Privacy Policy

Welcome to Billfolda. We are committed to protecting the privacy of your personal information, our Privacy Policy explains how we do this.

What is this privacy policy about?

Billfolda Pty Ltd ACN 620 995 548 (“BF”, “we”, “our”) holds your privacy concerns in the highest regard. This Privacy Policy explains how we manage your personal information and how to contact us if you have any privacy concerns. We also outline our obligations under the Privacy Act 1988 (Cth), this includes the Australian Privacy Principles (APP).

This Privacy Policy applies to our guests, visitors to our websites and apps and any individual who interacts with us.

We also have terms that apply when you use our offerings on our websites or apps. Please read these terms prior to purchasing or using any of our offerings.

Your consent

We will assume that, unless you tell us otherwise, you consent to the collection of the information you provide us (either directly or indirectly) for use and disclosure by us in accordance with our Privacy Policy.

We will only collect sensitive information (a category of information that includes things like your health, political or religious opinions, sexual preferences and genetic or biometric information) from you with your consent and where it is reasonably necessary for us to provide you with services or carry out our functions and activities.

Types of personal information we collect

We collect your personal information so we can provide you with our services that you have requested and also to carry out our functions and activities.

We also collect your personal information so we can improve the service we provide and also give you the option to register for events and promotions that might be of interest to you.

We only collect information about you where it is fair and lawful to do so. Rest assured we do not sell your information to anyone.

If we ask you for your personal information and you do not provide it to us, we may not be able to provide you with any or all of the features of our services and products.

We usually collect information directly from you. For example, when you submit information through our BF websites or apps, when you call or email us, in the course of providing you with a requested product, service or when you have other dealings with us.

The type of personal information that we collect depends on how you interact with us.

Examples of the personal information we may collect include via BF websites or apps include:

  • Registration:

    • information that you provide to open an account and create a profile, including your phone number, first name, last name, email address and photograph.

  • Payment:

    • debit card details so our fee can be direct debited.

  • Your data collection activities:

    • information you input such as visitor profiles, tags, and notes that are sent back to your preferred CRM.

  • Usage information and feedback:

    • information about your mobile device e.g. the hardware model, operating system and version, preferred language, unique device identifier and mobile network information.

    • if you give us feedback about our service or products, or otherwise interact with us, then we will collect the personal information that you provide.

    • log information including IP address, access dates and times, app features or pages viewed, app crashes and browser type.

  • Social media:

    • if you link your social account, we may collect your user name and information that you choose to share with us, such as your profile picture and contact details.

  • Online assistance:

    • when you use our live support features, a BF team member will see your contact details if you have created an account and will use details such as your first name to address you during conversations.

    • we keep conversation scripts for quality assurance and training purposes.

We prefer to collect your personal information directly from you, but sometimes, we may collect your personal information from a third party including systems you have linked with your account, such as your CRM or social account.

Any BF Account Holder using BF to enter another person’s personal information must have their consent to collect that personal information. Where you provide us with third party personal information, it is your responsibility to ensure that those persons are aware of this Privacy Policy, understand it and agree to accept it.

Using and disclosing your personal information

We may use or disclose your personal information for the purpose for which it was collected.

We may also use and disclose your personal information for a secondary purpose that is related to the purpose for which we collected it. For example:

  • provide and administer our products and services.

  • perform internal operations including to prevent fraud and abuse, troubleshoot software problems and testing.

  • communicate with you about your products, provide our services and verify your identity over the phone.

  • communicate with you after you have used our offerings, including requesting your feedback about your experience with us.

  • communicate with third parties to provide the service requested.

  • provide training to staff members to improve our service offerings.

  • analyse the most used features of our offerings and improve these based on feedback or engage third parties to complete this task.

Do you want to remain anonymous?

You have the option to remain anonymous or use a name other than your own (a “pseudonym”) when dealing with us. For example, if you are making a complaint. We will try to provide you with this option wherever we can.

How we use technology to collect and use personal information


Our websites uses cookies to track user traffic information to give you the best experience of our website and for marketing purposes. Cookies are tiny files sent to your browser and stored by your browser on your computer or other device that you’re using to access our websites.


We use analytics tools including Google Analytics, to generate statistics about our web and app usage.

The information we collect about our users includes:

  • a unique device identifier

  • date, time and location of your interaction

  • the type of browser or mobile you use

  • the services you have viewed or used

How we use cookies and analytics information

Cookies and web-tracking tools on our websites allow our websites to interact more efficiently and with the device you are using.

We use them to understand usage of our websites and apps, so we can improve the content and functioning of our offerings.

We may also use information collected by cookies and analytics tools to display personalized content and advertising (targeted advertising and online behavioral advertising), based on your internet usage, and to send you marketing materials that we think will be of interest to you.

Marketing and your personal information

We use your personal information to identify services and products that may interest you.

We may contact you by email, text message, phone or post to let you know about specials, promotions or new offerings. We may also use internet-based marketing including targeted online advertising.

We may disclose your personal information to other companies in the BF Group, our related entities or corporate partners to allow them (or us) to tell you about an offering.

You can contact us at anytime if you no longer wish to receive marketing materials from us, our related entities or partners. If you receive a marketing email from us, you may click on the “unsubscribe” link at the bottom of the email to opt out. We will provide this feature with any of our marketing communications.

Keeping your personal information safe

We mostly hold personal information electronically in our IT systems and databases. We also hold personal information in telephone recordings and in hard copy paper files.

