Skip to main content

PRIVACY NOTICE

 

This privacy notice tells you what to expect when we collect, use and process your personal data. Your privacy is important to us, and we are committed to protecting and safeguarding your data privacy rights.

Tuxedo Money Solutions Pty Ltd are the data controllers. If another company is the data controller, this will be made clear when you provide your personal information.

Your Personal Information

Visiting Our Website

Your Rights

Job Applicants, Current Employees and Former Employees

Updates And Contact Information

Your Personal Information

We collect and use your information for a number of reasons, including:

  • confirming your identity
  • processing applications
  • managing your products and providing our services
  • to understand how you use your eccount
  • to develop and improve our services to you

Any information that you provide will only be used for the purposes described in your current Terms and Conditions that apply to the relevant product or service.

How we collect your personal information

We collect your information in a number of ways, and these are categorised below.

Directly from you:

  • when you apply for our products and services
  • when you talk to us on the phone or in-store
  • when you use our websites
  • via email, or in writing

From the products and services you use:

  • payment and transaction data including location, amount, frequency, origin and recipient
  • profile and usage data including how you use our services and websites

From third parties we work with:

  • Companies that introduce you to us
  • Retailers
  • Fraud prevention agencies
  • Payroll service providers
  • Public information sources such as Companies House
  • Agents working on our behalf
  • Government and law enforcement agencies

We may monitor and record our communications with you, including emails and phone conversations. Information that we collect in this way may be used for training purposes; quality assurance; to record details about our website, applications and services you order from us or ask us about; and in order to meet our legal and regulatory obligations.

How the law protects you

Tuxedo Money Solutions Pty Ltd takes measures to protect your data and keep it private, but your privacy is also protected by law.

Data Protection law states that we are only allowed to use your personal information if we have a valid reason to do so. Tuxedo Money Solutions Pty Ltd complies with the Australian data protection principles, meaning that your personal information is:

  • fairly and lawfully processed
  • managed in a way that is open and transparent
  • only collected when relevant and necessary, and we will notify you if we receive any unsolicited information if it is not relevant and necessary
  • not used for any reason that has not been disclosed to you
  • accurate and complete
  • processed in accordance with your rights
  • kept secure
  • not transferred to countries without adequate protection

Tuxedo Money Solutions Pty Ltd also ensure a lawful basis for processing your personal data, and this is categorised as follows:

What we use your personal information for

Our lawful basis

Our reasons for this

• To manage our relationship with you or your business.
• To manage our products and services.
• To detect, investigate, report, and seek to prevent financial crime.
• To manage risk for us and our customers.
• To obey laws and regulations that apply to us.
• To respond to complaints and seek to resolve them.

Legal

• Effectively fulfilling our legal duties.
• Ensuring compliance with regulations and legal requirements that apply to us.
• Developing and improving how we deal with financial crime, as well as doing our legal duties in this respect.

• To manage our relationship with you or your business.

• To manage our products and services.
• To test and develop new products and services.
• To manage how we work with other companies that provide services to us and our customers/clients.

Contract

• Exercising our rights set out in agreements or contracts (informal or formal).
• Ensuring we provide the level of service that you'd expect, in line with any terms and conditions or contracts of service.

• Campaign measurement.
• To develop new ways to meet our customers’ needs and to grow our business.

Legitimate Interest

• Monitoring campaign data through our websites, and identifying how we can improve our products and services.

• To create specific and tailored marketing, based on your activity.

Consent

• Ensuring you always have the option to update your marketing preferences, allowing you to maintain complete control over what marketing information you receive.

Sharing your personal information

We will not disclose any of your information except:

  • to fraud prevention agencies and other organisations who may use the information to prevent fraud and money laundering
  • to persons acting as our agents and our partners who sell our cards under a strict code of confidentiality
  • to anyone to whom we transfer, or may transfer, our rights and duties under our card terms and conditions with you
  • as required by law or regulation
  • for purposes where you have provided consent, such as marketing

We process your data within the EEA as a standard. In doing so, we take reasonable measures to ensure all our service providers and agents comply with the Australian Privacy Principles, along with the General Data Protection Regulations.

 

If you choose not to provide personal information

We may need to collect personal information by law, or under the terms of a contract we have with you.

If you choose not to give us this personal information, it may delay or prevent us from meeting our obligations. It may also mean that we cannot perform services needed to maintain your products, and could mean that we cancel a product or service you have with us.

Any data collection that is optional will be made clear at the point of collection.

Marketing

We will only send you marketing information if we have your consent to do so.

You can ‘opt in’ to receive marketing communications from us at any time. If you do opt in, we will use your information to determine which offers are specifically relevant for you. The personal information we use for this purpose is made up of what you tell us, data we collect when you use our services, and data from third parties we work with.

You can ask us to stop sending you marketing messages by contacting us to withdraw your consent at any time.

Whether you give your consent to receive marketing or not, you will still receive your statements, and any important information, including but not limited to: changes to your existing products or services; changes to any loyalty or cashback schemes; any additional information relating to the operation of your account.

