • destroy or permanently de-identify personal information that is no longer needed for any purpose that is permitted by the APPs.

You can help us keep your information up to date, by letting us know about any changes to your details, such as your address, email address or phone number. 

You acknowledge that the security of online transactions you conduct using the website cannot be guaranteed.  To the fullest extent permitted at law, Marbut Stone does not accept responsibility for misuse of or loss of, or unauthorised access to, your personal information where the security of that information is not within Marbut Stone’s control.

Within Marbut Stone, access to personal information is restricted to personnel on a need to know basis. Marbut Stone has directed its staff that personal information must be dealt with in accordance with this Privacy Policy and kept secure from unauthorised access or disclosure. We educate our staff about their duty to protect your privacy and provide training regarding this Privacy Policy.


Marbut Stone will endeavour to maintain a secure system for storing personal information. Technological and operational policies and procedures are in place to protect personal information from misuse and loss and from unauthorised modification or disclosure. Marbut Stone will dispose of personal information where it is no longer necessary to fulfil the purposes for which the information was collected or as required by law.

Website security

While we strive to protect the personal information and privacy of users of our website, we cannot guarantee the security of any information that you disclose online and you disclose that information at your own risk. If you are concerned about sending your information over the internet, you can contact us by telephone or post (details below).

If you are a registered user of our website, you can also help to protect the privacy of your personal information by maintaining the confidentiality of your username and password and by ensuring that you log out of the website when you have finished using it.  In addition, if you become aware of any security breach, please let us know as soon as possible.

IP Address

An IP (internet protocol) address is a number that is automatically assigned to your computer by your internet service provider when you log on. Your IP address is not linked to your personal information but we do preserve the right to use IP addresses to identify individuals who may threaten our site, services or clients.  IP addresses may also be used to help diagnose problems with our website and to gather broad demographic information. 

Third party websites

Links to third party websites that are not operated or controlled by us are provided for your convenience.  We are not responsible for the privacy or security practices of those websites, which are not covered by this Privacy Policy. Third party websites should have their own privacy and security policies, which we encourage you to read before supplying any personal information to them.

Data breaches

If there is any breach of your personal information, Marbut Stone will deal with such breach and notify you in accordance with its obligations under the Act.

Access and Correction

Subject to some exceptions permitted by law, you may access any personal information Marbut Stone holds about you.  To do so, please contact us and we will endeavour to respond to your request within 30 days. A handling fee may be payable so that we can obtain the information you require.

If you believe that your personal information is inaccurate, incomplete or out of date, you may write to Marbut Stone and request it to correct the information.  Your request will be dealt with in accordance with the Act. If your request is refused, you may ask Marbut Stone to associate your request with the information.

If we correct personal information about you, and we have previously disclosed that information to another agency or organisation that is subject to the Act, you may ask us to notify that other entity.  If so, we will take reasonable steps to do so, unless this would be impracticable or unlawful.


Our website may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website.  Third party websites are responsible for informing you about their own privacy practices.


If you feel aggrieved by Marbut Stone’s handling or collection of your personal information, you may make a complaint to the Officer responsible for Privacy, (details set out below).   Our complaints process will depend on whether your complaint relates to the APPs or to credit-related personal information, as explained below.

Our Privacy Officer will endeavour in the first instance to deal with your complaint and take any steps necessary to resolve the matter within a week. If your complaint can’t be resolved at the first instance we will ask you to submit your complaint in writing.

We will endeavour to acknowledge receipt of your written complaint within 5 business days of receiving it and to complete our investigation into your complaint in a timely manner.  This may include, for example, gathering the relevant facts, locating and reviewing relevant documents and speaking to relevant individuals. 

In most cases, we expect that complaints will be investigated, and a response provided within 30 days of receipt of the Privacy Complaint Form.  If the matter is more complex and our investigation may take longer, we will write and let you know, and tell you when we expect to provide our response.

Complaints process – credit-related personal information

We will provide you with a written notice acknowledging your complaint and explaining how we will deal with it within 7 days after the complaint is made.   We will then investigate the complaint, consult any CRB or other credit providers if we consider it necessary and provide you with a written notice of our decision within 30 days (or longer if you agree).

If you are not satisfied with our response

If you are not satisfied with our response, you can refer your complaint to the Office of the Australian Information Commissioner (see here for further information).

Updating our privacy statement

As our company grows and changes, we may revise our Privacy Policy.  We will keep you updated on these changes by posting new versions of our policy on the Website.

By providing your personal information to us or by using the Website, you are indicating your acceptance of Marbut Stone’s current policy.

Contacting Marbut Stone

Please contact us if you have any queries about the personal information that we hold about you or the way we handle that personal information. Our contact details are set out below.

Mail:  Marbut Stone Privacy Officer, 14, Felstead Drive, Truganina VIC 3029 
Telephone: 03 9209 0000

Further general information about privacy is available on the website of the Office of the Australian Information Commissioner at or by calling the OAIC’s enquiry line at 1300 363 992.

Changes to this Policy

We may amend this Privacy Policy from time to time.  The current version will be posted on our website and a copy may be obtained by contacting our Privacy Officer (details above). All amended terms will automatically take effect immediately on posting. Please check this Privacy Policy periodically to inform yourself of any changes. If you do not accept the changes made to this Privacy Policy, you should immediately stop using the website and our products and services.