MIR MUCHBETTER AUSTRALIA PTY LIMITED – PRIVACY POLICY (AU)
Table of Contents - Quick Links
Effective Date: 01 JANUARY 2025
1. Who we are
1.1 MIR MUCHBETTER AUSTRALIA Pty Limited ACN 658 003 804 (MIR AU, MuchBetter, we, our, us) is an app based digital wallet (the App) allowing customers and merchants to process and manage e-payments in a secure, fair and economical way.
1.2 MIR AU is a subsidiary of RTEKK Holding Limited – both a ‘Controller’ and ‘Processor’ of personal information collected in the provision of the MuchBetter Service. RTEKK Holding Limited and another of its subsidiaries, MIR Limited UK Ltd, is registered with the United Kingdom Information Commissioner any fully commits to the requirements of the European Union General Data Protection Regulation (GDPR).
1.3 MIR AU is also licenced to carry on a financial services business in Australia to provide general financial product advice for deposit and payment products limited to non-cash payment products, and to deal in a financial product by issuing, applying for, acquiring, varying or disposing of a financial product in respect, and on behalf, of non-cash payment products. MIR AU is so authorised and regulated by the Australian Securities and Investments Commission (ASIC) in Australia under AFSL 540851 with its registered office at Level 19 180 Lonsdale Street Melbourne VIC 3000.
2. Introduction
2.1 This Privacy Policy applies to any MuchBetter Service, website or online application that refers to or links to this Privacy Policy and any other personal information that you provide to us or we otherwise collect (collectively, the MuchBetter Services or our/the Services). The Privacy Policy applies regardless of whether you may use a computer, mobile phone, or device, tablet, wearables or other devices or other related technologies and services (collectively and severally, the Devices) to access our Services.
2.2 This Privacy Policy describes the types of Personal Information we collect, the purposes for which we collect that Personal Information, the other parties with whom we may share it, the measures we take to protect the security of the data and how long we retain that data. It also tells you about your rights and choices with respect to your Personal Information, and how you can contact us about our privacy practices.
2.3 Our privacy practices may vary among the countries in which we operate to reflect local practices and legal requirements. Specific privacy notices may apply to some of our products and services. Please visit the webpage of the specific product or service to learn more about our privacy and information practices in relation to that product or service.
2.4 The Privacy Act 1988 (Cth) (the Privacy Act) applies to MIR AU’s collection, use and disclosure of your personal information as well as other applicable laws protecting privacy. Where appropriate, MIR AU will handle personal information relying on the employee records exemption and the related bodies corporate exemption in the Privacy Act. While this Privacy Policy applies to all our Services, additional consents may be obtained for specific services or certain uses or disclosures of your personal information.
2.5 If you receive a product or service from one of our affiliates or your information is otherwise collected by one of our affiliates, that affiliate may have a separate privacy policy. You should refer to that privacy policy for further details about how the affiliate may collect, process, use, disclose and store your information.
2.6 This Privacy Policy should be read in conjunction with, and is subject to:
(a) any other privacy or collection statement that MIR AU may provide to you when it collects your personal information or provides a particular Service; and
(b) any terms and conditions of use which govern your access to and use of each of our Services.
2.7 Please note that the Privacy Policy applies regardless of whether you use a computer, mobile phone or mobile device, tablet, wearables or other device to access the MuchBetter Services or provide information to us. It is important that you read the Privacy Policy carefully because anytime you use the MuchBetter Services, you consent to the practices we describe in the Privacy Policy. If you do not agree to the practices described in the Privacy Policy, you should not use the MuchBetter Services.
2.8 It also is important that you regularly check for updates to the Privacy Policy. If we update the Privacy Policy and you use our Services after the update, the new practice(s) identified in the update will apply to your use of the Services, although in certain cases we also may let you know about changes we consider to be material by placing a notice on relevant Services. The most current version of the Privacy Policy will always be available here
2.9 To the extent that MIR AU is categorised as a ‘Processor’ and/or ‘Controller’ of Personal Information for the purposes of the GDPR, the terms of the Privacy Policy EEA available at https://muchbetter.com/legal/privacy-policy/privacy-policy-eea are incorporated into this Privacy Policy as if they were restated in full to the extent that those terms are relevant.
2.10 You can check the ‘effective date’ posted at the top to see when the Privacy Policy was last updated.
3. User Terms
3.1 We know how important privacy is to our customers, and we strive to be clear about how we collect, process, use, disclose, transfer and store your personal information. We recognise that a core to data privacy is your right to be informed about how we collect and use your data; therefore, we encourage you to read this Privacy Policy carefully.
