Finstro Website, Web Portals & Finstro Mobile App – Terms of Use
1. About our Terms of Use
1.1 These website and mobile application terms of use (Terms of Use) govern your use of the Finstro website, Finstro web portals and Finstro mobile applications (“the System”), which is owned and operated on behalf of Finstro Holdings Pty Ltd ACN 605 121 364 and its related bodies corporate (“we”, “us” and “our") and form a binding agreement between you, the user of the System and us.
1.2 For that reason these Terms of Use are important and you should ensure that you read them carefully and contact us with any questions before you use the System.
1.3 These Terms of Use explain our obligations as a service provider and your obligations as a customer, including users on a free trial basis. The Terms of Use govern any use of our service and apply to you from the time you have access to the service, including if you are a user on a free trial basis. By using the System you acknowledge and agree that you have had sufficient chance to read and understand the Terms of Use and you agree to be bound by them. If you do not agree to the Terms of Use, please do not use the System.
1.4 We are committed to protecting your privacy. This policy explains how your personal information will be treated as you access and interact with the System. For further information on how we deal with your personal information, please refer to our Privacy Policy.
1.5 Our Terms of Use may change from time to time. It is your obligation to ensure that you have read, understood and agree to the most recent version of the Terms of Use available on our System. By accessing, viewing or otherwise using the System, you agree to be subject to these Terms of Use, as amended from time to time.
2. Collection and Use of information
2.1 We may collect personal information from you directly or via your use of our services (including your use of the System).
We will only collect personal information which is reasonably necessary for, or directly related to, our functions or activities.
3. Use of the System
3.1 Finstro grants you the right to access and use the System according to your subscription type. This right is non-exclusive, worldwide, non-transferable, and limited by and subject to these Terms of Use.
3.2 You may access and use the System (including any incidental copying that occurs as part of that use) in the normal manner and may also print one copy of any page within the System for your own personal, non-commercial use.
3.3 You must not add any content to the Site:
- unless you hold all necessary rights, licences and consents to do so;
- that would cause you or us to breach any law, regulation, rule, code or other legal obligation;
- that is or could reasonably be considered to be obscene, inappropriate, defamatory, disparaging, indecent, seditious, offensive, pornographic, threatening, abusive, liable to incite racial hatred, discriminatory, blasphemous, in breach of confidence or in breach of privacy;
- that would bring us, or the System, into disrepute; or
- that infringes the intellectual property or other rights of any person.
3.4 The System contains links to other websites as well as content added by people other than us. We do not endorse, sponsor or approve any such user generated content or any content available on any linked website.
3.5 You acknowledge and agree that:
- we retain complete editorial control over the System and may alter, amend or cease the operation of the System at any time in our sole discretion; and
- the System will not operate on a continuous basis, and may be unavailable from time to time (including for maintenance purposes).
4. Intellectual Property Rights
4.1 Nothing in these Terms of Use constitutes a transfer of any intellectual property rights. You acknowledge and agree that, as between you and us, we own all intellectual property rights in the System.
4.2 By posting or adding any content onto the System, you grant us a perpetual, non-exclusive, royalty-free, irrevocable, worldwide and transferable right and licence to use that content in any way (including, without limitation, by reproducing, changing, and communicating the content to the public) and permit us to authorise any other person to do the same thing. This licence will survive any termination of these Terms of Use.
4.3 You consent to any act or omission which would otherwise constitute an infringement of your moral rights, and if you add any content in which any third party has moral rights, you must also ensure that the third party also consents in the same manner.
4.4 You represent and warrant to us that you have all necessary rights to grant the licences and consents set out in this section of the Terms of Use.
5. Functionality of the System
The System has the following functions:
5.1 The System is a cash management tool which allows subscribers (including if you are on a free trial) to synchronize with your cloud-based accounting software for cashflow analysis with payment reminders, collection services, automated payments, and customer credit alerts.
5.2 The System allows credit checks and searches to be conducted on customers and suppliers. Subscribers to the System will be informed of the relevant charges when conducting such searches.
5.3 The System allows users to access Finstro’s credit and payment products (subject to separate terms and conditions) through its System.
6. Compatibility and Data Synchronization with other software
6.1 The System has the ability to synchronize between your cloud-based accounting software and the System in order to view real-time business intelligence.
6.2 Any sales, purchases and cash balance data appearing in the System is a result of the synchronization process between the subscribers of the cloud-based accounting software and the System. We are not responsible for any acts or omissions or any other matter relating to your use of cloud-based accounting software.
7. Subscription fee
7.1 We may charge you a monthly subscription fee for accessing and using the System.
7.2 If you fail to pay the monthly subscription fee associated with your use of the System as and when due, we may cancel your access to the System from the date that is the last day of the calendar month after the calendar month in which the monthly fee is due to be paid.
8. Warranties
8.1 You represent and warrant to us that:
(a) you have the legal capacity to enter these Terms of Use; and
(b) you have abided by the Terms of Use relating to your use of the System
9. Sensitive information
9.1 Sensitive information is any information about a person’s racial or ethnic origin, political opinion, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or health information.
9.2 We will not ask you to disclose sensitive information, but if you elect to provide sensitive information it will also be captured and stored.
10. Access Conditions
10.1 You must ensure that all usernames and passwords required to access the System are kept secure and confidential. You must immediately inform us of any unauthorized access or breach of security along with taking all reasonable actions to maintain or enhance the security of our services.
