• We, Acare Business Solutions Pty Ltd, (“Acare”, “us”, “we”, “our''), (ABN 72 145 761 646) our registered address is T26 Level 1, 730-742 George Street Haymarket NSW 2000 Australia, are the person who collect all customer information. We hold an Australian Transaction and Reports and Analysis Centre ("AUSTRAC") Registration Number: IND100239985. If you have any questions about how we protect or use your data, please email us at privacy@ownservices.com.au.

We may collect, record and use information about You in physical and electronic form and will hold, use and otherwise process this data in accordance with the Privacy Laws and as set out in this Policy.

The personal information we collect and use may include, amongst other things:

• Your Full Legal name;
• Your contact information such as your email address, postal address and telephone number (or any telephone number used to call our customer services);
• Your demographic information such as date of birth, age, education, gender, and interests;
• Evidence of your identity (for example Primary Photo ID document such as passport information, passport copy);
• Unique identifiers such as your username, account number and password;
• Your profiles and postings on any other social media applications and services that we provide or that you make available to us;
• Your payment details and other financial data (for example, your bank or payment method provider’s name and your account number and sort code); and
• Information about your visit to our website, including the full Uniform Resource Locators (URL), clickstream to, through and from our website (including date and time), length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs) and methods used to browse away from the page.
• We will not collect sensitive information about you without your consent unless an exception in the Act applies. These exceptions include if the collection is required or authorised by law or necessary to take appropriate action in relation to suspected unlawful activity or serious misconduct. For example, we might collect your biometric information when confirming your identity.

We also collect your information in relation to other people (for example, details of the recipients of Your money transfers), where you provide us with such information. In providing this information you confirm to us that you have obtained all necessary permissions from them to the reasonable use of their information for the purposes and in the manner described in this Policy, or are otherwise permitted to give us this information on their behalf. Please also ensure that those other people are aware of this notice and that the provisions of this notice are clearly communicated to them.

Purposes for which we will use your personal data: the ways we plan to use your personal data are described below.

• Where you have given us your consent to process your data;
• To carry out our obligations relating to your contract with us for the provision of services;
• To provide you with information, products and services;
• To comply with any applicable legal and regulatory requirements, including to respond to requests from public and government authorities in your country of residence and other countries upon demonstration of lawful authority;
• To prevent and detect crimes, including fraud and financial crime;
• To notify you about changes to our services and send you other administrative information;
• As part of our efforts to keep our services safe and secure;
• To administer our services and for internal operational, planning, audit, troubleshooting, data analysis, testing, research, statistical and survey purposes;
• To undertake system or product development, improve our services and to ensure that they are presented in the most effective manner;
• To allow other customers to request or send money to you through our services when providing information that matches your phone number or email address;
• To measure or understand the effectiveness of advertising we serve and to deliver relevant advertising to you;
• To allow you to participate in interactive features of our services, when you choose to do so;
• To provide you with information about other similar goods and services we offer, with your consent;
• To provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you, with your consent;
• To take steps to recover amounts owed to us and to allow us to pursue available remedies or limit damages that we may sustain;
• To enforce our Customer Agreement with you; and
• On rare occasions, to help safeguard our customers, employees or other individuals by notifying the emergency services.

We may share your personal data with third parties including:

• Business partners, suppliers and subcontractors for the performance and execution of any contract we enter into with them or you and to help them improve the services they provide to us;
• Advertisers and advertising networks to select and serve relevant adverts to you and others with your consent;
• Analytics and search engine providers that assist us in the improvement and optimisation of our site;
• Our group entities and subsidiaries; and
• Limited information is sent to payment beneficiaries when you initiate a payment transaction.

We may disclose your personal information to third parties:

• Including affiliates, business partners, suppliers and subcontractors for the performance and execution of any contract we enter into with them or you;
• In the event that we sell any of our business or assets or combine with another organisation, in which case we may disclose your personal data to the prospective buyer of such business or assets or prospective organisation with which our business or assets may be combined;
• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Customer Agreement and other applicable agreements; or to protect the rights, property, or safety of us, our customers, our employees or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction;
• To assist us in conducting or co-operating with investigations of fraud or other illegal activity where we believe it is reasonable and appropriate to do so;
• To prevent and detect fraud or crime;
• In response to a subpoena, warrant, court order, properly constituted police request or as otherwise required by law;
• To assess financial and insurance risks;
• To recover debt or in relation to your insolvency, or to allow a party sending money or a financial institution that sent money to recover money received by you in error; and
• To develop customer relationships, services and systems;
• If you consent, to share your details when using our services.

