Your privacy matters. This page explains how we collect, use, and protect your personal information when you use our services.
This Privacy Policy (Policy) describes the Personal Information and credit-related information that SecurePay collects, how we use and share it, store and protect it and details on how you can contact us with privacy-related questions or concerns. This Policy also sets out your rights and options in relation to your Personal Information.
We may change this Policy from time to time by publishing changes to it on our website.We encourage you to check our website periodically to ensure that you are aware of our current Policy.
In this Policy, “SecurePay”, “we”, “our” or “us” refers to SecurePay Pty Ltd, which is the entity responsible for the collection, use, and handling of Personal Information as described in this Policy.
“Personal Information” is any information associated with an identified or identifiable individual, which can include data that you provide to us such as your name, email address, contact number, address etc, and information that we collect about you during your interaction with our Services (such as device information, IP address, etc.).
“Services” means the products, services and applications that we provide to businesses under the SecurePay Online PaymentsTerms and Conditions (“Business Services”), our websites (“Sites”), and any other applications and online services.
“Financial Partners” are financial institutions, banks and otherpartners such as payment method acquirers and card networks that wepartner with to provide the Services.
Depending on the context,“you” might be an End Customer, Representative or Visitor:
“Transaction Data” refers to data collected and used by SecurePay to facilitate transactions you request. Some Transaction Data is Personal Information and may include your name, email address, contact number, billing and shipping address, payment method information, merchant and location details, amount and date of purchase, and in some instances, information about what was purchased.
Our collection and use of Personal Information differs depending on whether you are an End Customer, Representative or Visitor, and the specific Service you are using. For example, if you are a sole proprietor who wants to use our Services, we may collect your Personal Information to onboard your business; or if you have bought goods or services from another business that is using our Services for payment processing, you would be an End Customer.
SecurePay provides various Business Services to business customers, including processing online payments for those businesses. When acting as a service provider for a business, we collect End Customer Personal Information in accordance with our agreement with the business. This happens, for example, when we process a payment for a business because you purchased a product from them.
Businesses are responsible for ensuring that the privacy rights of their customers are respected, including obtaining appropriate consents and making disclosures about their own data collection and use associated with their products and services. As such, if you are an End Customer, you should refer to the privacy policy of the relevant business you are doing business with to understand its privacy practices.
We collect the following PersonalInformation about End Customers:
Transaction Data: If you’re an End Customer making payments to, receiving refunds from, initiating a purchase or donation, or otherwise transacting with a business utilising our Business Services, we receive your Transaction Data.
Additionally we may collect information entered into a checkout form.
More: For further information about other types of Personal Information that we may collect about End Customers, including about your online activity, please see the section below headed “More ways we collect, use and share Personal Information”.
To provide our Business Services to our business customers, we use and share End Customers' Personal Information with them. Where allowed, we also use End Customers' Personal Information for our own purposes such as improving and offering our Business Services, and preventing fraud, loss, and other damages, as described further below.
Payment processing and accounting: We use your Transaction Data to deliver payment-related Business Services to our business customers — including online payment transactions processing, sales tax calculation (where relevant), and invoice, bill, and dispute handling — and to help them determine their revenue, settle their bills, and execute accounting tasks. Where allowed, we may also use your Personal Information to provide and improve our Business Services.
During payment transactions, your Personal Information is shared with various entities in connection with your transaction. As a service provider or data processor, we share Personal Information to enable transactions as directed by our business customers. For instance, when you choose a payment method for your transaction, we may share your Transaction Data with your bank or other payment method provider, process your transaction, and handle disputes.
The business customer of ours that you choose to do business with also receives Transaction Data and might share the data with others. Please review your merchant’s, banks, and payment method provider’s privacy policies for more information about how they use and share your Personal Information.
More: For further information about additional ways by which we may use and share End Customers’ Personal information, please see the section below, headed “More ways we collect, use and share Personal Information”.
We collect, use and share Personal Information from Representatives of business customers (for example, business owners) to provide our Business Services.
Registration and contact information: When you register for a SecurePay account for a business customer, we collect your name and login credentials. If you sign up to receive SecurePay communications, we collect your registration and profile data.
Identification Information: As a current or potential business customer, an owner of a business customer, or a shareholder, officer, or director of a business customer, we need your contact details, such as name, postal address, telephone number, and email address, to fulfill our Financial Partner and regulatory requirements, verify your identity, and prevent fraudulent activities and harm to the SecurePay platform. We collect your Personal Information, such as ownership interest in the business customer, date of birth, government-issued identity documents, and associated identifiers, as well as any history of fraud or misuse, directly from you and/or from publicly available sources, third parties such as creditbureaus and via the Services we provide. You may also choose to provide us with bank account information.
More: For further information about other types of Personal Information that we may collect about Representatives, please see the section below, headed “More ways we collect, use and share Personal Information”.