10.2 As a condition of these terms, when using the System you must:
(a) not attempt to interfere with the operational integrity of the System or overload the system;
(b) not use, or misuse, the System in any way which may disrupt the functionality of the website, or other systems used to deliver the service;
(c) not attempt to gain unauthorised access to any materials other than those which you have been given express permission to access;
(d) not transmit, or enter into the System, any files, whether synchronised from your cloud-based accounting software or through manual inputs, that may damage any other person’s computing devices, content that may be offensive or exploit sensitive information, or material or data in contravention of any law; and
(e) not attempt to modify, reproduce, adapt or decompile any computer programs used to support or operate the System except as is necessary to use either of them for normal operation.
11. Indemnity
11.1 You indemnify us against any liability, loss, claims, costs and expenses suffered or incurred by us arising from your negligence, misrepresentation, fraud, breach of law or breach of these terms except where such loss arises from a mistake, fraud, negligence or wilful misconduct by us, our employees, our agent or a receiver.
12. Information from third parties
12.1 Our website also contains links to the websites of third party providers of goods and services (Third Party websites). If you have accessed Third Party websites through our website and if those third parties collect information about you, we may also collect or have access to that information as part of our arrangements with those third parties.
12.2 Where you access a Third Party website from our website, cookie information, information about your preferences or other information you have provided about yourself may be shared between us and the third party.
13. Advertising and tracking
13.1 When you view our advertisements on a Third Party website, the advertising company uses ‘cookies’ and in some cases ‘web beacons’ to collect information such as:
(a) the server your computer is logged onto;
(b) your browser type;
(c) the date and time of your visit; and
(d) the performance of their marketing efforts.
13.2 When you access our website after viewing one of our advertisements on a Third Party website, the advertising company collects information on how you utilise our website (eg which pages you view) and whether you complete an online application.
14. Cookies
14.1 We use ‘cookies’ to provide you with better and more customised service and with a more effective website.
14.2 A ‘cookie’ is a small text file placed on your computer by our web page server. A cookie can later be retrieved by our webpage servers. Cookies are frequently used on websites and you can choose if and how a cookie will be accepted by configuring your preferences and options in your internet browser.
14.3 When you view our advertisements on a Third Party website, the advertising company uses ‘cookies’ and in some cases ‘web beacons’ to collect information such as:
(a) the server your computer is logged onto;
(b) your browser type;
(c) the date and time of your visit; and
(d) the performance of their marketing efforts.
14.4 When you access our website after viewing one of our advertisements on a Third Party website, the advertising company collects information on how you utilise our website (eg which pages you view) and whether you complete an online application.
15. IP addresses
15.1 Your IP address is the identifier for your computer, mobile or other internet-connected devices when you are using the internet.
15.2 It may be necessary for us to collect your IP address for your interaction with various parts of the System.
16. Online applications
16.1 When you send a completed online application to us, we retain the information contained in that application. We are able to then use that information to provide any financial services that you require.
16.2 You can also suspend and save online applications, so you can complete and send the applications at a later time. If you suspend or save your application, the information that you have entered will be retained in our systems so that you may recover the information when you resume your application. Online applications that have been suspended or saved may be viewed by us.
17. Security of information
17.1 The security of your information is very important to us.
17.2 We regularly review developments in security and encryption technologies. Unfortunately, no data transmission over the internet can be guaranteed as totally secure.
17.3 We take all reasonable steps to protect the information in our systems from misuse, interference, loss, and any unauthorised access, modification or disclosure.
17.4 We take reasonable steps to preserve the security of cookie and personal information in accordance with this policy and our Privacy Policy. If your browser is suitably configured, it will advise you whether the information you are sending us will be secure (encrypted) or not secure (unencrypted).
18. Direct marketing
18.1 We will not use or disclose sensitive information about you for direct marketing purposes unless you have consented to that kind of use or disclosure.
18.2 We may use your personal information for direct marketing purposes. If you do not wish to receive direct marketing communications from us or from other organisations, or wish to know the source of the information being used, you may submit a request to support@finstro.com.au or phone +61 2 8311 8061.
18.3 We will respond to your request as soon as practicable.
19. Disclosure to overseas entities
19.1 We do not generally disclose personal information obtained from cookies to overseas entities in the course of our activities.
19.2 Please contact us via email support@finstro.com.au or phone +61 2 8311 8061 if you would like further information.
20. Availability and accuracy of the information and the System
20.1 We will do everything possible to ensure that the System is always available to you. However, we do not warrant that the System will operate at any time, and the System may be temporarily unavailable (for example, when we are conducting maintenance on the System). You should promptly advise us of any faults or unavailability.
20.2 We may from time to time and without notice to you:
(a) place limits on the nature of transactions that can be made and the information that can be obtained using the System; or
(b) change the software, system or equipment required to access the System. It is your responsibility to supply and maintain any software or equipment (such as a personal computer, internet browser, modem or touch-tone telephone) that may be necessary for you to access the System.
20.3 Acting reasonably, we may change, suspend, cancel or deny access to the System at any time without prior notice to you.
21. Termination
21.1 Despite any other provision of the Terms of Use, these Terms of Use terminate automatically if, for any reason, we cease to operate the System.
21.2 We may otherwise terminate these Terms of Use immediately, on notice to you, if you have breached these Terms of Use in any way.
22. Disclaimer
22.1 Subject to any rights or warranties which cannot be excluded by reason of any law, including the Competition and Consumer Act 2010 (Cth) or similar state or territory legislation, we make no representation or warranty with respect to the use of the System and accept no liability for any loss or damage whether direct, indirect or consequential arising out of access, use (or inability to use or access in whole or in part) or reliance upon, any information or services contained on or accessed through the System (including information contained in sites linked to the Finstro website).
22.2 To the full extent permitted by law, we exclude all liability in respect of loss of data, interruption of business or any consequential or incidental damages.
