GB Group Plc (‘GBG’) Website Privacy Policy
Loqate Inc. and Mastersoft (”Loqate”) take the protection and security of your personal information very seriously. Loqate is part of the group of corporate companies belonging to GB Group PLC group of entities (“GBG”).
This Privacy Policy applies to the Loqate (https://www.loqate.com/anz/privacy/) website and Loqate products and services offered in Australia and New Zealand. It is bound by the Privacy Act 1988 in Australia, and the Privacy Act 2020 in New Zealand.
What personal information does GBG collect and why?
The personal information that we may collect about you broadly falls into the following categories:
- Basic information: Name, postal address
- Attribute: Telephone, email address, date of birth
- Device information: IP address, geolocation, device ID
How we use your personal information
The majority of personal information that we collect on individuals, with the exception of any B2B personal information (detailed below), is provided to us by our B2B clients for us to process on their behalf as their service provider. We perform these services to help our business clients better serve their consumers and to help with their cost-savings. The services we perform for our B2B business clients as their service provider includes the following: name, phone, email, and address validation, cleansing, and de-duplication and deceased suppression.
If you are a B2B client or prospective B2B client, we may also collect the following information from you: name, title, business contact details such as business address and business phone number, business credit/debit card billing information, user IDs and passwords, IP address, survey responses, and any additional information that you provide to us directly or through our websites or software applications. We use this for business and commercial purposes, such as being able to reach out to potential business prospects and to transact with our clients.
Who will we share your data with and why?
We work with a number of trusted data suppliers, these include:
Government/Public Authorities - These bodies include authorities that provide driving licence information, passport information, citizen identification number, social security number, insolvency records (also in publicly available) or sanctions lists (also in publicly available).
Regulated Financial Services Organisations- These entities collect information about your financial status, but this data can also be used to help organisations like us verify your identity by confirming you are who you say you are, and where you live, or if you have lived at an address.
Other Regulated Organisations/Firms - These entities provide personal data which can help to verify or contact you, for example you have made a choice whether or not your landline is included in the public telephone directory.
Commercial Organisations - These entities provide your contact details, such as name, address, telephone number or email address, which we can then use to meet the request you have made to one of our Customers.
Customer Data - These customer entities have informed individuals that data will be provided to GBG for additional purposes of generating risk scores or creating fraud and/or identity alerts, insights and reports.
Publicly available, collected by a third party organisation or GBG - These entities provide information about insolvency records, property information, sanction lists, PEPs information, social media / convention online information / deep web / dark web, income index or family situation.
Non personal/address data - These entities provide information about deceased records, geocodes, co-ordinates, postcodes or zip codes.
We may also disclose your personal data to the following categories of recipients:
- to our group companies, third party services providers and partnerswho provide data processing services to us, or who otherwise process personal information for purposes that are described in this privacy notice;
- to any competent law enforcement body, regulatory, government agency, court or other third partywhere we believe disclosure is necessary (i) as a matter of applicable law or regulation, (ii) to exercise, establish or defend our legal rights, or (iii) to protect your vital interests or those of any other person;
- to a potential buyer(and its agents and advisers) in connection with any proposed purchase, merger, acquisition, restructuring or insolvency of any part of our business, provided that we inform the buyer it must use your personal information only for the purposes disclosed in this privacy notice.
If we provide your personal information to any of these entities, we will always require them to manage it in accordance with the Australian Privacy Principles and/or the Information Privacy Principles in New Zealand. We may also provide your information to third parties if we are required to do so by law or under some unusual circumstances which are permitted under the Privacy Act 1988 (Cth), or the Privacy Act 2020 in New Zealand.
Accuracy of your personal information
The information that GBG holds on you is a record of a transaction at a point in time. Whilst it is unlikely we would amend that information, should you have any queries in relation to that data you can email us compliance@gbgplc.com.
We may pass any correction request to our customer or such other third party which collected the information from you.
International Transfers of personal information
Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have data protection laws that are different to the laws of your country.
Our group companies, data suppliers, customers and third party providers and partners operate around the world. This means that when we collect your personal information we may process it in any of these countries.
