top of page

Privacy Policy

PART 1 – PERSONAL AND CREDIT INFORMATION

DOCUMENT PURPOSE

The purpose of this Privacy Policy (Policy) is to provide a summary of how, why and when personal information, and credit related personal information (credit information) is collected, disclosed, used, stored, and otherwise handled by Loot Payments. The Policy relates to personal information and credit information collected by any means and by any technology. Loot Payments treats the handling of personal and credit information very seriously. To that end, Loot Payments has systems and procedures in place to protect privacy in relation to the handling of personal and credit information. Loot Payments abides by the Australian Privacy Principles and the European Union General Data Protection Regulation (GDPR) (where applicable), and its objective is to handle information responsibly. This Privacy Policy does not apply to employee records (being records relating to a current or former employment relationship between Loot Payments and the individual).

You have certain rights regarding the personal information we maintain about you. We offer you choices about what personal information we collect from you, how we use that information, and how we communicate with you, as set out below.

 

COLLECTION OF PERSONAL INFORMATION

Loot Payments collects and holds information about you and your interactions with Loot Payments including when you apply for, enquire about or use Loot Payments' products or services, participate in any of Loot Payments' promotional activities, contact Loot Payments by any means or visit Loot Payments' website.

When you use a Loot Payments internet based portal (such as an online portal), interact with our advertisements or visit our website or other digital assets, we, and our service providers or partners may use cookies, pixel tags, web beacons or similar technology to enable us to collect, through a third-party service provider, data about how you use Loot Payments' internet based portals or website. This data may include personal information. For example, the types of information we may collect include which pages you visit, the time and date of your visit, the Internet Protocol address assigned to your computer, location information, information about the type of device and operating system you use, username, name, email addresses, browser type, mobile device identifier, referring URLs and information on actions taken or interaction with our digital assets. This information will be considered personal information where we can link this information to your account or to an identifiable individual. We use this information to help us to improve our website, Loot Payments' internet-based portals and our services generally. 

We will handle any personal information collected by cookies, pixel tags or similar technology in the same way that we handle all other personal information as described in this Privacy Policy.

Loot Payments collects and holds information about your identity, contact details, identification information such as directorships, passport number, Australian citizenship certificate number, your gender and relationships with other people, tax residency status, your transaction information for any Loot Payments products you hold and other financial information which you provide to us or authorise us to access from third parties.

Loot Payments may also collect information from, and disclose information to, our related bodies corporate, however Loot Payments and it related bodies corporate will only use such information for the purposes for which it was originally collected (unless an exception applies).

 

COLLECTION OF CREDIT INFORMATION

Loot Payments may collect, use, hold and disclose the following types of credit information:

  • Credit related identification information is information such as name, date of birth, current or previous address, name of current employer, drivers licence number, Internet Protocol (IP) addresses and unique device identifiers (UDIDs).

  • Other credit related information is information such as type and amount of credit sought, publicly available information about an individual’s creditworthiness, default information, repayment history information, payment information in relation to overdue payments and personal insolvency information.

Loot Payments may undertake a credit check (or similar) through a credit reporting body in relation to an application made by you or to assess your eligibility for particular products and services. In this situation, Loot Payments may derive information about your eligibility to be provided with Loot Payments' products and services from information about you contained in the credit check.

 

PURPOSES FOR COLLECTION

Loot Payments collects, holds, uses and discloses personal and credit information:

  • to establish your identity and assess applications for Loot Payments' products and services;

  • to assess eligibility for any of Loot Payments' products and services or particular features;

  • to conduct reference checks and background enquiries;

  • to design and price Loot Payments' products and services;

  • to understand how you use Loot Payments' products and to enhance your experience as well as to enhance Loot Payments' features, products and services;

  • to conduct and enhance Loot Payments' business;

  • to provide, administer and manage Loot Payments' products and services including to provide all available features of our products and services, to process transactions, authenticate you when you access a Loot Payments product or service and provide customer support;

  • to provide and manage your Loot Payments internet-based portals or accounts we provide;

  • to identify and control or minimise risks to Loot Payments' products and services;

  • to enable us to monitor suspicious or fraudulent activity, including unauthorised transactions, in relation to Loot Payments' products and services;

  • to manage Loot Payments' relationship with you including contacting you in relation to Loot Payments' products and services;

  • where required by law;

