This policy documents how we manage personal information. It also includes our policy on the handling of credit reports and other credit-related information.
“Personal information” is defined as information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.
“Sensitive information” is defined as a type of personal information which includes information about an individual’s racial or ethnic origin; health information; political opinions; membership of a political, professional or trade association or trade union; religious beliefs or affiliations; philosophical beliefs; sexual orientation or practices; and criminal record.
ElitePOS is a company that provides online payment platforms to retail industries via customised software and hardware solutions.
Whenever it is reasonable and practicable to do so, we collect personal information about you directly from you. In some cases, your personal information may be provided to us by third parties such as business associates, agents or friends. If you are asked to provide information about others you must ensure that you have their consent or are otherwise entitled to provide this information to us.
We may also collect personal information that we request from you regarding your use of our service or that we collect automatically from your visits to our websites.
Please ensure that you have provided us current and accurate personal information so that we can provide our services to you.
The kinds of personal information that we collect include:
ElitePOS will not collect sensitive information unless the individual client has consented, it is required by law, or in other special specified circumstances, for example relating to individual or public health or safety.
If you or your organisation prefers, it may remain anonymous to the extent that the name of the organisation need not be provided to us or in being provided it is marked in a way that indicates that you prefer not to be personally identified. However, all data necessary for contractual relations to exist in real time must be provided if we are to be able to fully supply you with our services.
Meeting regulatory requirements
We also collect your personal information in order to satisfy our regulatory obligations under applicable laws and rules.
In some cases, your information may be disclosed where required or authorised by law, for example, to government and regulatory authorities or in emergency situations and when assisting in lawful enforcement.
We collect, hold and use your personal information to enable us to use your details to contact you and to reply to any queries or requests in relation to your account and in relation to the supply to you of our goods and services.
We use your personal information in the administration of your account, which includes us contacting you in order to update your account details (this assists us with keeping our records as up to date as possible) or in order to notify you of changes or improvements to our products or services that may affect our service to you. We may disclose your personal information to administrators who assist in the administration of your account from time to time.
We use your personal information in order to supply our goods and services to you and to meet our contractual obligations to you.
You consent to us directly marketing our products and service offerings to you. You may withdraw your consent and opt out at any time by making a request (by email) to us not to receive direct marketing communications from us or any company we may approve.
We restrict the disclosure of an individual’s details to only those organisations and individuals that we feel you would reasonably expect to receive direct marketing material from. Third parties to which we provide personal information will only use it for the purposes for which it is collected or otherwise as permitted by law.
You consent to us providing personal information about you to:
Subject to our confidentiality obligations, we may disclose your personal information with anyone that you have given us permission to, any person acting on your behalf or a person or ElitePOS partner who may have introduced you to us.
We may disclose your personal information to third parties to assist us in providing our services. Your information will be disclosed to third parties on a confidential basis and only if that disclosure is necessary to provide you with our services.
We may use and disclose your personal information for other purposes that you have consented to.
From time to time we may send your information overseas, including to overseas Group members and to service providers or other third parties who operate or hold data outside Australia. Where we do this, we ensure that appropriate data handling and security arrangements are in place. Please note that Australian law may not apply to some of these entities.
Customer information is stored in databases controlled by ElitePOS situated within Australia and equivalent jurisdictions. ElitePOS may also disclose your personal information to companies that are part of the ElitePOS corporate family which may be located overseas (in which case your personal information will remain confidential and the purpose for which the information is collected and used will not change).
We use secure servers in order to store your personal information and ensure proper data storage. We take all reasonable measures to protect personal information that we hold from misuse, loss, unauthorised access, modification or disclosure.
If you provide paper based documentation, we may retain the paper documents in addition to saving copies in an electronic format.
In addition to sharing your information with ElitePOS, we may store your data using overseas cloud storage products as well as other overseas information technology products and services, where we reasonably believe that the overseas recipient is subject to laws that protect the information in a substantially similar way to the Australian Privacy Principles. We will take reasonable steps to ensure that the overseas recipient does not breach the Australian Privacy Principles in relation to the information. We will only transfer personal information outside Australia to a third party recipient, if the recipient of the information agrees (or is compelled) to comply with privacy policies that are in accordance with (or are more stringent than) the Australian Privacy Principles.
Where you apply to us for credit or propose to be a guarantor, one of our checks involves obtaining a credit report about you.
A credit report contains information about your credit history which helps credit providers assess your credit applications, verify your identity and manage accounts you hold with them. Credit reporting bodies collect and exchange this information with credit providers like us and other service providers such as phone companies.
The Privacy Act limits the information that credit providers can disclose about you to credit reporting bodies, as well as the ways in which credit providers can use credit reports.
Information exchanged with credit reporting bodies
The information we can exchange includes your identification details, what type of credit has been extended to you, the amount of credit extended to you, whether or not you have met your credit obligations and if you have committed a serious credit infringement (such as fraud). We also ask the credit reporting body to provide us with an overall assessment score of your creditworthiness.
Use and storage of credit-related information
We use information from credit reporting bodies to confirm your identity, assess applications for credit, manage our relationship with you and collect overdue payments. We may also use this information as part of arriving at our own internal assessment of your creditworthiness.
We store credit-related information with your other personal information. You can access credit-related information we hold about you, request us to correct the information and make a complaint to us about your credit-related information. See sections 9 and 11.
Credit providers may ask credit reporting bodies to use their credit-related information to pre-screen you for direct marketing. You can ask a credit reporting body not to do this. Also, if you’ve been, or have reason to believe that you’re likely to become, a victim of fraud (including identity fraud), you can ask the credit reporting body not to use or disclose the credit-related information it holds about you.
You can contact us to access, correct or update your personal information.
We will investigate and deal with your correction request or complaint in a fair, efficient and timely manner.
AVS may deny access to information in certain circumstances as permitted by law. For example, there are exemptions as specified in the Australian Privacy Principles where access may be denied. If this is the case, we will provide you with the reason for our decision.
If an ElitePOS customer wants to gain access to or correct any of the personal information held by ElitePOS about that customer, or if further information on how ElitePOSL handles personal information is required, please contact the Privacy Officer using the contact information on the “Contact Us” section below.
We will endeavour to respond to any complaint within 30 days. If you are not satisfied with our response to your complaint, you may seek a review by contacting the Office of the Australian Information Commissioner using the information available at http://www.oaic.gov.au/privacy/privacy-complaints. We suggest you do this only once you have first followed our internal complaint processes.
For further information about the Australian Privacy Principles of the Privacy Act or the credit reporting rules please visit the Office of the Australian Information Commissioner website at www.oaic.gov.au.
This document does not create any additional rights under contract, statute or equity law.