This policy sets out the personal information handling practices of PayMe Australia Pty Ltd and any subsidiary companies managed by PayMe Australia. The policy demonstrates how we comply with our obligations under the Privacy Act 1988 (Privacy Act) and manage your personal information in accordance with the Australian Privacy Principles (APPs). The APPs regulate how we may collect, use, disclose and store your personal information, and how you may access and correct the personal information that we hold about you.We will only collect information that is reasonably necessary for the proper performance of our activities or functions. We do not collect personal information just because we think it could be useful at some future stage if we have no present need for it. We do not collect or use personal information for the purposes of unlawful discrimination. We may decline to collect unsolicited personal information from or about you and may take such measures as we think appropriate to purge it from our systems.By following the links in this document, you will be able to find out how we manage your personal information as an APP Entity under the APPs.
PayMe manages personal information, as an APP Entity, under the APPs and must take such steps as are reasonable in the circumstances to implement practices, procedures and systems relating to the entity?s functions or activities that:
Open and Transparent management of Personal Information
Anonymity and pseudonymity
When making a general enquiry as an individual, you do not have to identify yourself where reasonable to do so. We can provide general information to you without requesting any personal information.
Collection of Solicited Personal Information
When collecting personal information;
Kinds of personal information that we collect and hold
In performing our functions and activities of novated car leasing, salary sacrificing and payroll services, we may collect and hold the following kinds of personal information about you:
Sensitive information is only collected with consent and where it is necessary for the performance of our functions and activities. Sensitive information will need to be collected where it relates to a genuine requirement. Our collection of some types of sensitive information is also governed by equal opportunity and anti-discrimination laws.
How we collect and hold personal information
We made collect personal information about you directly from you as well as indirectly from third parties.In performing our functions and activities, we may collect your personal information using a variety of methods including:
We collect and store your personal information securely on our secure internal information systems. When we no longer are required to hold your personal information it is destroyed by purging from our information systems and destroyed in accordance with our policy.We do not destroy or de-identify information that is contained in a Commonwealth Record
Use or Disclosure
We only use or disclose your personal information for the purposes for which it was given to us in relation to our functions or activities which we are undertaking for you.We do not disclose your personal information and are unlikely to disclose your personal information to overseas recipients. Instances whereby we may disclose your personal information include:
Photos & Images
We will not request that you supply photographs, scan photo ID, or capture and retain video image data of you in cases where simply sighting photographs or proof of identity documents would be sufficient in the circumstances.At times video surveillance which operates in or near our premises may capture images of you.
This section explains how we handle personal information collected from our website and by other technology in the course of electronic transactions.It is important that you understand that there are risks associated with use of the Internet and you should take all appropriate steps to protect your personal information. It might help you to look at the OAIC?s resource on Internet Communications and other TechnologiesIt is important that you:
Please contact us by land line phone or mail if you have concerns about making contact via the Internet. Sometimes, we collect personal information that individuals choose to give us via online forms or by email, for example when individuals:
Related Purpose Disclosures
We outsource a number of services to contracted service suppliers (CSPs) from time to time. Our CSPs may see some of your personal information. Typically our CSPs would include:
If you find that personal information that we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to correct it by contacting us.We will take such steps as reasonable in the circumstances to correct that information to ensure that, having regard to the purposefor which it is held, the information is accurate, up to date, complete, relevant and not misleading.If we have disclosed personal information about you that is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to notify the third parties to whom we made the disclosure and we will take such steps (if any) as are reasonable in the circumstances to give that notification unless it is impracticable or unlawful to do so.You should also anticipate that it may take a little time to process your application for correction as there may be a need to retrieve information from storage and review information in order to determine what information may be corrected. We will generally respond to your request for access within twoworking days.There is no charge to correct information.In some cases we may not agree that the information should be changed.If we refuse to correct your personal information as requested by you, we will give you a written notice that sets out:
You may also ask us to associate a statement that the information is contested as being inaccurate, out of date, incomplete, irrelevant or misleading and we will take such steps as are reasonable to do so.
Notifiable Data Breaches Scheme;
PayMe takes the security of your data to be our paramount responsibility. This includes protecting personal information from misuse, interference and loss, and from unauthorized access, modification or disclosure. In the event we experience or suspect any form of data breach we will take immediate remedial action to contain and limit any further access or distribution of the breach. PayMe will immediately implement the Data Breach response action plan https://www.oaic.gov.au/resources/privacy-law/privacy-act/notifiable-data-breaches-scheme/flowchart.pdf and the Privacy team will notify affected individuals or entity (s) at risk of serious harm, depending on what is ?practicable? and in accordance with the Notifiable Data Breaches (NDB) Scheme (s) that a breach has occurred.
Ensuring that the notification to the Office of the Australian Information Commissioner is completed.
To whom is the data passed and how do we protect it along the way;
PayMe is an Australian company and does not send or process any data outside of Australia. PayMe does not outsource any of its functions to any countries outside of Australia including the European Union(EU) or outside of the EU.
How to contact us;
For more information visit www.payme.com.au Or call us on 1800 082 006
PayMe Australia ? Head Office Ground Floor Suite 6 ? 18 Napier Close Deakin ACT 2600
PayMe Australia Pty Ltd PO Box 244 Deakin ACT 2601
You have a right to complain about our handling of your personal information if you believe that we have interfered with your privacy.
How to make a complaint
If you are making a complaint about our handling of your personal information, it should first be made to us in writing.You can make complaints about our handling of your personal information to our Privacy Co-ordinator, whose contact details are Maria Lindgren, PO Box 244 Deakin ACT 2600, Phone 1800 082 006, email: firstname.lastname@example.orgYou can also make complaints to the Office of the Australian Information CommissionerHow your complaint will be handledWhen we receive your complaint:
If we believe that your complaint may be capable of some other solution we will suggest that solution to you, on a confidential and without prejudice basis in our response;If the complaint cannot be resolved by means that we propose in our response we will suggest that you take your complaint to any recognised external dispute resolution scheme or the Credit Ombudsman Service of which we are a member #M0020165 or to the Office of the Australian Information Commissioner.