Privacy Policy
Our Commitment to your Privacy
The privacy of individuals, including our staff and our clients, is of utmost importance to Handel Group Pty Ltd ACN 625 084 077 (handel:) and Flexiskip Pty Ltd ACN 624 360 390 (FLEXiSKiP). This includes information or opinions about you that we collect and record which reasonably could be used to identify you. We adhere to the National Privacy Principles and the Privacy Act 1988 (Cth).
This document sets out our policies for managing personal information across our business operations in Australia. We have a Privacy Officer; whose contact details are below.
We want you to know how we may collect, use, share, and keep information about you and the choices that are available to you. When we provide products or services to you, we may also give you additional details about how we will use your personal information.
This Privacy Policy applies to handel: websites, and online services that may run on smart phones, tablets, and other mobile devices (“apps”). It does not apply to those websites that have their own online privacy statements, which may be linked to the handel: websites or apps.
Not all the information described in the Privacy Policy is ‘Personal Information’ under the Privacy Act – some of the Online Information we collect does not identify you (for example, some information we collect using cookies or information that is aggregated or de-identified).
Our websites and apps are not intended for children under 18 years of age. We do not knowingly solicit data online from, or communicate online to, children under 18 years of age.
Since we may change this Privacy Policy, we recommend that you check the current version available from time to time. If we make changes to this Privacy Policy, we will update the Effective Date at the top of this page.
When this Privacy Policy mentions “we,” “us,” or “our,” or “Data Controller” it refers to the “Company” (handel: & FLEXiSKiP).
When this Privacy Policy mentions “you,” or “your”, it refers to the user of this website or app.
When using the Payment Services, you will be also providing your information, including personal information, to one or more Company entities, which will also be the Data Controller (the “Payments Data Controller“) of your information related to the Payment Services.
Types of Personal Information We Collect
The types of information we collect depends on which product or service you use and how you interact with us.
When dealing with our customers and clients we generally collect your name, address, telephone number, IP address including associated data such as your web browser and operating system, and other contact details. Depending on the type of interaction you may have with us, we may also collect and update personal information necessary to establish your identity and personal financial situation, such as date of birth, domicile, employment details, bank account details, drivers’ licence, basic financial information, and other information about your financial and credit history.
We generally do not collect sensitive information (such as relating to ethnic origin, religious or philosophical beliefs, membership of a political or trade association, sexual preferences or health), unless it is reasonably necessary for one of our functions or purposes, in which case we will obtain your consent to collect that sensitive information.. We do not collect information in a way that is unfair or unlawful. The collection of information will not intrude unreasonably on the personal affairs of the individual concerned.
We may gather Online Information if you:
- Visit or use our websites or apps;
- Receive or reply to electronic communications from us;
- View or click on our ads or other online content; and
- Interact with us through social media websites and other websites and apps.
Why We Collect Personal Information
Generally, we collect, hold, update and use personal information about you related to our functions and activities so we can establish, manage and administer the products and services provided by us, and to comply with legal and regulatory obligations. We also use, store, and process information about you to provide, understand, improve, and develop our website and apps, and to create and maintain a trusted and safer environment. We may also use and disclose your information for purposes related to those mentioned above, including:
- to provide requested services to you, and bill you for our services and collect overdue payments;
- to communicate our promotional materials to you and others;
- to enable you to access and use the website and apps;
- to operate, protect, improve and optimize the website and apps and experience, such as by performing analytics and conducting research;
- to enable you to access and use the payment and delivery services;
- to provide customer service;
- to send you service or support messages, such as updates, security alerts, and account notifications;
- for our research and development of new products and services;
- for training, quality control and verification purposes (including monitoring and recording your telephone conversations with us from time to time);
- to communicate our promotional materials to you;
- for record keeping, data analytics and auditing;
- to detect and prevent fraud, spam, abuse, security incidents, and other harmful activity;
- to conduct investigations and risk assessments;
- to verify or authenticate information or identifications provided by you (such as to verify your address or compare your identification photo to another photo you provide);
- to conduct checks against databases and other information sources;
- to resolve any disputes with any of our users and enforce our agreements with third parties;
- to enforce our Terms and Conditions and other policies, and
- to meet our legal obligations.
