The Currency Shop Pty Ltd (ACN 163 569 462) (referred to as ‘The Currency Shop’, ‘we’, ‘our’, ‘us’) recognises the importance of ensuring the confidentiality and security of your personal information.
The Currency Shop is bound by the Australian Privacy Principles (‘APPs') and the Privacy Act 1988 (‘Privacy Act'). This Policy outlines The Currency Shop’s practices, procedures and systems to manage and protect your personal information in accordance with the Privacy Act and the APPs.
All third parties (including customers, suppliers, sub-contractors, or agents) that have access to or use personal information collected and held by The Currency Shop must abide by this Policy.
Copies of this Policy are available free of charge by contacting the Privacy Officer or can be downloaded from our website: www.thecurrencyshop.com.au.
In this Policy:
- ‘Disclosing’ information means providing information to persons outside The Currency Shop;
- ‘Personal information’ means information or an opinion relating to an individual, which can be used to identify that individual;
- ‘Privacy Officer’ means the contact person within The Currency Shop for questions or complaints regarding The Currency Shop’s handling of personal information;
- ‘Sensitive information’ is personal information that includes information relating to a person's racial or ethnic origin, political opinions, religion, trade union or other professional or trade association membership, sexual preferences and criminal record, and also includes health information; and
- ‘Use’ of information means use of information within The Currency Shop.
2. WHAT KIND OF PERSONAL INFORMATION DO WE COLLECT AND HOLD?
We may collect and hold a range of information about you to provide you with our services, including:
- full name;
- address and other contact information;
- date of birth;
- nationality; and
- currency trading preferences.
3. HOW WE COLLECT PERSONAL INFORMATION
We generally collect personal information directly from you. For example, personal information will be collected when you sign up to receive email rate alerts, visit our website, call us or send us correspondence.
The Currency Shop will not collect sensitive information about you without your consent unless an exemption under the APPs applies and consent is not required. These exceptions include if the collection is required or authorised by law or necessary to take appropriate action in relation to suspected unlawful activity or serious misconduct.
If you don’t provide us with the personal information we request, we may not be able to provide you with the benefit of our foreign exchange rate comparison services, or meet your needs appropriately.
The Currency Shop does not give you the option of dealing with us anonymously, or under a pseudonym. This is because it is impractical for The Currency Shop to deal with individuals who are not identified.
4. UNSOLICITED PERSONAL INFORMATION
The Currency Shop may receive unsolicited personal information about you. We destroy all unsolicited personal information we receive, unless it is relevant to The Currency Shop’s purposes for collecting personal information.
5. ABOUT WHOM DO WE COLLECT PERSONAL INFORMATION?
The personal information we may collect and hold includes (but is not limited to) personal information about the following individuals:
- potential customers;
- visitors to our website;
- service providers or suppliers; and
- other third parties with whom we come into contact.
6. WHY DOES THE CURRENCY SHOP COLLECT PERSONAL INFORMATION?
We may use and disclose the information we collect about you so that we may:
- provide you with foreign exchange rate comparison services;
- let you know about other products or services we offer, send you information about special offers or invite you to events;
- protect our business and other customers from fraudulent or unlawful activity;
- conduct our business and perform other management and administration tasks;
- consider any concerns or complaints you may have and manage any legal actions involving The Currency Shop;
- comply with relevant laws, regulations and other legal obligations; and
- help us improve the services offered to our customers, and continually enhance our business.
The Currency Shop may also use and disclose personal information for reasonably expected secondary purposes which are related to the primary purposes set out above and in other circumstances authorised by the Privacy Act.
Sensitive information will be used and disclosed only for the purpose for which it was provided or a directly related secondary purpose, unless you agrees otherwise, or where certain other limited circumstances apply (e.g. if required by law).
7. TO WHOM MIGHT WE DISCLOSE PERSONAL INFORMATION?
We may disclose personal information to:
- a related entity of The Currency Shop;
- an agent, professional advisor or service provider we engage to carry out our functions and activities, such as foreign exchange contract issuers, money remitters, lawyers, accountants, IT managers, and marketing companies;
- foreign exchange contract issuers or other financial service providers;
- organisations involved in a transfer or sale of all or part of our assets or business;
- financial institutions involved in managing our payments, as banks;
- regulatory bodies, government agencies, law enforcement bodies and courts; and
- anyone else to whom you authorise us to disclose it or as required by law.
