This policy is issued by SLYP on behalf of itself and its affiliates (together, "SLYP", "we", "us" and "our") and is addressed to individuals outside our organisation with whom we interact, including customers, visitors to our sites, users of our apps, and other users of our services (together, "you"). The terms used in this policy is explained in Appendix 2 of this policy.
In addition to the Australian Privacy Act, individuals located in the European Union may also have rights under EU based rules known as the General Data Protection Regulation (GDPR). The GDPR has given more rights to individuals located in the EU and more obligations to organisations holding their personal information. Detail of additional rights of individuals located in the EU and how we meet them are outlined in Appendix 1 of this policy.
This policy is not limited to current customers but it also relates to all other individuals who deal with us for any business purpose.
Please note this policy may be updated time to time to ensure compliance to applicable laws, you can always find the most up-to-date version on our website.
AT SLYP we believe that if you delight your customers they don’t just buy from you they rely on you. We are committed to delivering innovative and elegant solutions that solve real problems for real people.
We have invented the Slyp Receipt™. Our solution replaces redundant paper receipts with a digitised transaction record with rich features that is delivered exactly where its most useful to the consumer, their internet banking portal. Slyp Receipts™ offer new ways for consumers and retailers to connect.
At SLYP, the privacy of our customer’s data is critical concern. This policy is laid out in an easy to understand way so that all our customers and partners can clearly understand our position on data privacy and our commitment to protecting the data we collect.
We may collect personal data about you from the following sources:
We may also create personal data about you, such as records of your interactions with us, details of your purchase history, details of services used or availed, where applicable.
We may process the following categories of personal data about you
The privacy act protects your sensitive personal data like information about your religion, ethnicity, health or biometrics. If we need this type of data, we will ask for your permission except otherwise allowed by law.
The purposes for which we may process your personal data, subject to applicable law, include:
We may disclose your personal data to other entities for legitimate business purposes and in accordance with applicable law. Those include:
We may send your data overseas to service providers or other third parties who operate or hold data outside Australia but where we do this, we ensure that reasonable steps are taken in data handling and security arrangements. Please note this also means that others may have different laws and data protection compliance requirements to those that apply in Australia.
We have implemented appropriate technical and organisational security measures designed to protect your personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, unauthorised access, and other unlawful or unauthorised forms of processing, in accordance with applicable law. Few of these measures are listed below:
|Staff education||We train and remind our staff of their obligations with regard to your data.|
|Taking precautions with overseas transfers and third parties||When we send information overseas or use third parties that handle or store data, we ensure that appropriate data handling and security arrangements are in place.|
|System security||you transact with us on the internet via our website or mobile apps we encrypt data sent from your computer to our systems.|
|Building security||We have protection in our buildings against unauthorised access such as alarms, cameras and guards (as required).|
|Disposal of data when no longer required||Where practical, we keep information only for as long as required (for example, to meet user, legal requirements or our internal needs).|
We take every reasonable step to ensure that:
From time to time we may ask you to confirm the accuracy of your personal data.
We may process your personal data to contact you via email, telephone, direct mail or other communication formats to provide you with information regarding services that may be of interest to you. If we provide services to you, we may send information to you regarding our services, upcoming promotions and other information that may be of interest to you, using the contact details that you have provided to us and always in compliance with applicable law.
You may unsubscribe from our promotional email list at any time by simply clicking on the unsubscribe link included in every promotional email we send. After you unsubscribe, we will not send you further promotional emails, but we may continue to contact you to the extent necessary for the purposes of any services you have requested.
You can ask for access to your personal data (for example what transactions you’ve made) by contacting us. We try to make your information available within 30 days of your request. Before we give you the information, we’ll need to confirm your identity.
In certain circumstances we’re allowed to deny your request, or limit the access we provide. For example, we might not provide you access to commercially sensitive information. Whatever the outcome, we’ll write to you explaining our decision.
You can ask us to correct any inaccurate data we hold or have provided to others by contacting us. If the data that is corrected is data we have provided to others, you can ask us to notify them of the correction.
If we’re able to correct your data, we’ll inform you when the process is complete.
If we disagree with you that data should be corrected, we’ll let you know in writing our reasons. You can ask us indicating your view that the data is inaccurate, misleading, incomplete, irrelevant or out-of-date. We will take reasonable steps to comply with such a request.
Where feasible and permitted by law, you can interact with Slyp anonymously or using a pseudonym but this means that you may not be able to use or acquire all of our services.
If you contact us raising a complaint, we will consider your complaint promptly and contact you to seek to resolve the matter. We shall assign a reference number and we will keep you updated on the progress we’re making towards fixing the problem. However, if we’re unable to provide a final response within 45 days we’ll contact you to explain why and discuss a timeframe to resolve the complaint.
You are also entitled under the Privacy Act to make a complaint to the Australian Privacy Commissioner if you have concerns about how we handle your personal data. For more information about the Australian Privacy Principles you can contact the Office of the Australian Information Commissioner (privacy generally)
The European Union (EU) General Data Protection Regulation (GDPR) has provided a few more rights to individuals located in the EU and more obligations to organisations holding their personal information.
As such, if you are located in the EU, GDPR requires us to provide you with more information about how we collect, use, share and store your personal information as well as advising you of your rights as a ‘data subject’. If you are located in the EU and have an enquiry relating to your rights under the GDPR, please contact firstname.lastname@example.org.
The GDPR provides additional protection for personal information about your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, biometric data (for example your fingerprints), or data concerning your health, sex life or sexual orientation. We will only process this type of personal information with your consent or where otherwise lawfully permitted.
We take every reasonable step to ensure that your Personal Data are only Processed for the minimum period necessary for the purposes set out in this policy.
We take every reasonable step to ensure that your Personal Data that we Process are limited to the Personal Data reasonably necessary in connection with the purposes set out in this policy.
In processing your personal data in connection with the purposes set out in this policy, we may rely on one or more of the following legal bases, depending on the circumstances:
Subject to applicable law, you may have a number of rights regarding the processing of your Relevant Personal Data, including:
To exercise one or more of these rights, or to ask a question about these rights or any other provision of this policy, or about our processing of your personal Data, please use us on email@example.com
Please note that:
We will seek parent or guardian consent to collect the details of children under 16.