About this policy

In this Privacy Policy, terms such as “we”, “us” and “OrbitRemit” refer to OrbitRemit Limited.

OrbitRemit registered offices are located at:

• Level 4, 86 Victoria Street, Wellington, 6011 , New Zealand (Company Number 2174112)
• 146 New London Road, Chelmsford, Essex, CM2 0AW (Company Number 06731488)
• 388 George St, Sydney, NSW 2000, Australia (Company Number 69601986038)

The term “Service” refers to money transfers enabled from our website or mobile app.

In the language of data protection regulation, OrbitRemit is the “data controller” of your personal data and you, our customer, are the “data subject”. This means that OrbitRemit determines the purposes and means of processing your personal data, while respecting rights concerning your privacy.

OrbitRemit respects your rights to privacy and is bound by the Privacy Act 2020 of New Zealand, the Privacy Act 1988 of Australia and the Data Protection Act 2018 of the United Kingdom. For more information on the act, please visit:

• New Zealand: http://www.legislation.govt.nz/act/public/1993/0028/latest/DLM296639.html
• Australia: http://www.comlaw.gov.au/Series/C2004A03712
• United Kingdom: https://www.legislation.gov.uk/ukpga/2018/12/contents/enacted

OrbitRemit is fully committed to protecting our customers' privacy and security. Please review the following document to ensure you fully understand what information we collect about you and with whom we share it. You should read this document in its entirety. It should also be noted we may amend the content of this document at any time by posting a revised version on our website. More information regarding this can be found under section 17, “How to contact us”.

OrbitRemit provides the following information to explain what personal information we collect about you, with whom we share it, and how you can direct us not to share certain information with certain parties. "Personal Information" refers to the meaning given to it under the relevant acts in your region. You should read this document in its entirety.

OrbitRemit collects information by lawful and fair means only.

What kind of personal information do we collect?

• Profile information, such as your name, date of birth, address, email address, phone number.
• Information to verify your address and identity, such as your passport number, driver's licence number, photo ID, biometric information (including selfies/photos that you provide as part of identity verification), bank statement, utility bill.
• Information about your recipient, such as their full name, address, date of birth email address, contact number, place of birth, nationality/citizenship, bank account name, bank account number.
• Financial information, such as your bank account name, bank account number, bank account balances, bank transaction history, pay slips, invoices and other financial information to support your source of funds/ source of wealth.
• Website and application analytics, such as your IP Address, browser type, mobile device identifiers, your activities on our website and applications (e.g., how you interact with our calculator or help centre).

We may collect additional information not mentioned in the lists above in some circumstances. If we do, this will be for legitimate purposes and will be managed in compliance with this privacy policy.

How do we collect this information?

OrbitRemit collects personal information in various ways, including but not limited to:

• Information you provide us directly (e.g., via our website, applications, email, phone calls and chat).
• Information that is created as you use our service (e.g., your transaction profile and information about how you interact with our website and applications)
• Information that we receive when you transfer funds to us (e.g., Your bank account name and number).
• Information that you provide via our third-party software integrations (e.g., biometric information to verify your address and identity).
• Information that we lawfully obtain from third parties such as verification service providers and credit reference agencies.
• We also collect information that we indirectly obtain from you, such as information about the hardware and software you use when accessing the OrbitRemit service, your IP address, the pages you access on our website, and other websites that you visit prior to accessing OrbitRemit (e.g. referring domain).

Why do we collect this information?

• For Service provision purposes:

  We need to collect personal data in order to process your transactions and provide service support. You are not required to provide us with your information, however, if you don't, or we can't otherwise collect your information, it may affect our ability to provide our Service to you.

• For legal, taxation or regulatory purposes:

  As a regulated financial services business, we are required to conduct Know Your Customer (KYC) and Customer Due Diligence (CDD) checks and retain records of transactions in order to comply with our legal, taxation and regulatory obligations. These include, (but may not be limited to):

  • The AML/CFT Act 2009 in New Zealand
  • The AML/CTF Act 2006 in Australia
  • The 2017 Money Laundering Regulations in the United Kingdom

  We may also use your information to detect and prevent fraud and other illegal use of the website and the services provided.

• For marketing and promotional purposes:

  We can use your information to send targeted emails, text messages, push notifications, ads, and other content about our Service or the services of our business partners.

• To develop, monitor, maintain and improve our services.
• Any other purpose disclosed to you at the time of information collection.