We typically use the Personal Information of Representatives to provide the Business Services to the corresponding business customers. The ways we use and share this information are further described below:
Business Services: We use and share Representatives’ Personal Information with business customers to provide the Services requested by you or the business customer you represent.
We share Representatives’ Personal Information with parties authorised by the corresponding business customer, such as Financial Partners servicing a financial product, or third party apps or services the business customer chooses to use alongside our Business Services. A common example of such sharing is with payment method providers, like Visa, who require information about business customers and their Representatives who accept their payment methods. This information is typically required during the onboarding process or for processing transactions and handling disputes for these business customers.
The use of Personal Information by a third party authorised by a business customer is subject to the third party’s privacy policy.
If you are a business customer who has chosen a name that includes Personal Information (for example, a sole proprietorship or family name in a company name), we will use and share such information for the provision of our Services in the same way we do with any company name. This may include, for example, displaying it on receipts and other transaction-identifying descriptions.
Credit assessment: As part of the onboarding process, we share Personal Information we collect about you with credit reporting bodies (CRB) in order to conduct credit assessments of you, as set out further below in this Policy.
Fraud detection and loss prevention: We use Representatives’ Personal Information to identify and manage risks that our Business Services might be used for fraudulent activities causing losses to SecurePay, End Customers, Business Users, Financial Partners and others. We also use information about you obtained from publicly available sources, third parties like credit bureaus and from our Services to address such risks, including to identify patterns of misuse and monitor for terms of service violations.. We may share Representatives' Personal Information with business customers, our Financial Partners, and third party service providers, to verify the information provided by you.
We may also use and share Representatives' Personal Information to conduct due diligence, including conducting anti-money laundering and sanctions screening in accordance with applicable law.
More: For further information about other types of Personal Information that we may use and share Personal Information of Representatives, please see the section below, headed “More ways we collect, use and share Personal Information”.
We collect, use, and share the Personal Information of Visitors.
When you browse our Sites, we receive your Personal Information, either provided directly by you or collected through our use of cookies and similar technologies. If you opt to complete a form on the Site we collect the information you included in the form. This may include your contact information and other information pertaining to your questions about our Services. We may also associate a location with your visit.
More: For further details about other types of Personal Information that we may collect from Representatives, please see the section below, headed “More ways we collect, use and share Personal Information”.
Personalisation: We use the data we collect about you using cookies and similar technologies to measure engagement with the content on the Sites, improve relevancy and navigation and customise your experience.
Advertising: Where permitted by applicable law, and, where required. with your consent, we use and share Visitors’ Personal Information with third parties, so we can advertise and market our Services and partner integrations. Subject to applicable law, including any consent requirements, we may advertise through interest-based advertising and track the efficacy of such ads. We do not transfer your Personal Information to third parties in exchange for payment, but we may provide your data to third party partners, like advertising partners, analytics providers, and social networks, who assist us in advertising our Services.
Engagement: As you interact with our Sites, we use the information we collect about and through your devices to provide opportunities for further interactions, such as discussions about Services or interactions with chatbots, to address your questions.
More: For further information about additional ways we may use and share Visitors’ Personal Information, please see the section below, headed “More ways we collect, use and share Personal Information”.
In addition to the ways described above, we also collect, use and share your Personal Information as follows:
Online activity: Depending on the Services and how our Business Services are implemented by the business customers, we may collect information related to:
Communication and Engagement Information: We also collect information you choose to share with us through various channels, such as support tickets, emails, or social media. If you respond to emails or surveys from SecurePay, we collect your email address, name, and any other data you opt to include in your email or responses. If you engage with us over the phone, we collect your phone number and any other information you might provide during the call. Calls with SecurePay or SecurePay representatives may be recorded. Additionally, we collect your engagement data, like your interactions with SecurePay personnel.
Besides the use of Personal Information described above, we may use Personal Information in the ways listed below:
Analysing, improving and developing our Services: We collect and process Personal Information throughout our various Services, whether you are an End Customer, Representative, or Visitor, to improve our Services, develop new Services, and support our efforts to make our Services more efficient, relevant, and useful to you. We may use Personal Information to generate aggregateand statistical information to understand and explain how our Services are used.
Examples of how we use Personal Information to analyse, improve, and develop our products and services include:
Communications: We use the contact information we have about you to deliver our Services. If you are a Representative, or Visitor, we may communicate with you using the contact information we have about you to provide information about our Services and our affiliates’ services, or otherwise communicate with you for marketing purposes, in compliance with applicable law, including any consent or opt-out requirements. For example, when you provide your contact information to us, we may use this data to follow up with you to provide information requested about our Services, and include you in our marketing information campaigns. Where permitted under applicable law, we may record our calls with you to provide our Services, comply with our legal obligations, perform research and quality assurance, and for training purposes.