  • to enforce compliance with our terms and conditions;

  • to provide information to representatives and advisors, including lawyers and accountants, to help us comply with legal, accounting, or security requirements;

  • to validate your payment card information;

  • to communicate with you by email, phone, or SMS in connection with our products and services, and that of Loot Payments' related bodies corporate;

  • to our related bodies corporate where required for business and operational purposes;

  • to assist Loot Payments' related bodies corporate and third parties in the provision of products or services that you request from them;

  • to monitor the use of and improve our interactive assets, including the Loot Payments eCommerce;

  • to perform data analyses (including anonymisation of personal information);

  • to comply with applicable legal requirements, industry standards and our policies or to comply with a request from a law enforcement authorities or other government officials;

  • to perform auditing, research and analysis in order to maintain, protect and improve our services;

  • where we believe it is necessary to protect our legal rights, interests and the interests of others, including in connection with legal claims, compliance, regulatory and audit functions, prevention of fraud, ensuring data security;

  • to provide you with further information about services and products we think may interest you;

  • to resolve complaints;

  • for direct marketing, promotional and lead generation activities;

  • to manage our risks and identify illegal activity;

  • to provide support services and answer your enquiries;

  • for any other purpose consented to by you; and

  • for any other purpose related to any of the above purposes, as permitted under the privacy legislation.

If you are an individual in the European Union (EU), we collect and process information about you only where we have a legal basis for doing so under the GDPR. The legal basis for processing your personal information will depend on the Loot Payments products or services you use and your relationship with Loot Payments (for example, whether you are a Loot Payments customer, you are a beneficial owner or controlling person of a Loot Payments customer or you receive products or services from a Loot Payments customer). We will only collect and use your personal information where one of the following legal bases apply:

  • it is required to provide you with the relevant Loot Payments products or services in accordance with our agreement with you;

  • it is necessary for the purposes of the legitimate interests of Loot Payments (which is not overridden by your data protection interests), including in connection with legal claims, compliance, regulatory and audit functions, prevention of fraud and ensuring data and system security;

  • you have given us consent to do so for a specific purpose; or

  • it is necessary for us to comply with our legal obligations.

If you are an individual in the EU and you have consented to our use of your personal information for a specific purpose, you have the right to withdraw your consent at any time, but this will not affect any processing that has already taken place.

 

MEANS OF COLLECTION AND HOLDING OF INFORMATION

Loot Payments collects the personal and credit information voluntarily provided by you through our application forms, via our website, over the phone, through a Loot Payments internet-based portal or from third parties who Loot Payments has a relationship with. Loot Payments may also collect credit information about you from credit reporting bodies or other credit providers, subject to any restrictions under the privacy legislation.

Loot Payments may also collect information about you, including where you are not a customer of Loot Payments, but are associated to a customer or are a customer of a service provider of Loot Payments, from that customer, through fraud monitoring systems implemented by Loot Payments or from publicly available sources such as registers maintained by the Australian Securities and Investments Commission and ABN Lookup, social media or made available by third parties.

Generally, the personal information that Loot Payments may request from you is required to enable Loot Payments to enter into a contractual agreement with you, is a requirement under the terms of the contractual agreement with you or is required by Loot Payments to comply with its obligations under applicable laws, such as the Anti-Money Laundering and Terrorism-Financing Act 2006 (Cth).

You are not obliged to provide the personal information we request, however if you do not provide the personal or credit information requested by Loot Payments, Loot Payments may not be able to provide you (or the customer with which you are associated) with the requested products or services and we may not be able to provide you with information about our products and services.

Loot Payments holds personal and credit information in electronic and physical form in accordance with the ‘Security and Retention of Information’ section of this Policy.

 

USE AND DISCLOSURE OF INFORMATION

Loot Payments will use and may disclose personal and credit information for any of the purposes set out above. People Loot Payments may disclose your information to for the above purposes include:

  • Loot Payments' service providers, including service providers that assist us to operate, provide, improve, integrate, customise, support, monitor and market our products and services. We do not authorise these service providers to use or disclose such data except as necessary to perform certain services on our behalf or to comply with legal requirements. We use reasonable endeavours to contractually require these service providers to appropriately safeguard the privacy and security of personal information they process on our behalf;

  • Loot Payments' related bodies corporate;

  • providers of software that integrates with Loot Payments' products and services;

  • our affiliates and other entities that assist with payment card fraud prevention;

  • merchants;

  • entities to whom Loot Payments outsources functions;

  • people acting on your behalf including guardians, agents, people holding a power of attorney and people you authorise us to share information with;

  • other financial institutions;

  • employers or former employers;

  • any referees you nominate in connection with your application for Loot Payments products or services;

  • credit reporting bodies and credit providers;

  • Loot Payments' representatives and advisors, including lawyers and accountants;

  • government or law enforcement entities.

