Last updated 14 February 2019
1. About Us
Tappr is committed to ensuring that your privacy is protected and to process your personal data in accordance with the Australian Privacy Act 1998 (Cth), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and other applicable privacy laws. We will only collect and use your personal data in accordance with this data protection policy.
Tappr Services Pty Ltd (ACN 615 100 840) operates www.tappr.io website under ABN 22 615 100 840. Tappr Services Pty Ltd’s registered office is Level 5, 12 Commercial Rd, Newstead, 4006.
Unless otherwise noted in this Data Protection Policy, the terms “Tappr”, “we”, “our” and “us” refer to Tappr Services Pty Ltd.
2. Purposes of this Data Security Policy
This Data Protection Policy sets out:
- the basis on which we collect, store, share, process and use personal data (such as information that identifies, relates to or describes you, or which is capable of being associated with you) from you when you use the website, www.tappr.io (“Website”) or any software, services or mobile application provided by us (“Application”) which enable you to initiate payment transactions;
- the types of Personal Data collected, stored, shared, processed and used by us and your right to control your Personal Data (“Personal Data”).
This Data Protection Policy does not apply to information that may be collected by third parties who own or operate websites that link to the Website or are accessible by links from the Website or through the Application. While accessing those other websites or third parties, you will be subject to their terms and conditions of use and privacy policies.
If you are under the age of 18, you must not attempt to create or operate a Tappr account through the Application or Website or submit Personal Data to either of them.
It is important you read this Data Protection Policy and we recommend that you print a copy for safe keeping and for your future reference. This Data Protection Policy was updated on 7 May 2014. We reserve the right to change and update this Data Protection Policy from time to time. We recommend that you revisit this page regularly to keep informed on the current Data Protection Policy and ensure that you are happy with any changes. We may notify you by email or through posting a notice on the Website or through an update on the Application if there are any material changes to this Data Protection Policy.
By continuing to use the Website and Application, you confirm that you have read, understood and agree with the entire Data Protection Policy in effect at the time of your use. If you disagree with part of or the entire Data Protection Policy at the time you are using this Website, you must discontinue your use of the Website and/or Application.
3. Personal Data Collected
We do not knowingly collect information from children under the age of 18.
When you use the Website and Application (including by registering to our Website or processing transactions through the Application, browsing or by communicating with us via email or by signing up for newsletters or other communications), we may collect all or some of the following Personal Data from or about you:
- i. the Personal Data that you provide by registering with us or filling in forms on or via the Website or Application, including:
- your name, title, gender and date of birth;
- your company name or affiliation and legal form of organisation trading name, business type/category, business address and proprietor information;
- your contact information including phone/mobile number/fax and email address;
- your communication preferences and interests;
- other information relevant to marketing, customer or research surveys which you may choose to complete or relevant to offers which we may make available to you;
- your browsing activities including, but not limited to, information on your location, weblogs and other communication (whether for billing purposes or otherwise), information on Website and Application resources accessed, your IP address or other unique identifiers for computers, mobile devices, technology or other devices used to access our Website or Application, information on your browser type and operating system, and the date, time and duration of your Website or Application access;
- device information such as your Tappr hardware model, operating system and version, unique device identifiers, mobile network information and information about the devices interaction with our services.
- non sensitive transaction information such as the location of the transaction, descriptions of the transactions, the payment and transfer amounts, billing and shipping information, and information about the devices and payment methods used; and
- records of your correspondence, communications and telephone calls (including those that we may record) with us.
We may also collect some or all of the above types of information from our business partners or third parties who have your consent to pass that information on to us or who may be authorised by you to authenticate or identify you to us. This may include obtaining information about you from third party verification services and credit reference agencies (including, but not limited to, your credit rating, risk class, risk forecast, credit limit, legal form, share capital, domicile, places of business, calculated annual revenue, date of registration, board of directors, summary of annual accounts and key ratio, record of non-payment and debt with the enforcement service).
If you have been referred to us by a third party or partnering organisation, we may disclose your personal information to the third party or partner in order to fulfil our commercial obligations under the referral arrangement.