Fraud Prevention and Security: We collect and use Personal Information to help us identify and manage activities that could be fraudulent or harmful across our Services, enable our fraud detection Business Services, and secure our Services and transactions against unauthorised access, use, alteration or misappropriation of Personal Information, information, and funds. As part of the fraud prevention, detection, security monitoring, and compliance efforts for SecurePay and its business customers, we collect information from publicly available sources, third parties (such as credit bureaus), and via the Services we offer. In some instances, we may also collect information about you directly from you, or from our business customers, Financial Partners, and other third-parties for the same purposes. Furthermore, to protect our Services, we may receive details such as IP addresses and other identifying data about potential security threats from third parties. Such information helps us verify identities, conduct credit checks where lawfully permitted, and prevent fraud.
Additionally, we might use technology to evaluate the potential risk of fraud associated with individuals seeking to procure our Business Services or arising from attempted transactions by an End Customer with our business customers or Financial Partners.
Compliance with Legal Obligations: We may use Personal Information to meet our contractual and legal obligations related to anti-money laundering, Know-Your-Customer ("KYC") laws, anti-terrorism activities, safeguarding vulnerable customers, export control, and prohibition of doing business with restricted persons or in certain business fields, among other legal obligations. For example, we may monitor transaction patterns and other online signals and use those insights to identify fraud, money laundering, and other harmful activity that could affect SecurePay our Financial Partners, business customers and others. Safety, security, and compliance for our Services are key priorities for us, and collecting and using Personal Information is crucial to this effort.
Besides the sharing of Personal Information described above, we share Personal Information in the ways listed below:
SecurePay Affiliates: We share Personal Information with SecurePay affiliated entities for purposes identified in this Policy.
Service Providers: In order to provide, communicate, market, analyse, and advertise our Services, we depend on service providers. These providers offer critical services such as providing cloud infrastructure, verifying identities and performing credit checks, conducting analytics for the assessment of the speed, accuracy, and/or security of our Services, identifying potentially harmful activity, and providing customer service and audit functions. We authorise these service providersto use or disclose the Personal Information we make available to them to perform services on our behalf and to comply with relevant legal obligations. We require these service providers to contractually commit to security and confidentiality obligations for the Personal Information they use on our behalf. Our service providers are based in Australia or the USA.
Corporate Transactions: If we enter or intend to enter a transaction that modifies the structure of our business, such as a merger, sale, assignment, transfer, change of control, or other disposition of all or part of our business, we may share Personal Information with third parties in connection with such transaction. Any other entity that buys us or part of our business will have the right to continue to use your Personal Information, subject to the terms of this Policy.
Compliance and Harm Prevention: We share Personal Information when we believe it is necessary to complymwith applicable law; to abide by rules imposed by Financial Partners in connection with the use of their payment method; to enforce our contractual rights; to secure and protect the Services, rights, privacy, safety, and property of SecurePay, you, and others, including against malicious or fraudulent activity; and to respond to valid legal requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities.
We hold your Personal Information in secure computer storage facilities, where it is in electronic format (both in-house and at our service providers); on paper-based files; as well as in other formats. We take reasonable steps to protect your information from loss and unauthorised access, destruction, use, modification or disclosure. Access to Personal Information held by SecurePay is controlled (both in terms of who can access it, and how) to prevent misuse or unauthorised access to or disclosure of the information. We use a range of technical security measures such as secure authentication, password controls, encryption, firewalls and anti-virus technology to prevent unauthorised access to yourPersonal Information.
SecurePay’s vendors that administer Personal Information are required to comply with similar protection measures.
This part of the Policy explains how we collect, use disclose and hold credit-related information and consumer credit eligibility information about you. It also describes our identity verification services that we undertake to verify your identity on receipt of your application for credit.
Credit-related personal information includes credit information, credit reporting information or credit eligibility information. We collect such information about you from consumer credit applications made by you, credit accounts we hold and credit reports we obtain from a CRB.
Generally, we collect credit-related personal information from you directly but we also collect it from CRBs who provide credit reports.
The CRB may include that information in the reportsit provides to other credit providers. The CRBs that SecurePay uses are:
Credit Sense
Creditor Watch
Equifax
For up-to-date contact details for such CRBs, or to obtain a copy of their privacy policies and credit reporting policies, please visit the website of the relevant CRB. Your credit-related information may also be used by CRBs for the purposes of ‘pre-screening’ credit offers on the request of other credit providers. You can contact the CRB at any time to request that your credit-related information is not used in this way.
Credit-related personal information we collect and hold may include the following types of information about individuals:
Credit-related personal information- types of information includes:
SecurePay collects ,uses and stores credit-related personal information about you to allow us to sell our services and to otherwise conducti ts business. SecurePay uses this information in the same way as it uses your personal information as set out in this Policy.
You consent to SecurePay's disclosure of your personal information (including your full name, residential address, date of birth, full business name / company name (if applicable), principal place of business / registered office (if applicable) and ABN/ACN (if applicable) to such third parties for the purpose of conducting a credit check and/or reporting defaults.
You have a right to request access to the Personal Information we hold about you at any time. You may also ask us to correct information about you that you may believe is inaccurate, incomplete or out of date.
