PiCo is operated by Pointpal Holdings Pty Ltd, a company registered in Australia under Company Number 148202993, whose registered office at Level 16, 1 Market Street, Sydney, NSW Australia 2000 (“we”, “our”, or “us”). For the purpose of the Australian Privacy Act 1988 (Cth) and the UK Data Protection Act 1998, we are the data controller.
If you have any questions about our privacy practices, please contact us here.
When you subscribe to our service via the Site or App, we may collect a variety of information from you, which may include:
Personal information you provide us
Personal information is information that can be used to identify or contact a single person (“Personal Information”). You may provide Personal Information to us when you register to use the Site or App, when filling in forms on our Site or App; using the service (such as registering your payment card or loyalty scheme card); corresponding with us by phone, e-mail or otherwise; participating in discussion boards; sharing, linking or using any other social media functions on our Site or App; or if you enter a competition, promotion or survey. Personal Information you give us may include your name, address, e-mail address, phone number, financial and credit card information, loyalty card information, personal description and photograph.
Also, in the course of providing Services to you, we may collect sensitive personal information about you, such as your racial or ethnic origin, political opinions, membership of a political association, religious beliefs, philosophical beliefs, memberships of a professional or trade association or trade union, sexual preferences or practices, criminal record or health. If you disclose sensitive personal information to us, we will only use it for the purposes for which it was provided and as permitted by law.
Information that we collect about you
Each time you visit our Site or use our App, we may automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, the type of mobile device you use, mobile network information; browser type and version, time zone settings, operating systems and platforms.
- details of your use of our Site or App including, but not limited to, traffic data, location data, weblogs and other communication data, and the resources that you access.
We may also use GPS technology to determine your current location. Some of our location-enabled services require your personal information for the feature to work. If you wish to use the particular feature, you will be asked to consent to your information being used for this purpose. You can withdraw your consent at any time by updating your location services preferences in the handset via Settings.
Information we receive about you from other sources
We may receive information, including Personal Information, about you from third parties we work closely with (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers and credit reference agencies).
If you have registered for the Service on our Site or App via Facebook, or other third party social networking sites (“SNS”), we will obtain information you have provided to the SNS (such as your name, profile picture, email address and other information you make publicly available via the applicable SNS) from the account you have with such SNS and will use that information to create your PiCo account and each time you register for a loyalty scheme or membership program. The information we obtain may depend on the privacy settings you have with the SNS.
We may combine the information we receive about you with information you give to us and information we collect about you and use the combined information for the purposes set out below (depending on the types of information we receive).
Use of Your Information
We use your information for the following purposes:
- to provide you with our Services, including carrying out our obligations arising from any contracts entered into between you and us;
- to provide you with service related information including loyalty rewards balance updates and information on and/or about retailers and/or service providers who run loyalty schemes or membership programs (“Merchants”);
- to provide you with information about products or services that you request from us or which we feel may interest you (except where you have requested not be contacted for such purposes);
- to provide you, or permit selected third parties to provide you, with information about products or services we feel may interest you, where you have provided your express consent;
- to notify you about changes to our Site, App or Service;
We may further use your information to improve our Service and to offer you tailored content so that you have a more relevant and beneficial experience and to analyse and understand how our Site, App and Service are used, which includes (without limitation):
- offering you improved customer service and support;
- personalising your visits to the Site or App to improve our Service;
- conducting market research;
- anonymizing Personal Information and preparing aggregated data reports showing anonymized information for the purpose of advising ourselves, Merchants and our business partners regarding past and potential future patterns of spending, fraud, and other insights that may be extracted from this data; and
- carrying out technical and statistical analysis to monitor our Service, the Site and App.
- preventing and prosecuting fraud;
- meeting legal, regulatory, insurance and security requirements;
- ensuring that content on our Site and App is presented in the most effective manner for you.
Sharing Your Information
We may share information about you with Merchants and our business partners, suppliers and sub-contractors that we engage to help us provide the Services to you or to process your information.
We may disclose your information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries (“Pointpal Holdings”).
Your information may be used by us and/or other members of the Pointpal Holdings Group to contact you by email and SMS with information and offers on products/services provided by us and/or other members of the Pointpal Holdings Group. If you use our App, we may use push notifications to contact you (where we have your consent).
Where you have given us your express consent, we will supply your information to our business partners and selected third parties, including Merchants, so that they may contact you with information and offers which may be of interest to you, and that such information cannot be re-sold by them.
If you decide at any time that you no longer wish to receive marketing communications from us by email or SMS, please follow the unsubscribe instructions provided in any of the communications you receive from us or contact us (see “Changing or Deleting Information” below). If you no longer want to receive push notifications, you can update your preferences in the App via Settings.
We may transfer, sell or assign any of the information described in this policy to third parties as a result of a sale, merger, consolidation, change of control, transfer of assets or reorganisation of our business, but will take appropriate steps to ensure the confidentiality of your information in accordance with these terms.
Accessing Your Personal Information
If you wish to review or receive copies of the Personal Information we hold about you, change your marketing preferences or have any other privacy queries, please write to us (including full details of your request) here.
We may reject requests that are unreasonably repetitive, require disproportionate technical effort, risk the privacy of others, or would be extremely impractical (for instance, requests concerning information residing on backup systems). We may charge a small administration fee (not exceeding the maximum permitted by law in Australia and/or in England) in relation to fulfilling a request for access to Personal Information.
Changing or Deleting Your Information
You may review, update, correct or delete the Personal Information you provide to us in course of the use of the Service via the Site and App or by contacting us. If you completely delete any or all such information, then your account may become deactivated or certain functionality may be reduced. If you would like us to delete your account in our system, please contact us at here with a request that we delete your Personal Information from our database. We will use commercially reasonable efforts to honour your request. We may retain an archived copy of your records as required by law.
We take the security of your Personal Information very seriously and use strict procedures and security features to try to prevent unauthorised access of your Personal Information.
Although we will do our best to protect your Personal Information, the transmission of information via the internet is not completely secure and we cannot guarantee the security of your Personal Information transmitted to our Site or App. As such, any transmission is at your own risk.
We have put into place the following procedures to protect the Personal Information we hold about you from misuse and loss, and from unauthorised access, modification or disclosure:
- All access between public untrusted networks, internal network, semi-trusted zone and trusted zone is controlled and monitored using state of the art firewalls capable of deep packet inspection. Services and protocols enabled are for valid business requirements only. All network zones are isolated from one another and all connections between zones are explicitly enabled and all other access denied by default.
- There is no direct connection between the untrusted (public) and trusted (private) zones. Our network and perimeter are monitored and protected by state of the art firewalls, anti-virus and integrity management software and we undertake annual internal and external vulnerability testing by qualified security assessors. Our team maintain our systems with regular OS updates and distributed system logging to ensure we are up-to-date and aware of anomalies in the shortest time possible.
- All of our platform hardware is housed in a secure data centre with network and power supply redundancy and physical security measures to prevent unauthorized access.
We work hard to maintain these procedures and keep them current and up to date.
Links to Other Sites
Our Site or App may contain links to and from other websites (“Third Party Sites”). If you choose to follow a link to a Third-Party Site, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before submitting any information to a Third-Party Website.
The fact that we link to a Third-Party Site should not be taken as an endorsement, authorisation or representation of our affiliation with that third party or of the information, products, goods or services that third party may offer.
Changes to this Policy