Privacy Policy

Context  

To assist us in conducting our business functions and activities, we need to collect personal information about you. By providing your personal information, you agree that it will be collected, used and disclosed by Team Thrive Pty Ltd ACN: 637 676 496 (collectively “Thriday”, “we”, “us” or “our”) according to this Privacy Policy.  If you do not agree, you must not provide your personal information, and we may not be able to communicate with you or provide all of our products or services to you. We may disclose your personal information to other parties, including to third parties who provide products and services to us or help us deliver our services (including information technology suppliers, communication suppliers and our business partners) or as required by law, and otherwise in accordance with this Privacy Policy. From time to time, these third parties may be located (and therefore your personal information may be disclosed and stored) overseas, including the USA and Germany. We may use and disclose your personal information for direct marketing purposes, unless you opt out (which you can do at any time in accordance with this Privacy Policy).  

This Privacy Policy is to be read in conjunction with the Privacy Notice above and explains how we handle personal information.  It is relevant to current customers and other individuals with whom we deal in the course of our business — such as prospective members and customers, account signatories, holders of powers of attorney, legal personal representatives and the like (collectively “you” and “your”).  

Our commitment  

We value your trust in us. It is important for us to keep personal information about you secure and confidential.  That’s why protecting your information and being clear about what we do with it is a vital part of our relationship with you.

To achieve this, we comply with the Privacy Act 1988 (which includes the Australian Privacy Principles and Part IIIA) (Privacy Act).

Please note that during the course of our dealings with you, we may provide more information about how we handle personal information about you. If that further information provides that we may do this in a way that is different from this Privacy Policy, then the terms of that further information will prevail.

About us  

We are an Australian owned financial technology company and operate under the brand “Thriday”.  It is our goal to create services for small to medium size businesses to help them thrive in their business.    

We have business partners that we transmit your personal information to in order to provide you our products and services.  

Our main business partners we transmit your personal information to if you use our products and services include:  

  • Regional Australia Bank Ltd ABN 21 087 650 360 AFSL & Australian Credit Licence 241167  
  • Team Thrive No 2 Pty Ltd ABN 26 677 263 606 TAN 26262416  

Information we collect

Information we collect from you  

Generally, we collect personal information about you directly from you and our business partners. We do so when you become a customer, open an account, or perform a transaction with us (and/or our business partners).  

The kind of information we collect will vary according to whether, for example, you wish to open a transaction account, use an accounting or bookkeeping software service or act as a signatory.  

When you subscribe to our products and services, we and our business partners collect your personal information – including your name, email, phone number, Australian business number, customers, transactions, such as payments to and from your transaction account and the details of those payments, including source and destination.  We collect this information via our business partners such as, but not limited to:  

  • authorised deposit taking institutions (banks);
  • card payment providers;
  • accounting partners.

Our business partners have “KYC” and “KYB” obligations under the Anti-Money Laundering and Counter Terrorism Financing Act 2006. “KYC” stands for “Know Your Customer” and “KYB” stands for “Know Your Business” which means we are required to pass certain information to our partners so that they can verify that you are who you say you are and so they can comply with their obligations to monitor account and transaction activity.  Our partners use additional third parties that specialise in cross checking your information and provide results to our partners and in turn, us.

When you subscribe to our products and services, we usually ask for, at least, your full name, date of birth, residential address, contact details and Australian business number.  If you are subscribing as a corporate or other entity, we will ask for details of that entity, including beneficial ownership and the names and personal details of office holders.  In all cases, we will also ask for evidence of your identity.  In all cases, we may collect further information at any time on our own behalf or on behalf of our partners so that they meet their obligations under the KYC requirements of the anti-money laundering and counter-terrorism legislation.  

Google Analytics  

We use Google Analytics to help analyse how you use our website.  Google Analytics generates statistical and other information about website use by means of cookies, which are stored on users' computers.  The information generated is used to create reports about the use of our website.  Google will store this information.  

If you do not want your Website visit data reported by Google Analytics, you can install the Google Analytics opt-out browser add-on.  For more details on installing and uninstalling the add-on, please visit the Google Analytics opt-out page at https://tools.google.com/dlpage/gaoptout.  