We may share aggregated and de-identified information with participating financial institutions and their customers. For example, we may share data to show trends about the general use of our products and services.

We may work with third parties to provide additional products or services which may be offered to you. At the time these products or services are offered to you, you will be asked if you consent to share your personal information with such third parties for the purpose of providing such product or service, or for other purposes, such as marketing. If you agree with our sharing your personal information with such third party for such specific purpose, we then may share your personal information with such third party. 

We also may share personal information otherwise with your consent.

Where you become a Loot Payments customer, Loot Payments may disclose financial information relating to your Loot Payments EFTPOS and/ or eCommerce Facility to third parties for the assessment of the third party’s credit risk where it is in the business of lending money to you or your business, the improvement of customer service and marketing purposes. It is the responsibility of the third party to comply with all applicable regulatory requirements in relation to the use of the relevant financial information.

Loot Payments may be required in some circumstances to disclose personal or credit information where:

  • required or authorised by law;

  • required in order to investigate an unlawful activity;

  • required by an enforcement body for investigative activities; or

  • necessary to prevent a serious threat to a person’s life, health or safety, or to public health or safety.

Loot Payments discloses personal information to overseas third parties located in the United States of America, India, New Zealand, Ireland, the Netherlands, Singapore and China for the purposes of providing our products, marketing and lead generation activities and obtaining product analytics to allow it to improve its products and services.  In addition, personal information may need to be transferred to service providers located in other overseas countries from time to time in order for Loot Payments to perform its functions or activities.

​

 

DIRECT MARKETING

From time to time Loot Payments may use personal information to send you information regarding Loot Payments' services and products, and that of its related bodies corporate. If you do not wish to receive direct marketing information, you can contact us using the contact details provided below and Loot Payments will take immediate steps to ensure that you do not receive any direct marketing information in future.

 

QUALITY OF INFORMATION

Loot Payments' objective is to ensure that all information collected by Loot Payments is accurate, complete and up-to-date. If Loot Payments is unable to update its records following a request to do so it will notify you and provide its reasons in writing. Loot Payments will update records if notified that information is not accurate, complete or up-to-date. If you believe the information that Loot Payments holds about you is not accurate, please contact us using the contact details provided below.

 

SECURITY AND RETENTION OF INFORMATION

Loot Payments is committed to keeping information secure and will take all reasonable precautions to protect information from unauthorised access, interference, modification, disclosure, loss, misuse or alteration. Personal and credit information may be stored in hard copy documents or electronically on Loot Payments' software or systems. Loot Payments maintains physical security over its paper and electronic data stores, such as locks and security systems. Loot Payments also maintains computer and network security using passwords to control and restrict access to authorised staff for approved purposes.

We restrict access to personal information about you to those employees who need to know that information to provide products or services to you. We maintain appropriate administrative, technical and physical safeguards to protect the personal information we have about you. We endeavour to take measures to destroy or permanently de-identify personal information when there is no longer a business need to keep the data. The types of measures we take vary with the type of information, and how it is collected and stored.

The period of time for which your information will be retained by Loot Payments will depend on the types of information we hold about you. Generally, your information will be retained for the period during which you have an ongoing relationship with Loot Payments and for a period of at least 7 years after this relationship ceases, or such other period of time as required under specific legislation relating to the type of information held (for example under the Anti-Money Laundering and Terrorism-Financing Act 2006 (Cth)).

​

FEATURES AND LINKS TO OTHER WEBSITES

The Loot Payments website may contain links to websites maintained by third parties. Any personal information collected on the resulting website will not be controlled by Loot Payments or its service providers but will be subject to the privacy notice and terms of use of the resulting website. We strongly suggest that you review the Privacy Notice and terms of use of the resulting website.