22.3 To the fullest extent permitted by law, where the law prohibits any part of this disclaimer, our liability is limited to re-supply of any information or services or the cost of re-supply of information or services. Use of any product and services accessible through the System is subject to the terms and conditions governing the use of those products and services.
23. Governing Law
23.1 You agree that your use of the System will be governed by all applicable laws of New South Wales, or where applicable, Australia.
24. General
24.1 You must not assign, sublicence or otherwise deal in any other way with any of your rights under these Terms of Use.
24.2 If a provision of these Terms of Use are invalid or unenforceable it is to be read down or severed to the extent necessary without affecting the validity or enforceability of the remaining provisions.
24.3 Each party must at its own expense do everything reasonably necessary to give full effect to these Terms of Use and the events contemplated by it.
Finstro Master Card® - Terms & Conditions
Effective 2020
1. Terms and Conditions
1.1 These terms and conditions (Terms and Conditions) describe the terms of your (you, your, user or cardholder) agreement with Finstro Securities Pty Ltd ACN 632 777 238 (Finstro) as it relates to your use of the Finstro Mastercard. It is important that you read this document carefully and understand your rights and obligations.
1.2 You have entered into a Finstro Master Facility Agreement with Finstro which is a business credit facility. The Finstro Mastercard can be used for purchasing goods and services where using the Available Balance of your Finstro Master Facility anywhere Mastercard is accepted for electronic transactions.
1.3 The Finstro Mastercard is issued by EML Payment Solutions Limited ABN 30 131 436 532 AFSL 404131 (EML). INC.C Payments Pty Ltd ABN 94 623 555 699 (INCC) arranges the distribution of the Finstro Mastercard. Finstro is the provider of the Finstro Master Facility and distributor of the Card. Finstro provides the Finstro Mastercard as part of its arrangement with you under the Finstro Master Facility Agreement.
1.4 EML deals with funds loaded onto the Finstro Mastercard in accordance with its arrangements with INCC.
1.5 Finstro reserves the right to change these Terms and Conditions at any time.
2. Acceptance of these terms
2.1 You signify your acceptance of these Terms and Conditions by acknowledging you have read and accepted them either via the Finstro Website or the Finstro App. Acceptance of our Terms and Conditions forms part of the Finstro Mastercard activation process that must be completed prior to using your Finstro Mastercard.
3. Important Information about the Financial Claims Scheme
3.1 The Financial Claims Scheme is a scheme administered by APRA to protect depositors of authorised deposit-taking institutions from potential loss due to the failure of these institutions.
3.2 The Financial Claims Scheme only applies to deposits. Your Available Balance is not a deposit with Finstro, INCC or EML. Accordingly, the Financial Claims Scheme does not apply in relation to the Finstro Mastercard or your Available Balance in the event of Finstro’s, INCC’s or EML’s failure.
3.3 For more information on the Financial Claims Scheme, see APRA's website at https://www.fcs.gov.au/.
3.4 We disclose and you acknowledge that the Finstro Mastercard is not a gift card as that is defined within the section 99A of the of the Australian Consumer Law (contained in Schedule 2 of the Competition and Consumer Act 2010). This means that there is no requirement for the Finstro Mastercard to have a minimum expiry date of 3 years from the date it is supplied.
4. Activation
4.1 To activate your Finstro Mastercard, please visit the Finstro Website or download the Finstro App and enter the 16-digit Card Number and CVV where you will be asked to read and accept these Terms and Conditions, after which you will be prompted to set your PIN.
4.2 Once activated, the funds loaded onto the Finstro Mastercard will be available immediately.
4.3 The Finstro Mastercard must be activated prior to use and at least one (1) week prior to its expiry date.
5. Expiry and cancellation
5.1 The Finstro Mastercard expires three years after the “valid from” date identified on the Finstro Mastercard (Expiry Date).
5.2 After the Expiry Date, the Finstro Mastercard:
(a) will be unable to access the Available Balance; and
(b) will be declined when presented for use.
6. PIN and Pass Codes
6.1 To make purchases with your Finstro Mastercard you may need a PIN. When activating your Finstro Mastercard at either the Finstro Website or the Finstro App, you will be prompted to choose your own PIN. You can change your PIN online at the Finstro Website or via the Finstro App at any time.
6.2 A Pass Code may be provided to your registered Device to complete a transaction - this is often referred to as Two Factor Authentication. Where you are provided a Pass Code in these circumstances, you must not disclose that Pass Code to any other person.
7. Where you can use your Finstro Mastercard
7.1 The Finstro Mastercard is a reloadable card that can be used for purchasing goods and services where Mastercard is accepted for electronic transactions (excluding transactions at automated teller machines (ATM) or over the counter at financial institutions).
7.2 When you access the Available Balance through use of the Finstro Mastercard, there may be interest payable by you as determined by Finstro under the Finstro Master Facility Agreement.
7.3 The Finstro Mastercard is only available to businesses for business use. The Finstro Mastercard must not be used for personal expenses at any time. The Finstro Mastercard may not be used for, and authorisation may be declined for, any illegal transactions or for any transactions not approved by Finstro.
7.4 Some Merchants may choose not to accept Mastercard.
7.5 If you have a problem with a purchase, you must contact the Merchant and not Finstro or INCC. The Merchant's own policies in respect of refunds or returns will apply.
7.6 The Finstro Mastercard cannot be used to obtain or redeem cash, for making direct debits, recurring or regular instalment payments, or to withdraw cash via an ATM. The Finstro Mastercard is not a credit facility, is not a credit card, and is not linked to a deposit account held with Finstro, INCC or EML.