How We Collect Information
Generally, we collect personal information directly from you, in response to our direct mail, e-mail, forms that you complete and submit to us, comments or feedback you submit in communications to us, on our apps, website or other websites we advertise or market our services or apps on, or when you have other dealings with us. We may collect that information over the telephone or internet, in person (when you visit us at a Company office) and when you write to us.
We may also collect personal information through third parties such as:
- a third-party business that provides commercial financial information;
- market research organisations;
- other credit providers;
- persons authorised by you (such as lawyers or accountants);
- referees (if you give us the name of someone who can give a reference about you); and
- publicly available sources of information.
We only collect your information from external sources if it is impractical to collect it directly from you, or when we are permitted to do so.
We (and our Service Providers) also collect information through Cookies and Similar Technologies. Most Cookies and Similar Technologies will only collect De-Identified Information such as how you arrive at our website or your general location. However, certain Cookies and Similar Technologies do collect Personal Information. For example, if you click Remember Me when you log in to our website, a cookie will store your username.
We (and our Service Providers) may collect information using Cookies and Similar Technologies about:
- the device you use to access our websites or apps (for example, we may collect information about the operating system or the browser version and the type of computer or mobile device);
- the IP Address and information related to that IP Address (such as domain information, your internet provider and general geographic location);
- browsing history on our websites or apps (such as what you search for, the pages you view, how long you stay, and how often you come back);
- how you search for our websites or apps, and from which website or app you came from;
- which ads or online content from us you view, access, or click on;
- whether you open our electronic communications and which parts you click on (for example, which links you use); and
- the location of your mobile device (for example, to help prevent fraud or when you register to receive location-based content on our mobile websites or apps).
We (and our Service Providers) may also collect information made publicly available through third-party platforms (such as online social media platforms), through online databases or directories, or that is otherwise legitimately obtained.
What happens if I do not provide information that has been requested?
It is your choice whether to provide your personal information or not. However, if you don’t, we might be unable to fulfil your request for a specific product or service or be able to identify you to protect you against fraud.
How we store information
We store personal information in a combination of secure computer storage facilities and paper-based files and other record formats. We have taken a number of steps to protect the personal information we hold from misuse, loss and unauthorised access, modification or disclosure. We use generally accepted technology and security so that we are satisfied that your information is transmitted safely to us through the internet or other electronic means.
We are continuously implementing and updating administrative, technical, and physical security measures to help protect your information against unauthorised access, loss, destruction, or alteration. However, the internet and mobile devices are not a 100% secure environment, so we can’t guarantee the security of the transmission or storage of your information.
Data retention and destruction
We store personal information in a combination of secure computer storage facilities and paper-based files and other record formats. We have taken a number of steps to protect the personal information we hold from misuse, loss and unauthorised access, modification or disclosure. We use generally accepted technology and security so that we are satisfied that your information is transmitted safely to us through the internet or other electronic means.
We are continuously implementing and updating administrative, technical, and physical security measures to help protect your information against unauthorised access, loss, destruction, or alteration. However, the internet and mobile devices are not a 100% secure environment, so we can’t guarantee the security of the transmission or storage of your information.
When we may disclose your personal information
By continuing to use this to use the website or app, you agree and consent to the use, disclosure and storage of your personal information under this policy.
Generally, we may disclose personal information about you in the following circumstances:
- To improve, promote, market or otherwise advertise our services and apps such as publishing comments and feedback you submit to us;
- to comply with our legal obligations (we notify you any time we are required to produce information in this way unless we are prohibited by court order or law or there is suspicion of fraud and/or criminal activity);
- where we suspect that unlawful activity has been or may be engaged in and the personal information is a necessary part of our investigation or reporting of the matter;
- where we are satisfied on reasonable grounds that disclosure is necessary to lessen or prevent a serious threat to the life, health, safety or welfare of an individual or to public health, safety or welfare;
- the disclosure is necessary for research or the compilation or analysis of statistics in the public interest, but does not involve the publication of the personal information in a form which would identify an individual;
- financial advisers, brokers and other parties authorised by us;
- other areas and organisations within the group that provide financial and other services, for reasonable business purposes;
- to the Payments Data Controller for Payment Services; or
- anyone authorised by you or to whom you have provided your consent (either expressly or impliedly).
