Consumer Data Right Policy

Describes the data available for you to share, how to share your data, what we do with the data we collect, and how to make a complaint.

At a glance

This policy describes what data will be available for you to share, how to share your Unloan data, what we do with the data we collect, and how to make a complaint.

To save a copy of this policy, use the print function of your browser. If you’d like a PDF copy, please email We will send this to you free of charge.

About us

The CommBank Group provides a wide range of banking and financial services. For more information about the Group, including a complete list of Group members, see CommBank's latest Annual Report, available at  Unloan is a division of CommBank offering mortgage lending products.

This Consumer Data Right Policy only applies to Unloan, a division of the Commonwealth Bank of Australia.

In this policy:

  • Unloan, we, us or our means Unloan, a division of the Commonwealth Bank of Australia.
  • CommBank means the Commonwealth Bank of Australia.

About the Consumer Data Right (CDR)

The Consumer Data Right (CDR) was introduced by the Federal Government to provide customers with rights to access specified data that relates to them (CDR data) held by organisations (data holders); and allow them to authorise the sharing of that external CDR data to other third parties (accredited data recipients). Unloan is a data holder under the CDR.

What does this mean?

  • Where Unloan holds CDR data about you, you can ask us to share that data with other accredited data recipients or yourself. In the policy, we refer to this data as your Unloan CDR data.

CDR is jointly regulated by the Australian Competition and Consumer Commission (ACCC) and the Office of the Australian Information Commissioner (OAIC). The legislative framework includes the Competition and Consumer Act 2010 and the Competition and Consumer Rules 2020 (CDR legislation).

About this policy

This policy describes your rights under the CDR legislation.

If you want to know more about how we handle your personal information at Unloan, see our Privacy Policy at

Sometimes we update our CDR policy. You can always find the most up-to-date version on our website, and you can ask us to send you a copy of the latest version.

Your privacy and security information

Your privacy and the security of your information is important to us. We protect your information and aim to be clear and open about what we do with it. We adhere to the security and privacy requirements set out in the CDR legislation. Some of the ways we keep your information secure are:

  • When you log into our websites or apps, we encrypt data sent from your computer to our systems so no one else can access it
  • We have firewalls, intrusion detection and virus scanning tools to stop viruses and unauthorised people accessing our systems
  • When we send your electronic data to other organisations, we use secure networks or encryption

What data will be available under the CDR?

As a data holder under the CDR legislation, we are required to make available specific sets of data for sharing:

  • Name, occupation and contact details
  • Account balance and features of products you have with us
  • Transaction details
  • Direct debits and scheduled payments
  • Saved payees
  • Information about our products and services

Sharing your Unloan CDR data

You can choose to share your Unloan CDR data with an accredited data recipient so they can provide you with a product or service (like a budgeting tool).

How does this work?

  • You need to give your consent to the accredited data recipient to collect your Unloan CDR data (on their site or app), then they’ll redirect you to Unloan.
  • We’ll ask you to enter the email address you’ve registered with us and then we’ll send you a One Time Password to log into the Unloan site.
  • We’ll remind you what Unloan CDR data will be collected by the accredited data recipient and ask you to choose which accounts you’d like to share with them.
  • You’ll be asked to authorise us to share your Unloan CDR data with the accredited data recipient for a period of time.

Important things to note:

  • We'll never ask you to share your Unloan login details or passwords with a third party.
  • Only accredited data recipients you authorise are able to access data under the CDR legislation. To learn more about accreditation, go to

How to correct or amend your Unloan CDR data

If any of your Unloan CDR data is incorrect, contact your Unloan lender or email us at to ask us to correct it.

Within 10 business days, we’ll let you know in writing whether we corrected your Unloan CDR data or if we found it to be accurate, up to date, complete and not misleading.  We may instead provide you with a notice of why we thought a correction was unnecessary or inappropriate.  There are no fees for this service.  You can see your latest data sharing details anytime by going to Settings and selecting Data Sharing.

You also have the right to access and correct personal information Unloan holds about you.  Refer to our Privacy Policy for more information at

When we notify you

We’ll notify you when you’ve set up or stopped data sharing.  If we shared incorrect Unloan CDR data with an accredited data recipient, we’ll let you know as soon as possible.  We’ll also tell you who we shared the incorrect data with, the date it was shared and how to ask us to share the corrected Unloan CDR data.

Reporting an issue

If you’d like to raise an issue or complaint, check out the How we deal with complaints section below.

How we deal with complaints

We want to make things right.  If there’s a problem with how we handle your CDR data, it’s important we hear about it so we can make it right.  

You can tell us what's wrong by emailing us at or by calling 1300 630 000.

We will take your complaint seriously, work with you to address your complaint, and try to find a solution that's fair and reasonable.

Please tell us:

  • Your name and your preferred contact details – though you can make an anonymous complaint if you would prefer.
  • What your complaint is about, including the products or services you are complaining about and what’s gone wrong, and the resolution you’re seeking.

What happens when you make a complaint

We’ll acknowledge your complaint

Most complaints can be resolved soon after we receive them or within days.

We’ll let you know we’ve received your complaint (generally by the next business day), give you a reference number, and let you know the name and contact details of the person who’s handling it.

We’ll assess the information and work with you to find a fair outcome

We’ll assess the information you give us, investigate the issues further at our end if we need to, and work with you to find a fair solution.

We’ll aim to provide a final response to your complaint as quickly as we can. If we're unable to provide you with a final response within 30 days, we'll tell you the reason for the delay, give you a date you can expect to hear an outcome, and continue to update you on our progress.

If your complaint relates to electronic payments, financial hardship, or the postponenent of enforcement proceedings, we’ll aim to respond within 21 days. If we’re unable to respond in time, we’ll let you know why.

If you're unhappy with the resolution

You can lodge a dispute with the Australian Financial Complaints Authority, an external dispute resolution body. AFCA provides a fair and independent complaint resolution service which is free for customers to access:



Phone: 1800 931 678 (free call)

Postal address:
Australian Financial Complaints Authority
GPO Box 3, Melbourne VIC 3001

Office of the Australian Information Commissioner

You can also contact The Office of the Australian Information Commissioner if your complaint is about your privacy or how we handle your Consumer Data Right (CDR) data:


Phone: 1300 363 992

Postal Address:
Office of the Australian Information Commissioner
GPO Box 5218, Sydney NSW 2001

To learn more about our complaints process, how we work with you to resolve your complaint and what you can do if you’re not happy with the outcome, see our complaints process at

We’re here to help

If you have a question about our CDR Policy or need help, email us at and we’ll be happy to help.