Bambora Privacy Statement
As a part of the Ingenico Group, the world leader in secure transaction and payment systems, we respect the privacy of our customers, partners, suppliers and staff. Ingenico is committed to treating all Personal Information in accordance with privacy laws and the Australian Privacy Principles.
1. Collection of personal information
We may obtain and hold Personal Information as necessary to enable us to provide services to our customers and to their customers.
Depending on the service offered by us, we may collect Personal Information such as:
- First/Last name
- Date of Birth
- Home/Work/Mobile Phone
- Email address
- Residential Address (Copies of documents for the purpose of proof of residential address may be retained by us for verification)
- Bank Name/Branch/Account Name/BSB/Account Number
- Cardholder Name/Card number (PAN)/Expiry Date
- Driver’s Licence No & Expiry (Copies of Driver’s Licence for the purpose of proof of identification may be retained by us for verification)
- Passport No & Expiry (Copies of Passport for the purpose of proof of identification may be retained by us for verification)
If you choose not to provide this information, we may be restricted in our ability to provide services to you.
We do not collect sensitive information in the normal course of business and nor do we collect unsolicited Personal Information.
- Measure website usage & effectiveness
- Assist you to more easily navigate the website
- Personalise your website experience though association with your profile information or user preferences
You can turn off cookies in your browser but this may impact on your ability to take full advantage of the website’s features.
3. Use and disclosure
We only use your Personal Information for the purpose for which it was provided, and in accordance with law. We do not use your Personal Information for direct marketing purposes, nor disclose it to other organisations except where necessary to provide our services or if required by law.
If we provide your Personal Information to other organisations with whom we work, we expect them to apply at least the same level of protection to your Personal Information.
We may also check some information provided by you with applicable databases administered by responsible officials from the Australian or New Zealand Governments.
During the course of providing you some of our e-Commerce solutions, we may be required to disclose some of your Personal Information to financial institutions and other related organisations. Any information disclosed in such a manner is encrypted in line with the receiving institution’s encryption requirements.
4. Security and access
We are committed to keeping Personal Information secure at all times while it is in our control.
We will take all reasonable precautions to protect your Personal Information from loss, misuse and interference, as well as unauthorised access, modification or disclosure. We encrypt Personal Information where required by law or regulation, including payment card details.
Our cardholder environment is protected by a variety of security measures, including, but not limited to:
- Intrusion Prevention System (IPS)
- Security Information & Event management (SIEM)
- Penetration Tests
- Vulnerability Scans
We only allow access to Personal Information to our personnel who need access to that information for a specific purpose.
5. Accuracy and correction
We endeavour to ensure that all your Personal Information we use to provide services is accurate. If you are aware that any Personal Information that we hold about you is incorrect or out of date, let us know and if possible we will update the information.
You can request to access or correct your Personal Information held by us by contacting the Data Protection Officer at firstname.lastname@example.org.
We may require you to complete an application form verifying your identity and specifying what information you require or wish to correct. In some circumstances, where permitted by law, a request for access or correction may be refused.
Whilst making a request to access Personal Employee Information is without charge, you may be charged a fee that will reflect our reasonable administrative, postage and handling costs of responding to your request. If the information sought is extensive, we will advise the likely cost in advance and can help to refine your request if required. We will not charge to correct factual errors in Personal Information.
6. Making an enquiry/complaint
We will consider the enquiry/complaint and endeavour to provide:
- An acknowledgement of your enquiry/complaint by return email within 2 business days.
- Details of any investigation undertaken and resolution of your enquiry/complaint within 30 days.