Service Providers
From time to time, we may use a variety of third-party service providers (such as the Payments Data Controller) to help us provide services related to the website and apps. Service providers may be located inside or outside of Australia. For example, service providers may help us: (i) verify or authenticate your identification, (ii) check information against public databases, (iii) assist us with background checks, fraud prevention, and risk assessment, or (iv) provide customer service, advertising, or payments services. These providers have limited access to your information to perform these tasks on our behalf and are contractually obligated to use it consistent with this Privacy Policy.
Payments
We may share your personal information to: (i) provide the Payment Services, (ii) facilitate your use of the website and apps, and (iii) jointly market products or services to you with other financial third parties with whom we have a formal agreement. You can unsubscribe or opt-out from receiving such marketing communications by sending us an email.
Safety and Compliance with Law
We may disclose your information to courts, law enforcement or governmental authorities, or authorised third-parties, if and to the extent we are required to do so by law or if such disclosure is reasonably necessary: (i) to comply with legal process and to respond to claims asserted against us, (ii) to respond to verified requests relating to a criminal investigation or alleged or suspected illegal activity or any other activity that may expose us, you, or any other of our users to legal liability, (iii) to enforce and administer our Terms and Conditions or other agreements with Members, (iv) for fraud investigation and prevention, risk assessment, customer support, product development and debugging purposes, or (v) to protect our rights, property or personal safety and of our employees, Members, or members of the public.
Aggregated Data
We may also share aggregated information (information about our users that we combine together so that it no longer identifies or references an individual user) and non-personally identifiable information for industry and market analysis, demographic profiling, marketing and advertising, and other business purposes.
Aggregated Information or De-identified Information does not identify you individually; it helps us to analyse patterns among groups of people. We may share Aggregated Information or De-identified Information in several ways, for example:
- for the same reasons as we might share Personal Information;
- with Business Partners to help develop and market programs, products or services and present targeted content including Targeted Advertising;
- with Business Partners to conduct analysis and research about customers, website and apps users; or
- with Third-Party Ad-Servers to place ads (including ads of our Business Partners) on various websites and apps, and to analyse the effectiveness of those ads.
Analysing your Communications
We may review, scan, or analyse your communications on the website and apps for fraud prevention, risk assessment, regulatory compliance, investigation, product development, research, and customer support purposes. For example, as part of our fraud prevention efforts, we scan and analyse messages to mask contact information and references to other websites. In some cases, we may also scan, review, or analyse messages to debug, improve, and expand product offerings. We use automated methods where reasonably possible. However, occasionally we may need to manually review some communications, such as for fraud investigations and customer support, or to assess and improve the functionality of these automated tools. We will not review, scan, or analyse your communications to send third party marketing messages to you, and we will not sell reviews or analyses of these communications.
Third Party Partners and Integrations
The website and apps may contain links to third party websites or services, such as third-party integrations, co-branded services, or third party-branded services (“Third Party Partners”). We don’t own or control these Third-Party Partners and when you interact with them, you may be providing information directly to the Third-Party Partner or us. These Third-Party Partners will have their own rules about the collection, use, and disclosure of information. We encourage you to review the privacy policies of the other websites you visit.
Will my Personal Information be used for Direct Marketing?
We use and disclose your personal information to keep you informed about the range of financial products and services offered by us. You may opt out of receiving direct marketing from us at any time by contacting the Privacy Officer – details below.
Cookies and Similar Technologies
If you do not want us to collect information about you using Cookies and Similar Technologies, you can disable or delete them. Most computer systems and browsers offer their own privacy settings. We encourage you to use them to enhance your choices. Most browsers’ advanced settings (such as those in Internet Explorer, Google Chrome or Safari) allow you to disable Cookies and Similar Technologies.