 

CHANGE TO THIS POLICY

Loot Payments may change this Policy from time to time for any reason without prior notice to you to reflect changes in our personal information handling practices. The up-to-date version of this Policy is located on Loot Payments' website. You will be notified of any changes to this policy by Loot Payments uploading an updated version to this website.

We will indicate in the Policy when it was most recently updated. Please check this Policy and our website periodically to ensure that you are aware of any changes or updates.​

 

PART 2 – LOOT PAYMENTS ECOMMERCE SPECIFIC TERMS

This section applies to our merchants or other individuals (including customers of Loot Payments' merchants) that use the Tyro eCommerce in addition to the other sections of this Policy.

In connection with the Loot Payments eCommerce, we may collect, use, hold and disclose personal information, in addition to that described above, from merchants participating in the Loot Payments eCommerce, and their respective service providers, developers and/or admins when an account is being created on behalf of a merchant as part of the enrolment process for the Loot Payments eCommerce. Such personal information includes, but is not limited to, first name, last name, tax ID, name, date of birth, phone number (landline and mobile), social security number, address, customer service phone number, government issued ID number (e.g., passport or national ID), bank account information (e.g., routing number, bank account number, IBAN, SWIFT, and SORT code), email address, username, password, and security questions. We may also collect other information about your business such as business address, business type, business start date, filing state, and bank name.

If you create a developer account in connection with the Loot Payments eCommerce, we collect personal information from you in order to operate your account.  Such personal information includes, but is not limited to, first name, last name, email (doubles as username), and password.

We may also process the personal information of individuals who make payments through the Loot Payments eCommerce on behalf of merchants.  There are obligations that apply to merchants with respect to personal information about individuals making payments to merchants through the Loot Payments eCommerce, which are described in our terms and conditions. Please make sure to read our terms and conditions carefully to make sure you understand how these obligations may apply to you and that you can comply.

​

PART 3 – COOKIES

A “cookie” is a text file placed on a computer’s hard drive by a web server. A cookie contains small amounts of information which is downloaded on your device’s memory and can subsequently be accessed by our web servers.

A “web beacon,” also known as an Internet tag, pixel tag or clear GIF, is used to transmit information back to a web server. A web beacon is an object embedded in and downloaded together with a webpage which provides information as to the viewing of that webpage.

We may use the following cookies:

Essential cookies – Some cookies are essential for the Site to function effectively and to offer you products and services. For example, essential cookies enable you to securely access and navigate within the Site and its functionalities.

Essential cookies collect the following information: session ID (to remember your credentials in the course of your session), security token and other server affinity and authentication data (to establish and maintain communication with the most appropriate servers).

We use essential cookies for the duration of each session (session cookies). Session cookies are deleted when you close your web browser. Session cookies are also used by us or our service providers to know whether our cookie consent notice has been viewed and to allow for the frequency capping of the cookie on-site notice (an on-site cookie notice at the bottom of the landing page that informs you that cookies are used on the Site and how to enable and disable them). In addition, we use session cookies to remember the choices you make on our Sites.

You may reject essential or session cookies by altering the cookie function of your browser. The “help” option of the toolbar on most browsers will tell you how to stop accepting new cookies, how to be notified when you receive a new cookie, and how to disable existing cookies. However, if you reject these cookies, you may not be able to use full or part of the Site, as these cookies are strictly necessary for the Site to operate.

Advertising cookies – Advertising cookies collect information which are provided to our third-party advertisers, including Microsoft Advertising (you can view Microsoft’s Privacy Policy here for more information about how Microsoft uses personal information) These cookies are used for web advertising purposes, such as to understand your use of the Site and your online activities and to present you with relevant offers and advertisement tailored to your interests. You may see certain advertisement on other websites because we work with advertising partners to customise relevant content to you on third-party websites.

Advertising cookies collect the following information, which may include personal information: unique identification assigned to your device; IP address, device and browser type, operating system, referring URLs, content viewed, products purchased, or other actions taken on the Site, time and date of those actions and country information.

Analytics cookies – Analytics cookies like Omniture cookies are used on the Site for website analytics purposes, such as creating anonymised reports and statistics on the performance of the Site. In addition, other third party cookies are used to manage and improve the performance of the Site. This includes performance cookies that help us understand the use of the Site and our products.

Analytics cookies help collect the following information: unique identification assigned to your device, IP address, device and browser type, operating system, referring URLs, time and date page was visited, information on actions taken in the course of using the Site and country information.

bottom of page