8. SENDING INFORMATION OVERSEAS
We use cloud computing services which means your personal information may be stored on web servers located overseas. These servers may be located in the United States, Brazil, Europe or Asia. We do not disclose your personal information to other overseas recipients.
We will not disclose your personal information to overseas recipients without your consent unless:
- we have taken reasonable steps to ensure that the recipient does not breach the Act, or the APPs; or
- the recipient is subject to a similar information privacy regime.
9. MANAGEMENT OF PERSONAL INFORMATION
The Currency Shop recognises the importance of securing the personal information of our customers. We will at all times seek to ensure that the personal information we collect and hold is protected from misuse, interference, or loss, and unauthorised access, modification or disclosure.
Personal information is generally held in a computer database. Any paper files are stored in secure areas. In relation to information is held on our computer database, we apply the following guidelines:
- passwords are required to access the system and passwords are routinely checked;
- data ownership is clearly defined;
- we change employees’ access capabilities when they are assigned to a new position;
- employees have restricted access to certain sections of the system;
- the system automatically logs and reviews all unauthorised access attempts;
- the system automatically limits the amount of personal information appearing on any one screen;
- unauthorised employees are barred from updating and editing personal information;
- all personal computers which contain personal information are secured both physically and electronically;
- data is encrypted during transmission over the network; and
- print reporting of data containing personal information is limited.
10. DIRECT MARKETING
The Currency Shop may only use personal information for the purposes of direct marketing without your consent if:
- the personal information does not include sensitive information; and
- the you would reasonably expect us to use or disclose the information for the purpose of direct marketing; and
- we provide a simple way of opting out of direct marketing; and
- you have not requested to opt out of receiving direct marketing from us.
We may disclose your personal information to foreign exchange contract issuers or other financial service providers, and they may send you promotional material about their products or services.
You have the right to request us not to use or disclose their personal information for the purpose of direct marketing, or for the purpose of facilitating direct marketing by other organisations. We must give effect to the request within a reasonable period of time. You may also request that The Currency Shop provides you with the source of their information. If such a request is made, The Currency Shop must notify you of the source of the information free of charge within a reasonable period of time.
We do not adopt identifiers assigned by the Government (such as driver’s licence numbers) for our own file recording purposes, unless one of the exemptions in the Privacy Act applies.
12. HOW DO WE KEEP PERSONAL INFORMATION ACCURATE AND UP-TO-DATE?
The Currency Shop is committed to ensuring that the personal information it collects, holds, uses and discloses is relevant, accurate, complete and up-to-date.
We encourage you to contact us to update any personal information we hold about you. If we correct information that has previously been disclosed to another entity, we will notify the other entity within a reasonable period of the correction. Where we are satisfied information is inaccurate, we will take reasonable steps to correct the information within 30 days, unless you agree otherwise. We do not charge individuals for correcting their information.
13. ACCESSING YOUR PERSONAL INFORMATION
Subject to the exceptions set out in the Privacy Act, you may gain access to the personal information that we hold about you by contacting the The Currency Shop Privacy Officer. We will generally provide access within 30 days of your request. If we refuse to provide the information, we will provide reasons for the refusal.
We will require identity verification and specification of what information is required. An administrative fee for search and photocopying costs may be charged for providing access to your personal information.
14. UPDATES TO THIS POLICY
This Policy will be reviewed from time to time to take account of new laws and technology, and changes to our operations and the business environment.
15. OUR RESPONSIBILITIES
It is the responsibility of management to inform employees and other relevant third parties about this Policy. Management must ensure that they advise employees and other relevant third parties of any changes to this Policy. All new employees are to be provided with timely and appropriate access to this Policy. All employees are provided with opportunities to attend privacy training. Employees or other relevant third parties that do not comply with this Policy may be subject to disciplinary action.
16. MAKING A COMPLAINT
If you have any questions about our privacy procedures, or if wish to make a complaint about how we have dealt with your personal information, you may lodge a complaint with us in any of the following ways:
- by telephoning – 1800 004 930
- by writing to – The Currency Shop Privacy Officer, Level 4, 90 William Street, Melbourne VIC 3000
- by emailing – [email protected]
If you are not satisfied with the result of their complaint to The Currency Shop you can also refer your complaint to the Office of the Australian Information Commissioner:
- by telephoning – 1300 363 992
- by writing to – Director of Complaints, Office of the Australian Information Commissioner, GPO Box 5218, SYDNEY NSW 2001
- by emailing – [email protected]