How we process your personal information

We use, process, and store your information as necessary to perform our contract with you and for our legitimate business interests, including:

• to comply with any applicable legal and/or regulatory requirements.
• to complete Know Your Customer (KYC) and Customer Due Diligence (CDD) checks. From time to time we use the services of Credit Reference Agencies (CRA's) to attempt to verify your identity. These are not credit performance checks and will not impact your credit rating. More information can be found here https://www.transunion.co.uk/legal-information/bureau-privacy-notice.
• to help us administer our site, software, and/or services, authenticate users for security purposes, provide personalised user features and access, process transactions, conduct research, develop new features, and improve the features, algorithms, and usability of our site, software, and/or services.
• To communicate with you:
  • about your use of our site, software, services and product announcements.
  • to request additional documentation required to meet our regulatory obligations.
  • responding to your requests for assistance, including providing account verification support if you're having difficulty accessing your account.
  • to send you direct marketing emails and special offers, from which you can unsubscribe at any time. For more information, please see section 6, “Email Communications” below.
  • to ask you for feedback or to take part in any research we are conducting (which we may engage a third party to assist with).
  • to award you a prize if you have won a competition we're running.

Email communications

We only send promotional email to individuals who have given us explicit consent, have been referred to us by one of our existing customers, or as part of an ongoing relationship with customers who have signed up to use our service.

You control what communications you receive, and you can unsubscribe from marketing at any time by contacting us at [email protected] or by using the unsubscribe link in every promotional email you receive.

Customers will still receive important information, alerts and notices relating to their account, and any communications required by law.

Use of children's personal information

You must be at least 16 years old to access or use the service and we do not knowingly collect or store any personal information about children under the age of 16.

Where we store your personal data

The data that we collect from you may be transferred to, and stored at, a destination outside the country you live in. These countries may have laws different to what you're used to. Rest assured, where we disclose personal data to a third party in another country, we put contractual safeguards in place to ensure your personal data remains protected to the required legal standard, which includes a website with secure and encrypted connection, valid and trusted certificate and serving secure resources.

For individuals in the European Economic Area (EEA), this means that your data may be transferred outside of the EEA. It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, for example, the provision of support services. By submitting your personal data, which includes your identity and financial information, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy policy.

How we share information with third parties

OrbitRemit will not sell or lease the information we collect to third parties for their promotional purposes. We may share your information with our service providers, subsidiaries, and business partners, such as:

• Third parties that help us to carry out the Service (for example, to verify your identity, complete credit checks, or complete payments);
• Software-as-a-service providers that we use to provide the Service (for example, our customer service messaging platform provider);
• Cloud-storage providers;
• Marketing partners;
• Data analytics or research partners;
• Third parties that help us to enhance the safety and security of the Service;
• Where required, to international regulators (for example, for IRS tax purposes);
• Third party providers (such as Google, Facebook and programmatic display) for marketing purposes; and
• Our consultants, lawyers, accountants, insurers, and professional advisors.
• We use service providers who assist us in meeting business operations needs, including hosting, delivering, and improving our Services. We also use service providers for specific services and functions, including email communication, customer support services, and analytics. These service providers may only access, process, or store Personal Data pursuant to our instructions and to perform their duties to us.
• In the event of the sale, acquisition or merger of some or all of our assets, your personal information might be a part of the transferred assets. We shall notify you in the event of such an occurrence by placing a notice on our website.
• We may disclose information to Law enforcement and government officials, but only in connection with a formal request, subpoena, court order, or similar legal procedure, as well as circumstances where we believe in good faith that disclosure is necessary to comply with the law, report suspected illegal activity, or investigate violations of our User Agreement. This is in order to satisfy our obligations under the relevant AML/CFT Laws.
• As may be required under any other applicable law.

The OrbitRemit website contains links to other websites such as TrustPilot for reviews and different social media platforms namely Facebook and Twitter, and App stores like Apple store and Google Play.

OrbitRemit cannot control the privacy practices or the content of other web sites. Please ensure you familiarise yourself with the privacy practices of these other sites prior to submitting your personal information to them.

How long we store your personal information

In order to comply with our various legal obligations, we will retain your data for a period of at least 7 years after the end of income year to which the records relate. This is to provide you with services or as otherwise set forth in this policy.

Should you wish to close your account we will not keep that information for longer than is required for the purposes for which the information may lawfully be used, such as to comply with anti-money laundering regulations in our various jurisdictions.

How to modify your personal information and preferences

Options to access, modify or update your personal information saved to the OrbitRemit website can be found by logging into your account. In the instances where personal information cannot modified or amended by you, please contact us at [email protected].

OrbitRemit will take reasonable steps to ensure that all information we hold on your file is up to date, complete and accurate, this is in order to minimise the amount of times we need to contact you and ensure appropriate information is used to make a decision about you. However, please note that OrbitRemit is in no way responsible for information that is not updated on your account and as such advises all customers that they routinely check that the information provided on their account is correct.

