FrankieOne Privacy Policy

Updated 15th March 2021

We're committed to protecting your privacy and safeguarding your personal information. Please take time to read through this privacy policy to ensure you're aware of how we will use your personal information.

We've worked hard to create a privacy policy that's easy to read and clear. But if you think we've missed an important perspective, used language we could improve or if you have any questions, please get in touch by contacting us at privacy@frankieone.com or by writing to our registered office.

Who are we?

We are Frankie Financial Pty Ltd (trading name “FrankieOne”), an Australian company with company number ACN 623 506 892 and with a registered office at 121 King Street, Melbourne, 3000 VIC Australia, and our affiliates, including, but not limited to FrankieOne US, Inc.,a Delaware (USA) corporation.

What Personal Information do we collect?

This policy applies whenever you visit our website www.frankieone.com, contact us or otherwise engage with us.

If we collect data about you as part of providing identity checks our customers ask us to, we do this in our capacity as a data processor for our customer. This means you should speak to our customer (such as your bank or your prospective employer) if you have any questions about how your data is used by them.  

We act as a data controller in several circumstances including, but not limited to, those set out below, to comply with laws covering anti-money laundering, financial reporting, and responding to and protecting against legal claims.

How do we use your personal information?

- My bank or other company uses your services to verify my identity – what data do you hold about me?

Our customer sends us data which we use to verify your identity on their behalf. Usually this includes your name, address and ID documents. We're a data processor over this data, which means we can only hold it in accordance with our customer's instructions, and it is our customers’ duty to provide us with a legal basis for processing this data. This also means that if you have any questions about how your data is used in this way, you should first contact the organisation which asked you to provide your data. We also retain a copy of your data that was sent to us to ensure we can respond to legal claims, and comply with our legal obligations in connection with anti-money laundering.

- For internal purposes.

We may use your personal to respond to your inquiries, to fulfill your requests for information, conduct experiments, send you push notifications, track usage trends, develop and improve our service and other offerings, perform research and analytics, and to evaluate our security measures.

- When you contact us either by phone, email or on social media.

We will usually collect your name, phone number, email address and (if on social media)your handle, because it’s in our legitimate interests to make sure we can properly respond to your query.

- When you, as a customer, create an account with us.

We will collect your name, address, email address, telephone number, company name and address (if applicable) and your payment details. We collect this in order to take steps to enter into a contract with you to provide our services and to fulfil our legal obligations, such as those relating to taxation, anti-money laundering and counter-terrorism financing, or as otherwise authorised by you.

- When you sign up to receive our news updates.

When we send you our news updates about our services and offers because you have opted in to receive them, we rely on your consent to contact you. You can unsubscribe at any time by contacting us using the details above or clicking on the unsubscribe link provided in any email you receive from us.

- To tell you about our services that you may be interested in.

If you are an existing customer, we will collect your name and email address to provide you with our news updates and information about other services we offer that are similar to those you have already purchased or enquired about. We also identify prospective new business customers and contact them by email for marketing purposes. In each case, we do this because of our legitimate interests to promote our business to those we think will be interested in hearing from us. You can unsubscribe from our updates at any time by contacting us using the details above or clicking on the unsubscribe link provided in any email you receive from us.

- If our business is sold or control of it changes hands

We process your personal information in the event of a merger, acquisition, sale of all (or substantially all) of our assets, reorganization or other change of control because we have a legitimate interest to ensure our business can be continued by the buyer, or surviving entity, as applicable. If you object to our use of your personal information in this way, the buyer of our business may not be able to provide services to you.

Non-Identifying, Anonymised, and Aggregate Data.

- Non-Identifying Data.

We may collect information about you that is non-personally identifying, anonymous, or aggregated in nature, including, but not limited to, commercial transaction history, device information, other websites accessed, and your internet protocol (IP) address on an anonymous or aggregate basis.  We may also be able to approximate your location through your IP Address.  This Policy does not apply to Non-Identifying Data unless and until it is paired with personal information, in which case we will treat it as personal information too.

Who do we share your data with?

- Credit reference agencies, public bodies and other organisations.

For the performance of the contract we enter into with our customers, for instance to match the verification data you provide with the records held by these organisations.

- Business partners, suppliers and subcontractors.

For the performance of the contract we enter into with our customers, for instance to support us with the verification checks.

- Regulators/ Authorities/ Enforcement Agencies.

If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of purchase, website terms and other agreements; or to protect the rights, property, or safety of our staff, customers or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection.

- Third parties as part ofa sale or change of control of our business.

Under our legitimate interest to ensure our business can be continued by the buyer, or surviving entity, as applicable.

Where is your data stored?

All personal information that we hold will be stored securely on our servers in Australia.

We may transfer your personal information to a recipient outside of Australia when we are asked to match your personal data against data held by an organisation.