3.2 The Privacy Policy is a part of our User Terms and is incorporated therein by references.
3.3 By using our Services, you agree to the terms of this Privacy Policy as may be amended by us from time to time.
4. Personal Information We May Collect
4.1 Information you give us:
(a) we receive and store any Personal Information (as defined in the Privacy Act) (including financial information) you provide to us including when you (or your business) enquire for or make an application for the Services; register to use and/or use any Services; upload and/or store information with us using the Services; and when you communicate with us through email, SMS, a website or portal, or the telephone or other electronic means, e.g. in the context of contacting us about your account or transactions. Such information may reference or relate to you or your customers and includes:
(1) name including first name and family name;
(2) date of birth & age;
(3) email address, billing address, home address;
(4) username;
(5) password and/or photograph;
(6) occupation;
(7) nationality and country of residence;
(8) a copy of your identification, such as your driver’s license or passport or other government identification or registration data (Government Related Identifiers). You can find more information in the section ‘Government Related Identifiers’;
(9) card number, card expiry date, CVC/CVV details (card security code), account numbers, account balances and the length of time you have maintained those accounts, bank and/or issuer details;
(10) biometric data – one of our third-party providers uses facial recognition software– we use this data to verify your identity; and
(11) any other information that you provide in the context of using the Services.
4.2 In addition to the above information, we also collect information regarding your use of the MuchBetter Services. This information includes:
(a) information about how frequently you transact with us, your transactions and average transaction volume, account balances, the people, and merchants to whom you send money and from whom you receive money;
(b) Technical information such as whether a Magnetic Secure Transmission (MST) or Near-Field Communication (NFC) based-transaction was used; and
(c) whether a transaction successfully went through.
(d) what you purchased, how much money you spent and where you made your purchase
4.3 We will only collect sensitive information from you with your consent or when we have another applicable lawful basis to do so. Sensitive information is personal information that primarily and relevantly includes information relating to your racial or ethnic origin, criminal history, sexual orientation, membership of any trade or professional associations.
5. How We May Use Your Personal Information
5.1 We may use and share the personal information we collect for the following purposes:
(a) to provide our Services to you, including fulfilling our obligations to you in connection with the Services we provide to you. In this context we record and track details of transactions you carry out in relation to the Services; notify you about important changes or developments to our website or our goods and services;
(b) to improve and develop our business, including without limitation to optimise our websites/portals, products, and services;
(c) to manage and enforce our rights, terms of use or any other contracts with you, including to manage any circumstances where transactions are disputed; manage, investigate, and resolve complaints;
(d) to prevent and/or detect fraud, financial crime, manage risk and to better protect ourselves, our customers, and the integrity of the financial system. This may include software and services we use to verify your identity/age by determining whether a selfie you take matches the photo in your ID;
(e) to prevent, detect and prosecute fraud and other crimes and abuses of the financial system, or to assist others in doing so, including non-compliance with any terms of business and which may involve the sharing of any relevant or necessary information we have collected or inferred with third parties for such purposes;
(f) to contact you about your account, to alert you to potential problems, and to respond to your questions to us;
(g) to send marketing messages, to provide you with the information on products and services you have requested, or we think may be of interest to you. In respect of our use of Direct Marketing, market research and similar activities, we may use your Personal Information for such purposes whether or not you are accepted as a customer or continue to receive Services. If you no longer wish to receive marketing or promotional information, you can always withdraw your consent.. You can find more information in the section ‘Direct Marketing’;;
(h) to obtain your views on our goods, services and our website/s;
(i) to comply with all local laws and regulations (e.g. the provision of a tax file number under the Income Tax Assessment Act, the ‘know your client’ requirements under the Anti-Money Laundering and Counter-Terrorism Act 2006 (Cth) (AML/CTF Act));
(j) to comply with requests from law enforcement and regulatory authorities, to establish, exercise or defend legal claims, or to protect your vital interests or those of other persons; for example, to help those authorities or other organisations in the fight against crime and terrorism; and
(k) to comply with our terms of business.
5.2 If, at any time, we are in receipt of unsolicited personal information, and we have assessed that we could have collected that personal information and that personal information is not contained in a Commonwealth record, we may use that information in accordance with APPs 5 to 13.
