Eftsure Logo
Request a Demo
Vendor Verification

Eftsure Privacy Policy and Confidentiality Statement

1. This Privacy Policy

  1. This is the Privacy Policy of Eftsure, a business that provides electronic payment verification services. This Privacy Policy sets out how we collect and manage your personal information and business confidential information when providing services to you or your affiliates, when you or your affiliates otherwise engage with us or where we collect your personal information where you are a user of any Eftsure service or a current or future payee of any of our customers or their affiliates. In this Privacy Policy, unless the contrary intention appears, references to “we”, “us”, “our” or “Eftsure” means each of the following entities: Eftsure Pty Limited (ABN 21 168 403 736) (Eftsure AU), Eftsure New Zealand Pty Limited (company number 8495986), Eftsure, USA Inc. (EIN 99-0939957) (Eftsure US), Vector HoldCo Pty Ltd (ABN 72 655 693 566), Vector BidCo Pty Limited (ABN 19 655 693 717) and Eftsure e-invoicing Pty Limited (ABN 77 669 461 974).
  2. Eftsure provides three main services, set out below:
    1. the Eftsure “Know Your Payee” (KYP) service, which is further described in the Eftsure KYP Service Addendum, made available at the following URLs: https://eftsure.com/en-au/terms-of-service/ (if you are customer contracting with Eftsure AU) or https://eftsure.com/terms-of-service/ (if you are a customer contracting with Eftsure US);
    2. the EftsureID service, which is further described in the EftsureID Service Addendum, made available at the same URLs;
    3. the Eftsure API Service, which is further described in the Eftsure KYP Service Addendum, also found at the same URLs.
  3. We may update our services from time to time. Further information about our services is available on our website or in your agreement with us.
  4. We may update this Privacy Policy from time to time. The most current version will be located on our website.

2. Personal information and business confidential information

  1. Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether or not the information or opinion is true and whether or not the information or opinion is recorded in a material form. Therefore, not all information that we collect about you will be considered personal information.
  2. While information that we collect, use and store in Eftsure’s databases may not be personal information in every case, it may be business confidential information. Our data management processes and systems are designed for privacy, confidentiality and information security, by default and by design. We manage business confidential information that is stored in the Eftsure’s databases by applying the same privacy, confidentiality and information security standards as we apply to our management of your personal information.
  3. Where we collect, use, hold or disclose personal information, we will do so in accordance with this Privacy Policy and will comply with all applicable privacy laws which may include (as the case may be): the Australian Privacy Act 1988 (Cth), the Privacy Act 2020 (NZ) and any mandatory privacy-related codes applicable to us in Australia or New Zealand.

3. Types of personal information that we collect and hold

The types of personal information that we collect and hold about you will depend on which services you or your customers use, and how you otherwise interact with us.

  1. Use of our services generally. In providing the Eftsure KYP, EftsureID and API services, we may collect the following information about our customers and their respective payees:
    1. names of individuals;
    2. job title;
    3. business names;
    4. Australian Business Number (ABN), Australian Company Number (ACN), New Zealand Business numbers (NZBN), GST registration status and any other equivalent information in jurisdictions other than Australia (including international standard payment details, such as SWIFT or IBAN bank identifier details);
    5. contact information including mobile numbers;
    6. business addresses;
    7. email addresses;
    8. payment amounts;
    9. full legal account name, bank account number, BSB, routing numbers and any other equivalent information in jurisdictions other than Australia;
    10. other business and payee information, as provided by customers to us for verification purposes;
    11. whether or not the above information has been verified by Eftsure or by any of our customers or their affiliates; and
    12. information contained in documents that are uploaded by a payee into Eftsure’s document library.
  2. Use of the EftsureID service. In addition to the types of information listed above, we may collect the following additional information:
    1. copies of customer invoices uploaded to the EftsureID service;
    2. EftsureIDs; and
    3. device App IDs.
  3. Use of our websites. We use tracking code (‘cookies’, pixels or other technology), collect device identifiers and log information to track access to, and use of, our website. We may also collect names, email addresses, phone numbers and other personal information when you complete any forms on our website or request to join our mailing list. Please see section 4 for further information about cookies.
  4. Use of social media operated by us. We may collect the following information: your name, job title, email address and business name.
  5. When applying for a job with us. If you apply for a job with us, we collect personal information such as your name, contact number, address and email address. We may also collect sensitive information, such as health information or your criminal history, if this is relevant.
  6. When attending an Eftsure event or meeting. We may collect personal information such as your name, contact number, address and email address when attending, or planning on attending, an Eftsure event or meeting.