However, we have taken appropriate safeguards to require that your personal information will remain protected in accordance with this privacy notice.
Where appropriate, these include implementing contractual arrangements to ensure your data is handled in accordance with Australian and/or New Zealand data protection laws, implementing the New Zealand Standard Contractual Clauses or ensuring these entities are subject to adequate laws in foreign jurisdictions. Where an international data transfer occurs between our group companies, the same arrangements are in place. We have implemented similar appropriate safeguards with our data suppliers, customers and third party providers and partners.
Data Retention
For account management purposes, we will retain the personal information we collected from you for as long as we have the relationship with your organization. If GBG no longer has a relationship with your organization then we will only keep the relevant information such as invoices for audit purposes 6 years after the relationship with GBG has ended. Once GBG are informed, you are no longer the contact we need to liaise with or your leave your organization, we will remove your details from our system.
For information that our B2B business clients provided to us on you for us to perform our contractual obligations to them as their service provider, we will retain this information for as long as it is reasonably necessary for us to complete performance, for the duration of our legitimate business interests, and/or comply with any audit or legal obligations.
Your rights
As an individual, you have rights regarding the processing of your personal information, these are:
· The right to transparency – you have the right to know why your personal information is being collected, how it will be used and who it will be disclosed to.
· The right of anonymity/pseudonymity – you have the right not to identify yourself, or the right to use a pseudonym in certain circumstances if the Australian Privacy Act applies.
· The right to access your personal information – you have a right to know what personal information GBG hold on you.
· The right to opt out – you have the right to stop receiving unwanted direct marketing.
· The right to correction – you have the right to ask us to correct any information you believe is inaccurate. You also have the right to ask us to complete information you think is incomplete.
· The right to complain about a breach by us of the applicable Privacy Act if you think we’ve mishandled your personal information (see ‘How to contact us if you’re not happy’ and ‘Your right to lodge a complaint with the Supervisory Authority’ below).
Please keep in mind that some of these rights are subject to an internal assessment that one of the grounds set out in the applicable Privacy Act is satisfied.
You can send these requests to compliance@gbgplc.com or by post to:
Data Protection Manager
GBG
Level 4 / 360 Collins St
Melbourne
Victoria 3000
Australia
Or call us on +61 (0)3 8595 1500.
You are not required to pay any charge for exercising your rights. We will always aim to provide you with access within 30 days (if the Australian Privacy Act applies) or within 20 working days (if the New Zealand Privacy Act applies) but in some cases, it may take longer. If GBG are unable to comply with your request, we will provide you with an explanation.
How to contact us if you're not happy
We appreciate that at GBG we may not always get things right and it is regrettable for us as an organisation when we receive a complaint. We take all complaints seriously and can assure you we will do our best to deliver a satisfactory outcome. If you do wish to complain about how your personal information is used by GBG then please write to us at:
Data Protection Manager
GBG
Level 4 / 360 Collins St
Melbourne
Victoria 3000
Australia
You can also email us at compliance@gbgplc.com.
GBG will investigate and respond within 10 working days of receipt of your complaint. This allows us time to investigate your complaint thoroughly.
Your right to lodge a complaint with the Supervisory Authority
Where you believe that GBG have not taken our responsibilities with your personal information seriously, you have the right to complain to the applicable Supervisory Authority. If your complaint arises under the Australian Privacy Act/APPs you must first raise your concerns with us and give us 30 days to satisfactorily resolve your complaint If your complaint arises under the New Zealand Privacy Act/IPPs, we ask that you do the same. The details for the Supervisory Authorities are as follows:
Office of the Australian Information Commissioner
GPO Box 5218
Sydney
NSW 2001
Australia
Telephone number: 1300 363 992
Email: enquiries@oaic.gov.au
Office of the Privacy Commissioner
PO Box 10094
Wellington 6143
New Zealand
Telephone number: 0800 803 909
Email: enquiries@privacy.org.nz
For the complete GBG Privacy Policy in ANZ, please refer to https://www.gbgplc.com/apac/legal-and-regulatory/privacy-policy-anz/ .