Introduction
Corporate Prepaid Cards (CPC) is a leading provider of prepaid cards. We provide corporate and consumer prepaid card and gifting solutions. Our brands include Corporate Prepaid Cards, Universal Gift Card, Gift Card Store and FAREPAY CARD. CPC is committed to protecting your privacy. We maintain robust physical, electronic and procedural safeguards to protect personal information in our care. This Privacy Statement applies to the CPC website, products and services and governs data collection and usage. We are bound by the Privacy Act 1988 (Cth) (Privacy Act) and will protect your personal information in accordance with the Australian Privacy Principles. These principles govern how we collect, use, hold and disclose your personal information, as well as how we ensure the quality and security of your personal information.
What is personal information?
Personal information includes any information or opinion, about an identified individual or an individual who can be reasonably identified from their information. This may include your name, address, telephone number or email address.
How do we collect personal information?
CPC may need to collect personal information about you from you, other people or organisations. This may happen without your direct involvement. For instance, we may collect personal information about you from other organisations, who jointly with us, provide products or services to you. The circumstances in which CPC will collect personal information about you, as the cardholder, includes when: - an organisation acquiring a card for you, provides us information to allow us to send you a card; or - you contact us; or - you register or apply for a Card; or - you use a Card for transactions and balance enquiries.
What personal information do we collect?
CPC collects and/or tracks the following types of personal information: The personal information you have provided us through our online card activation process including: - e-mail address, - name, - date of birth, - home or work address, and - telephone number. Information we receive from third parties including card program sponsors, credit bureaus and information services and aggregation businesses, regarding verification of identification details. Throughout the life of your product or service, we may collect and hold additional personal information about you. This could include transaction information or making a record of queries you make.
For what purposes do we collect, hold, use and disclose personal information?
The main reason we collect, use, hold and disclose personal information is to provide you with products and services. This includes: - providing the product or service; - assisting you with your enquiries or concerns; and - checking whether you are eligible for the product or service. We may also collect, use and exchange your information so that we can: - establish your identity; - manage our risks and help identify and investigate illegal activity, such as fraud; - contact you; and - comply with our legal obligations and assist government and law enforcement agencies or regulators.
Is the information disclosed to third parties?
CPC may disclose your personal information to third parties: - who are service providers, contractors or card program sponsors of CPC; - to enable our Processing partner, EML Payment Solutions Limited ABN 30 131 436 532 AFSL 404131 (EML), to facilitate the operation of the card and the completion and settlement of transactions using the card: ** for anti-money laundering, counter-terrorism financing, detection of crime, legal compliance and fraud prevention purposes, and ** when required or allowed by law. When your personal information is shared with service providers or contractors, it will only be to the extent reasonably necessary for the purpose of the services they are contracted to provide. When your personal information is shared with program sponsors, it will only be to the extent reasonably necessary for the purpose of performing any necessary cardholder customer support, conducting statistical analysis, improving their product, services and practices. CPC may also disclose Personal Information to other third parties in circumstances where: - we must fulfil our legal obligations (for example, disclosure to Australian (and international) enforcement bodies such as the Australian Securities and Investments Commission (ASIC), the Australian Taxation Office (ATO), the Australian Transaction Reports and Analysis Centre (AUSTRAC), Centrelink or the Courts); - it is in the public interest (that is, to protect our interests or where we have a duty to the public to disclose, or where it is necessary in proceedings before a court or tribunal) and where a crime or fraud is committed or is suspected; or - it can be reasonably inferred from the circumstances that the Cardholder has consented to their Personal Information being disclosed to a third party. CPC does not use or disclose the Personal Information for any other purpose unless one of the following applies: - the individual has consented; - the individual would reasonably expect CPC to use or disclose the Personal Information for a purpose that is related to the primary purpose; or - use or disclosure is required under Australian law. As a matter of course, CPC does not disclose personal information to overseas recipients. CPC will continue to keep your personal information as is reasonably necessary, for the purposes mentioned above, after the expiry of the Card. CPC does not collect, use or disclose sensitive personal information, such as race, religion, or political affiliations.
Do we collect personal information electronically?
We use cookies when you visit any CPC website. This allows us to automate access and information entry functions and to improve website efficiency by tracking the patterns of behaviour of visitors to the websites. We also use Google Analytics which is a service offered by Google that tracks and reports aggregated and anonymised insights into users' behaviours. This data is shared with other Google services. Google may use the collected data to contextualise and personalise its own advertising.
Security of your Personal Information
CPC protects your personal information from unauthorised access, misuse and disclosure. Our security safeguards include: - Physical Security: We have protection in our buildings against unauthorised access such as alarms and 24/7 monitored building access. - Staff education: We train and remind our staff of their obligation with regard to your information. - System security: When you transact with us, we encrypt data sent from your computer to our systems. Where appropriate, we have firewalls, password protection, intrusion detection systems and virus scanning tools to protect against unauthorised persons and viruses accessing our systems. When personal information is transmitted to other websites, it is protected through the use of encryption, such as the Secure Socket Layer (SSL) protocol. We also limit access by requiring use of passwords. - Destroying data when no longer required: Where practical, we keep information only for as long as required (for example, to meet legal requirements or our internal needs). - Payment Card Industry (PCI) Data Security Standard (DSS): The PCI Data Security Standard represents a common set of industry tools and measurements to help ensure the safe handling of sensitive information. The standard provides an actionable framework for developing a robust account data security process including preventing, detecting and reacting to security incidents. We have achieved the highest level of PCI DSS accreditation ensuring our customers are afforded the upmost protection and reliability of our implemented processes, systems and environment.
Access to your personal information
You may request access the Personal Information we have concerning you. This request may be refused pursuant to the exemptions provided under the Privacy Act.