Clickstream data  

When you read, browse or download information from our website, we or our internet service provider may also collect information such as the date, time and duration of a visit, the pages accessed, the IP address of your computer, and any information downloaded.  Generally, this information may be used for purposes including statistical, reporting and website administration, maintenance and improvement purposes.  

Cookies  

Our website may use 'cookies' from time to time.  Cookies are small text files that are transferred to a user's computer hard drive by a website for the purpose of storing information about a user's identity, browser type or website visiting patterns.  Cookies may be used on our website to monitor web traffic, for example the time of visit, pages visited and some system information about the type of computer being used.  We use this information to enhance the content and services offered on our website.  

Cookies are sometimes also used to collect information about what pages you visit and the type of software you are using, and other purposes from time to time.  If you access our website or click-through to our website from a link in an email we send you, a cookie may be downloaded onto your computer's hard drive.  

You can configure your browser to accept all cookies, reject all cookies, or notify you when a cookie is sent.  Each browser is different, so check the "Help" menu of your browser to learn how to change your cookie preferences.  

If you disable the use of cookies on your web browser or remove or reject specific cookies from our website or linked sites then you may not be able to gain access to all of the content and facilities in those websites.  

Web beacons are images that originate from a third-party site to track visitor activities.  We use web beacons to track the visiting patterns of individuals accessing our website.

Interaction data  

We collect and use all data and metadata produced by collected data or interactions with our website and app for purposes such as data analysis, improving service quality and improving product features. We may use this information generally for our business functions and activities, including improving service quality, improving product features, and for use in connection with potential future products.

Information we collect from third parties  

We may also collect information about you from third parties such as databases managed by Federal and State governments.

Sensitive information  

We may need to collect sensitive information, where necessary for insurance.  

Biometric information is collected through Regional Australia Bank’s third-party provider GBG Group plc., to help verify your identity for the purposes and processing your application for the products and services issued by Regional Australia Bank.

For further information in relation to how GBG Group plc. collect and store your biometric information, please refer to the privacy policies listed on their websites.

What happens if you do not provide us with sufficient personal information about you?  

If you do not provide us with the personal information we need, we may not be able to provide (or continue to provide) you with the products or services you are seeking or using. This means that we may close your accounts and terminate our relationship with you.    

How do we use your information?  

We collect, use, hold and disclose personal information so that we or our partners can:  

  • establish your identity as required by the Anti-Money Laundering and Counter Terrorism Financing Act 2006;
  • assess your eligibility to become a customer;
  • process applications for products and services;
  • operate products and services that you use;
  • design our products and services;
  • manage our relationship with you;
  • submit information to government agencies on your behalf when directed by you to do so;  
  • manage our risks and help identify and investigate inappropriate or illegal activity, such as fraud;
  • contact you;
  • improve our products and services and your experience with us;
  • promote and market our products and services; including direct marketing; providing you information we believe you may be interested in receiving regarding us, our clients, and our business partners;
  • comply with our legal obligations to assist law enforcement agencies or regulators;
  • inform you about products or services that we think may be of interest to you, including those of our business partners.  

To whom do we disclose personal information?

Third parties  

As mentioned above, we have business partners that we transmit your personal information to in order to provide you our products and services.    

The type of entities and people we (or our business partners) disclose your personal information to include:  

  • organisations which provide or confirm information to verify your identity (our business partners complete this verification);
  • organisations that we are partners with that you have agreed to provide your personal information to;
  • contractors for things like card production and delivery;
  • organisations that assist us with direct marketing and market research;
  • persons and organisations who assist us in monitoring recorded calls for the purposes of quality assurance, training and acknowledgement;
  • persons acting on your behalf, for example brokers, agents, advisers, guardians, financial managers and persons holding power of attorney;
  • persons involved in arrangements that provide funding to us, including trustees and managers of loan programs;
  • ratings agencies;
  • other financial institutions, for example so that we can process a claim for mistaken payment;    
  • our auditors, insurers and re-insurers;
  • lenders’ and valuers if we or our partners offer lending products in the future;
  • government and law enforcement agencies or regulators;
  • credit reporting bodies and other credit providers is we or our partners offer lending products in the future;
  • organisations that help identify and investigate inappropriate or illegal activity, such as fraud.

