Bill Pay Rewards, operated by EonX Australia Pty Ltd (ABN 77 685 941 360) (also referred to in the Privacy Policy as “we”, “us” or “our”) recognise the importance of your privacy and understand your concerns about the security of the personal information you provide to us.
In the course of doing business with you, the collection of personal information in some instances is necessary or unavoidable. We are committed to protecting the privacy of all personal information that we collect and ensuring that your personal information is handled correctly.
All personal information collected by us will be treated in accordance with the Australian Privacy Principles (“APPs”) as contained in the Privacy Act 1988 (Cth). The APPs detail how personal information may be collected, used, disclosed, stored, and destroyed, and how an individual may gain access to or make complaints about the personal information held about them.
This policy details the type of personal information we collect from our customers, how we manage personal information about you, with whom we may share it and the choices available to you regarding our use of the information. We also describe the measures we take to safeguard your personal information and tell you how to contact us regarding our privacy practices.
Personal Information (PI) collected is for the purposes of providing you with products and services or responding to your query. For these purposes, EONX may disclose your PI to our related bodies corporate and third parties contracted to us. If you do not provide this information, we may not be able to provide you with services or respond to your query. PI will be handled in accordance with our Privacy Policy.
What types of personal information do we collect and hold
“Personal information” is information or an opinion about an identified individual, or about an individual who is reasonably identifiable, whether true or not, and whether recorded in a material form or not. Information where we have removed any reference to a person, so that the person cannot be reasonably identifiable from the information, is not personal information.
The kinds of personal information that we may collect and hold from you or about you include:
·contact information, such as your name, postal address, e-mail address and telephone number;
·account information such as username, password, and transaction history;
·bank account information such as account name, BSB and account number;
·identification information such as passport or drivers licence;
·information concerning your interests, buying habits and product preferences;
and·any other personal information submitted to us by you directly or indirectly through your use of our website or online presence, or through our websites or accounts that you allow us to gather information.
We do not collect sensitive information (such as relating to your ethnic origin, religious or philosophical beliefs, membership of a political or trade association, sexual preferences, or health), and would not do so without your consent.
Website and cookies
When you browse our website or contact us electronically, we may record geographical tagging, cookies, and statistical data. This may include your IP address, date and time of your visit, operating system, language preferences, device characteristics, pages visited, information downloaded and type of browser used to access the website.
On our website, we may use 'cookies' or other similar tracking technologies to track your website usage and remember your preferences. Cookies are small data files stored on your computer, television, mobile phone, or other device. They allow the party who placed the cookie on your device to recognise you across multiple websites, services, devices, and browsing sessions. You can disable cookies in your browser, but if you do, our websites may not function properly for you.
Cookies may also be used to collect data, which may include personal information. If a cookie is linked to your account, for example, it will be deemed personal information under the Privacy Act. We will treat any personal information collected through cookies in the same manner as we treat all other personal information as defined in this Privacy Policy.
We use this information to help us to make decisions about maintaining and improving our website and online services.
Links
While our website may contain links to other websites with the exception of our related entities, those websites are not subject to our privacy standards, policies and procedures. We recommend that you make your own enquiries as to the privacy policies of these third parties and we are in no way responsible for the privacy practices of these third parties.
How we collect and hold personal information
We aim to collect personal information only directly from you unless it is unreasonable or impracticable for us to do so. For example, we collect personal information from you or about you from information you submit to us when:
·you apply for or request a product or service;
·register on our website;·when you participate in our call centre marketing campaigns, competitions, or surveys;
·when you respond to our advertising and direct mail;·you provide information to us via email or telephone;
and·when you have other dealings with us.
However, in some circumstances, it is necessary for us to collect personal information through third parties or from a source of publicly available information.
If we receive personal information that we have not requested (unsolicited information) and we determine that we could not have collected that information under the APPs if we had requested it, then we will destroy or de-identify the information if it is lawful and reasonable to do so.