We may ask you to confirm or update your consent if you take out any new products or services with us in future. We may also ask you to do this if there are changes in the law, regulation, or the structure of our business.

Visiting Our Website

Use of cookies

Cookies are small text files which are transferred from our websites, applications or services and stored on your device. We use cookies to help us provide you with a personalised service, and to help make our websites, applications and services better for you.

We use cookies to:

  • gather customer journey information across our site
  • ensure your privacy in our secure sites, and prevent unauthorised access to your data
  • store log in details for our secure sites, so you don’t have to key them every time you log in
  • temporarily store details input into our calculators, tools, illustrations and demonstrations
  • store details of your marketing, product and business unit preferences to improve our targeting and enhance your journey through our sites
  • evaluate the advertising and promotional effectiveness of the site

The cookies we use may be session cookies (temporary cookies that identify and track users within our websites, applications or services which are deleted when you close your browser or leave your session in the application or service) or persistent cookies (cookies which enable our websites, applications or services to “remember” who you are and to remember your preferences within our websites, applications or services and which will stay on your computer or device after you close your browser or leave your session in the application or service).

The specific cookies we use are:

Strictly necessary cookies - These are cookies which are needed for our websites, applications or services to function properly, for example, these cookies allow you to access secure areas of our website or to remember your details for you.

Performance cookies and analytics technologies - These cookies collect information about how visitors and users use our websites, applications and services, for instance which functionality visitors use most often, and if they get error messages from areas of the websites, applications or services. These cookies don't collect information that identifies a visitor or user. All information these cookies collect is aggregated and therefore anonymous. We only use these cookies to improve how our website, applications and services work.

Functionality cookies - These cookies allow our websites, applications and services to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise. They may also be used to provide services you have asked for. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites.

We do not store personal information obtained from cookies in a way that others could read and understand, and we never sell or distribute cookie information without your permission.

You may be able to restrict cookies or block all cookies if you wish. However if you disable cookies this may affect your ability to use certain websites, applications or services.

IP Address and traffic data

We keep a record of traffic data which is logged automatically by our servers, such as your Internet Protocol (IP) address, device information, the website that you visited before ours and the website you visit after leaving our site. We also collect some site, application and service statistics such as access rates, page hits and page views. We are not able to identify any individual from traffic data or site statistics.

Emailing us

We use Transport Layer Security (TLS) to encrypt and protect email traffic in line with industry standards. If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.

We will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

Online security

We keep your information secure by taking appropriate technical and organisational measures against its unauthorised or unlawful processing and against its accidental loss, destruction or damage.

On registering your personal information for our products and services you will have been granted a username and password, allowing you to access certain restricted parts of our websites. You are responsible for all information posted on the website by anyone using your username and password.

If you believe your personal information has been compromised, please contact us using the below details.

You must be responsible for protecting your own personal data, and we recommend that you:

  • keep your PC updated with current anti-virus software
  • treat emails with caution – remember we will never ask you to disclose your personal information via email
  • ensure you choose a password that could not easily be guessed by someone else
  • regularly visit the Australian Federal Police website to keep up to date with tips to protect yourself from the latest scams

Online encryption

All forms and online pages that hold your information use 128-bit encryption. This encryption makes your information unreadable to anyone who might intercept it. The latest browsers support 128-bit encryption, so we recommend that you always update your browser to the latest version.

In addition, a Secure Sockets Layer (SSL) is used to connect your browser to our secure servers.

This is a commonly used method of managing the security of messages transmitted across the Internet. You can tell that SSL is in use when a small padlock icon appears on your browser status bar.

It is our policy that if any of our customers or clients are victims of unauthorised access to their eccounts (provided they have not breached our security procedures, acted fraudulently or without reasonable care), we will cover any direct financial loss which they have suffered.

Your Rights

Under the General Data Protection Regulation, you have rights as an individual which you can exercise in relation to the information we hold about you.

Access to your personal information

To make a request for any personal information we may hold you need to put the request in writing addressing it to the Compliance and Data Protection Officer and writing to the address provided below.

If your personal information is incorrect

You have the right to question any information we hold about you that you think is wrong or incomplete.

If you believe we hold inaccurate or incomplete personal data about you please contact us using the details below, and we will take reasonable steps to check its accuracy and make any necessary corrections.

If corrections to your data are required, we will notify any relevant third parties and/or data processors that share this data, so they can also make corrections.

If you want us to stop using your personal information

You have the right to object to our use of your personal information, or to ask us to delete or stop using this information if there is no genuine requirement for us to keep it. This is known as the ‘right to object’, and the ‘right to erasure’ or ‘right to be forgotten’.

If you exercise these rights, we will review your request and inform you of our response and any actions taken. There may be legal or other official reasons why we need to keep or use your data, but if this is the case we will inform you of this.

Automated decision making

At times we will use systems to make automated decisions based on your personal information. This enables us to make quick and fair decisions, based on what we know. These automated decisions can affect the products, services, or features we may offer you.

