Laybuy Holdings Limited
Date: Sep 16th 2019
Laybuy Holdings (Australia) Pty Ltd ABN 61 623 054 400, Level 9, 123 Pitt Street Sydney, NSW, Australia and its related bodies corporate ("we", "us", "our") is committed to respecting your privacy. We will always collect, store, use and disclose your Personal Information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles.
- information offered on, and provided by our website ("Website");
- information and services offered on, and provided by signing up for a User Account on our Website ("User Account");
- social media pages, including Facebook, Twitter, Youtube and Instagram; and
- email communications and subscription services.
In this policy, "Personal Information" means information about an identifiable individual or an individual who is reasonably identifiable. By way of example, this type of information includes your name and contact details.
What information do we collect?
Information you provide
You may give us information about yourself, such as your name, address, email address, telephone number, credit card details, drivers licence and passport details depending on which one of our Online Services you use.
We may collect your credit card details or other financial information where you provide them to us when you create a User Account for the purposes of arranging the payment plans offered via our Online Services. We will only use your financial information for the purpose for which it is collected and in accordance with this policy. Financial or credit card information we collect from you is strictly confidential and held on secure services in controlled facilities.
We may also collect Personal Information and credit-related information about you in order to assess your credit-worthiness. This information may include your name, date of birth, residential address, email address, telephone and mobile numbers, drivers licence, employer and employment details, bank statements and repayment history.
Information collected about you
When you visit our Website or other Online Services, we may collect more information, such as the address of your Internet service provider, the name of the web page directing you, and your clicks and activity on our site.
Clickstream data and other related information about visits to our Website and related Online Services may be collected. In addition to this, usage and performance data through our Website using various platform specific tracking technologies available to the Website may be collected.
Cookies and other monitoring devices
We may use services such as Google Analytics, which will issue cookies from their own servers and which will be able to track website visitors throughout relevant websites. We do not control how those cookies are issued, or the data that they store.
We may use "web beacons" (electronic images also known as pixel tags or clear gifs) to recognise a cookie on your computer when you view or act upon a web page, an advertisement that we have placed on a third party web page, or an email or other electronic communication that we have sent.
How is your personal information used?
We may (and may authorise third parties to) use your Personal Information to process your transactions and to help us develop, improve, manage, administer and facilitate our services and operations - including to provide the Online Services, to help us to develop our Online Services to be more available and user friendly to our customers, to administer your User Account, for safety and security issues, for our own internal purposes (such as risk management, staff training and billing), to conduct market research, for any purpose permitted by law, and for any other use associated with such purposes or which you may authorise.
In addition, we may use your Personal Information to promote and market our products and services, or the products and services of others. However, we will not do this by email or text (except as part of an email which facilitates, completes or confirms a transaction with you) unless we have your express or deemed consent to do so. These emails and texts will always include an "unsubscribe" facility (see section 6 for more information on email and text communication).
In what circumstances might we disclose your personal information?
We do not sell, trade or rent your Personal Information to others.
However, we may use other companies to perform services on our behalf. In particular, we may use other companies to run a credit and identity check on you when you sign up for a User Account. By signing up for a User Account you consent to us disclosing your Personal Information and credit related information to a credit reporting body, being Experian Australia Credit Services Pty Ltd (www.experian.com.au and email contact details of email@example.com and post at Consumer Support Team, GPO Box 1969 North Sydney NSW 2060) to obtain a credit report about you. If we disclose your Personal Information and credit related information to a credit reporting body, the credit reporting body can use that information to provide a credit report about you to us and we will use that report as part of our credit assessment of you. If we do not obtain Personal Information and credit related information from you, we may not be able to provide the User Account services to you. The credit reporting bodies may use the information in credit reports about you and provide this to other credit providers in their assessment of your credit worthiness. You are able to obtain details about your credit report from the credit reporting body and their management of your Personal Information and credit related information by contacting them using their contact details above.
In addition, we may provide statistics about our customers, sales, traffic patterns and related site functions to reputable third parties.
We will not otherwise disclose your Personal Information or credit related information unless we believe on reasonable grounds that you have provided your authorisation. However, you should be aware that we may be required to disclose your Personal Information without your consent in order to comply with any court orders, subpoenas or other legal process or investigation including by tax authorities, if such disclosure is required by law. Where possible and appropriate, we will notify you if we are required by law to disclose your Personal Information or credit related information.
We do not sell, trade or rent your Personal Information to others.
Storage and security
We are committed to protecting the security of your Personal Information and we take all reasonable precautions to protect it from unauthorised access, modification or disclosure.
We use industry standard (or better) administrative, physical and technical protections to safeguard the security, privacy, confidentiality and integrity of your Personal Information.
We accept no responsibility for any loss, misuse, unauthorised access or disclosure, alteration or destruction of Personal Information which you submit to us.
The Privacy Act 1988 (Cth) requires us to notify affected individuals and the Australian Information Commissioner about ‘eligible data breaches’. An eligible data breach occurs when the following criteria are met:
- there is unauthorised access to or disclosure of Personal Information we hold (or information is lost in circumstances where unauthorised access or disclosure is likely to occur);
- the access, disclosure or loss is likely to result in serious harm to any of the individuals to whom the information relates; and
- we are unable to prevent the likely risk of serious harm with remedial action.
If it is not clear whether a suspected data breach meets these criteria, we will investigate and assess the breach to determine whether the breach is an ‘eligible data breach’ that requires us to notify the affected individuals. This is to ensure that you are notified if your personal information is involved in a data breach that is likely to result in serious harm. Even if the criteria are not met, we may decide it appropriate to notify you anyway as part of our commitment to taking privacy seriously.
What about links to other websites?
Email and text communications
We are committed to full compliance with the Spam Act 2003 (Cth).
By subscribing to emails and/or text communications, or otherwise providing your email address and/or mobile number, you consent to receiving emails and/or texts (as the case may be) which promote and market our products and services, or the products and services of others, from time to time.
You can unsubscribe from our email communications and/or text communications at any time by clicking the "Unsubscribe" link in any promotional or marketing email or text received or by emailing firstname.lastname@example.org.
Once you have unsubscribed from the email or text communications, you will be removed from the corresponding marketing list as soon as is reasonably practicable.
How you can request access or correct your personal information
You may request access to the information we hold about you, or request that we update or correct any Personal Information we hold about you, by setting out your request in writing and sending it to us at email@example.com.
We will review your request and respond to your request as soon as reasonably practicable but not later than 30 days from the date of your request. If we are unable to give you access to the information you have requested, we will give you reasons for this decision when we respond to your request.
We will only keep your Personal Information for as long as we require it for the purpose for which it was required. However, we may also be required to keep some of your Personal Information for specified periods of time, for example under certain laws relating to companies, money laundering and financial reporting legislation.
Feedback / Queries