Why we collect, hold, use, and disclose personal information
We collect, hold, use, and disclose personal information from you or about you where it is reasonably necessary for us to carry out our business functions and activities and as necessary to provide our services to you. We also collect, hold, use, and disclose your personal information for related purposes that you would reasonably expect, such as our administrative and accounting functions, for example, we may use the information obtained from you:
·to process your application for service and to establish and manage your account or facility, and carry out transactions you wish to make;
·to provide requested services to you, and bill you for our services and collect overdue payments;·to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you or related to your use;
·to operate, protect, improve, and optimise our website, business, and your experience, such as to perform analytics, conduct research, product development and provide product information;
·for training, quality control and verification purposes (including monitoring and recording your telephone conversations with us from time to time);
·to communicate our related company's or a third party's marketing offers to you (when making the offer we will let you know how you may stop receiving any further marketing offers);
·respond to and communicate with you about your requests, questions, and comments;
·to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties.
·protect against, identify, and prevent fraud and other criminal activity, claims and other liabilities;
·comply with and enforce applicable legal requirements, relevant industry standards and our policies; and
·to administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners
If we do not collect, hold, use, or disclose your personal information, or if you do not consent, then we may not be able to answer your enquiry, complete the transaction you have entered into, or provide our services to you to the best of our ability.
How we hold and protect personal information - Security
Your personal information is held and stored on paper, by electronic means or both. We have physical, electronic, and procedural safeguards in place for personal information and take reasonable steps to ensure that your personal information is protected from misuse, interference, loss and unauthorized access, modification, and disclosure.
We store personal information in a combination of secure Australian based computer storage facilities and paper-based files and other records. We use industry accepted and compliant technology and security so that we are satisfied that your information is transmitted safely to us through the internet or other electronic means.
We also employ the following measures in order to safeguard your personal information:
·data held and stored on paper is stored in lockable offices and in secure premises;
·data held and stored electronically is protected by internal and external firewalls, limited access via file passwords, and files designated read-only or no access;
·data held and stored “in the cloud” is protected by internal and external firewalls, limited access via file passwords and files designated read-only or no access. We also require our IT contractors and other third parties to implement privacy safeguards;
·where we disclose personal information to third parties (including contractors and affiliated businesses located locally and overseas), our contractual arrangements with them include specific privacy requirements; and
·our staff receive regular training on privacy procedures.
Destruction and De-identification
We will retain your personal information whilst it is required for any of our business functions, or for any other lawful purpose.
We use secure methods to destroy or to permanently de-identify your personal information when it is no longer needed:
·paper records are shredded or destroyed securely; and
·electronic records are deleted from all locations, to the best of our ability, or encrypted and/or placed beyond use.
Disclosure of Information
We respect the privacy of personal information and will take reasonable steps to keep it strictly confidential.
We may share the information you provide with companies that are related to us, through common ownership (including other affiliated companies within or outside Australia).
We will disclose personal information to third parties if it is necessary for the primary purpose of collecting the information, or for a related secondary purpose, if the disclosure could be reasonably expected. Where such a disclosure is necessary, we will require that the third party undertake to treat the personal information in accordance with the APPs.
Generally, we may disclose personal information about you in the following circumstances:
·where we have contracted an external organisation to provide us with support services. This may include but is not limited to identity verification, processing applications or orders, marketing support, deliveries, market research and debt collection. These service providers may be within or outside Australia;
·to payment services providers;
·to comply with our legal obligations including government agencies, regulatory bodies, and law enforcement agencies, or as required, authorised, or permitted by law (we notify you any time we are required to produce information in this way unless we are prohibited by court order or law or there is suspicion of fraud and/or criminal activity);
·where we suspect that unlawful activity has been or may be engaged in and the personal information is a necessary part of our investigation or reporting of the matter; or
·where organisations cooperate with us in offering products and services such as co-brand partners (we will notify you of that disclosure and obtain your consent on the application form).
·We may share information about you with affiliated joint marketing partners and/or third parties whose products or services may be of interest to you. These third parties may contact you directly about their products and services in order to provide continuous improvement to the Program.
Where we use your personal information for marketing and promotional communications, you can opt out at any time by notifying us. Opt out procedures are also included in our marketing communications. If you do not want us to use your information for marketing purposes, or share your information with related companies for their own marketing purposes, please notify us by sending an email to the contact email listed below.
Otherwise, we will only disclose your personal information to third parties without your consent if the disclosure is:
·necessary to protect or enforce our legal rights or interests or to defend any claims;
·necessary to prevent or lessen a serious threat to a person’s health or safety;
·required or authorised by law; or
·permitted by another exception in the Privacy Act.
