Privacy Act 2020 (NZL)
Public Records Act 2005 (NZL)
Privacy Act 1988 (AUS)
Data Classification Policy.
Data Governance Policy.
Disclosure & Communication Policy.
IT Acceptable Use Policy.
IT Security Policy.
Record Storage, Retention, Archives & Destruction Policy.
Your privacy is very important to us. This privacy policy discloses how Smartpay Holdings Limited and its subsidiaries (“Smartpay”, “we” or “us) will collect, use and share personal information about you. Smartpay recognizes the need for appropriate protections and management of the personal information you provide us.
This Privacy Policy is designed to both inform you of your rights in respect to the collection and storage of personal information, and to help us ensure that we comply with applicable law in the countries in which we operate.
Personal information is information or an opinion about you or which is reasonably identifiable as you, whether or not the information or opinion is true and whether or not the information is recorded in a material form. When you register for services that we may offer, place an order, meet us face-to-face meeting, correspond with us online, via mobile applications, mail, email or telephone, subscribe to our newsletter, or fill out any forms provided to us you provide us with, and we may collect, the following personal information (without limitation):
Your name.
Your date of birth.
Your physical and/or postal address.
Your email address.
Your phone number.
A copy of your passport (or other proof of identification).
Credit information, such as details relating to your credit history, credit capacity, and credit eligibility.
Records of our interactions with you.
Statistics on page views.
Your Smartpay customer number.
Your bank account number.
In addition to the above, if you conduct a business or financial transaction with Smartpay, or through a merchant using a system that is managed by Smartpay, we will collect payment and transaction data (including the cardholder’s name, amount, frequency, type, location, origin and recipients) from you at the time we process those transactions, as required in order to allow the transaction to be completed (“Cardholder Data”).
We may collect personal information about:
Individuals.
Contractors and suppliers.
Third parties seeking or using our services.
Other people who come into contact with us in the ordinary course of business
Applicants applying for a job or position with us: we may collect certain information from you (including your name, contact details, working history and relevant records checks) from any recruitment consultant, your previous employers and others who may be able to provide information to us to assist in our decision whether or not to make you an offer of employment or engage you under a contract. This Privacy Policy does not apply to acts and practices in relation to employee records of our current and former employees, which are exempt from privacy laws.
In some cases, we collect personal information from third parties including public sources, our related companies and our service providers (including credit agencies).
Any of the personal information we collect from you may be used in one of the following ways:
To undertake customer due diligence to ensure we comply with our obligations under the Anti-Money Laundering and Countering Financing of Terrorism Act 2009, including: To prevent and (if necessary) report financial crimes.
To personalise your experience of our Website (your personal information helps us to better respond to your individual needs).
To improve customer service (your information helps us to more effectively respond to your customer service requests and support your
needs).
To process transactions, or deliver purchased products or services requested.
To administer the product(s) or service(s) we provide you (including by answering any question, requests or complaints you may have).
To track traffic through our Website.
To consider your employment or contractual engagement application.
Where you have specifically consented to us doing so, to:
Communicate with you in relation to products and services we offer which we feel may be of interest to you; and/or.
Communicate with you on behalf of our business partners.
Such other purposes that we will notify you of at the time we collect your personal information.
The personal information you submit is gathered only on a voluntary basis; you may choose to not provide the personal information, although this may mean that you are unable to access certain services.
We do not sell personal information to third parties. Except as set out below, your personal information will not be exchanged, transferred, or given to third parties for any reason without your consent.
We may share your personal information with third parties in the following circumstances:
To the extent necessary to deliver purchased products or services requested.
To enterprise resource planning (ERP) service providers, as necessary for the storage of your information on the cloud. Currently, Smartpay stores data (including personal information) in the cloud using various solutions.
To the extent necessary with our service providers who assist us in operating our website, conducting our business, or servicing you, so long as these parties agree to keep this information confidential.
Reporting overdue debts to Debt Collection Agencies or Credit Reporting Agencies.
Registering a Security Interest against Smartpay owned equipment.
Where we believe in good faith that we are required to do so by law.
Where we have reason to believe that doing so is necessary to identify, contact or bring legal action against anyone damaging, injuring, or interfering (intentionally or unintentionally) with our rights or property, users, or anyone else who could be harmed by such activities.
We may provide non-personally identifiable information to other parties for marketing, advertising, or other uses.
We implement a variety of security measures to safeguard against loss, access, use, modification or disclosure of your personal information when you enter, submit, or access your personal information.
We will retain your personal information only for as long as necessary to fulfil the purpose(s) for which it was collected and to comply with applicable laws. Your consent to such purpose(s) remains valid after termination of our relationship with you.
We will take all reasonable steps to ensure that your personal information is accurate, up to date, complete, relevant and not misleading.
Smartpay’s business is operated in and from New Zealand and Australia. Accordingly, information is, in the first instance, processed in New Zealand and/or Australia.
We may store your information in the cloud or on other types of electronic storage systems. All electronic storage system premises are located in Australia or New Zealand. Smartpay ensures any cloud provider used is certified for security of the cloud in compliance with all the laws and regulations. Note that cloud agents are not to disclose information that Smartpay stores on their services except as legally required.
We take reasonable steps to ensure that all personal information that we collect is kept secure in accordance with industry standard physical, electronic and managerial procedures. All of our staff are trained to comply with this Privacy Policy. In respect of personal information collected online or stored electronically (including in the cloud) in particular, you acknowledge that no security system is impenetrable and that the security of such networks and systems can never be guaranteed. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information which is transmitted to us is transmitted at your own risk.
The Payment Card Industry Data Security Standard (“PCI DSS”) includes a number of security requirements relating to cardholder data. Smartpay does not collect full card number/data information, only partial for fraud tracking purposes only, so Smartpay does not have to be PCi DSS compliant.
Cookies are small files that a site or its service provider transfers to your computer hard drive through your Web browser (if you allow) that enables the sites or service provider’s systems to recognize your browser and capture and remember certain information. We use cookies to:
Track traffic patterns to our Website.
Ensure that the most relevant content is being shown to you.
If you would rather that we did not use cookies with you, you can refuse them by turning them off in your browser and/or deleting them from your hard drive. You will still be able to visit our Website.
Please also visit our Terms and Conditions section establishing the use, disclaimers, and limitations of liability governing the use of our website at:
This Website may contain links to third party websites for your convenience and information. Smartpay does not control these sites or their privacy practices. We do not endorse or make any representations about third party websites, and any personal information you choose to give these sites will not be covered by this privacy policy. We encourage you to review the privacy policy of any company or website before submitting your personal information.
We will take reasonable steps to ensure that any personal information we collect is accurate, up-to-date, complete, relevant and not misleading, and any personal information that we use or disclose is up-to-date, complete, accurate and relevant.
You may contact us to access, or request correction or deletion of your personal information. However, if you have any questions regarding this Privacy Policy you may contact us on one of the following:
Phone: New Zealand 0800 476 278 or Australia 1800 846 787.
Mail: PO Box 100490, Auckland, New Zealand. Attention: Privacy Officer.
Email: privacy@smartpay.co.nz
If you believe that we have breached this Privacy Policy, you may direct your complaint to us at privacy@smartpay.co.nz or at PO Box 100490, Auckland, New Zealand. Attention: Privacy Officer, please include your name, email and/or telephone number. We will review your complaint and liaise with you directly to resolve your complaint within a reasonable time.
Smartpay takes Privacy seriously and any Privacy breaches will be escalated internal to the Smartpay Executive Team and the Smartpay Board immediately.
Smartpay will follow the guidelines of the Privacy Commission in relation to the handling of any privacy breaches.