4. Cookies and other tracking technologies

  1. We use tracking code (being ‘cookies’, pixels or other technology) and collect device identifiers to track access to, and use of, our website. We use tracking code to provide a better user experience for our website users and to improve our internet site. We do not use tracking code to identify a specific person using a browser or device.
  2. We may also receive tracking code data, device identifiers, log information and other information from advertising serving services or advertising networks which relates to your use of third-party websites. We use this tracking code to provide a better user experience for the users of our website and to improve our website.
  3. Our website uses technologies of third-party partners to help us recognise your browser device and understand how you use our website so that we can improve our services and to serve you advertisements about products and services that are likely to be of interest to you. These partners collect information about your activity on our websites to enable us to:
    1. measure and analyse traffic and browsing activity on our websites;
    2. show advertisements for our products and services to you on third-party websites; and
    3. measure and analyse the performance of our advertising campaigns.
  4. We may share certain data with our advertising partners. Such data includes partially redacted/hashed emails or other online identifiers collected on our website. This allows our partners to recognise and deliver advertisements to you across your devices and browsers.
  5. If you do not wish to use cookies or other tracking technologies, you can amend the settings on your internet browser so it will not automatically download cookies, noting that:
    1. if you remove or block cookies on your computer, please be aware that your user experience and our website’s functionality may be affected; and
    2. our partners may use non-cookie technologies that cannot be blocked by adjusting your browser settings. Where this is relevant, you may wish to use a third-party tool to prevent the collection and use of information for the purpose of serving you interest-based advertising. For further information, please see: Digital Advertising Alliance: YourAdChoices and Network Advertising Initiative: Consumer Opt-Out.

5. How we collect and hold your personal information

  1. We collect personal information in a number of ways:
    1. where reasonable and practicable, we will collect any personal information directly from you or your affiliates or users;
    2. through use of the Eftsure KYP service – if you are the payee of an Eftsure customer, we may collect personal information about you from the relevant Eftsure customer or our service providers (who assist us to provide verification services). Please note that it would not be reasonable or practicable for Eftsure to collect all personal information about our customers’ payees directly from those payees in all cases, which is why we may collect some personal information about an Eftsure customer payee from the relevant Eftsure customer or our service providers. It is the responsibility of each Eftsure customer to ensure that it has the appropriate consents in place to disclose any personal information about its payees to Eftsure. If you are a payee of an Eftsure customer and you would like to understand how that Eftsure customer manages your personal information, you should contact the relevant Eftsure customer directly;
    3. through use of the EftsureID service – we may collect personal information from prospective payers in connection with the EftsureID service, such as when a prospective payer downloads and sets up the EftsureID app, scans an Eftsure customer’s invoice using this app or our webpage, or manually enters EftsureID details into the app or our webpage;
    4. we may collect personal information from our personnel (employees and contractors), from individuals who apply for a position with us, and from prospective customers who engage with us;
    5. we may collect personal information from other third parties. This may include our advertising partners (please see section 4 for further information), our third-party delivery partners (such as integration and referral partners), and our service providers (such as identity and fraud checking services, and credit reporting agencies); and
    6. we may also collect personal information from publicly available sources such as the Australian Business Register and any other equivalent sources in jurisdictions other than Australia, and social media.
  2. Any personal information and business confidential information stored in the Eftsure’s databases that is collected by us is held securely using appropriate and up-to-date industry-recognised methods such as access control procedures, network firewalls, encryption, and physical security.
  3. Subject to any legal requirement, or ability to retain personal information pursuant to any contractual arrangement, we will destroy or de-identify your personal information when it is no longer needed for the purpose for which we collected it.