·Where we wish to use or disclose your personal information for other purposes, we will obtain your consent.We impose strict requirements of security and confidentiality on all third parties as to how they handle personal information. We provide our outside contractors both locally and internationally, and retail affiliates only with information they need to perform their services - they are not permitted to use the information for any purpose except to provide the service to us. The Privacy Act also strictly controls the information we exchange with credit reporting agencies.
Additional information regarding Credit/Payment Information
The types of credit information that we collect and use for the purpose of collecting payments and/or making payments include:
·names, addresses and other contact details of accountholders (both prospective and current);
·bank account details;
·driver’s licence details; and
·financial information.
We do not disclose credit information to credit reporting bodies.
Requests for access and correction
We have procedures in place for dealing with and responding to requests from you for access to, and correction of, the personal information held about you. When you request personal information, we may need to verify your identity.
In most cases, we expect that we will be able to comply with your request. However, if we do not agree to provide you access or to correct the information as requested, we will give you written reasons why. For example, a request to access personal information may be rejected if:
·the request is frivolous or vexatious;
·providing access would have an unreasonable impact on the privacy of another person;
·providing access would pose a serious and imminent threat to the life or health of any person;
·providing access would prejudice our legal rights; or
·there are other legal grounds to deny the request.
To assist us to keep our records up-to-date, please notify us of any changes to your personal information.
Complaints and Concerns
You can contact us using the information below if you believe we have breached the Privacy Act or if you have a complaint about how we have handled your personal information. Include your name, email address, and/or phone number, as well as a detailed description of your issue. We will acknowledge your complaint and respond to you within a reasonable timeframe. Please email us at privacy@eonx.com
If your complaint is not resolved to your satisfaction or you still have a concern, you can contact the Office of the Australian Information Commissioner in any of the following ways:
online: www.oaic.gov.au/ privacy phone: 1300 363 992
email: enquiries@oaic.gov.au fax: +61 2 9284 9666
mail: GPO Box 5218 Sydney NSW 2001 or GPO Box 2999 Canberra ACT 2601
About this Privacy Policy
We may update our policies and this Privacy Policy from time to time. The latest version is published within your Program Site.
Contact
If you have any questions about this Privacy Policy, or if you would like us to update information we have about you or your preferences, please email us at privacy@eonx.com
Bill Pay Rewards, operated by EonX Australia Pty Ltd (ABN 77 685 941 360) (also referred to in the Privacy Policy as “we”, “us” or “our”) recognise the importance of your privacy and understand your concerns about the security of the personal information you provide to us.
In the course of doing business with you, the collection of personal information in some instances is necessary or unavoidable. We are committed to protecting the privacy of all personal information that we collect and ensuring that your personal information is handled correctly.
All personal information collected by us will be treated in accordance with the Australian Privacy Principles (“APPs”) as contained in the Privacy Act 1988 (Cth). The APPs detail how personal information may be collected, used, disclosed, stored, and destroyed, and how an individual may gain access to or make complaints about the personal information held about them.
This policy details the type of personal information we collect from our customers, how we manage personal information about you, with whom we may share it and the choices available to you regarding our use of the information. We also describe the measures we take to safeguard your personal information and tell you how to contact us regarding our privacy practices.
Personal Information (PI) collected is for the purposes of providing you with products and services or responding to your query. For these purposes, EONX may disclose your PI to our related bodies corporate and third parties contracted to us. If you do not provide this information, we may not be able to provide you with services or respond to your query. PI will be handled in accordance with our Privacy Policy.
What types of personal information do we collect and hold
“Personal information” is information or an opinion about an identified individual, or about an individual who is reasonably identifiable, whether true or not, and whether recorded in a material form or not. Information where we have removed any reference to a person, so that the person cannot be reasonably identifiable from the information, is not personal information.
The kinds of personal information that we may collect and hold from you or about you include:
·contact information, such as your name, postal address, e-mail address and telephone number;
·account information such as username, password, and transaction history;
·bank account information such as account name, BSB and account number;
·identification information such as passport or drivers licence;
·information concerning your interests, buying habits and product preferences; and
·any other personal information submitted to us by you directly or indirectly through your use of our website or online presence, or through our websites or accounts that you allow us to gather information.
We do not collect sensitive information (such as relating to your ethnic origin, religious or philosophical beliefs, membership of a political or trade association, sexual preferences, or health), and would not do so without your consent.