Whenever we transfer your personal information from your country of residency to Australia or from Australia to an oversees recipient, we ensure it receives additional protection as required bylaw. To keep this Privacy Policy as short and easy to understand as possible, we haven’t set out the specific circumstances when each of these protection measures are used. You can contact us using the details above for more information on this.

How long do we keep your data for?

We will keep your personal information until the latest to occur of: it no longer being needed for purposes for which it was collected; the expiration of our obligations under the contract with our customer that provides you with services (which may be guided by their recordkeeping requirements or policies); and the fulfillment of all our obligations under applicable law. For example, in Australia there are requirements under the AML/CTF Act to keep customer identification records for seven years after they have stopped providing any designated services to the customer.

Once the triggering event above has been satisfied, your personal information will either be securely deleted or amended to a form which is non-identifiable, unless we are required to retain a copy under applicable law. We carefully anonymise your personal information and how you use our services to improve our business and create analytical data.

Complaints about Privacy

You have various rights under applicable data protection laws, including the right to:

- access your personal data (also known as a “subject access request”);
- correct incomplete or inaccurate data we hold about you;
- ask us to erase the personal data we hold about you;
- ask us to restrict our handling of your personal data;
- ask us to transfer your personal data to a third party;
- object to how we are using your personal data;
- to be free from automatic decision making and profiling; and
- withdraw your consent to us handling your personal data.

You also have the right to lodge a complaint with us or your local supervisory authority for data protection. If you are based in the EU, you can find your relevant supervisory authority here.

To exercise your rights under this Privacy Policy, or applicable law, or if you have a dispute regarding an individual’s Personal Information, you may do so through your account, or by contacting us at privacy@frankieone.com and letting us know what right you wish to exercise. We aim to respond to your dispute within a maximum 30 day period to resolve your matter in a reasonable timeframe and manner.
Please note we may request certain information from you upon receipt of your request in order to confirm your identity. If you are still not satisfied with the outcome upon conclusion of our investigation, you may escalate the matter to OAIC using the details below:
    Office of the Australian Information Commissioner
    GPO Box 5218 SYDNEY NSW 2001
    Website: www.oaic.gov.au

Additional Considerations

We may, from time to time, identify certain third party websites to which we may provide links, and that you may click on our website or through our services. Please check the privacy policies of these other websites and services to learn how they collect, use, store and share information that you may submit to them or that they collect.  This Privacy Policy does not apply to the privacy practices of any third party.

At present, FrankieOne website does not specifically respond to browser do-not-track signals.

California law allows California residents to request information regarding our disclosures in the prior calendar year, if any, of their personally identifiable information to third parties. To make such a request, please contact us at privacy@frankieone.com with "Request for Privacy Information" in the subject line. Please include enough detail for us to locate your file; at a minimum, your name, email, and username, if any. We will attempt to provide you with the requested information within thirty(30) days of receipt. We reserve our right not to respond to requests sent more than once in a calendar year, or requests submitted to an address other than the one posted in this notice. Please note that this law does not cover all information sharing. Our disclosure will only include information covered by the law.

We do not knowingly collect any information from any minors, and we comply with all applicable privacy laws including the EU’s General Data Protection Regulation, USA Children's Online Privacy Protection Act (“COPPA”) and associated Federal Trade Commission (“FTC”) rules for collecting personal information from minors. Please see the FTC's website (www.ftc.gov) for more information. If you have concerns about our website or services, wish to find out if your child has accessed either, or wish to remove your child's personal information from our servers, please contact us at privacy@frankieone.com. We will not knowingly accept personal information from anyone under 13years without the consent of a parent or guardian and otherwise in compliance with applicable laws. In the event that we discover that a child under the age of 13 has provided personal information to us, we will make efforts to delete the child’s information in accordance with applicable law. If you believe that your child under 13 has gained access to our website or services without your permission, please contact us at privacy@frankieone.com

Cookies Policy

When you visit our Website we may, with your consent, use cookies to distinguish you from other users.

A cookie is a small data file which is placed on your browser or the hard drive of your computer (with your consent) to identify you when you come back to our Website and to store details about your use of the Website.

We use the following cookies:

Cookie: Google Analytics

Purpose: This cookie allows us to measure how users interact with the Website and to remember pages the user has visited and previous interactions with the Website.

Duration: The retention period will be between 1 minute and 2 years depending on the type of cookie used.

More Information: Google Analytics

For more information on how Google uses data when you use our Site or Service, please follow this link: https://policies.google.com/technologies/partner-sites. You may be able to opt-out of some or all of Google Analytics features by downloading the Google Analytics opt-out browser add-on, available at, https://tools.google.com/dlpage/gaoptout. For more information about interest-based ads, or to opt out of having your web browsing information used for behavioral advertising purposes, please visit http://optout.aboutads.info.

You will see a banner on our website before we store a cookie on your device which describes the types of cookies we use and the information they collect where you can consent to or reject the use of cookies.

Last Updated 15 December 2021