Privacy Statement1
At Ezidebit (NZ) Limited (Company Number: 94 290 352 663 10), we respect your concerns about privacy. This Privacy Policy relates to the collection of personal information from users of our websites, mobile applications (“Apps”), email, branded social media sites or pages and other online or mobile services that link to or expressly reference this Policy (collectively the “Sites”).
For the purpose of this Privacy Policy, “Ezidebit”, “we” and “us” refer to Ezidebit (NZ) Limited and its related bodies corporate, as the context requires. Our privacy practices vary depending on the services we provide and the country-specific requirements for the countries in which we operate. For some products and services, where required, we will provide additional privacy notices before collecting your personal information. Please read this Privacy Policy carefully. If you have any questions, you may contact us at [email protected] or by the methods provided in the “Contact Us” section below.
Ezidebit provides payment products and services for commercial and non-commercial enterprises. In the delivery of our services, we routinely collect and retain personal information about our customers and the individuals with whom our customers do business. For our customers, additional disclosures are set out in the documentation provided to them at or before onboarding. This Privacy Policy relates only to information we collect through our Sites and Apps and should be viewed as a supplement to any other notices or contractual terms provided to customers.
Ezidebit collects personal information from users of our Sites and Apps who might be our Customers, prospective Customers, and Customer end users (“End Users”) who engage with our Sites as part of the Services we provide to our Customers.
Because our relationship with Customer End Users is indirect, we process such End User personal information only for the purposes of providing the Services, in accordance with our Customer’s instructions. Under applicable privacy laws, in this context, Ezidebit would be considered a processor or service provider. If you are an End User who has a relationship with one of our Customers and you have a question about how your personal information is collected, used, or shared, or would like to exercise any rights you may have with respect to your personal information, please contact the Customer directly.
Select one of the links below to jump to the relevant section:
- Personal Information We Collect
- Sources of personal information
- How we use the personal information we obtain
- Our legal basis for collecting and using personal information
- How we share the personal information we collect
- Cookies and other tracking technologies
- External links
- Our relationship with affiliate companies (including sharing and cross-border transfers)
- Our Commitment to Data Security
- Login details and your responsibility
- Managing your preferences
- Your Rights
- Changes & Updates
- Choice of Law
- Complaints
- Contact Us
Personal Information We Collect
Subject to your consent if required by law, we may collect the following personal information:
- Identifiers including name and contact details including telephone number, email address and postal address;
- Sensitive personal information such as your driver’s license number (or the number and details of other types of identification, such as a passport or proof of age card), username and password, health/medical information, race, gender, ethnicity, etc.;
- Commercial information, such as information about your business and your preferences regarding products and related services which are of interest to you (see “Managing Your Preferences” below);
- Internet/electronic activity including information from cookies and other tracking technologies including location, device identifier, usage and browsing history;
- Professional and employment related information such as your status with the organization with which you are affiliated;
- Education information;
- Audio, electronic, visual, thermal, olfactory or similar information;
- Biometric identifiers;
- Geolocation;
- Information you provide if you report a problem with our Sites; and
- Records of any correspondence we have with you.
Data Anonymization and Aggregation: Subject to your consent if required by law, we may anonymize or aggregate your personal information in such a way as to ensure that you are not identified or identifiable from it, in order to use the anonymized or aggregated data, for example, for statistical analysis including analysis of trends, to carry out actuarial work, to tailor products and services and to conduct risk assessments and analysis of costs and charges in relation to our products and services. We may share anonymized or aggregated data with our global affiliates and with other third parties. This Privacy Policy does not restrict Ezidebit's use or sharing of any non-personal, summarized, derived, anonymized or aggregated information.
Sources of Personal Information
Information that you provide to us: We collect personal information that you provide to us when you set up an account with us, use our services, or communicate with us. For example, if you register for an online account with us, we may request your name, contact information, and business information. Providing us with personal information about yourself is voluntary, and you can always choose not to provide certain information, but then you may not be able to take advantage of or participate in some of the services.
Information collected from third parties: We may collect information about you from third parties in the course of providing our services to you. For example, we may collect Identifiers and Commercial information from a referral partner or other third-party in order to contact you about the services we provide. We may also receive business related information about you from third party companies that supplement our business customer records with firmographic and professional information.