Important If you do disable or delete Cookies and Similar Technologies, some site features and services may not work. You will need to manage your settings for each computer and browser you use to access the Internet.
Keeping us up-to-date
We will take reasonable steps to make sure that the personal information we collect, use or disclose is accurate, complete and up-to-date. If your personal details change, such as your telephone number or billing address, please contact us so that we can continue to provide you with our services.
You may review, update, or delete the information in your Account by logging into your Account and reviewing your Account settings and profile.
You have the right to ask us to correct inaccurate or incomplete personal information concerning you (and which you cannot update yourself within your Account).
For information on how to cancel your handel: account, visit http://www.handel.group/.
You can access your Personal Information
Following a request, we will provide you with a copy of personal information which we hold about you in accordance with our obligations under the Privacy Act. We may charge a fee for retrieving this information (we will inform you of the fee before providing the information). You may also be entitled to request copies of personal information that you have provided to us in a structured, commonly used, and machine-readable format and/or request us to transmit this information to another service provider (where technically feasible). Please note that there are some circumstances set out in the Privacy Act where we may refuse your request.
We will promptly acknowledge and investigate any complaints about the way we manage personal information.
About This Privacy Policy
We may update our policies and this Privacy Policy from time to time. The latest version is published on our website at www.handel.group/privacy and is available in print at our offices, or by contacting us using the details below.
Contacting us: If you have any questions about our policies, or if you wish to update or access the information we hold about you, make a related complaint, opt out of receiving direct marketing material, or to receive a copy of our most current Privacy Policy, please write to us at:
The Privacy Officer
Handel Group Pty Ltd
3/259 Cullen Ave East
Eagle Farm, QLD, 4009
Australia
If we take more than 30 days to respond to your privacy complaint, or if you are dissatisfied with the outcome, you can make a complaint to the Privacy Commissioner at the Office of the Australian Information Commissioner. The OAIC can be contacted on 1300 363 992 or at www.oaic.gov.au
Glossary
Aggregated Information – data or information relating to multiple people which has been combined or aggregated. Aggregated Information includes information that we create or compile from various sources, including card transactions or certain data from Cookies and Similar Technologies.
Company (we, our, us) – Handel Group Pty Ltd ACN 625 084 077 and Flexiskip Pty Ltd ACN 624 360 390 as identified at the beginning of this Privacy Policy.
Cookies and Similar Technologies – a cookie is a small data file that an app or website transfers to your computer’s hard drive. We may place cookies when you use our websites or apps or where you use another company’s website and apps that our ads appear on. We may also place cookies when you request or personalise information or register for certain services. If you accept these cookies, you may give us access to information about your interests. We may use that information to personalise your experience. Similar technologies such as web beacons, pixels, gifs, and tags also do the same thing. We use the term Cookies and Similar Technologies in this statement to refer to all technologies that collect information in this way.
De-identified Information – data or information used in a way that does not identify you to a third party. We often derive De-Identified Information from Personal Information. It includes information that we may collect from various sources, such as card transactions or certain data from Cookies and Similar Technologies.
IP Address – a number assigned to a device when connecting to the Internet.
Online Information – data or information which may include Personal Information, Aggregated Information and De-Identified Information collected on our websites and apps as well as on websites and apps of third parties relating to topics about our business.
Other Information – our internal information, information from our Business Partners, and other online and offline information we collect from or about you.
Personal Information – means information or an opinion about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion (such as name, address or telephone number).
Service Providers – any vendor, third party and/or company that performs business operations on our behalf, such as printing, mailing, and other communications services (email, direct mail, etc.), marketing, data processing, servicing, collections, or ad management.
Targeted Advertising – ads we, or our Service Providers, display on websites or apps based on the preferences or interests inferred from data collected from a particular computer or device regarding web viewing behaviours over time and across different websites and apps.
Third-Party Ad-Servers – companies that provide the technology to place ads on websites (and apps) and track how ads perform. These companies may also place and access cookies on your device. The information they collect from our websites or apps is in a form that does not identify you personally.
Effective Date: 2 May 2019