6. How we use your personal information

  1. How we use your personal information depends on which services you or your customers use, and how you otherwise interact with us. We have described the purposes for which we collect, hold, use and disclose your personal information, below:
    1. Provision of the Eftsure KYP Service and Eftsure API Service. We collect and hold the data of Eftsure customers, as well as Eftsure customer payee data, in Eftsure’s databases, which is encrypted. This information is used for verification purposes and ongoing vendor management for Eftsure customers. This may include:
      1. verifying the data in an Eftsure customer’s vendor master file against data held in Eftsure’s databases to confirm whether the data aligns, and providing a report to the Eftsure customer;
      2. verifying payee data by matching multiple requests made by multiple Eftsure customers;
      3. contacting the payee to verify their details;
      4. verifying payee data using third-party service providers;
      5. inviting a payee to register as a new payee on the Eftsure portal;
      6. before an Eftsure customer makes a payment, verifying the customer’s data against the database and providing alerts or notifications about matches, duplicates, or outliers;
      7. maintaining and updating payee details; and
      8. providing help desk support or training.
    2. We retain records of verified and unverifiable payee details. These may be disclosed to you (if you're an Eftsure customer) and other Eftsure customers, without naming which customer engaged the payee.
    3. Provision of the EftsureID service. We collect and hold the data of Eftsure customers, their invoices, and payers. This data is:
      1. used to verify invoice data aligns with what’s stored in our systems;
      2. retained for troubleshooting, audit and support purposes.
    4. Our service providers, referral partners and authorised resellers.
      1. We may disclose personal information to third-party providers (e.g., accounting, billing, risk management tools) for business operations;
      2. We may also disclose to referral and integration partners, and authorised resellers, for marketing or bundling our services with compatible third-party tools.
    5. Administration. To manage customer enquiries, complaints, and maintain accurate records.
    6. Marketing, CRM, customer support, billing. We use CRM tools (linked to billing software and third-party data) to manage relationships, generate marketing insights, and process payments.
    7. Product upgrades and new product development. To improve and innovate our offerings.
    8. Operating our website. We may collect personal information from individuals who visit our website or use our systems and applications. This may include cookies and other tracking technologies. This data is used for marketing and improving our website. See section 4 for more.
    9. Security and fraud protection. We perform network and fraud detection measures to block malicious actors and content. We may use your personal data to assess risk and notify you of threats if needed.
    10. Communication. We contact individuals in client/prospect organisations via phone, email, SMS, social media, web forms, etc., to provide or promote services, answer queries, or set up accounts. Marketing communications comply with applicable laws.
    11. Business meetings. If you attend online meetings with us, we may record them with prior notice. Recordings are used internally only, in line with legal obligations.
    12. Job applicants. We use information collected from applicants solely for recruitment, legal compliance, and screening purposes.
    13. To fulfil our legal obligations. We may share your information with law enforcement or government authorities if required or permitted by law.
  2. Where we hold personal information collected for a specific purpose (the primary purpose), we will not use or disclose it for a different purpose (the secondary purpose) unless:
    1. you’ve consented;
    2. you would reasonably expect it; or
    3. it’s legally required or permitted.

    Eftsure may use personal information for these secondary purposes:

    1. data analytics and fraud trend analysis;
    2. preparing reports using aggregated data;
    3. maintaining an audit trail of verification activities;
    4. maintaining legally required business records;
    5. assisting investigations into fraud or serious misconduct;
    6. any other purpose authorised or required by law.

7. Access to, and correction of, personal information

  1. We will take reasonable steps to ensure that the personal information we collect, use and disclose is accurate, up to date, complete and relevant. If you believe that any information held by us is incorrect, you may ask us to correct it.
  2. You may request access to personal information about you that is held by us using the contact details in section 11. Before we provide you with access, we will require proof of identity to confirm that you have the right to access it. Subject to any permitted exception under relevant privacy laws, we will provide you with a copy of the relevant personal information.
  3. For most access requests, your personal information will be provided free of charge. However, we may charge a reasonable fee if responding to your request requires substantial effort. We will not charge you for simply making a request or for correcting your personal information.

8. Third party sites

  1. We use a third-party service provider located in the United States of America (USA) to assist us with some digital verification activities. Where we do, our website contains a link to that provider’s website, and it is clearly labelled as such. Use of this provider is subject to their terms of service, although they will comply with this Privacy Policy. If you (as a payee of an Eftsure customer) do not consent, you may choose another verification method.
  2. In addition to the provider mentioned above, our websites may contain links to other third-party websites. If you access these, your personal information will be subject to their terms of service and privacy practices. We recommend reviewing these before engaging. We are not responsible for the privacy practices of these third parties.

9. Cross-border disclosures

  1. We may collect, hold, process and transfer personal information outside your country. Information in the Eftsure verified records database is held:
    1. in Australia, if your agreement is with Eftsure AU; and
    2. in the USA, if your agreement is with Eftsure US.
  2. Other types of personal information may be transferred across Eftsure group entities in Australia or the USA and stored in those locations.
  3. Some of our service providers are located in countries outside your own, including the Philippines, South Africa, New Zealand, the USA, or Australia.
  4. This paragraph only applies to disclosures by Eftsure AU: Where we disclose or store personal information overseas, we will take reasonable steps to ensure that the recipient maintains adequate security and privacy, including through enforceable contractual arrangements where applicable, in accordance with privacy laws (such as the Australian Privacy Principles).

10. How to make a complaint

If you wish to make a complaint about how we manage your personal information, please send it in writing using the contact details below. We will respond within a reasonable time (usually within 30 days). If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC). See the OAIC website for more information.

11. How to contact us

If you would like to access or update your personal information, have any questions about this Privacy Policy, or wish to make a complaint, please contact us:

Address: The Privacy Officer, Level 9/177 Pacific Highway, North Sydney NSW 2060
Email: privacy@eftsure.com.au
Phone: 1300 985 976

Last updated: 29 April 2025