Website and cookies
When you browse our website or contact us electronically, we may record geographical tagging, cookies, and statistical data. This may include your IP address, date and time of your visit, operating system, language preferences, device characteristics, pages visited, information downloaded and type of browser used to access the website.
On our website, we may use 'cookies' or other similar tracking technologies to track your website usage and remember your preferences. Cookies are small data files stored on your computer, television, mobile phone, or other device. They allow the party who placed the cookie on your device to recognise you across multiple websites, services, devices, and browsing sessions. You can disable cookies in your browser, but if you do, our websites may not function properly for you.
Cookies may also be used to collect data, which may include personal information. If a cookie is linked to your account, for example, it will be deemed personal information under the Privacy Act. We will treat any personal information collected through cookies in the same manner as we treat all other personal information as defined in this Privacy Policy.
We use this information to help us to make decisions about maintaining and improving our website and online services.
Links
While our website may contain links to other websites with the exception of our related entities, those websites are not subject to our privacy standards, policies and procedures. We recommend that you make your own enquiries as to the privacy policies of these third parties and we are in no way responsible for the privacy practices of these third parties.
How we collect and hold personal information
We aim to collect personal information only directly from you unless it is unreasonable or impracticable for us to do so. For example, we collect personal information from you or about you from information you submit to us when:
·you apply for or request a product or service;
·register on our website;·when you participate in our call centre marketing campaigns, competitions, or surveys;
·when you respond to our advertising and direct mail;·you provide information to us via email or telephone;
and·when you have other dealings with us.
However, in some circumstances, it is necessary for us to collect personal information through third parties or from a source of publicly available information.
If we receive personal information that we have not requested (unsolicited information) and we determine that we could not have collected that information under the APPs if we had requested it, then we will destroy or de-identify the information if it is lawful and reasonable to do so.
Why we collect, hold, use, and disclose personal information
We collect, hold, use, and disclose personal information from you or about you where it is reasonably necessary for us to carry out our business functions and activities and as necessary to provide our services to you. We also collect, hold, use, and disclose your personal information for related purposes that you would reasonably expect, such as our administrative and accounting functions, for example, we may use the information obtained from you:
·to process your application for service and to establish and manage your account or facility, and carry out transactions you wish to make;
·to provide requested services to you, and bill you for our services and collect overdue payments;·to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you or related to your use;
·to operate, protect, improve, and optimise our website, business, and your experience, such as to perform analytics, conduct research, product development and provide product information;
·for training, quality control and verification purposes (including monitoring and recording your telephone conversations with us from time to time);
·to communicate our related company's or a third party's marketing offers to you (when making the offer we will let you know how you may stop receiving any further marketing offers);
·respond to and communicate with you about your requests, questions, and comments;
·to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties.
·protect against, identify, and prevent fraud and other criminal activity, claims and other liabilities;
·comply with and enforce applicable legal requirements, relevant industry standards and our policies; and
·to administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners
If we do not collect, hold, use, or disclose your personal information, or if you do not consent, then we may not be able to answer your enquiry, complete the transaction you have entered into, or provide our services to you to the best of our ability.
How we hold and protect personal information - Security
Your personal information is held and stored on paper, by electronic means or both. We have physical, electronic, and procedural safeguards in place for personal information and take reasonable steps to ensure that your personal information is protected from misuse, interference, loss and unauthorized access, modification, and disclosure.
We store personal information in a combination of secure Australian based computer storage facilities and paper-based files and other records. We use industry accepted and compliant technology and security so that we are satisfied that your information is transmitted safely to us through the internet or other electronic means.
We also employ the following measures in order to safeguard your personal information:
·data held and stored on paper is stored in lockable offices and in secure premises;
·data held and stored electronically is protected by internal and external firewalls, limited access via file passwords, and files designated read-only or no access;
·data held and stored “in the cloud” is protected by internal and external firewalls, limited access via file passwords and files designated read-only or no access. We also require our IT contractors and other third parties to implement privacy safeguards;
·where we disclose personal information to third parties (including contractors and affiliated businesses located locally and overseas), our contractual arrangements with them include specific privacy requirements; and
·our staff receive regular training on privacy procedures.
Destruction and De-identification
We will retain your personal information whilst it is required for any of our business functions, or for any other lawful purpose.
We use secure methods to destroy or to permanently de-identify your personal information when it is no longer needed:
·paper records are shredded or destroyed securely; and
·electronic records are deleted from all locations, to the best of our ability, or encrypted and/or placed beyond use.