6. Legal Basis for Handling Your Personal Information
6.1 We will only process your personal information in compliance with the law. Such laws vary across different territories and further specific information is available on request. In general, we will either process:
(a) based on your consent, for example to send you marketing messages about products and services in accordance with your interests and preferences, where such consent is required by law;
(b) where necessary for the performance of, or entry into, any contract we have with you, for example, if we are required to verify your identity and you do not supply us with the relevant information, we may be unable to open an account for you;
(c) where we have a legitimate interest to process data, subject to such processing not overriding your own rights and freedoms in objecting to such processing. For example, to keep you informed about your use of the Services, improve, and develop the Services, conduct online advertising or other marketing activities, as well as manage and enforce any claim;
(d) where we have a legal obligation to collect, use and/or disclose your personal information or otherwise needs your personal information to protect your vital interests or those of another person. For example, when necessary to comply with the rules imposed by our or other applicable regulators (e.g. the provision of a tax file number under the Income Tax Assessment Act, the ‘know your client’ requirements under the AML/CTF Actor
(e) exceptionally, we may share your information with a third party, when necessary, in the public interest, for example, when law enforcement agencies or other third parties with whom you may have had dealings request information to investigate a crime or otherwise a breach of third-party terms of business.
6.2 If you have questions about or need further information concerning the legal basis on which we collect and use your personal information for any specific processing activity, please contact us via the Contact Us section below.
7. How We Share Your Information
7.1 We do not disclose information which could identify you personally, to anyone except as described in this notice, as permitted, or required by law, and/or for the purposes described in this notice, including:
(a) within the Group to which MIR AU belongs to help us provide our services and for our own internal customer relationship management, analytical and reporting purposes;
(b) to recipients/senders of a payment in the context of the specific relevant transaction;
(c) fraud prevention agencies as described above, including Federal and State or Territory law enforcement authorities, ASIC, Crime Stoppers and other organisations who assist us in managing fraud and business risk;
(d) where we provide services through third parties where we may be required to disclose your information (including any ‘know your customer’ and ‘source of wealth’ information) with such organisations to assist their own regulatory obligations or risk assessments;
(e) Third Party Service Providers, including suppliers who assist us with the provision of Services, including processing orders, fulfilling orders, processing payments, managing credit, security, sector and fraud risk, identity verification, and marketing, market research and survey activities carried out on our behalf. Occasionally, we may utilise the services of third-party providers to assist with the provision of services that might require the use of your personal information. When we use these providers, we may process, store, and transfer your personal information in and to a foreign country, with different privacy laws;
(f) to third parties who do not act under our instructions as a service provider (but will be subject to their own legal obligations to keep data secure), to facilitate provision of the Services. For example, crypto currencies and other financial instruments or transactions;
(g) to prevent and/or detect fraud, financial crime, manage risk and to better protect ourselves and our customers, it may be necessary to process and disclose sensitive personal information to third parties who help us in managing such risks, including identity verification;
(h) where We are required or permitted to do so by law, We may be required to pass information about you to regulatory authorities and law enforcement bodies worldwide, or we may otherwise determine that it is appropriate or necessary to do so; and
(i) with your permission, your information may also be used for other purposes for which you give your specific permission.
7.2 Except as necessary for the performance of our services and as described above/attached, we do not sell, rent, share or otherwise disclose personal information about its customers to third parties for their own third-party marketing use without meeting any necessary legal obligations (e.g., consent, opt-out, or as otherwise permitted by law).
8. Offshore Disclosure of Personal Information
8.1 When you use the MuchBetter Services, your Personal Information may be disclosed or transferred to overseas recipients and collected, disclosed, stored or processed overseas. The overseas recipients of your personal information may, depending on the particular service that you have requested, be located outside Australia including in the United Kingdom, Canada, European Member States and Iceland, Liechtenstein and Norway. Please note that the data protection and other laws of countries to which your information may be disclosed might not be as comprehensive as those in Australia.
8.2 We take reasonable steps to ensure the overseas recipient does not breach the APPs with respect to your Personal Information. This specifically includes entering into contractual arrangements with an overseas recipient of your Personal Information which requires such recipient o only us or disclose your Personal Information in accordance with the Privacy Polic, the APPs and (where relevant) any higher standard specified under applicable data protection laws.
9. How Long We Retain Your Personal Information
9.1 We will retain your personal information for as long as needed or permitted dependant on the context and purpose for which it was collected, the type of information and in compliance with applicable local laws or regulations.
9.2 This means that when using our Services, we will retain your personal information as necessary for the provision of the services and for any linked legitimate business purpose. This includes the use and retention of your personal information when you commence an application for our services, irrespective of whether you complete such application or are accepted as a customer.
9.3 For example, account data is generally retained for at least 5 years after the closure of the account, to align with statute of limitation periods in the event of complaints or legal disputes. We may also be legally required to retain information, for example under anti money laundering or bankruptcy laws or where required by law enforcement or similar government agencies.
9.4 We will retain personal information as evidence of our dealings with you regardless of whether there were any financial transactions, for audit and compliance practices, to manage any queries or disputes, including to defend or initiate any legal claims. We can also continue marketing and sending you direct marketing, subject to local laws and where you have not objected to such marketing.