7.7 The Finstro Mastercard cannot be used to make transactions that exceed the Available Balance. For such a transaction you need to pay the difference by another method if the Merchant agrees. In the event the Available Balance is less than the purchase amount, some Merchants may not allow the cardholder to combine multiple payment types (such as cash, cheque or another payment card) to complete the transaction.
7.8 Finstro may restrict or stop the use of the Finstro Mastercard if excessive use, attempts to use or other suspicious activities are noticed or are otherwise prohibited transactions under the Finstro Master Facility Agreement.
7.9 If you permit someone else to use the Finstro Mastercard, you will be responsible for any transactions initiated by that person.
7.10 Finstro, INCC and EML are in no way liable if the Finstro Mastercard is declined unless as a result of an unlawful deliberate act or omission by Finstro, INCC or EML.
8. Checking your transaction history and balance
8.1 You are responsible for checking your transaction history and balance which you can do at any time by visiting the Finstro Website and/or the Finstro App by entering your Card Number and your PIN.
9. Security
9.1 You must make sure that you keep the Finstro Mastercard, Identifiers and any PIN's or Pass Codes safe and secure. The precautions we require you to take (Security Requirements) are set out in 9.2 below.
9.2 You must not:
- allow anyone else to use the Card;
- unnecessarily disclose the Card Number;
- carry the PIN, the Device Pass Code with the Device, or record the PIN or Device Pass Code on anything carried with the Finstro Mastercard or liable to loss or theft simultaneously with a Device, unless you make a reasonable attempt to protect the security of the PIN or Device Pass Code;
- voluntarily disclose the PIN, Device Pass Code or Pass Code to anyone, including a family member or friend;
- When using your Device, you should:
- always lock your Device and never leave your Device unattended;
- assign a Device Pass Code to unlock your Device;
- not share your Device Pass Code to anyone;
- not store anyone else's Biometric Identifier within your Device;
- remove any other registered Biometric Identifier which is not your own from your Device.
10. Lost, stolen or damaged Finstro Mastercard
10.1 If you know or have reason to suspect that your Finstro Mastercard or Device is lost, stolen or damaged, likely to be misused or you have reason to suspect that someone else may know the PIN, Identifiers or Pass Codes you must immediately lock the Finstro Mastercard via the Finstro Website or the Finstro App so that the Finstro Mastercard can be disabled.
10.2 You may be required to confirm details of the loss, theft or misuse in writing (and to provide particular information in the confirmation) and you must comply with that requirement.
10.3 We will not reimburse you for any transactions conducted by an unauthorised person prior to you informing us of the Finstro Mastercard's loss. You will be liable for losses resulting from Unauthorised Transactions where we can prove on the balance of probability that you or the User or holder of the Finstro Mastercard concerned have contributed to the loss or losses through unreasonably delaying notification of the misuse, loss or theft of the Finstro Mastercard, or that liability in this case is limited to losses occurring between the time that you became aware of the Unauthorised Transaction, or should reasonably have become aware in the case of lost or stolen Finstro Mastercard.
10.4 You will not be liable for any loss or damage in excess of the Available Balance of the Finstro Mastercard unless you are separately liable under the Finstro Master Facility Agreement.
10.5 In some circumstances, you may be able to request a chargeback of a transaction when you have a dispute with a merchant, such as the merchant's failure to supply the goods or services you paid for.
10.6 A chargeback is a right under the Mastercard Scheme rules by which a transaction can effectively be reversed by EML debiting an amount to the merchant's financial institution and crediting back to your Available Balance. We can only process chargebacks if the Mastercard Scheme Rules allow us to.
10.7 If you believe that you are entitled to a chargeback, you must notify Finstro as soon as possible.
10.8 The Mastercard Scheme Rules impose time limits for initiating chargebacks. The time limit is generally 90 days from the date of the disputed transaction.
10.9 If you request a chargeback, we may need you to provide additional information. If we do ask you for additional information and you do not provide it within 10 days, then you may lose any rights to the chargeback and if it has already been processed, we may reverse it.
10.10 Please note that if we process a chargeback, the merchant may have rights under the Mastercard Scheme Rules to have the transaction investigated further, and this can in some circumstances result in the chargeback being reversed (which means the original transaction might be reinstated by being debited to your Available Balance).
11. Liability
11.1 You are responsible for all fees, fines, penalties and other liability incurred by Finstro as a result of or arising from your breach of these Terms and Conditions or your use of the Finstro Mastercard. You agree to reimburse and indemnify Finstro for such liability and authorise Finstro to deduct all fees, fines, penalties or other liability from the funds loaded on your Finstro Mastercard. If you do not have sufficient funds on your Finstro Mastercard, you acknowledge that Finstro may engage in collection efforts (either through itself or a collection agency) to recover such amounts from you and you will be liable for all such costs associated with this on a full indemnity basis (including legal fees on a full indemnity basis).
11.2 To the extent permitted by law, we will not be liable to you for any loss or damage (whether direct or consequential), nor be in default under these Terms and Conditions for failure to observe or perform any of our obligations under these Terms and Conditions for any reason or cause. We accept no liability for any failure to authorise a purchase transaction (even if the balance exceeds the purchase amount at the time of the authorisation request) if this results from the application of prudent risk management controls or if the terminal or system was not working properly.
11.3 Our liability for breach of a condition or warranty implied by law and which cannot be excluded is limited to either the resupply of the services or the payment of the cost of having the services supplied again.
12. Fees
12.1 There is no charge to check your balance at any time via the Finstro Website of Finstro App.
12.2 The cost to replace any lost, stolen or damaged Finstro Mastercard (whether physical or virtual) is $15.00 per Finstro Mastercard.
