INTRODUCTION This notice applies across all websites that we own and operate and all services we provide, including our online and mobile financial services products, and any other apps or services we may offer (for example, events or training). For the purpose of this notice, we’ll just call them our ‘services’.
We may need to update this notice from time to time. Where a change is significant, we’ll make sure we let you know – usually by sending you an email. You can read the whole notice below, or if you haven’t got much time, you can jump to the section you need using the navigation menu.
Last updated: 26 October 2021
WHO WE ARE? When we refer to ‘we’ (or ‘our’ or ‘us’), that means Growpay and all its wholly owned subsidiaries. Our headquarters are in Australia but we operate all over the world.
We provide an easy-to-use global online payments directory for businesses of all sizes and their advisors. At the core of our platform is our payments directory platform. If you want to find out more about what we do, see the Our Story page.
For European Union data protection purposes, when we act as a controller in relation to your personal data, Growpay is our representative in the European Union.
OUR PRINCIPLES OF DATA PROTECTION Our approach to data protection is built around four key principles. They’re at the heart of everything we do relating to personal data.
Transparency: We take a human approach to how we process customer data by being open, honest and transparent.
Enablement: We enable connections and efficient use of customer data to empower productivity and growth.
Security: We champion industry leading approaches to securing any customer data entrusted to us.
Stewardship: We accept the responsibility that comes with processing personal data.
HOW WE COLLECT YOUR DATA When you visit our websites or use our services, we collect customer data. The ways we collect it can be broadly categorised into the following:
Information you provide to us directly: When you visit or use some parts of our websites and/or services we might ask you to provide company data to us. For example, we ask for your contact information when you sign up to access exclusive group-discounts, respond to a job application or an email offer, participate in community forums, join us on social media, take part in training and events, contact us with questions or request support. If you don’t want to provide us with personal data, you don’t have to, but it might mean you can’t use some parts of our websites or services.
Information we collect automatically: We collect some information about you automatically when you visit our websites or use our services, like your IP address and device type. We also collect information when you navigate through our websites and services, including what pages you looked at and what links you clicked on. This information is useful for us as it helps us get a better understanding of how you’re using our websites and services so that we can continue to provide the best experience possible (e.g., by personalising the content you see).
Some of this information is collected using cookies and similar tracking technologies. If you want to find out more about the types of cookies we use, why, and how you can control them, take a look at our cookie notice.
Information we get from third parties: The majority of information we collect, we collect directly from you. Sometimes we might collect personal data about you from other sources, such as publicly available materials or trusted third parties like our marketing and research partners. We use this information to supplement the personal data we already hold about you, in order to better inform, personalise and improve our services, and to validate the personal data you provide.
Where we collect personal data, we’ll only process it:
If we don’t collect your personal data, we may be unable to provide you with all our services, and some functions and features on our websites may not be available to you.
HOW WE USE YOUR DATA First and foremost, we use your personal data to operate our websites and provide you with any services you’ve requested, and to manage our relationship with you. We also use your personal data for other purposes, which may include the following:
To communicate with you. This may include:
To support you: This may include assisting with the resolution of technical support issues or other issues relating to the websites or services, whether by email, in-app support or otherwise.
To enhance our websites and services and develop new ones: For example, by tracking and monitoring your use of websites and services so we can keep improving, or by carrying out technical analysis of our websites and services so that we can optimise your user experience and provide you with more efficient tools.
To market to you: In addition to sending you marketing communications, we may also use your personal data to display targeted advertising to you online – through our own websites and services or through third party websites and their platforms.
To analyse, aggregate and report: We may use the personal data we collect about you and other users of our websites and services (whether obtained directly or from third parties) to produce aggregated and anonymised analytics and reports, which we may share publicly or with third parties.
HOW WE CAN SHARE YOUR DATA There will be times when we need to share your personal data with third parties. We will only disclose your personal data to:
an actual or potential buyer (and its agents and advisors) in connection with an actual or proposed purchase, merger or acquisition of any part of our business
INTERNATIONAL DATA TRANSFERS When we share data, it may be transferred to, and processed in, countries other than the country you live in – such as to the United States, where our data hosting provider’s servers are located. These countries may have laws different to what you’re used to. Rest assured, where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected.
For individuals in the European Economic Area (EEA), this means that your data may be transferred outside of the EEA. Where your personal data is transferred outside the EEA, it will only be transferred to countries that have been identified as providing adequate protection for EEA data (like Australia), or to a third party where we have approved transfer mechanisms in place to protect your personal data – i.e., by entering into the European Commission’s Standard Contractual Clauses.
SECURITY Security is a priority for us when it comes to your personal data. We’re committed to protecting your personal data and have appropriate technical and organisational measures in place to make sure that happens.
RETENTION The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it.
We’ll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we’ll make sure it’s deleted or anonymised.
YOUR RIGHTS It’s your personal data and you have certain rights relating to it. When it comes to marketing communications, you can ask us not to send you these at any time – just follow the unsubscribe instructions contained in the marketing communication, or make your request by contacting us via email.
You also have rights to:
You can exercise these rights at any time by making a request via email.
If you’re not happy with how we are processing your personal data, please let us know by getting in touch with the team via email. We will review and investigate your complaint, and try to get back to you within a reasonable time frame. You can also complain to your local data protection authority. They will be able to advise you how to submit a complaint.