9.5 We may also use data minimisation techniques to better protect your information, known as pseudonymisation. Once your information is no longer needed, we may anonymise or aggregate it with other information to make it unidentifiable, as an alternative to deletion.
9.6 FOR FURTHER INFORMATION ON OUR DATA RETENTION PERIODS PLEASE CONTACT: DPO@rtekk.com
10. Direct Marketing
10.1 We may use your personal information from time to time for the purposes of direct marketing. We may also use your sensitive information for the purposes of direct marketing where you provide us with explicit consent for us to do so, in compliance with both APP 7 and our obligations under the Spam Act 2003 (Cth). We provide you with the opportunity to request not to receive direct marketing communications. Our internal systems and processes are compliant with the Do Not Call Register Act 2006 (Cth) and the Spam Act 2003 (Cth).
11. Government Related Identifiers
11.1 We will only use a Government Related Identifier where the use or disclosure of the Government Related Identifier:
(a) is required or authorised by or under an Australian law or a court/tribunal order;
(b) is reasonably necessary to verify the identity of an individual;
(c) is reasonably necessary to fulfill our obligations to an agency or a State or Territory authority;
(d) we reasonably believe the use or disclosure is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety;
(e) it is unreasonable or impracticable to obtain your consent;
(f) we have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to the MuchBetter Services has been, is being or may be engaged in and the use or disclosure is necessary in order for us to take appropriate action in relation to the matter; or
(g) we reasonably believe that the use or disclosure of the identifier is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.
12. Your Rights and Choices
12.1 You have rights under the Privacy Act to access your personal information that we hold about you.
12.2 You can request access to the personal information that MIR AU holds about you by sending a copy of the completed Privacy Access Request Form to the MIR AU Privacy Officer at:
Email: DPO@rtekk.com or
Post: Privacy Officer, c/o MIR MUCHBETTER AUSTRALIA Pty Limited, Level 19 180 Lonsdale Street Melbourne VIC 3000 .
12.3 Only personal information relating to you will be provided. If another person’s personal information is involved, each of you will need to complete and sign an access request form.
12.4 In some circumstances a fee, to cover our costs of accessing your data will apply. We’ll tell you in advance if there is going to be any cost for getting the information and send you a quote so that you can decide if you want to go ahead. Once you have made payment, we’ll send you a confirmation email and commence the retrieval process.
12.5 We’ll respond to your request for access to your personal information within a reasonable period, which is usually within thirty (30) days.
13. How We Protect Your Personal Information
13.1 We have implemented technical, physical, and organisational/administrative measures designed to secure your personal information from accidental loss and from unauthorised access, use, alteration, and disclosure.
13.2 The safety and security of your information is also dependent upon you. If we have given you (or if you have chosen) a password or access code for access to certain parts of our website/portal or mobile applications and similar, you are responsible for keeping this password and/or access code confidential. You must not share your password and/or access code with anyone. You must ensure that there is no unauthorised use of your password.
13.3 The transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our site, unless you are communicating with us through a secure channel that we have provided. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
14. Children’s Privacy
14.1 The Services are not designated to users under the age of 18. If you are under 18, you should not download or use the Services nor provide any Personal Information to us.
14.2 We reserve the right to access and verify any Personal Information collected from you.
14.3 In the event we become aware that a user under the age of 18 has shared any information, we will discard such information.
14.4 If you have any reason to believe that a minor has shared any information with us, please contact us at support@muchbetter.com.
15. How to Complain
15.1 Should you wish to make a complaint about the management of your personal information, please email us at complaints@muchbetter.com. We will make a record of your complaint and take steps to correct any deviation from Australian Privacy Principles.
15.2 We will acknowledge your complaint within seven days. We will provide you with a decision on your complaint within 30 days.
15.3 If you are dissatisfied with the response of our complaints officer, you may make a complaint to the Privacy Commissioner which can be contacted on either www.oaic.gov.au or 1300 363 992.
16. Updates or Amendments to this Policy
16.1 We may revise this Privacy Policy from time to time, at our sole discretion, and the most current version will be posted on our website (as reflected in the ‘Effective Date’ heading). We encourage you to review this Privacy Policy regularly for any changes. In case of material changes we will notify you through our Services or by email.
16.2 Your continued use of the Services, following the notification of such amendments on our website, constitutes your acknowledgement and consent of such amendments to the Privacy Policy and your agreement to be bound by the terms of such amendments.
17. How to contact us
17.1 If you have any general questions about the Services or the information that we collect about you and how we use it, please contact us by visiting Help.