What information do we collect and how do we use it?
When we provide you with our expense management software and virtual card payment services, we ask you for the information we need:
- to verify your identity and conduct Know Your Customer checks;
- to provide and optimise the services we provide to you;
- to provide you with customer service and deal with any disputes or complaints;
- for our general business and risk management purposes;
- to market to you;
- for business development purposes; and
- to comply with our obligations under the law.
This can include a broad range of information including:
- your name, address, contact details when you register for a DiviPay account, download the DiviPay App, use the DiviPay virtual card, or use the DiviPay online platform and software;
- the names, contact details, address’ of any beneficial owners or directors of the business.
- other personal information such as drivers licence and identification documentation details you provide to us if you are subject to our full identity verification process;
- your photograph if you upload photos of yourself;
- your role within your business;
- information about the transactions you make and accept via DiviPay, including the value of the transactions, method of payment and reason for purchase when you make payments using your DiviPay Card;
- the budgets you create and any other information you enter into the DiviPay online platform or mobile application;
- information you provide us when you participate in any dialogue with us or via the DiviPay platform;
- with your permission, your physical location using our GPS location service;
- with your permission, your camera roll to upload receipts and payment data;
- your employment and educational information when you apply for a job with us.
We are required to collect personal information of all your beneficial owners and company directors in order to conduct a Know Your Customer check under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth).
We may disclose your personal information to third parties (such as other DiviPay users who are associated with your account, banks, our contractors, business partners and related entities, suppliers, service providers, professional advisors and agents, card providers, debt collectors, finance providers and payment gateway providers):
- to provide and manage our services;
- to provide integrations between our service and a third party as nominated by you in the DiviPay platform;
- to assess your credit worthiness and risk;
- to assess your job application (if you have applied for a job with us);
- if our business is purchased by another party, in which case your personal information may form part of the transferred assets;
- to comply with our legal obligations; and
- for any other reason with your consent.
We also use your information to enable us to manage your ongoing requirements and our relationship with you. We may do so by mail or electronically unless you tell us that you do not wish to receive electronic communications.
From time to time we will use your contact details to send you offers, updates, events, articles, newsletters or other information about products and services that we believe will be of interest to you. We may also send you regular updates by email or by post. We will always give you the option of electing not to receive these communications and you can unsubscribe at any time by notifying us that you wish to do so.
In addition to sending you marketing communications, we may also use your personal data to display targeted advertising to you online – through our own websites and services or through third party websites and their platforms.
We may also use your information internally to help us improve our services and help resolve any problems.
What if you don’t provide some information to us?
If you do not provide us with some or all of the information that we ask for, we may not be able to provide you access to the Divipay platform or limit your use of the DiviPay platform and features.
How do we hold and protect your information?
We strive to maintain the relevance, reliability, accuracy, completeness and currency of the personal information we hold and to protect its privacy and security. We keep personal information only for as long as is reasonably necessary for the purpose for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements.
We hold the information we collect from you in an Australian based PCI-DSS Level 1 certified data centre and protect it using the industry standard AES-256 encryption algorithm. In some cases, your file is archived and sent to an external data storage provider for a period of time. We only use storage providers in Australia who are also regulated by the Privacy Act.
Anonymous data – We use technology to collect anonymous information about the use of our website, for example when you browse our website our service provider logs your server address, the date and time of your visit, the pages and links accessed and the type of browser used. It does not identify you personally and we only use this information for statistical purposes and to improve the content and functionality of our website, to better understand our clients and markets and to improve our services.
Cookies – In order to collect this anonymous data we may use “cookies”. Cookies are small pieces of information which are sent to your browser and stored on your computer’s hard drive. Sometimes they identify users where the website requires information to be retained from one page to the next. This is purely to increase the functionality of the site. Cookies by themselves cannot be used to discover the identity of the user. Cookies do not damage your computer and you can set your browser to notify you when you receive a cookie so that you can decide if you want to accept it. If you use only temporary cookies, once you leave the site, the cookie is destroyed and no personal or other information about you is stored. If you use permanent cookies, They allow the website to recognise your computer when you return in the future.
Will we disclose the information we collect to anyone?
We will disclose your information to our card providers, debt collectors, payment gateway providers, banks, business partners and related entities, suppliers, service providers, professional advisors, finance providers and agents, and may need to provide your information to contractors who supply services to us, e.g. to handle mailings on our behalf, external data storage providers, credit assessors and providers, document verification service providers, or to other companies in the event of a corporate sale, merger, reorganisation, dissolution or similar event. However, we will take all reasonable steps to ensure that they protect your information in the same way that we do.
We may provide your information to others if we are required to do so by law or under some unusual other circumstances which the Privacy Act permits.
How can you check, update or change the information we are holding?
Upon receipt of your written request and enough information to allow us to identify the information, we will disclose to you the personal information we hold about you. We will also correct, amend or delete any personal information that we agree is inaccurate, irrelevant, out of date or incomplete.
If you wish to access or correct your personal information please write to Daniel Kniaz at 2/80 Albion Street, Surry Hills, NSW, 2010 or email firstname.lastname@example.org
We do not charge for receiving a request for access to personal information or for complying with a correction request. We do not charge for providing access to personal information.
In some limited cases, we may need to refuse access to your information or refuse a request for correction. We will advise you as soon as possible after your request if this is the case and the reasons for our refusal.
What happens if you want to complain?
Your complaint will be considered by us through our internal complaints resolution process and we will try to respond with a decision within 45 days of you making the complaint.
By registering with DiviPay, you consent to the collection and use of the information you have provided to us for the purposes described above.
For further information about our privacy policies or practices please contact us by email at email@example.com
Privacy Collection Statement
Please keep a copy of our Privacy Collection Statement for your records.