BronID Verification Portal utilises the BronID electronic identity verification and AML service to provide its clients with effortlesss electronic identity verification and AML scanning services.
Brontech Pty Ltd ACN 613 400 623 ('Brontech', 'BronID', 'we' ,
'us' or 'our') is the owner and operator of the BronID service, an Identity
Verification, Anti-Money Laundering and Counter Terrorism Financing (KYC/AML/CTF)
service designed for entities required to comply with AML Act obligations and
BronID is committed to protecting the privacy of individuals whose information is collected including information contained in our databases, and to assisting in resolving any issues that may arise in relation to this information. This policy describes how BronID handles personal information collected.
BronID is dedicated to being transparent about what personal information we collect and how we use it.
BronID may review and update this policy from time to time to take account of new laws, technology, changes to our operations, and the changing business environment. Updates will be published on the BronID and BronID Verification Portal websites.
This policy provides you with information about:
- how we use personal information;
- what personal information we collect;
- how we ensure privacy is maintained; and
- legal rights relating to personal information.
We collect personal information from:
- Commercial suppliers of identity and background information (BronID - 'Identity Databases')
- Commercial suppliers of AML/CTF watchlists (BronID databases - 'Watchlists');
- Our clients regarding their Data Subjects and customers (BronID databases - 'Data Subjects');
- Our clients permitted to use BronID services (BronID databases - 'Clients'); and
- Other business collections.
The databases maintained by BronID contain personal information about individuals. BronID obtains personal information for its databases from Identity Databases, Watchlists and from Clients regarding their Data Subjects. This information may typically include an individual's names, date of birth, residential address, a client number allocated to the individual and gender. The information received from Identity Databases and Watchlists may also include information about identity verification results returned from those databases, criminal records, personal relationships and other publicly available information. BronID seeks assurances from all its data sources that the information has been collected and is held in accordance with applicable privacy laws. Because of the nature of the BronID Identity Verification Portal service it is not possible to collect this information directly from the individual. The Client has to explicitly confirm that they have collected the proper consent from their Data Subjects.
BronID will not use this personal information for any purpose other than to assist its Clients to meet their obligations under their AML/CTF legislation. BronID maintains strict security over this personal information.
BronID also collects personal information from Clients permitted to use the BronID service when the Client registers with the service and a Client contact logs in for the first time. This information may include the Client contacts' name and contact details. Where there are several users in a Client's organisation those users' names and contact details will also be collected and may be provided by another user in the Client organisation. If this information is not provided you cannot use the BronID service. This information is used only to track users of the BronID service.
If we hold your personal information through Identity Databases, Watchlists or Clients, this is not controlled by us and you should refer to their respective privacy policies.
BronID databases are held and stored by BronID or a cloud services provider.
We will use your personal information:
- To fulfil a contract, or take steps linked to a contract: in particular, in facilitating and processing transactions that take place on our website, such as where you register with the site or purchase name checks.
- Where this is necessary for purposes which are in Our, or third parties, legitimate interests. These interests include:
o operating the website;
o providing you with services described on the website;
o verifying your identity when you sign in to our website;
o responding to support tickets, and helping facilitate the resolution of any disputes;
o returning an identity verification result;
o updating you with operational news and information about our website and services e.g. to notify you about changes to our services, website disruptions or security updates;
o carrying out technical analysis to determine how to improve the website and services we provide;
o monitoring activity on the website, e.g. to identify potential fraudulent activity and to ensure compliance with the user terms that apply to the website;
o managing our relationship with you, e.g. by responding to your comments or queries submitted to us on the website or asking for your feedback;
o managing our legal and operational affairs (including, managing risks relating to content and fraud matters);
o training BronID staff about how to best serve our user community;
o improving our products and services; and
o providing general administrative and performance functions and activities.
- Where you give us consent to provide you with marketing information about products and services which we feel may interest you
- For purposes which are required by law
- For the purpose of responding to requests by government, a court of law, or law enforcement authorities conducting an investigation.
BronID will share personal information collected for our databases with its Clients and users of the BronID service or as required by law, and only for the above (or related) purposes. BronID may also disclose the information to its related entities for purposes associated with running the BronID service or other usual business activities.
Personal information from Identity Databases and Watchlists held in our databases may be disclosed to overseas recipients as part of the BronID service. The recipients could be located in any country and it is not practicable to specify those countries in this policy.
