Privacy

1. Who is OneCheck?

OneCheck Pty Limited ABN: 59 099 483 011 (“OneCheck”) is an Australian business specialising in the online capture, processing and checking of identity details.

2. Our commitment to privacy

OneCheck takes its obligations under the Privacy Act 1988 (Cth) and the associated Australian Privacy Principals (APPs) seriously. OneCheck believes the need for identity security and the right of privacy are not mutually exclusive, and are indeed complimentary objectives. OneCheck acknowledges your right to privacy, and has established a number of protocols to help us keep the information we hold accurate, up-to-date, and complete.

3. Purpose for which OneCheck collects your personal information

In OneCheck’s primary purpose of capturing, processing and checking your identity details, personal information is necessarily being collected from you. Generally, a OneCheck identity check is performed in order to provide confidence to a third party (who wishes to identity you) that you are who you say you are. The types of personal information (refer 5, below) that are collected during a OneCheck Identity Check are defined by the party who wishes to identify you. In all circumstances in which a OneCheck identity check is performed, it is done by OneCheck only with your full acknowledgment and consent (refer 6, below).

4. How OneCheck collects your personal information

OneCheck generally collects your personal information directly from you when you perform an identity verification using the OneCheck mobile application. OneCheck also collects personal information from known and trusted third parties (including data analytics agencies) when verifying your identity details against credible records – such as Commonwealth and State Government databases, the Electoral Roll, telephone directory, utility services records, and other such records.

5. The types of personal information that OneCheck collects

OneCheck collects various personal information required to verify your identity. This information may include:

Your name

Your current residential address

Your previous residential addresses (last 3 years)

Your mobile number

Your date of birth

Your email address

The GPS location and time of your OneCheck verification

A Script Validated Video Identity (“SVVI”) verifying “you” as a real person in the transaction

Digital images of your ID Document/s (eg. Driver Licence, Passport, Medicare Card, etc. – as specified for the specific OneCheck transaction you are undertaking)

Other types of personal information OneCheck collects about you may include:

The results of the verification of your identity, obtained from third parties (as mentioned at 4. above)

OneCheck’s own assessment of the validity of personal information provided (including analysis of ID document security features, results of face-matching and voice-matching, consistency in GPS location, velocity of process, and consistency of information obtained relative to the OneCheck database)

Unsolicited personal information: there may be circumstances in which OneCheck receives personal information about a person even though OneCheck has not requested any personal information about that person. If OneCheck receives any such unsolicited information, it will, within a reasonable period of time, review the unsolicited personal information to determine if it is reasonably necessary for its functions. If it is, OneCheck will handle the information in the same way as it handles the information we collect from any person. If OneCheck does not need the information, OneCheck will destroy the information or de-identity it.

Government related identifiers: OneCheck does not, and will not, adopt, use or disclose any government related identifier as its own identifier for you.

6. How OneCheck uses your personal information

OneCheck uses your personal information to perform the identity verification check that you give your consent to when you acknowledge the Terms & Conditions (refer 8, below). Generally, a OneCheck identity check is performed in order to provide verification of your identity to a third party who you are transacting with. In this respect, your consent provides the authority for OneCheck to disclose your identity verification details to that third party.

Disclosures Overseas: Where OneCheck is conducting verification in Australia and you have lived overseas, personal information about you may be disclosed to the country(ies) in which you have resided.

7. Direct Marketing

From time to time, OneCheck may contact you to market OneCheck services. This may, depending on the consent provided, include promotional material including but not limited to communications of the following kind:

Newsletters

Competitions

Surveys

Promotions on existing or new products

OneCheck may do so by using a variety of means including:

Electronic means such as emails, SMS, MMS or similar devices

Hardcopy to your nominated address; and

Subject to Do Not Call Register, call you

OneCheck may, at any time, disclose your information to its clients, where you have provided consent, for marketing purposes so they can send you marketing information similar to the above. At all times you are free to choose not to receive some or all of the marketing communications sent by OneCheck or on OneCheck's behalf. When consenting to the OneCheck Terms and Conditions when activating the application, you are provided with the ability to opt out of marketing communications.