12.3 Transactions made in a currency other than Australian dollars will be subject to the prevailing Mastercard exchange rate at the time plus a 2.99% foreign exchange fee. Example of Foreign Exchange Fee:
You make a purchase from a merchant located outside Australia (e.g. USA);
At the time, Mastercard's prevailing exchange rate is US$1.00 = $1.40 Australian;
You spend US$200.00;
The Australian dollar amount is US$200.00 x $1.40 = $280.00;
The foreign exchange fee is therefore 2.99% x $280.00 = $8.37.
13. Privacy and confidentiality
13.1 We do not disclose personal details except for the purpose of managing and processing the Finstro Mastercard as required by law. Information may be disclosed to contractors or third-party service providers who supply administrative, telecommunications, processing or other services in connection with the Finstro Mastercard. Those contractors or third-party service providers may be based outside of Australia and you consent and agree that information may be disclosed to those parties for the purpose of managing and processing your Finstro Mastercard.
13.2 Our Privacy Policy sets out how you can access and correct information we hold about you, how you can complain about a breach by us of your privacy rights and how your complaint will be handled.
13.3 Our Privacy Policy can be accessed from the Finstro Website.
14. Currency
14.1 All amounts referred to in these Terms and Conditions are a reference to Australian Dollars (AUD) unless otherwise provided for.
15. Governing Law
15.1 These Terms and Conditions are governed by the laws of New South Wales and you submit irrevocably and unconditionally to the non-exclusive jurisdiction of the courts of New South Wales.
16. Definitions
In these Terms and Conditions:
Activate means the process of activating the Finstro Mastercard in accordance with clause 4.
APRA means the Australian Prudential Regulatory Authority.
Available Balance means the monetary value recorded by Finstro within your Finstro Master Facility which is available for transactions.
Biometric Identifier means a fingerprint, faceprint or any other similar biometric identifier.
Card Number means the 16-digit number that appears on the front of the Finstro Mastercard.
CVV means the card verification value. The CVV is the 3-digit number on the rear of the Finstro Mastercard and is often required to complete transactions, particularly for online purchases.
Device means a compatible smartphone or wearable device that supports a Device Wallet, enabling you to use the Device as a payment method for purchase transactions.
Device Pass Code means anything used to unlock and access a Device including, but not limited to, a password, numerical code, pattern or Biometric Identifier.
Device Wallet means the Apple Pay, Google Pay or Samsung Pay mobile applications that store the Card as a tokenised card on a compatible phone or wearable device.
Expiry Date has the meaning provided to that term in clause 5.1.
Finstro App means the mobile application owned, operated and made available by Finstro.
Finstro Master Facility means your unique line of credit product issued and administered by Finstro.
Finstro Master Facility Agreement means the terms and conditions of the finance facility issued and administered by Finstro.
Finstro Website means Finstro's website located at www.finstro.com, as updated and replaced from time to time.
Identifier means information that you know but are not required to keep secret and which you must provide to perform a transaction (for example, a Card number).
INCC has the meaning provided to that term in clause1.3.
Mastercard means:
(a) in clauses 7.1, 7.4, 10.6, 10.8 and 10.10 Mastercard International Incorporated (or another relevant company in the Mastercard group of companies); and
(b) everywhere else, the Finstro Mastercard (being a reloadable prepaid card) issued to a User from time to time, being a physical card or tokenised card.
Merchant means any business entity that is authorised to accept the Finstro Mastercard for the payment of goods and services.
Pass Code means a password or code that you must keep secret that is used to authenticate your identity or a transaction. Examples include a code delivered to you by text or email which is required to perform a transaction (often called Two Factor Authentication).
PIN is your 4-digit number combination known only to you that allows you to access your account information and verify and authorise payments on the Finstro Mastercard.
Privacy Policy means our current privacy policy available as available on the Finstro Website, as updated and replaced from time to time.
Unauthorised Transaction means a transaction not authorised or not authorised by you but does not include any transactions carried out by you or by anyone performing the transaction with your express or implied knowledge and consent.
User means the person to whom the Finstro Mastercard is given to use as payment mechanism.
Respecting your Privacy and the Australian Privacy Principles effective 1 June 2022
Who are we?
We’, ‘us’ and ‘our’ refer to Finstro Holdings Pty Limited ACN 605 121 364, any wholly-owned subsidiaries of Finstro Holdings Pty Ltd and any related businesses (collectively, “Finstro”).
Our commitment to protect your privacy
The privacy of your personal information is important to us at Finstro. We are committed to respecting your right to privacy and to protecting your personal and credit-related information.
We recognise that any personal and credit-related information we collect about you will only be used for the purposes we have collected it for or as allowed under the law. It is important to us that you are confident that any personal and credit-related information we hold about you will be treated in a way which ensures protection of your personal and credit-related information.
We are bound by the Australian Privacy Principles (APPs), the Privacy Act 1988, Privacy (Credit Reporting) Code 2014 (Credit Reporting Code) and any other applicable laws and codes with respect to credit reporting and collection, storage, use and disclosure of personal and credit-related information.
About this Privacy Policy
This Privacy Policy outlines how we manage your personal and credit-related information. Further, it describes the nature of the personal information held, the purposes for which it is held and the way it is collected and disclosed.
Our Privacy Policy applies to all your dealings with us whether through one of our introducers, associates, or other Finstro organisations, via our websites, telephone calls or our mobile applications. However, depending on the Finstro organisation which you deal with, further privacy information may apply in addition to the matters discussed in this document. For example, please see Our Websites noted below.
We may change this policy from time to time or as the need arises. We will post any changes to this ;policy on our website. We encourage you to check our websites regularly for any updates to our Privacy Policy.