Personal information collected from Clients who use the BronID service is retained only for the duration of the Client's subscription and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we will make sure it is deleted or anonymised.
If you are a registered user of the BronID service, you have various rights in relation to your personal information and we respect those rights. With regards to marketing emails, you can request us not to send you these at any time - just follow the 'update your preferences' or 'unsubscribe' from this list' options at the end of the email. You may still receive important account and service related information email notifications. We will use your personal information:
- request a copy of personal information we hold about you;
- update the personal information we hold about you, or correct such personal information that you think is incorrect or incomplete;
- object to our processing of your personal information; and
- be forgotten - delete your personal information subject to our legal rights and obligations to retain the same.
We may collect personal information for our other business
activities such as interactions with suppliers, responding to general business
enquiries, recruitment activities or resolving complaints. This information is
generally only contact information (name, address, email and telephone numbers)
collected directly from you or someone you have permitted to provide the information
to us. If the information is provided for recruitment purposes, we might
collect more detailed information about you that is relevant for assessing your
suitability for a position with us such as any personal information contained
in your resume including your employment history. If you provide referee
details you must have the referee's consent to do so. Referee details will only
be used for reference checking.
If you do not provide the information required, we may not be able to respond or interact with you or, in the case of recruitment, to consider your application.
Also, if you use our website we will record your contact details, which may include your name, email address, address and phone number if you send them to us in an email or complete an online contact or demo request form. We will use your personal information to deal with your specific enquiry. If you do not provide this information we may not be able to respond to your enquiry.
We will only use the information provided for the purposes
for which it was collected unless you have consented to us using, or would
reasonably expect us to use, the information for a different purpose or as
permitted by law.
Your contact details, including email address, may be added to our mailing list and your consent requested for us to use it for direct marketing purposes.
Personal information collected for these other business activities will only be disclosed to our related entities and our and their personnel, our contractors, suppliers, service providers, business partners, recruiters, referees, or others as you would reasonably expect for the above (or related) purposes and only otherwise disclosed as required by law.
The length of time we keep your personal data depends on
what it is and whether we have an ongoing business need to retain it (for
example, to provide you with a service you've requested or to comply with applicable
legal, tax or accounting requirements).
We'll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we'll make sure it is deleted or anonymised.
You have various rights in relation to your personal
information and we respect those rights. With regards to marketing emails, you
can request us not to send you these at any time - just follow the 'update your
preferences' or 'unsubscribe' from this list' options at the end of the
You also have rights to:
- request a copy of personal information we hold about you;
- request us to update the personal information we hold about you, or correct such personal information that you think is incorrect or incomplete;
- request us to delete the personal information we hold about you without undue delay, subject to our legal rights and obligations to retain the same; and
- object to our processing of your personal information.
If you communicate with us through a social networking service such as Twitter or Linked In, the social network provider and its partners may collect and hold your personal information overseas. This is not controlled by us and you should review their privacy policies.
- your server address
- your top-level domain (for example .com, .gov, .net etc.)
- the pages you accessed and the documents downloaded
- the previous site you have visited
- the type of web browser you are using.
- This information is however anonymous.
BronID will track the pages you visit via Google Analytics and MixPanel. This information is disclosed to Google Analytics and MixPanel when you visit our site and may be stored overseas in multiple countries.
We take reasonable steps to protect all information which we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure. However, as the transmission of data over the internet is not totally secure, we cannot guarantee the security of your data during transmission. All personal information held electronically is kept on secure servers and protected by firewall security systems. As noted above we may use a third party cloud service provider to store our information. We may also hold some personal information in hard copy. This may include client files, invoices and business cards. This information is subject to restricted access.
If you wish to access the personal information we hold about you or you think that your personal information is inaccurate and needs correction, please contact us at the address below. We will take reasonable steps to keep your personal information accurate, complete and up-to-date. If you have a complaint concerning your privacy please contact us in writing using the details below. Any complaint will be investigated by our Privacy Officer and responded to in a reasonable time.
You can obtain further general information about your privacy rights and Commonwealth privacy law or submit a complaint by contacting the Office of the Australian Information Commissioner by:
visiting their web site at www.oaic.gov.au
filling in a complaint form
The Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001