Information collected through technology: When you visit our Sites or Apps or interact with an email we send to you, we may collect certain information automatically such as your account or device identifier, and usage information such as pages that you visit, information about links you click, the types of content you interact with, the frequency and duration of your activities, and other information about how you use our services. You have the ability to express your preference regarding some of the ways we collect information through technology in some of our services (see “Cookies and Other Tracking Technologies” for more information). We may collect geolocation in the Sites or Apps for the purpose of enabling location-based Services.
How We Use the Personal Information We Obtain
Subject to your consent if required by law, we may use your personal information for the following business and commercial purposes:
- To provide our Services to you;
- To contact you regarding any inquiry you make or to fulfil a request, such as, for example, a request for information about our products and services;
- To contact you if you have signed up for e-newsletters or any other updates, communications or publications;
- To verify or maintain the quality and safety of our products and services and to improve, upgrade, or enhance our services;
- To detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and prosecute individuals responsible for that activity;
- To enable internal record keeping and administration of records;
- To personalize your experience when you use our Sites and Apps;
- To track information about our interactions with you, including, but not limited to, counting advertising impressions to unique visitors and verifying positioning and quality of advertising impressions;
- To send you direct marketing, subject to your consent if required by applicable law (see “Managing Your Preferences” below); and
- To comply with applicable laws and regulations.
We retain the data we collect for different periods of time depending on what it is and how we use it. In some contexts, we will provide additional information about retention as you use the Services. When we collect your personal information, we will retain it only for as long as is necessary to complete the legitimate business or legal purposes for which we collected it. In many cases, the retention time period will correspond to the time period for which you have an account or other type of business relationship with us plus a defined period after that relationship ends which will be defined by our regulatory requirements.
Our Legal Basis for Collecting and Using Personal Information
Our legal basis for collecting, using and storing personal information may depend on the specific Service with which you are engaging. In most cases, when we process personal information on behalf of our Customer, our legal basis is the performance of a contract. In some contexts, such as when we engage in direct marketing, our legal basis for processing personal information is consent. If you are a merchant or applying for merchant services, we may also be required to collect certain personal information under the Anti-Money Laundering and Counter Financing of Terrorism Act 2009. When we rely on legitimate interest as the legal basis for our processing of personal information, we have procedures in place to ensure that we are balancing our interests and rights against the impact to the individual and their applicable statutory or fundamental rights.
How we Share the Personal Information We Collect
Ezidebit is a subsidiary of Global Payments, Inc, which is a multinational business headquartered in the United States, with subsidiaries and affiliates in countries around the world. Your personal information may be disclosed to recipients located outside of your country, including to our global subsidiaries and affiliates (see “Our Relationship with Affiliate Companies” below) as described in this Privacy Policy.
For each category of personal information we collect, we may share such information in the manner and for the purposes described below:
- With companies engaged to help us run our business, subject to your consent if required by law. These types of companies may include our affiliate companies, distributors of our products and services, service providers retained to perform functions on our behalf or to provide services to us, including (without limitation) legal, accounting, audit, consulting and other professional service providers, and providers of other services related to our business. Portions of our Services may be provided by organizations with which Ezidebit has a contractual relationship, including subcontractors, and, accordingly, your personal information may be disclosed to them. We take steps aimed at ensuring that all such persons process your personal information as disclosed by us only as necessary to perform the Services and subject to a written contract which requires them to comply with applicable laws;
- With third parties with whom you have a relationship, such as a financial institution or independent sales organization who referred you to Ezidebit for services;
- With logistics service providers to enable the delivery of packages to individuals;
- With other third parties with whom you direct us to your personal information, subject to your specific consent for such data sharing;
- With regulators including state and federal agencies, card payment networks, issuing banks and other parties required to enable compliance with laws, regulations and industry standards related to transaction processing and in order to obtain commercial and credit information to establish, maintain or renew a customer’s contract(s), as may be required to provide any of the services for which a customer has subscribed, or to comply with the rules and regulations of any credit or debit card payment network or otherwise in accordance with this Privacy Policy;
- In response to a court order or a request for cooperation from a regulatory, law enforcement or other government agency; to establish or exercise our legal rights; to defend legal claims; or as otherwise required or permitted by applicable laws and/or regulations;
- When we believe that disclosure is appropriate in connection with efforts to investigate, prevent, or take action regarding actual or suspected illegal activity, fraud, or other wrongdoing; to protect and defend the rights, property or safety of Ezidebit, its customers, staff, suppliers or others; and
- To purchasers and, subject to local legal requirements, prospective purchasers in the event that Ezidebit and/or its global affiliate companies (as applicable) disposes of, or considers the disposition of, any of its/their business or assets.