Personal information we collect and hold
“Personal Information” is information which may be used to identify an individual, including photos, name, age, date of birth, gender, occupation, contact details (e.g. address, phone number, email address), residency status, country of birth, nationality, tax residency, tax file number, information contained in identity documents (e.g. passport number, driver licence number, Medicare number), financial information, information about your use of our products and services, credit related information or other information Finstro considers necessary.
Credit-related information means:
Credit information, which is information which includes your identity; the type, terms and maximum amount of credit provided to you, including when that credit was provided and when it was repaid; repayment history information, default information (including overdue payments); payment information; financial hardship information (including information that any repayments are affected by a financial hardship agreement); Commercial and Consumer credit information from a Credit Reporting Body; Customer Identification by a Credit Reporting Body; financial information; new arrangement information; details of any serious credit infringements; court proceedings information; personal insolvency information and publicly available information; and
Credit eligibility information, which is credit reporting information supplied to us by a credit reporting body, and any information that we derive from it.
We use your credit-related information to assess your eligibility to be provided with finance. Usually, credit-related information is exchanged between credit and finance providers and credit reporting bodies.
If you are applying for finance or provide a guarantee we may also collect the ages and number of your dependants and cohabitants, the length of time you have resided at your current address, your employment details and proof of earnings and expenses.
When you use our website or mobile applications we may collect information about your location or activity including IP address, telephone number and whether you have accessed third party sites, the date and time of visits, the pages that are viewed, information about the device used and other user location information. We collect some of this information using cookies (for more information please see the Terms of Use/Policy at https://finstro.com/en-au/privacy-policy).
Why we collect your personal information
We collect personal information for the purposes of assessing your application for finance and managing that finance, establishing your identity, identifying and investigating any fraud or other illegal activities (or any suspected fraud or other illegal activities), contacting you, managing our risk and to comply with our legal obligations. We may also collect your personal information for the purposes of direct marketing and managing our relationship with you. Improvements in technology also enable organisations like ours to collect and use information to get a more integrated view of our customers. From time to time we may offer you other products and services.
Collecting your personal information
We will, if it is reasonable or practicable to do so, collect your personal information directly from you. For example, this may happen when you fill out a product or service application or an administrative form (e.g. a change of address form), or when you give us personal information over the telephone, or through a Finstro organisation’s website or mobile app.
In certain cases, we may collect your personal information from third parties. For example, we may need to collect personal information from a credit reporting body, your representative (such as a legal adviser), your financial adviser, any publicly available sources of information, or from any of the other organisations identified below under “Using and Disclosing Your Personal Information”. The personal information is securely stored by a third party storage provider.
We will not ask you to supply personal information publicly over Facebook, Twitter, or any other social media platform that we use.
Using and Disclosing your Personal Information
In line with modern business practices common to many financial institutions, and pursuant to your specific needs (such as, for example, where you have a financial adviser or mortgage broker) we may disclose your personal information to the organisations described below. Where your personal information is disclosed to another person or organisation, we will take reasonable steps to satisfy ourselves that:
(a) the person or organisation has a commitment to protecting your personal information at least equal to our commitment, or
(b) you have consented to us making the disclosure.
The relevant organisations are those:
prospective funders or other intermediaries in relation to your finance requirements
involved in providing, managing or administering your product or service such as third party suppliers, other Finstro organisations, loyalty and reward program partners, printers, posting services, and call centres
Finstro organisations and related businesses that wish to inform you of their products or services that might better serve your financial, business and lifestyle needs, or to notify you of promotions or other opportunities in which you may be interested, except where you tell us not to
who are your brokers and their service providers
involved in maintaining, reviewing and developing our business systems, procedures and infrastructure including testing or upgrading our computer systems
agents, contractors or external service providers who we outsource certain functions, for example, statement production, debt recovery and information technology support
where you have provided us consent
other guarantors or borrowers (if more than one)
borrowers or prospective borrowers, including in relation to any credit you guarantee or propose to guarantee
involved in auditing, insuring, re-insuring and providing health care
involved in a corporate re-organisation
involved in a transfer of all or part of the assets or business of a Finstro organisation
involved in the payments system including financial institutions, merchants and payment organisations (for example to process a claim for mistaken payment)
organisations that provide products or services used or marketed by us
involved in product planning and development of our products, services and business generally
which are your representatives including your legal advisers, finance brokers, mortgage brokers, guardians, persons holding power of attorney and accountants
including employers, former employers, referees or identity verification services
as required or authorised by law, such as under the Anti-Money or Laundering and Counter-Terrorism Financing Act 2006 (Cth) where you have given your consent.
In addition, for Finstro organisations offering:
Finance products or services – other organisations to which personal information is usually disclosed are card producers, card schemes, credit and fraud reporting agencies (including organisations that assist with fraud investigations and organisations established to identify, investigate and/or prevent any fraud, suspected fraud, crime, suspected crime, or misconduct of a serious nature), debt collection agencies, your guarantors, other borrowers, organisations involved in valuing, surveying, or registering a security property or which otherwise have an interest in such property, purchasers of debt portfolios, claims-related providers, underwriters and re-insurers.
Trustee or custodial services – other organisations to which personal information is usually disclosed are superannuation and managed funds organisations, their advisers and other organisations involved in our normal business practices.
Other organisations to which personal information is usually disclosed are fraud detection agencies and other organisations involved in our normal business practices.
Your personal information may also be disclosed to other organisations involved in our normal business practices (such as securitisation) and used in connection with such purposes as outlined above.
Because we operate throughout Australia and overseas, some of these uses and disclosures may occur outside your State or Territory and/or outside of Australia. Where this is the case, we will ensure the recipient complies with the Australian Privacy Principles and our privacy policy. In some circumstances we may need to obtain your consent before the recipient receives any personal information.