When you open an eccount with us, we use automation to check that the product or service is relevant for you, based on what we know. We also check that you or your business meet the conditions of the product. This may include checking age, residency, nationality or financial position.

We also use your personal information to understand how you use your product(s), and to spot any activity that could potentially be fraudulent or criminal. If we think there is a risk of criminal activity, we may freeze your products or refuse access to them.

You have rights over automated decisions, and can request that we do not make our decisions based on an automated score alone. You can challenge an automated decision, and ask that a person reviews the data. If you want to talk to us about an automated decision please get in touch using the details below.

Making a complaint

We will always aim to collect and use your personal information in a way meets the highest data protection standards. We take any complaints about data protection very seriously, and encourage anyone who thinks that our collection or use of information is unfair, misleading, or inappropriate to contact us using the details below.

You also have the right to complain to the Office of the Australian Information Commissioner. You can find details on their website advising how to report a concern.

Job Applicants, Current Employees and Former Employees

Tuxedo Money Solutions Pty Ltd is the data controller for the information you provide during the recruitment process, unless otherwise stated. If you have any queries about the process or how we handle your information please contact us using the details below.

What information we ask for and why

The personal information requested is required to assess your suitability for employment, and will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements.

We will use the contact details you provide to contact you regarding your application.

We do not collect more information than we need to fulfil our stated purposes, and we will not retain it for longer than is necessary.

Any information you do provide will not be shared with any third parties for marketing purposes. Your data will be collected in Australia, and will be stored on our secure servers in the European Economic Area. The information you provide will be held securely by us and/or our data processors whether the information is in electronic or physical format.

If you do not provide the information we request it might affect your application.

We always ensure a lawful basis for processing your personal data, and this is categorised as follows:

What we use your personal information for

Our lawful basis

The reasons for this

• To manage our relationship with you.
• To manage risk for us as an employer and you as an employee.
• To obey laws and regulations that apply to us.

Legal

• Effectively fulfilling our legal duties.
• Ensuring compliance with regulations and legal requirements that apply to us.

• To collect and process data from job applications (potentially as an informal contract) and employees (as a formal contract).
• To manage how we work with other companies that provide services to us and our employees.

Contract

• Exercising our rights set out in agreements or contracts (informal or formal).
• Ensuring we provide the level of training and support that you'd expect, in line with any employment contracts.

• To obtain information about an applicant, relevant to an advertised job role.

legitimate Interest

• Assessing an applicant's suitability for the particular role they've applied for.

• To provide employee benefits, which you can choose to opt into if relevant.

Consent

• Ensuring you always have the option to participate in any relevant employee benefits, and that you maintain complete control over opting in/out of any benefits that are offered.

Applications

If you apply online, your information will be collected by a data processor on our behalf.

In an initial application, we ask you for your personal details including your name and contact details. We will also ask you about your previous experience, education, referees and for answers to questions relevant to the role you have applied for. Our recruitment team will have access to all of this information.

Using data processors

Data processors are third parties who provide elements of our recruitment service for us. We have contracts in place with our data processors, meaning that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.

Shortlisting and Interviews/Assessments

Applications will be shortlisted for interview by our hiring managers. You may be asked to attend interviews and/or participate in assessments. As part of this process information will be generated by you, and by us. For example, you might complete a written assessment and we might take interview notes.

Offers of employment

If we make an offer of employment (conditional or final), we will request further information from you, which will enable us to carry out pre-employment checks.

Before making any final offer of employment we are required to confirm the identity of our staff, their right to work in the Australia and seek assurance as to their trustworthiness, integrity and reliability.

You will be asked to provide a variety of documents, including but not limited to:

  • Proof of your identity and eligibility to work in Australia – any documents will be photocopied and stored securely.
  • Referee details – we will contact these individuals directly using the details you provide.
  • Bank details – to process salary payments.
  • ATO and payroll details – to ensure you are set up on the correct tax code.
  • Emergency contact details – so we know who to contact in the event of an emergency at work.

Retaining recruitment information

If you are successful, the information you provide at application will be retained in your employment file for the duration of your employment, and for a further 6 years after your employment ends, along with any relevant information collected throughout your employment with us.

If you are unsuccessful at any stage of the recruitment process, the information you have provided up to that point will be retained for 6 months after the application has closed.

How recruitment decisions are made

Final recruitment decisions are made by hiring managers and members of our recruitment team. All of the information gathered during the application process is taken into account.

You can ask us about decisions we have made regarding your application by speaking to your contact within our recruitment team, or by emailing us using the below details.

Updates and contact information

Changes to this Privacy Notice

If we change this Privacy Notice we will post the updated Notice on our website so that you are always aware of how we collect, use and disclose your personal information.

Contacting us

If you want to request any further information you can write to us using the following address:

Tuxedo Money Solutions, GPO Box 82, Melbourne VIC 3001

You can email us at compliance@tuxedomoney.com

To can call us on 1300360715