We do not sell your personal information to third parties for monetary compensation. To the extent that we share your personal information with third parties for cross-context behavioural advertising, we will implement features within the Services that enable you to see a list of the entities with which the personal information is shared and which enable you to express your preferences. You can find additional information about how those third parties use personal information in the applicable third party privacy notice.
Cookies and Other Tracking Technologies
Cookies and similar tracking technologies are used to help us retain information about your use of our Sites and Apps. Using cookies, we collect information like country location, language preference and other settings. Cookies can also help us to operate our Sites more efficiently, remember you for future visit and enhance your user experience by providing real-time tools including user guides and chatbots.
The cookies and tracking technologies that we may use on the Sites fall into the following categories:
Strictly Necessary. These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions taken by you such as logging in or filling in forms. You can set your browser to block or alert you about these cookies, but blocking them may impede the functionality of the Sites and Apps.
Performance. These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.
Functionality. These cookies enable the Sites and Apps to provide enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies then some of these services may not function properly.
Targeting. These cookies may be set through our Sites and Apps by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other sites. They are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
How to Delete or Block Cookies and Other Tracking Technologies:
On some Sites and Apps, when technically feasible, we will enable tools to help you make choices about cookies and other tracking technologies. You may also delete or block cookies at any time by changing your browser settings. You can click “Help” in the toolbar of your browser for instruction or review the cookie management guide produced by the Interactive Advertising Bureau available at www.allaboutcookies.org and www.iab.org.nz. If you delete or block cookies, some features of the Sites may not function properly.
External Links
Ezidebit may provide links on our Sites and Apps to other websites that are not under our control. We do not endorse or make any warranty of any type regarding the content contained on such websites or products and services offered on those websites. We make no representation regarding your use of such websites. Please be aware that we are not responsible for the privacy practices of the operators of other websites. We encourage our users to be aware when they leave our Sites and to read the privacy statements of each and every website that collects personal information. This Privacy Policy applies solely to information collected by us. You should read any other applicable privacy and cookies notices carefully before accessing and using such other websites.
Our Relationship with Affiliate Companies (Including Sharing and Cross-Border Transfers)
Subject to your consent if required by applicable law, we may appoint an affiliate company to process personal information in a service provider role. We will remain responsible for that company’s processing of your personal information pursuant to applicable data privacy laws.
Because our affiliate companies are located around the globe, your personal information may be transferred to and stored in the United States or in another country outside of the country in which you reside, which may be subject to different standards of data protection than your country of residence.
We take appropriate steps to ensure that transfers of personal information are in accordance with applicable law, are carefully managed to protect your privacy rights and interests and limited to countries which are recognized as providing an adequate level of legal protection or where alternative adequate arrangements are in place to protect your privacy rights.
Our Commitment to Data Security
We take seriously our responsibility to protect the security and privacy of the information we receive via our Sites and Apps. We maintain administrative, technical and physical safeguards designed to protect the personal information you provide via the Sites and Apps against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure or use.
Any suspected attempt to breach our policies and procedures, or to engage in any type of unauthorized action involving our information systems, is regarded as potential criminal activity. Suspected computer mischief may be reported to the appropriate authorities.
Please remember that communications over the internet such as emails are not secure. We seek to keep secure all confidential information and personal information submitted to us through this Website in accordance with our obligations under applicable laws and regulations. However, like all website operators, we cannot guarantee the security of any data transmitted through this Website.
When we no longer need your personal information to provide the Services, it will be securely deleted or de-identified in a manner that ensures you cannot be re-identified. Where we are collecting or storing your personal information on behalf of our Customer, the retention of your personal information may be subject to our contractual obligations to our Customer.
Login Details and Your Responsibility
Subject to your consent if required by law, we will collect and process your personal information as necessary to set up and administer your sign up to, and use of, the log in facility available on our Sites and Apps. We may use cookies to “remember” the machine or other device you use to access our Sites (see “Cookies and Other Tracking Technologies” below). Please remember that if we contact you, we will never ask you for your password in an unsolicited email, message or phone call. If you choose to use the log in facility available on our Sites and Apps, you are required to adhere to the security procedures we establish in the documentation we provide you as part of the services.