Credit-related information
We exchange credit-related information for the purposes of assessing your application for finance and managing that finance. If you propose to be a guarantor, one of our checks may involve obtaining a report from a credit report body about you.
This credit-related information may be held by us in electronic form on our secure servers and may also be held in paper form. We may use cloud storage to store the credit-related information we hold about you. The cloud storage and the IT servers may be located outside Australia.
When we obtain credit eligibility information from a credit-reporting body about you, we may also seek publicly available information and information about any serious credit infringement that you may have committed.
We may disclose your credit-related information to overseas entities that provide support functions to us. You may obtain more information about these entities by contact us. If we disclose your credit-related information to entities that are located overseas, we ensure that appropriate data handling and security arrangements are in place.
Notifiable matters:
The law requires us to advise you of ‘notifiable matters’ in relation to how we may use your credit-related information. You may request to have these notifiable matters (and this policy) provided to you in an alternative form by contacting us at our details below.
We exchange your credit-related information with credit reporting bodies. We use the credit-related information that we exchange with the credit reporting body to confirm your identity, assess your creditworthiness, assess your application for finance or your capacity to be a guarantor and manage your finance.
The information we can exchange with credit reporting bodies includes your identification details, what type of loans you have, how much you have borrowed, whether or not you have met your loan payment obligations, whether you have entered into a financial hardship arrangement (either with us or some otehr third party), and if you have committed a serious credit infringement (such as fraud).
If you fail to meet your credit obligations in relation to any finance that we have provided or arranged, or commit a serious credit infringement, Finstro may undertake the following:
Disclose information to a Credit Reporting Body.
Issue prescribed notices under Credit Reporting Privacy Code advising payments which have become overdue more than 60 days.
Issue prescribed notices under Credit Reporting Privacy Code a payment default has occurred with Finstro advising a Credit Reporting Body.
Engage Collections Agencies and or Legal Counsel to collect payments which have become overdue.
Request a Credit Reporting Body not to disclose information about you if you believe you are a victim of fraud.
You have the right to request access to the credit-related information that we hold about you and make a request for us to correct that credit-related information if needed. Please see the heading ‘Access and correction to your personal and credit-related information’, below.
Sometimes your credit information will be used by credit reporting bodies for the purposes of ‘pre- screening’ credit offers on the request of other credit providers. You can contact the credit reporting body at any time to request that your credit information is not used in this way.
You may contact the credit reporting body to advise them that you believe that you may have been a victim of fraud. For a period of 21 days after the credit reporting body receives your notification the credit reporting body must not use or disclose that credit information. You can contact any of the following credit reporting bodies for more information:
• Equifax Pty Ltd – www.equifax.com.au,
• Experian Australia Credit Services Pty Ltd – www.experian.com.au.
• Threatmetrix – www.risk.lexisnexis.com/products/threatmetrix.
• Illion Australia Pty Ltd – www.illion.com.au
Marketing our products and services
We may use or disclose your personal information to let you know about, and develop, products and services from across Finstro or any company with whom we are associated that may better serve your financial, business and lifestyle needs, or to notify you of promotions or other opportunities in which you may be of interest to you. For example, we may do this after an initial marketing contact.
You can contact us at any time if you no longer wish us to do so (see Contacting Us below). If direct marketing is by email you may also use the unsubscribe function. We will not charge you for giving effect to your request and will take all reasonable steps to meet your request at the earliest possible opportunity.
Keeping your personal information accurate and up to date
We aim to make sure that the personal information we collect, use or disclose is accurate, complete and up-to-date and take reasonable steps to make sure this is the case. In this way we can ensure that we provide you with a better service.
If you believe your personal information is not accurate, not complete or not up to date, please contact us (see Contacting Us below). We will generally rely on you to ensure the information we hold about you is accurate or complete.
Access and correction to your personal and credit information
We will provide you with access to the personal and credit-related information we hold about you. You may request access to any of the personal information we hold about you at any time. We may charge a fee for our costs of retrieving and supplying the information to you.
Depending on the type of request that you make we may respond to your request immediately, otherwise we usually respond to you within seven days of receiving your request. We may need to contact other entities to properly investigate your request.
There may be situations where we are not required to provide you with access to your personal or credit-related information. Factors affecting a right to access include:
access would pose a serious threat to the life or health of any individual
access would have an unreasonable impact on the privacy of others
a frivolous or vexatious request
the information relates to a commercially sensitive decision-making process
access would be unlawful
access would prejudice enforcement activities relating to criminal activities and other breaches of law, public revenue, a security function or negotiations with you
legal dispute resolution proceedings
denying access is required or authorised by or under law
An explanation will be provided to you, if we deny you access to the personal or credit-related information we hold about you.
If any of the personal or credit-related information we hold about you is incorrect, inaccurate or out of date you may request that we correct the information by contacting us by one of the methods referred to in the Contacting Us section of this document.
If appropriate we will correct the personal information at the time of the request, otherwise, we will provide an initial response to you within seven days of receiving your request. Where reasonable, and after our investigation, we will provide you with details about whether we have corrected the personal or credit-related information within 30 days.
We may need to consult with other finance providers or credit reporting bodies or entities as part of our investigation.
If we refuse to correct personal or credit-related information we will provide you with our reasons for not correcting the information.
Business without identifying you
In most circumstances it will be necessary for us to identify you in order to successfully do business with you, however, where it is lawful and practicable to do so, we will offer you the opportunity of doing business with us without providing us with personal information, for example, if you make general inquiries about interest rates or current promotional offers.