4. How we use your personal data
We (and third party data processors, third party payment processors, vendors and hosting partners who may be acting on our behalf) may collect, store and process your Personal Data for the following reasons:
- to make the Website and Application available, to customise it, to provide content tailored to individual requirements; to understand your needs and provide you with improved products and services, newsletters and other communications and to enable others to view submissions of users;
- for purposes related to providing our products and services to you, including verifying and authenticating your account and identity, processing your payments and payment system or card details in order to complete transactions made through the Website with us or our business partners or obtaining further verification information about you from third party credit reference agencies and verification services and to perform credit checks against you;
- to notify you about new or changes to our products and services or policies and procedures;
- to maintain the registered account that you may hold with us and to provide you with updates or notifications of changes to your account;
- for our internal record keeping requirements including collection of anonymised details about visitors to our Website or Application to compile aggregate statistics or to produce internal reports on the use of the Website and Application and to track how users navigate through them so that we may evaluate and improve the Website and Application;
- you grant us permission to contact you from time to time regarding our or our third parties’ products, promotions, and services or other content that we think you may be of interest to you, promotional offers, or for customer satisfaction purposes (including contact by email or SMS);
- for market research, analysis, testing, monitoring, risk management and administrative purposes (including diagnosing technology problems which may be reported to us);
- to carry out our obligations arising under any agreements between us and you; and
- for any purposes related to the above or where we have a legal right or duty to use or disclose your Personal Data (including for abuse, crime and fraud prevention and related purposes).
We reserve the right to retain your Personal Data, any other information which we have collected and any content that you have submitted to us via the Website or the Application to the extent required by applicable laws and as we may require for operational and legal purposes.
5. Disclosure of your personal data
In terms of sharing, disclosing or transferring your Personal Data to third parties (together, “Disclose” or “Disclosing”), except as set out in this Data Protection Policy, we will not disclose your Personal Data unless we have your permission or unless we are required to do so to:
- comply with applicable law or an order of a governmental or law enforcement body; or
- investigate, prevent or take action against credit risks or suspected illegal activities (including fraud or where the personal safety of another person may be threatened) or breaches of our Terms and Conditions related to the provision of our Services; or
- establish or exercise our legal rights or defend against legal claims or take precautions against liability; or
- protect our rights, property, or safety or the rights and property of our customers, business partners or other members of our corporate group.
- We may Disclose your Personal Data to other companies that are members of our corporate group (including our and their subsidiaries and ultimate holding companies, as those terms are defined in the Corporations Act).
- To the extent necessary to provide you with our products and services, we may Disclose your Personal Data to third party payment processors, banks or card schemes (such as MasterCard International Inc.) or other financial institutions;
- Following their agreement with us to keep your Personal Data confidential, we may Disclose your Personal Data to third party service providers to us (including, without limitation, call centre staff);
- Before we engage with third parties to provide you with information about products and services that may be of interest to you, we will carefully screen them to ensure that any Personal Data disclosed to them is treated safely and responsibly; and
- In the event that a third party proposes to acquire all or some of our business and/or assets (including by assignment or transfer of business or assets by means of corporate merger, consolidation or restructuring or any other such changes in our corporate group that may affect us), we may disclose your Personal Data to that third party in connection with their proposed or actual acquisition.
In the event that there is a distribution partner in place, you authorise us to provide the distribution partner with information about your application, the date of your registration, as well as information about the acceptance or refusal of your application, as the case may be.
You further authorise us to provide the distribution partner with your name, address, phone number, e-mail, date of birth and the sum of the transaction volume and the date of the second transaction. The distribution partner undertakes to use the data only in compliance with applicable data protection legislation and strictly and solely for the purpose of performing its contractual and regulatory obligations. The distribution partner shall not forward the data to any third parties.
6. Third Party Advertising and Analytics
7. Links to Third Party Websites
Your use of other websites which are owned and operated by third parties (other than Tappr Services Pty Ltd) and accessed by links from the Website or Application is not governed by this Data Protection Policy and we do not control any of those other websites. Once you use the links from the Website or Application to access those other websites, we are not responsible for the privacy of any data that you provide while using them. You should review the privacy policies applicable to those other websites and ask any questions or raise any concerns about their collection or use of your Personal Data with that website operator.
For the purposes of data analytics, verifying client data and assessing client eligibility to be registered as a Tappr client, some information that you provide to our Website may be redirected to third party sites outside of Australia. Tappr is committed to safe and secure use and storage of your personal information and will only provide your information to a third party outside of Australia where we are satisfied that the third party has stringent privacy and data security protocols in accordance with the applicable privacy principles.
8. Digital Receipts
If you choose to receive receipts via email or text message, we store the email address or phone number you provide. We use your email address or phone number to send you a receipt for your purchase and to automatically send you digital receipts for future purchases you make from other Sellers. Digital receipts may contain additional messages, offers, or links that may be of interest to you. For example, you may be able to submit feedback, share your experience on social media, view your purchase history, join programs, visit websites, or take advantage of promotions. If you choose to submit or share any information through a receipt (including submitting feedback), we may share it with Sellers which may lead to you receiving responses. As previously mentioned, this policy does not describe the practices of Sellers that may receive or collect information from you. We encourage you to ask them about their privacy practices before providing any information to them. If at any time you wish to opt out of receiving automatic digital receipts or change your preferences, you may do so by following the instructions in the “Your Choices” section of this policy.