Managing Your Preferences
We may use your personal information to provide you with direct marketing information about our products and services as well as those of our global affiliates and third parties. Our direct marketing may be by email, telephone, post or SMS or such other method(s) as may become relevant. In addition, we may provide direct marketing information and permit others to do that as allowed by our customers’ respective contracts.
We will take steps to ensure that any direct marketing from us will provide a simple means for you to stop further communications, in accordance with applicable law. For example, in email, we may provide you with an “unsubscribe” link, or an email address to which you can send an opt-out request. You may also request to be removed from direct marketing correspondence by emailing us at [email protected].
Your Rights
If you are an End User who interacts with our Sites or Apps for the purpose of engaging with our Customers and have questions about legal rights you may have with respect to your personal information collected by our Customer, please consult the Customer with which you have a relationship.
Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking, you have the right to:
- Know whether we process your personal information;
- Know how your personal information is used;
- Access, request and receive the personal information we have collected in a portable manner;
- Object to having your personal information sold or shared.
You may contact us using the information in the Contact Us section of this Privacy Policy for additional information about how to exercise your rights.
Access to personal information. Upon request, we will provide you with access to your personal information held by us, except in circumstances where refusing you access is required or authorised by law.
To request access to the information held by us about you, please contact us using the contact details listed below. We will respond to your request within a reasonable time after the request is made, and will advise you if we will not or cannot provide you access, together with the reasons for denying you access.
We reserve the right to charge you for providing access to your personal information. We will notify you of those costs prior to providing you with access to the information. We may require those costs to be paid prior to providing you with access.
Correction of personal information. We take reasonable steps to ensure that the personal information collected by us is accurate, complete, relevant and up to date. If you believe that any of the personal information we hold about you requires correction, please inform us in writing using the contact details set out below.
Changes and Updates
We reserve the right, in our sole discretion, to modify, update, add to, discontinue, remove or otherwise change any portion of this Privacy Policy, in whole or in part, at any time. When we amend this Privacy Policy, we will revise the “Last Updated” date located at the top of the document. We will also take reasonable steps to ensure you are made aware of any material updates including providing you direct communication about such changes or providing a notification through the services, as appropriate. If you provide personal information to us or access or use our Sites after this Privacy Policy has been changed, you will be deemed to have unconditionally consented and agreed to such changes. The most current version of this Privacy Policy will be available on the Sites and Apps and will supersede all previous versions of this Privacy Policy.
Choice of Law
Except where prohibited by law, this Privacy Policy, including all revisions and amendments thereto, is governed by the laws of New Zealand, without regard to its conflict or choice of law principles which would require application of the laws of another jurisdiction.
Complaints
If you have a complaint about how we have collected, used or disclosed your personal information, or if we have not corrected or provided you with access to your personal information, then you may contact our support team using the contact details in the Contact Us section below so that we can investigate the complaint and respond to your concerns.
If you are not satisfied with our response, you can submit a complaint to:
- in New Zealand: the Office of the Privacy Commissioner (OPC) (see: https://www.govt.nz/browse/consumer-rights-and-complaints/how-to-complain/privacy-complaint);
- in the EU: your local data protection supervisory authority (see: https://edpb.europa.eu/about-edpb/board/members_en).
Contact Us
Under the Privacy Act 2020, you have the right to request access to or correction of your personal information. If you have questions about this Privacy Policy, or if you want to exercise your rights as described in this Privacy Policy, you can submit a request by contacting us at:
Telephone: 0800 478 483
Email: [email protected]
Post: Ezidebit (NZ) Limited
Level 9, 2 King Street
Bowen Hills QLD 4006
Australia
In order to honour any access request, we will require you to provide enough information for us to verify your identity. For example, we may ask you for information associated with your account, including your contact information or other identifying information. If you designate an authorized agent to make a rights request on your behalf, we may require proper proof of that authorization as well as direct verification of your identity from you.
Privacy Policy last updated 13 June 2023
1Web Usability Standard 1.3 https://www.digital.govt.nz/standards-and-guidance/nz-government-web-standards/web-usability-standard-1-3/#privacy