Updated 15th March 2021
Who are we?
We are Frankie Financial Pty Ltd (trading name “FrankieOne”), an Australian company with company number ACN 623 506 892 and with a registered office at 121 King Street, Melbourne, 3000 VIC Australia, and our affiliates, including, but not limited to FrankieOne US, Inc.,a Delaware (USA) corporation.
What Personal Information do we collect?
This policy applies whenever you visit our website www.frankieone.com, contact us or otherwise engage with us.
If we collect data about you as part of providing identity checks our customers ask us to, we do this in our capacity as a data processor for our customer. This means you should speak to our customer (such as your bank or your prospective employer) if you have any questions about how your data is used by them.
We act as a data controller in several circumstances including, but not limited to, those set out below, to comply with laws covering anti-money laundering, financial reporting, and responding to and protecting against legal claims.
How do we use your personal information?
- My bank or other company uses your services to verify my identity – what data do you hold about me?
Our customer sends us data which we use to verify your identity on their behalf. Usually this includes your name, address and ID documents. We're a data processor over this data, which means we can only hold it in accordance with our customer's instructions, and it is our customers’ duty to provide us with a legal basis for processing this data. This also means that if you have any questions about how your data is used in this way, you should first contact the organisation which asked you to provide your data. We also retain a copy of your data that was sent to us to ensure we can respond to legal claims, and comply with our legal obligations in connection with anti-money laundering.
- For internal purposes.
We may use your personal to respond to your inquiries, to fulfill your requests for information, conduct experiments, send you push notifications, track usage trends, develop and improve our service and other offerings, perform research and analytics, and to evaluate our security measures.
- When you contact us either by phone, email or on social media.
We will usually collect your name, phone number, email address and (if on social media)your handle, because it’s in our legitimate interests to make sure we can properly respond to your query.
- When you, as a customer, create an account with us.
We will collect your name, address, email address, telephone number, company name and address (if applicable) and your payment details. We collect this in order to take steps to enter into a contract with you to provide our services and to fulfil our legal obligations, such as those relating to taxation, anti-money laundering and counter-terrorism financing, or as otherwise authorised by you.
- When you sign up to receive our news updates.
When we send you our news updates about our services and offers because you have opted in to receive them, we rely on your consent to contact you. You can unsubscribe at any time by contacting us using the details above or clicking on the unsubscribe link provided in any email you receive from us.
- To tell you about our services that you may be interested in.
If you are an existing customer, we will collect your name and email address to provide you with our news updates and information about other services we offer that are similar to those you have already purchased or enquired about. We also identify prospective new business customers and contact them by email for marketing purposes. In each case, we do this because of our legitimate interests to promote our business to those we think will be interested in hearing from us. You can unsubscribe from our updates at any time by contacting us using the details above or clicking on the unsubscribe link provided in any email you receive from us.
- If our business is sold or control of it changes hands
We process your personal information in the event of a merger, acquisition, sale of all (or substantially all) of our assets, reorganization or other change of control because we have a legitimate interest to ensure our business can be continued by the buyer, or surviving entity, as applicable. If you object to our use of your personal information in this way, the buyer of our business may not be able to provide services to you.
Non-Identifying, Anonymised, and Aggregate Data.
- Non-Identifying Data.
We may collect information about you that is non-personally identifying, anonymous, or aggregated in nature, including, but not limited to, commercial transaction history, device information, other websites accessed, and your internet protocol (IP) address on an anonymous or aggregate basis. We may also be able to approximate your location through your IP Address. This Policy does not apply to Non-Identifying Data unless and until it is paired with personal information, in which case we will treat it as personal information too.
Who do we share your data with?
- Credit reference agencies, public bodies and other organisations.
For the performance of the contract we enter into with our customers, for instance to match the verification data you provide with the records held by these organisations.
- Business partners, suppliers and subcontractors.
For the performance of the contract we enter into with our customers, for instance to support us with the verification checks.
- Regulators/ Authorities/ Enforcement Agencies.
If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of purchase, website terms and other agreements; or to protect the rights, property, or safety of our staff, customers or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection.