We do not have a list of all third parties we share your data with, as this would be dependent on your specific use of our services. However, if you would like further information about who we have shared your data with, or to be provided with a list specific to you, you can request this by writing to privacy@ownservices.com.au

• We have implemented appropriate technical and organisational security measures designed to protect your personal information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, and other unlawful or unauthorised forms of Processing, in accordance with applicable law. We will do our best to protect Your personal information, we cannot guarantee the security of Your data transmitted to our site; and any transmission is at Your own risk. Once we have received Your information, we will use strict procedures and security features to try to prevent unauthorised access.
• We restrict access to your personal information to those employees of us who have a business reason for knowing such information and third-party service providers’ processing data on our behalf. All our employees who have access to your personal data are required to adhere to this Policy and all third-party service providers are requested by us to ensure appropriate safeguards are in place. In addition, contracts are in place with such third-party service providers acting as data processors for us that have access to your personal data, to ensure that the level of security required in your jurisdiction is in place, and that your personal data is processed only as instructed by us.
• We continuously educate and train our employees about the importance of confidentiality and privacy of customer personal information. We maintain physical, technical and organisational safeguards that comply with applicable laws and regulations to protect your personal information from unauthorised access.

• You can request for access to the personal information we hold about you. You can also ask for corrections to be made. To do so please contact us.
• There is no fee for requesting that your personal information is corrected or for us to make corrections. In some limited circumstances, there may be a reasonable charge for giving you access to your personal information. For example, if we have to search for, locate your personal information, and provide it to you.
• Under Privacy Laws, your right to receive access to your personal information, or make corrections to it, is not absolute and exceptions exist. For example, we can refuse to provide information if fulfilling your request would reveal the personal information about another person and have an unreasonable impact on their privacy, or pose a serious threat to another person’s life, health and safety, or to public health, or where unlawful to do so.
• If we refuse to give you access to or to correct your personal information, or to correct your personal information, we will give you a notice explaining our reasons except where it would be unreasonable to do so. If we refuse your request to correct your personal information, you have the right to request that a statement be associated with your personal information noting that you disagree with its inaccuracy. If we refuse your request to access or correct your personal information, we will also provide you with information on how to complain about the refusal.
• You can contact us at privacy@ownservices.com.au or at our address below if you want to enforce any of these rights. We will respond to your request without undue delay but no later than 30 days. We will require initial proof of your identity before we can respond to your request.

• Subject to applicable laws, you may have certain rights regarding the information we hold about you. Your rights can be exercised in accordance with the relevant data protection legislation. If you have any questions in relation to our use of your personal information, contact us. You may have the right to:
• Request a copy of the personal data we hold about you
• Request correction of the personal data that we hold about you. We may need to verify the accuracy of the new data you provide to us.
• Withdraw your consent for us to process data. Note that withdrawal of consent does not affect the lawfulness of processing which may have taken place prior to withdrawal of consent. If you withdraw your consent, we may not be able to provide certain products or services to you; and
• Request us to cease direct marketing to you, by contacting us or adjusting your notification preferences in the settings section of your account.
• Your exercise of these rights is subject to certain exemptions to safeguard the public interest (including the prevention or detection of crime) and our interests (including the maintenance of legal privilege). If you exercise any of these rights, we will respond in most cases within 30 days.
• You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
• We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Please contact us if you believe that your information has been breach of any parts of this policy or if you have concern about how we handling your personal information.

Questions, comments and requests regarding your personal information and our Policy are welcome and should be sent to privacy@ownservices.com.au or you can send it by post addressed to the: Privacy Officer

Writing or visit our office: Acare Business Solutions Pty Ltd, Suite 26, Level 1, 730-742 George Street, Sydney, NSW 2000.

Phone: +61 (02) 9280 3699

Email: privacy@ownservices.com.au