Sending information overseas  

Depending on our commercial arrangements, we may disclose personal information about you to business partners with operations overseas or who store personal information overseas.

Our business partners may send and store your personal information in servers operated by service providers including Amazon Web Services and Microsoft Azure in the United States of America and Germany.  

When partnering with another business that your personal information may be sent to, we ensure that the entity complies with privacy and information security requirements that are commiserate with those that apply in Australia and our own Privacy Policy.  

This includes GreenID, a product used to verify the identity of individuals in our onboarding process.  GreenID is delivered from GBG Group plc. For further information please refer to GBG Group plc.’s privacy policy, located on their respective website.  

By becoming a customer and using our services, you consent to your personal information being sent and stored in the United States of America and Germany and acknowledge that the business partner will not be accountable under the Privacy Act and you will not be able to seek redress under the Privacy Act.

Electronic verification of identity  

As noted above, our partners are required under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 to collect and verify information relating to your identity.  

Subject to your consent, we will disclose your name, address, date of birth, Australian business number and other information to access identification information electronically held by credit reporting bodies, the government’s Documentation Verification Service (DVS) and other public records.  
To access such information, the partner may use a service provider.  The service provider may, for verification purposes on our partners behalf:  

  • request that a credit reporting body provide us with an assessment as to whether your personal information matches that held in their credit information files. (In preparing this assessment, the credit reporting body may use the personal information of other individuals);
  • disclose your personal information to the DVS;
  • search other public records.  

If we or our partners are unable to verify your identity using the above methods, you will be provided with a notice to that effect. You may then be asked to provide further evidence of your identity. If we or our partners are unable to verify your identity, we will not be able to admit you to provide you with the services or products you seek.  

Keeping your information secure  

We hold personal information in our system and our partners’ systems, either as electronic, voice or paper files.

As we have a commitment to ensure all personal information is held securely, we have in place security systems to protect information from unauthorised access. We also limit access to our authorised personnel.

Where personal information is no longer needed for any of our or our partners functions or activities, subject to any legal requirements for holding data for a period of time, we ensure that the information is securely destroyed or de-identified.

We seek our partners to do the same with personal information we have transmitted to them that they hold.  

Accessing and correcting personal information about you

Accessing personal information about you  

You can request access to your personal information by writing to wecare@thriday.com.au  

and providing details of your request.  

Is a fee charged?  

We may charge you a fee for providing access to personal information about you. That covers our time spent in locating and putting the information together.

Updating and correcting information  

It’s important that we have your correct details, such as your current address and telephone number. Please ensure that your details with us are always current.

You can also ask us to correct any information we hold if it is inaccurate. If we have passed that information on to third parties, then you can ask us to contact those other parties.

If your request for access and correction involves credit-related information provided to us by others (e.g. credit reporting bodies or other credit providers), we will need to contact them.

We’ll try to have the information corrected within 30 days. If we can’t meet that, we’ll let you know the reason for the delay and try to agree a timeframe with you to extend the period.

We’ll contact you when the process is complete.

What if we cannot agree that the information should be corrected?  

If we do not agree with you that information should be corrected, we’ll advise in writing with our reasons. You can ask us to include a statement with the relevant information, indicating your view that the information is inaccurate, misleading, incomplete, irrelevant or out-of-date. We will take reasonable steps to comply with such a request.  

Making a privacy complaint

How do I complain about a privacy matter?

To lodge a complaint, please contact us using the details set out at the end of this Privacy Policy. We will deal with the matter via our internal complaints processes.

External review

If an issue has not been resolved to your satisfaction, you can lodge a complaint with the Office of the Australian Information Commissioner at:

Website: www.oaic.gov.au
Phone: 1300 363 992
Mail: Office of the Australian Information Commissioner, GPO Box 5218, SYDNEY NSW 2001

Amending this Privacy Policy

We may amend this Privacy Policy at any time. The new version will be published on our website.

How to contact us or find out more

For all privacy-related queries, requests for access and correction, complaints, or any other requests, or to request a printed version of this Privacy Policy, use any of the methods set out below. You can also contact us to change your marketing preferences.

Email: wecare@thriday.com.au