If you choose to accept the cookie, the file will be added to your computer, handheld or mobile device. Most web browsers automatically accept cookies but you may modify your browser settings to decline cookies or to be notified of cookies being placed.
Cookies may be used by us to do the following:
- enable us to respond to you as an individual and to tailor our operations to your needs by gathering and remembering Personal Data about your preferences;
- assist the effective operation of the Website or Application;
- enable traffic to the Website or Application and their pages to be logged to identify pages used and browsing and purchasing behaviour of users of the Website or Application for statistical purposes and to monitor which pages users find useful or not; or
- identify you as an account holder or user and assist with account or user security (such as by obliging you to re-set passwords if the password has lapsed).
The cookies do not give us access to any other Personal Data on your computer or device other than the Personal Data you choose to share with us.
If you choose to reject the cookies used by the Website or Application it may prevent you from being able to take full advantage of them and it may prevent the cookies from operating properly when you use them. You may be unable to complete a transaction with us via the Website or Application.
This Website also uses Google Analytics as a cookie. If you do not wish this cookie to collect data concerning your behaviour on the Website (including your IP address), including the treatment of this data by Google Analytics, there is a plug-in available for you browser under the following link: http://tools.google.com/dlpage/gaoptout?hl=de.
For further questions, please contact Customer Service at firstname.lastname@example.org.
10. Transfer of information Internationally
We may transfer Personal Data that we collect from you to third party data processors, third party payment processors, vendors or hosting partners acting on our behalf located in countries outside of Australia (“AU”) or to other entities in the Tappr group of companies in connection with the purposes set out in How we use your Personal Data.
11. Information Security
We are committed to ensuring that your Personal Data is secure.
In order to minimise the risk that there is unauthorised access to or Disclosure of your Personal Data, we put in place where practicable appropriate physical, electronic and managerial procedures to safeguard and secure it. Personal Data you provide to us in electronic format is stored on secure servers. The relevant Personal Data will only be stored in a PCI compliant environment, i.e. in accordance with a set of standards designed to ensure that the processing, storing and transmission of card information is secure and payment transactions will be encrypted.
We will always take appropriate measures to safeguard your Personal Information that you provide to us however no transmission over the internet is guaranteed to be completely secure. For your security, you should:
- always log out and close the website browser when you complete your online session if using a computer in a public location;
- keep your account details and passwords private;
- frequently change your password; and
- avoid using the same password for multiple online accounts.
In the event that there is unauthorised access to or transfer of all or part of your Personal Data as a result of a breach of our information security measures, we will notify you of the breach by email to the email address which you last provided to us or we will place a notice on our Website.
12. Your Rights in relation to Personal Data
You have the right to a copy of the Personal Data we hold about you (for which we may charge a small administration fee) and to have any inaccurate or incomplete information about you corrected.
You also have the right to restrict our collection or use of your Personal Data and may do so by the following:
- when you are asked by us to accept a cookie or to fill in a form via the Website or Application, look for your cookie settings and the area that you can select your preference when it comes to the use of your Personal Data for marketing or other purposes;
- if you have previously agreed to accept a cookie, then you may change your mind at any time disabling or deleting the cookie or amending your cookie settings; or
- if you have consented to our use of your Personal Data to send you promotional or other information about third parties or us, but you change your mind, you may contact us and we will cease such activity.
The Data Protection Policy shall be governed by and construed in accordance with Australian law and any matter or dispute arising out of or in connection with use of the Website, the Application or this Data Protection Policy (including any contract entered by you with us through the Website, Application or Data Protection Policy) is subject to the exclusive jurisdiction of the courts of Australia. All contracts shall be concluded in English.
This Data Protection Policy (including, where applicable, our Terms and Conditions) set out the entire agreement between you and us and supersede any and all prior terms, conditions, warranties and/or representations to the fullest extent permitted by law.
No third party shall be entitled to enforce any of this Data Protection Policy, whether by virtue of the Contracts Australian Privacy Act 1998 (Cth).
The English language version of this Data Protection Policy shall be binding. Any translation or other language version of this Data Protection Policy shall be provided for informational purposes only. In the event of inconsistency or discrepancy between the English version and any translation or other language version of this Data Protection Policy, the English-language version shall prevail.