Requesting your personal information

You are entitled to request all personal information held by OrbitRemit at any given time. To do so you need to contact OrbitRemit directly via support request or email. Where you are entitled to that information OrbitRemit will ensure it is provided in compliance with our legal obligations and, where practicable, the manner you requested it. If it is not practicable to do so, OrbitRemit will provide the information in another suitable form such as via email or post.

If OrbitRemit decides that it cannot provide you with certain information it will outline the reasons for its decision in writing and the mechanisms available to complain about the refusal.

How we keep your information secure

OrbitRemit takes all reasonable steps to maintain the security of your personal information. We have a range of safeguards to protect this information. OrbitRemit uses the highest level of online security available to protect the information you submit to us through the OrbitRemit website. We have put in place SSL [Secure Socket Layer] encryption technology to protect your sensitive information transmitted from the OrbitRemit website. We also require a username and password from each user who wishes to access the information held in their OrbitRemit account and other areas on the OrbitRemit website. All forms of personal information are kept online on your account. However, in some instances where information is mailed to us, we upload the documents and then securely destroy the original documents.

We have put in place SHA 256 SSL [Secure Socket Layer] encryption technology to protect your sensitive information transmitted from the OrbitRemit web application and marketing site. We also require a username and password from each user who wishes to access the information held in their OrbitRemit account and other areas on the OrbitRemit website. All forms of personal information are kept online on your account.

We use strict procedures and security features to prevent unauthorised access of your information. While we do our best to keep your data secured once we receive it, we cannot guarantee full security of your information while it is being transmitted via the internet. Any data transmitted online is at your own risk.

Availability and changes to this policy

We may, from time to time, make changes to this Privacy Policy to reflect any changes to our privacy practices in accordance with changes to legislation, best practice or site enhancements. We will let you know what these changes are by posting them to this page. Where the changes are significant, we may also choose to email you with the new details and get your consent to make these changes where required by law. It is your responsibility as a user to make sure that you are aware of changes posted on this page, by checking for any changes on a regular basis. Changes posted on this page will become effective as soon as they are posted.

Your information rights

It’s your personal data and you have certain rights relating to it:

• Right to be informed: the right to be provided with clear and concise information about what we do with your personal data;
• Right to access: the right to request copies of your personal information from us;
• Right to correct: the right to have your personal information rectified if it is inaccurate or incomplete;
• Right to erase: the right to request that we delete or remove your personal information from our systems;
• Right to restrict our use of your information: the right to ‘block’ us from using your personal information or limit the way in which we can use it;
• Right to data portability: the right to request that we move, copy or transfer your personal information;
• Right to object: the right to object to our use of your personal information including where we use it for our legitimate interests, or where we use your personal information to carry out profiling to inform our market research and user demographics. If you raise an objection, we will stop processing your personal information unless very exceptional circumstances apply, in which case we will let you know why we're continuing to process your personal information.
• Rights in relation to automated decision making and profiling: the right not to be subject to a decision based solely on automated processing, including profiling, which has a legal effect on you.

We will use reasonable efforts consistent with our legal duty to provide you with your rights in accordance with data protection legislation. Note some legislative or regulatory requirements may prevent us from being able to fulfil your request under these rights. If this is the case, we will advise you of this, including the reasons why. See section 16 below for contact details.

How to contact us

OrbitRemit takes all complaints seriously and will investigate your complaint accordingly.

To make enquiries, exercise any of your rights set out in this Privacy Policy and/or make a complaint please contact [email protected].

Alternatively, you can telephone New Zealand +64 4 831 8780, Australia +61 2 8188 3735, United Kingdom +44 20 3962 0613. It should be noted that a request to restrict or modify the use of your information may result in you no longer being able to use our services.

If you are not satisfied with the manner in which we have dealt with your complaint, or the outcome/resolution, then you may refer the matter to;

Office of the Privacy Commissioner;

• Mail: PO Box 10 094, The Terrace, Wellington 6143.
• Email: [email protected]
• Telephone: 0800 803 909
• Online: https://www.privacy.org.nz

The Office of the Australian Information Commissioner in Australia;

• Mail: OAIC - Director of Complaints, Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 2001.
• Email: [email protected]
• Telephone: 1300 363 992

And the Information Commissioner's Office in the UK;

• Mail: Information Commissioner's Office, Wycliffe House Water Lane, Wilmslow, Cheshire, SK9 5AF
• Email: [email protected]
• Telephone: 0303 123 1113