Alternatively, you may choose to receive no further marketing communications, by communicating to:

The Chief Privacy Officer
OneCheck
PO Box N288
Grosvenor Place NSW 1220
Australia

8. Your consent

Prior to activating the OneCheck application, you are provided with the Terms and Conditions of your identity verification check, including a link to the OneCheck Privacy Policy. You are required to “acknowledge” your understanding of: 1) the Terms and Conditions, and 2) the OneCheck Privacy Policy.

Generally, the identity check is performed in order to provide verification of your identity to a third party. In this case, the Terms and Conditions will clarify the manner in which your identity verification details will be disclosed to that third party by OneCheck, and you will be provided with information (eg. a link to the third party’s Privacy Policy) necessary for you to understand the undertakings that third party makes with respect to your personal information. You will be required to “acknowledge” your understanding of: 1) the Terms and Conditions, 2) the OneCheck Privacy Policy, and 3) the undertakings the third party makes with respect to your personal information.

OneCheck will not disclose any personal information about you to any individual or entity without your express consent.

9. Accessing your personal information

OneCheck provides you with the general right of access to your personal information and the right to have that information corrected if it is inaccurate, incomplete, or out of date. Except for the reasons given in the APP’s, access is available only to the person whose information is held.

OneCheck will investigate and deal with your access request, or correction request, in a fair, efficient and timely manner (generally within 30 days). OneCheck will give access to information in the manner requested by you, if it is reasonable and practicable to do so. If OneCheck refuses to give access to your personal information for any reason, it will provide a written notice explaining the reasons for the refusal, and the mechanisms to complain about the refusal. Depending on the breadth of your request, OneCheck may recover from you our reasonable costs incurred in supplying you with access to this information.

All such requests should be made in writing to:

The Chief Privacy Officer
OneCheck
PO Box N288
Grosvenor Place NSW 1220
Australia

10. Correcting your personal information

OneCheck provides you with the general right to have your personal information corrected if it is inaccurate, incomplete, or out of date.

OneCheck will investigate and deal with your correction request, in a fair, efficient and timely manner (generally within 30 days). If OneCheck refuses to correct your personal information for any reason, it will provide a written notice explaining the reasons for the refusal, and the mechanisms to complain about the refusal. If OneCheck refuses to correct your personal information and you ask OneCheck to associate with your information a statement about the accuracy of your information, OneCheck will take such steps to ensure that users of the information will be aware of the statement.

All such requests should be made in writing to:

The Chief Privacy Officer
OneCheck
PO Box N288
Grosvenor Place NSW 1220
Australia

11. Your Right to make a complaint

OneCheck will investigate and deal with a complaint about a breach of the APPs in a fair, efficient and timely manner (generally within 30 days).

Any such complaints should be made in writing to:

The Chief Privacy Officer
OneCheck
PO Box N288
Grosvenor Place NSW 1220
Australia

If you are unhappy with the outcome of our investigation, you have a right to complain to the Office of the Australian Information Commissioner (“OAIC”). The contact details for the OAIC are as follows:

Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Australia
Web: www.oaic.gov.au

12. Information security

OneCheck is committed to keeping your trust by protecting and securing your personal information. We employ appropriate technical, administrative and physical procedures to protect personal information from unauthorised disclosure, loss, misuse or alteration. We limit access to personal information to individuals with a business need consistent with the reason the information was provided. We keep personal information only for as long as it is required for business purposes or by the law. OneCheck protects your personal information by complying with Information Security Standards and Statutory obligations. We regularly conduct targeted internal and external audits on our security systems to validate the currency of our security practices.

13. Changes to this Privacy Policy

OneCheck will post updates to this Privacy Policy (including effective date of each update) on the OneCheck website (www.onecheck.com.au).

Last Updated: 16 February 2015

2015 Update 16 February 2015
The Privacy Policy was updated in February 2015 to improve readability. No substantive changes were made to the Privacy Policy at this time.

2014 Update 31 March 2015
The Privacy Policy was written in March 2014, to reflect the Australian Privacy Principles (APPs), which came into force in March 2014, replacing the National Privacy Principles (NPPs) that previously applied to private sector organisations.