- Third parties as part ofa sale or change of control of our business.
Under our legitimate interest to ensure our business can be continued by the buyer, or surviving entity, as applicable.
Where is your data stored?
All personal information that we hold will be stored securely on our servers in Australia.
We may transfer your personal information to a recipient outside of Australia when we are asked to match your personal data against data held by an organisation.
How long do we keep your data for?
We will keep your personal information until the latest to occur of: it no longer being needed for purposes for which it was collected; the expiration of our obligations under the contract with our customer that provides you with services (which may be guided by their recordkeeping requirements or policies); and the fulfillment of all our obligations under applicable law. For example, in Australia there are requirements under the AML/CTF Act to keep customer identification records for seven years after they have stopped providing any designated services to the customer.
Once the triggering event above has been satisfied, your personal information will either be securely deleted or amended to a form which is non-identifiable, unless we are required to retain a copy under applicable law. We carefully anonymise your personal information and how you use our services to improve our business and create analytical data.
Complaints about Privacy
You have various rights under applicable data protection laws, including the right to:
- access your personal data (also known as a “subject access request”);
- correct incomplete or inaccurate data we hold about you;
- ask us to erase the personal data we hold about you;
- ask us to restrict our handling of your personal data;
- ask us to transfer your personal data to a third party;
- object to how we are using your personal data;
- to be free from automatic decision making and profiling; and
- withdraw your consent to us handling your personal data.
You also have the right to lodge a complaint with us or your local supervisory authority for data protection. If you are based in the EU, you can find your relevant supervisory authority here.
Please note we may request certain information from you upon receipt of your request in order to confirm your identity. If you are still not satisfied with the outcome upon conclusion of our investigation, you may escalate the matter to OAIC using the details below:
Office of the Australian Information Commissioner
GPO Box 5218 SYDNEY NSW 2001
At present, FrankieOne website does not specifically respond to browser do-not-track signals.
California law allows California residents to request information regarding our disclosures in the prior calendar year, if any, of their personally identifiable information to third parties. To make such a request, please contact us at firstname.lastname@example.org with "Request for Privacy Information" in the subject line. Please include enough detail for us to locate your file; at a minimum, your name, email, and username, if any. We will attempt to provide you with the requested information within thirty(30) days of receipt. We reserve our right not to respond to requests sent more than once in a calendar year, or requests submitted to an address other than the one posted in this notice. Please note that this law does not cover all information sharing. Our disclosure will only include information covered by the law.
We do not knowingly collect any information from any minors, and we comply with all applicable privacy laws including the EU’s General Data Protection Regulation, USA Children's Online Privacy Protection Act (“COPPA”) and associated Federal Trade Commission (“FTC”) rules for collecting personal information from minors. Please see the FTC's website (www.ftc.gov) for more information. If you have concerns about our website or services, wish to find out if your child has accessed either, or wish to remove your child's personal information from our servers, please contact us at email@example.com. We will not knowingly accept personal information from anyone under 13years without the consent of a parent or guardian and otherwise in compliance with applicable laws. In the event that we discover that a child under the age of 13 has provided personal information to us, we will make efforts to delete the child’s information in accordance with applicable law. If you believe that your child under 13 has gained access to our website or services without your permission, please contact us at firstname.lastname@example.org
A cookie is a small data file which is placed on your browser or the hard drive of your computer (with your consent) to identify you when you come back to our Website and to store details about your use of the Website.
We use the following cookies:
Cookie: Google Analytics
Purpose: This cookie allows us to measure how users interact with the Website and to remember pages the user has visited and previous interactions with the Website.
Duration: The retention period will be between 1 minute and 2 years depending on the type of cookie used.
More Information: Google Analytics
For more information on how Google uses data when you use our Site or Service, please follow this link: https://policies.google.com/technologies/partner-sites. You may be able to opt-out of some or all of Google Analytics features by downloading the Google Analytics opt-out browser add-on, available at, https://tools.google.com/dlpage/gaoptout. For more information about interest-based ads, or to opt out of having your web browsing information used for behavioral advertising purposes, please visit http://optout.aboutads.info.
Last Updated 15 December 2021