We may use third party service providers to store some personal information. These may include Australian and internationally based cloud services or the servers of third parties within and outside of Australia.

We take steps to protect the information that we hold about you from misuse, interference and loss, and from unauthorised access, modification or disclosure. We do this by using physical and electronic security systems and by limiting who can access your personal information. We have online and network security systems in place for our websites, so that the information you provide us online is protected and secure.

Because of the nature of the internet, we cannot guarantee the security of your personal information. Please contact us if you are aware of a breach.

If we no longer need information about you, or we are no longer required by law to hold it, we will destroy that information or ensure it is de-identified.

Keeping quality information

We like to ensure that the information we hold about you is accurate, up-to-date, relevant and complete.

We review our customer databases and remove out-of-date, misleading or incorrect data.

You can help us by letting us know if your details change or we send you an email or letter that contains incorrect details.

Your right to access and correct your personal information

You have the right to access the personal information that we hold about you and to ask us to correct it.

If you would like to check that the information we hold about you is correct, find out about what information we hold about you, or make a correction, please contact us at:

Attention: Privacy Officer

When you contact us to access your personal information, we will need to verify your identity first and ask you some further questions so we can respond to your request quickly. We cannot give you information about anyone else.

We will respond to your request within a reasonable time of you making the request and give you access in the manner you requested, unless it is unreasonable or impracticable for us to do so.

Sometimes we may be able to respond to your query by email or over the phone but sometimes we may need your request in writing and we might need time to gather your requested information and respond. Complex requests take between 14 to 30 days. We might send you the information by post or ask you to see us to have a look at the information.

If we are unable to provide you access to the information you have requested we will provide the reason(s) in writing and your options to complain.

Making a request is free. However depending on what information you request, we may need to charge you to access the information. The charges will not be excessive and we will let you know before providing you the information.

There is no charge for correcting your personal information.

Disclosing your personal information overseas

Your personal information is disclosed overseas only because of our use of analytics tools such as Google and our use of overseas hosting facilities. We are required to take measures to ensure that your information will be protected and that there are no breaches of the APP.

Third Party Identity Verification

When you use the Billfolda service to invest, we require you to proceed with an online identity verification. At that time you must:

  • agree to Billfolda making an identity verification request and disclosing your name, residential address, and date of birth (personal information) electronically on your behalf using Equifax Pty Ltd., ABN 26 000 602 862 (Equifax) in accordance with these terms.
  • confirm that you are authorised to provide the personal information presented.

We may ask Equifax to provide an assessment of whether your personal information matches (in whole or part) to personal information held by Equifax. We do this only for the purpose of verifying your identity as required under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006. Equifax may prepare and provide a verification assessment to us. Equifax may use your personal information, and personal information of other individuals to prepare the verification assessment.

You also appoint Billfolda as your agent to contact Commonwealth and State Government agencies and private sector organisations (database owners) electronically on your behalf using Equifax, to verify the personal information you have provided to Westpac, including your mobile number and email address. The relevant database owners will only be used where you provide additional document details for verification, for example details for your Driver's Licence or Medicare card.

For more information on how the database owners handle personal information, please refer to the database owners' privacy policies on their website, or contact them individually to get more information.

Equifax owns and/or manages the following databases:

  • Consumer Credit Report
  • Commercial Credit Report
  • Equifax Public Records
  • National Tenancy database
  • Commonwealth Electoral Roll
  • Insurance Reference Database
  • Equifax Phone Number Directory.

Commonwealth Agencies:


  • Department of Foreign Affairs and Trade - Australian Passport Office
  • Department of Immigration and Border Protection - Visa Entitlement Verification Online.

Various State Government Authorities:

  • ACT Road Transport Authority
  • NSW Roads and Maritime Services
  • QLD Department of Transport and Main Roads
  • VIC VicRoads
  • WA - Department of Transport
  • SA Department of Planning, Transport and Infrastructure
  • NT - Department of Transport
  • TAS - Department of State Growth Transport
  • TAS - Department of State Growth Transport

You declare that to the best of your knowledge the information you have provided is true and correct at the date of your application. You understand that it is an offence to knowingly give false or misleading information or knowingly produce a false or misleading document under the Anti-Money Laundering and Counter Terrorism Financing Act 2006.

Note: The confirmation of your identity using the credit reporting information will not be recorded as an enquiry on your consumer credit report.

In addition you consent to verify your information against the credit bureau. The businesses agrees to our terms, and we show it in our portal as follows:


Do you have complaints or concerns?

If you have a complaint about how we have managed your personal information, dealt with a request by you to access or correct your personal information, or if you think that we have breached the Privacy Act or a registered APP code, you can make a complaint to us by writing to us at:

Attention: Privacy Officer

Once we have received your complaint, we will investigate and respond to you as soon as we can. We try to do this within 10 working days of receiving your complaint. If this is not possible, we will contact you and let you know when we will respond to your complaint.

We have the highest regard for your privacy and will deal with your complaint fairly and quickly, however if you are not satisfied with our response, you may complain to the Australian Information Commissioner at:

Office of the Australian Information Commissioner (OAIC)

GPO Box 5218
Sydney NSW 1042
Phone: 1300 363 992
TTY: 1800 620 241

Our Privacy Policy

Our Privacy Policy is available on our website.

We may update our Privacy Policy from time to time. Our Privacy policy was last updated September 2017. By continuing to use our websites, mobile device apps or otherwise continuing to deal with us, you accept this Privacy Policy as it applies from time to time.