InPayTech Limited and its related company, Payment Adviser Pty Limited (‘we’, ‘our’, and ‘us’) are committed to security of information and the protection of your personal information.
We comply with the Privacy Act 1988 (Cth) (‘Act’), which requires that we handle personal information in accordance with the Australian Privacy Principles.
We may need to update the Policy from time to time. We will post the updated Policy on our website and where a change is significant, we will notify you.
What personal information do we collect?
Personal information is any information that identifies an individual or from which an individual is reasonably identifiable.
We collect personal information to enable us to provide the services that have been requested by our clients. Our clients are organisations with whom we have a contractual relationship and include payroll service providers, accounting and or book keeping service providers and employers.
Depending on the services requested, we collect the following types of personal information: name, date of birth, contact details (such as address, telephone number, and email address), tax file number (TFN), name of employer, employment details and superannuation related information.
In some situations we may collect information that is considered sensitive information, as defined by the Act.
How do we collect and hold personal information?
We collect personal information in a number of ways:
Information provided to us
When our website is accessed and our services are used by clients, such as your employer, personal information may be provided to us. Where personal information is provided to us by a client, it is their responsibility to inform you of the disclosure of the personal information to us.
We may receive personal information from organisations, such as superannuation funds that have been authorised to hold your personal information.
We may also collect personal information through communications with our staff, by email or by telephone.
Information collected automatically
We collect some information automatically when our website is accessed. The information we collect depends on how our website or our services are used.
If an unsecured area of our website is visited the information that is recorded includes the user’s IP address, the type of device being used and information on website activity – the number of visits to the website, the pages viewed and navigation patterns. This information does not identify you. We use this information to understand how our website is used so that we can continue to develop and improve the experience.
We store and process personal information on computers located in Australia.
As we regard the security of personal information as a priority we take precautions to protect that information. We have a number of physical, organisational, administrative and electronic security measures in place to reduce the risks of loss, misuse, unauthorised access, disclosure or alteration of information.
These security measures include:
- access authorisation controls;
- firewalls, virus scanning software and anti-intruder systems;
- use of secure networks or data encryption when we receive or send personal information electronically;
- restriction of access to information to staff who require it to perform their job function;
- instructing staff on the obligations relating to handling of personal information; and
- physical access controls to data centres.
How we use and disclose personal information?
In providing payment processing and information reporting services to our clients, we may receive instructions from the clients to disclose personal information to nominated recipients. The recipients and their details are advised to us by our clients.
We may also disclose personal information to:
- external service providers, which provide us with information technology services that enable us operate our services.
- our professional advisers, including lawyers, auditors and accountants;
- governmental or regulatory bodies (such as ASIC, ATO, AUSTRAC, or a law enforcement agency) to meet our legal and/or regulatory obligations or in response to their information request; and
- as required or authorised by law, regulation or as directed by a court order.
We take steps to ensure that our external service providers keep your personal information confidential and use it only for the purposes for which we and the external service providers, and are authorised.
We do not disclose personal information to anyone who is not located in Australia.
We may disclose information we hold about you to a third party, if you have authorised the disclosure.
We may rely on some of the exemptions permitted under the Privacy Act. For instance the exemption for disclosing personal information to our related companies.
We do not provide personal information to any third party for any marketing purposes.
How can personal Information be accessed or updated?
You may request access to personal information we hold about you. In some circumstances we may not be able to allow you access to your personal information, for example where giving access is against the law. If we are unable to provide you with access we will notify you of the reason.
To change incorrect, incomplete or out of date information we hold, you will need to contact the organisation that provided the information to us and ask them to correct the information.
To contact us
If you have a question or complaint relating to the privacy of personal information, please contact us. We will review a complaint and respond within reasonable period of time.
Our email is firstname.lastname@example.org