Disclosure of Information
We respect the privacy of personal information and will take reasonable steps to keep it strictly confidential.
We may share the information you provide with companies that are related to us, through common ownership (including other affiliated companies within or outside Australia).
We will disclose personal information to third parties if it is necessary for the primary purpose of collecting the information, or for a related secondary purpose, if the disclosure could be reasonably expected. Where such a disclosure is necessary, we will require that the third party undertake to treat the personal information in accordance with the APPs.
Generally, we may disclose personal information about you in the following circumstances:
·where we have contracted an external organisation to provide us with support services. This may include but is not limited to identity verification, processing applications or orders, marketing support, deliveries, market research and debt collection. These service providers may be within or outside Australia;
·to payment services providers;
·to comply with our legal obligations including government agencies, regulatory bodies, and law enforcement agencies, or as required, authorised, or permitted by law (we notify you any time we are required to produce information in this way unless we are prohibited by court order or law or there is suspicion of fraud and/or criminal activity);
·where we suspect that unlawful activity has been or may be engaged in and the personal information is a necessary part of our investigation or reporting of the matter; or
·where organisations cooperate with us in offering products and services such as co-brand partners (we will notify you of that disclosure and obtain your consent on the application form).
·We may share information about you with affiliated joint marketing partners and/or third parties whose products or services may be of interest to you. These third parties may contact you directly about their products and services in order to provide continuous improvement to the Program.
Where we use your personal information for marketing and promotional communications, you can opt out at any time by notifying us. Opt out procedures are also included in our marketing communications. If you do not want us to use your information for marketing purposes, or share your information with related companies for their own marketing purposes, please notify us by sending an email to the contact email listed below.
Otherwise, we will only disclose your personal information to third parties without your consent if the disclosure is:
·necessary to protect or enforce our legal rights or interests or to defend any claims;
·necessary to prevent or lessen a serious threat to a person’s health or safety;
·required or authorised by law; or
·permitted by another exception in the Privacy Act.
·Where we wish to use or disclose your personal information for other purposes, we will obtain your consent.We impose strict requirements of security and confidentiality on all third parties as to how they handle personal information. We provide our outside contractors both locally and internationally, and retail affiliates only with information they need to perform their services - they are not permitted to use the information for any purpose except to provide the service to us. The Privacy Act also strictly controls the information we exchange with credit reporting agencies.
Additional information regarding Credit/Payment Information
The types of credit information that we collect and use for the purpose of collecting payments and/or making payments include:
·names, addresses and other contact details of accountholders (both prospective and current);
·bank account details;
·driver’s licence details; and
·financial information.
We do not disclose credit information to credit reporting bodies.
Requests for access and correction
We have procedures in place for dealing with and responding to requests from you for access to, and correction of, the personal information held about you. When you request personal information, we may need to verify your identity.
In most cases, we expect that we will be able to comply with your request. However, if we do not agree to provide you access or to correct the information as requested, we will give you written reasons why. For example, a request to access personal information may be rejected if:
·the request is frivolous or vexatious;
·providing access would have an unreasonable impact on the privacy of another person;
·providing access would pose a serious and imminent threat to the life or health of any person;
·providing access would prejudice our legal rights; or
·there are other legal grounds to deny the request.
To assist us to keep our records up-to-date, please notify us of any changes to your personal information.
Complaints and Concerns
You can contact us using the information below if you believe we have breached the Privacy Act or if you have a complaint about how we have handled your personal information. Include your name, email address, and/or phone number, as well as a detailed description of your issue. We will acknowledge your complaint and respond to you within a reasonable timeframe. Please email us at privacy@eonx.com
If your complaint is not resolved to your satisfaction or you still have a concern, you can contact the Office of the Australian Information Commissioner in any of the following ways:
online: www.oaic.gov.au/ privacy phone: 1300 363 992
email: enquiries@oaic.gov.au fax: +61 2 9284 9666
mail: GPO Box 5218 Sydney NSW 2001 or GPO Box 2999 Canberra ACT 2601
About this Privacy Policy
We may update our policies and this Privacy Policy from time to time. The latest version is published within your Program Site.
Contact
If you have any questions about this Privacy Policy, or if you would like us to update information we have about you or your preferences, please email us at privacy@eonx.com