Protecting your personal information
Records of your personal information are kept in several forms including both paper and electronic form. The security of your personal information is important to us and we take all reasonable precautions to protect it from unauthorised access, modification or disclosure and from loss or misuse. These precautions include:
confidentiality requirements for our employees
document storage security policies
security measures for systems access
providing a discreet environment for confidential discussions
only allowing access to personal information where the individual seeking access has satisfied our identification requirements
access control for our buildings
the security measures described below under Our Websites.
If Finstro receives any personal information which we did not solicit the information, Finstro will determine whether or not we could have collected the information if we had reasonably solicited the information. If not, we will take reasonable steps to destroy this information.
Mandatory data breach reporting
Finstro is required to comply with the Notifiable Data Breach (NDB) scheme from 22 February 2018.
Our data breach response plan provides the ability to respond quickly to any such breaches and includes:
(a) the steps and actions staff should take in the event of a breach or suspected breach;
(b) reporting lines if staff suspect a data breach;
(c) the recording of data breaches;
(d) means for identifying and addressing anything that contributed to the breach; and
(e) systems for a post-breach review and assessment of the entity’s response to the data breach.
A data breach occurs when personal information is lost or subjected to unauthorised access, modification, use or disclosure or other misuse.
What is an eligible data breach?
An eligible data breach warranting notification will arise when:
(a) there has been unauthorised access to or unauthorised disclosure of personal information; and
(b) access or disclosure would likely result in serious harm to affected individuals.
An eligible data breach can occur irrespective of the number of individuals that are likely to be at a risk of serious harm.
A determination of whether a data breach has or may cause serious harm will be dependent on the following factors:
(a) the sensitivity of the personal information which has been exposed due to the data breach;
(b) whether the information is protected by security measures and the likelihood that any such security measures could be overcome;
(c) who has or may have obtained or could obtain the information; and
(d) the nature of the harm, for example, whether any affected individuals will suffer financial or reputational damage.
Assessing a suspected data breach
If we suspect that an eligible data breach has occurred, we will take the following steps.
(a) Where possible contain the breach and take remedial action.
(b) Conduct a reasonable and expeditious assessment of the breach to determine whether notification is required. We will take all reasonable steps to complete our assessment within 30 calendar days after the day it first became aware of the suspected data breach.
(c) Where serious harm can not be mitigated through remedial action, we will notify individuals at risk of serious harm and provide a statement to the OAIC as soon as practicable, but not later than 30 calendar days from becoming aware of the breach.
If it is not practicable to notify individuals at risk of serious harm, we will publish a copy of the statement prepared for the OAIC on our website, and take reasonable steps to bring its content to the attention of individuals at risk of serious harm.
The Data Breach plan is regularly reviewed and tested by the Compliance Officer
Complaints Handling
If you are dissatisfied with how we have dealt with your personal information, or you have a complaint about our compliance with the Privacy Act and the Credit Reporting Code, you may contact our complaints officer.
On receipt of a complaint by a company, business or individual, it must relate to an act or practice of Finstro and we must:
within 7 days after the complaint is made, acknowledge receipt of the complaint
investigate the matter via the Finstro’s Disputes & Complaints Resolution Policy, decide and advise the company, business or individual within 30 days.
set out the decision and indicate if you are dissatisfied with Finstro’s response, you can refer the complaint to the Office of Australian Information Commissioner www.oaic.gov.au
Your privacy on the Internet
Our Websites
We take care to ensure that the personal information you give us on our websites and mobile applications are protected, with electronic security systems in place, including the use of firewalls and data encryption. Depending on the Finstro organisation with which you deal, user identifiers, passwords or other access codes may also be used to control access to your personal information. Please refer to the website and mobile applications of those Finstro organisations with which you transact electronically for more information on our website specific privacy and security procedures.
Links to Other Sites
You may be able to access external websites by clicking on links we have provided. Those other websites are not subject to our privacy standards, policies and procedures. You will need to contact or review those websites directly to ascertain their privacy standards, policies and procedures.
Using Government Identifiers
Although in certain circumstances we are required to collect government identifiers such as your Passport Number, Medicare number or drivers licence details, we do not use or disclose this information other than when required or authorised by law, or unless you have voluntarily consented to disclose this information to any third party.
Your sensitive information
Without your consent, we will not collect information about you that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs or affiliations, membership of a professional or trade association, membership of a trade union, details of health, disability, sexual orientation, or criminal record.
This is subject to some exceptions including when:
the collection is required by law
has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to Finstro’s functions or activities has been, is being, or maybe engaged in the information is necessary for the establishment, exercise or defence of a legal claim.
Un-submitted on-line applications
If you start but do not submit an on-line application, Finstro may contact you using any of the contact details you supply, to offer help completing it. If you do not submit the on-line application, the information in it will be kept by Finstro for a period of time before being destroyed.
Complaints
If you are not satisfied with how we have dealt with your personal information, or you have a complaint about our compliance with the Privacy Act and the Credit Reporting Code, you may contact our complaints officer on the details noted below.
We will acknowledge your complaint wihtin seven days and aim to resolve the complaint as quickly as possible. We will provide you with a decision on your complaint within 30 days.
If you are not satisfied with the response of our complaints officer, you may make a complaint to the AFCA scheme, which can be contacted by phone on +61 2 8311 8061, by email at info @afca.org.au, or in writing to GPO Box 3, Melbourne VIC 3001, or the Privacy Commissioner which can be contacted at either www.oaic.gov.au or by phone on 1300 363 992.
Contacting Us
At Finstro we care about your privacy and your trust is important to us.
Should you have any queries or concerns about your privacy, please provide full details the nature of your concerns by contacting the Finstro Privacy Officer, care of any of the following details:
Phone: +61 2 8311 8061
Email: privacy@finstro.com
Post: Privacy Officer, PO Box H173, Australia Square Sydney 1215