IVF Pay Pty Ltd ABN: 86 693 531 958 · Last updated: 2026 · Governed by the Australian Privacy Principles (APPs) and the Privacy Act 1988 (Cth)
1.1This document is the Privacy Statement of IVF Pay Pty Ltd ABN: 86 693 531 958 ("IVF Pay", "we" or "us").
1.2The purpose of this Privacy Statement is to tell you how we collect, use, hold, disclose and protect your Personal Information.
1.3Please refer to IVF Pay's Credit Reporting Statement for information about how we manage your Personal Information collected in connection with a credit application or facility.
1.4We act to protect your Personal Information in accordance with the Australian Privacy Principles ("APP") and the Privacy Act 1988 (Cth) (together "Privacy Laws").
1.5Please check this privacy policy page regularly at www.ivfpay.au/privacy for amendments and updates to our Privacy Statement and Credit Reporting Statement.
1.6This Privacy Statement does not cover information that you submit on other websites, even if we communicate with you on those sites. For example, if you contact us via Instagram, Facebook, Pinterest, Twitter, or YouTube, that information is governed by the privacy policies on those websites and is not governed by this Privacy Statement.
2.1Personal Information is any information or opinion about you that is capable, or reasonably capable, of identifying you, whether the information or opinion is true or not and whether it is recorded in material form or not. Personal Information includes Sensitive Information.
2.2Sensitive Information includes such things as your racial or ethnic origin, political opinions or membership of political associations, religious or philosophical beliefs, membership of a professional or trade association or trade union, sexual orientation or criminal record. Your health, genetic and biometric information and biometric templates are also Sensitive Information.
2.3We only collect Sensitive Information about you if we obtain your prior consent or if the collection is required or authorised by law.
2.4The Personal Information we collect and hold generally includes:
2.5Over the course of our relationship with you, we may collect additional Personal Information including transactional information, account information, and details of any complaints or enquiries.
2.6We are required by law to identify you when opening a new account. The Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) requires us to sight and record certain documents to meet the standards set under those laws.
3.1In most cases, before or at the time of collecting your Personal Information, we obtain your consent for the purposes for which we intend to use and disclose it.
3.2If you don't give us consent, we may not be able to provide you with the products or services you want, as we are required to collect this Personal Information to do so.
4.1Having provided consent, you are able to withdraw it at any time by contacting us. Please note that withdrawing your consent may mean we are no longer able to provide you with the relevant product or service.
5.1We collect most Personal Information directly from you — in person, over the phone or electronically. For example, when you:
5.2We may also collect Personal Information about you from others, such as service providers, agents, advisors, employers or family members.
5.3We may take steps to verify the information we collect — for example, verifying employment and remuneration information provided in a credit application.
6.1We may collect information from you electronically through internet browsing on our websites. Each time you visit, we may collect:
6.2We collect information using cookies when you use our website. Cookies are small pieces of information stored on your hard drive or in memory. They can record information about your visit to our websites, allowing us to remember you the next time you visit and provide a more meaningful experience.
6.3We may also collect information from third party websites, applications or platforms such as Google Analytics.
6.4We may collect Personal Information from social media platforms if you publicly comment. We never ask you to supply Personal Information publicly over any social media platforms we use.
7.1If we receive Personal Information that is not solicited by us, we only retain it if we determine it is reasonably necessary for our functions and activities. If these conditions are not met, we destroy or de-identify the information.
8.1We collect, use and disclose your Personal Information so we can:
8.2We may not be able to provide you with products or services if you provide incomplete or inaccurate information.
9.1We ensure that the Personal Information we collect, use or disclose is accurate, up to date, complete and relevant. Please contact us if any of your details change or if you believe the information we hold about you is not accurate.
10.1We are committed to protecting any Personal Information we hold from misuse, interference, loss, unauthorised access, modification and disclosure. Our security measures include:
10.2Where Personal Information we hold is identified as no longer needed, we ensure it is effectively and securely destroyed — for example, by shredding paper records or degaussing electronic records.
11.1We may share your Personal Information with third parties to help deliver or support the provision of products or services to you. In all such circumstances, confidentiality arrangements are in place.
11.2Depending on the product or service you have, the entities we may exchange your Personal Information with include:
11.3We may also disclose your Personal Information where we are required to do so by law, where you have consented, or where we are otherwise permitted under applicable Privacy Laws.
12.1To comply with our Anti-Money Laundering and Counter-Terrorism Financing obligations, we may disclose your name, residential address and date of birth to a credit reporting body to verify your identity. Prior to making any such request, we will inform you and obtain your express consent, and will offer you an alternative means of verifying your identity.
13.1We only disclose your Personal Information overseas when permitted by the Privacy Act and after ensuring appropriate protections are in place — including that the overseas recipient does not breach the APPs, or that you have consented to the disclosure.
13.2We may store your Personal Information in cloud-based software or other networked systems. As these can be accessed from various countries, it's not always practicable to know in which country your Personal Information may be held.
13.3Overseas organisations may be required to disclose information we share with them under a foreign law. In those instances, we are not responsible for that disclosure.
14.1We only use or disclose your Personal Information for the purpose of direct marketing if we have received the information directly from you and you have not requested to opt out.
14.2If you wish to opt out of receiving marketing information, you can contact us at any time by:
14.3All direct marketing communications include information about your right to opt out.
15.1You can request access to the Personal Information we hold about you at any time. Requests for limited information can generally be handled over the telephone. Requests for more substantial information require you to complete a Request for Access form.
15.2We do not charge for making an access request, however access charges may apply to cover our costs in locating, collating and explaining the information. We endeavour to comply with your request within 14 days (or 30 days in exceptional circumstances).
15.3In certain circumstances permitted by law, we may deny or limit your request for access. If we do so, we will provide written notice setting out the reasons and available complaint mechanisms.
17.1We take all reasonable steps to maintain accurate, complete and up-to-date information. We correct Personal Information that we believe to be inaccurate, out of date, incomplete, irrelevant or misleading — or upon your request.
17.2We respond to any requests for correction within 30 days of receipt. If we refuse to correct the information, we will give you written notice setting out the reasons and available complaint mechanisms.
17.3If we refuse to correct your Personal Information, you may request us to associate with that information a statement that the information is inaccurate, out of date, incomplete, irrelevant or misleading.
20.1The Privacy Act includes a Notifiable Data Breaches (NDB) scheme which requires us to notify you and the Office of the Australian Information Commissioner (OAIC) of certain data breaches likely to result in serious harm.
20.2If we believe there has been a data breach impacting your Personal Information, we will notify you and the OAIC as soon as practicable and keep you informed about the nature of the breach, the steps we are taking and what you can do to reduce the impacts.
20.3If you believe any Personal Information we hold about you has been impacted by a data breach, please contact us using the details in Section J below.
21.1We offer a free internal complaint resolution scheme. Should you have a privacy complaint, please contact us to discuss your concerns.
21.2To assist us in helping you, please:
21.3After receiving a complaint, we will send you a written acknowledgement. We aim to investigate and respond within 30 days. If a decision cannot be made within that time, we will notify you and specify a new expected resolution date.
21.4If you are not satisfied with the outcome, you may contact the OAIC:
GPO Box 5218, Sydney NSW 2001
1300 363 992
If you have any questions or would like further information about our privacy, credit reporting and information handling practices, please contact us.