Prezzee eGift Cards Privacy Policy
Prezzee Group (“Prezzee” or “our” or “we”) is in the business of providing the online platform enabling the purchase, redemption, management and storage of a variety of non-reloadable digital gift cards and codes and associated services (the “Services”). The Services include, and may be provided through, our website (the “Prezzee Site”) or mobile application (the “Prezzee App”). Prezzee also partner with third-party organisations to provide incentives to their employees and other individuals. The Prezzee Group consists of:
• Prezzee Pty Limited, in Australia;
• Prezzee Limited, in New Zealand;
• Prezzee Canada Corporation, in Canada;
• Prezzee UK Ltd, in the United Kingdom; and,
• Prezzee Inc, in the United States of America.
This Privacy Notice (“Notice”) makes disclosures concerning our collection of personal information, purposes of collection, sources of collection, and measures we use to protect your personal information. In this Notice, personal information means any information that identifies, relates to, describes, is reasonably capable of being associated with or could reasonably be linked, directly or indirectly, with a particular consumer or household (“Personal Information”).
This Notice applies to Personal Information collected by Prezzee in connection with our provision of the Services, including Personal Information collected through the Prezzee Site, Prezzee App, our social media accounts, and all other technological means. Prezzee uses third-parties (sub processors) located both locally and outside of your jurisdiction of residence in addition to its own resources to provide the Services.
This Notice does not apply to information collected on any website operated by us that does not link to this Notice, any website or mobile application operated by a third party, or through any third-party application or content that may link to or be accessible from the Services.
Please read this Notice carefully to understand our policies and practices regarding your information and how we will treat it. If you do not agree with our policies and practices, do not use our Services. By accessing or using our Services, you agree to this Notice. This Notice may change from time to time, and the most recent update will appear here. Your continued use of the Services after we make changes is deemed to be acceptance of those changes, so please check the notice periodically for updates.
1. Scope of this Privacy Notice
We understand that when accessing our Services, the privacy and confidentiality of Personal Information is important to you. That’s why we fully respect your rights to privacy and are committed to protecting the personal and financial details you provide us in line with this Privacy Notice. This Notice applies to our Services and all individuals who use our Services or whose Personal Information is processed by Prezzee in connection with the Services.
We are committed to protecting the privacy of everyone who uses our Services, for them to understand what Personal Information we collect and store, and why we do so, how we receive and/or obtain that information, the rights an individual has with respect to their Personal Information in our possession, and with complying with the requirements of applicable privacy laws (“Privacy Laws”).
2. Children
Children under the age of 13 are not permitted to use the Services, Prezzee Site, or Prezzee Apps. No one under age thirteen (13) may provide any Personal Information to, or on the Prezzee Apps. We do not knowingly collect personal information from children under thirteen (13). If you are under thirteen (13), do not use or provide any information on our Prezzee Site or Apps or through any of its features, register on our Prezzee Site or Apps, make any purchases through the Prezzee Site or Apps, use any of the interactive or public comment features of this Prezzee Site or Apps, or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal information from a child under thirteen (13) without verification of parental consent, we will remove and delete that information. If you believe we might have any information from or about a child under thirteen (13), please contact us at privacy@prezzee.com.
California residents under 16 years of age may have additional rights regarding the collection and sale of their personal information. Please see Section 23 for more information.
3. The Information We Collect
The type of Personal Information we may collect includes:
(a) Personal Details - We may collect personal details such as an individual’s name, location, date of birth and nationality allowing us to identify who the individual is;
(b) Contact Information - We collect information such as an individual’s email address, Internet Protocol (IP) address, unique device identifiers, mobile number, device model and name, operating system, browser type, third-party usernames, residential, business and postal address and other information that allows us to contact the individual. We also collect other contact information (where you choose to import or upload that information) such as the names and phone numbers of your contacts from your address book or contact list, which we only use to help you quickly send gift cards to people you may know.
(c) Financial Information - We collect financial information such as any bank or credit card details used to transact with us and other information that allows us to transact with the individual and/or provide them with our Services.
(d) Statistical Information - We collect behavioural and statistical information about an individual and businesses in connection with the Services and/or the Prezzee App.
(e) Geo-location information - We collect geo-location information to send servicing messages and/or special offers from select retailers based on the proximity of the customer to that retailer.
(f) Call Recording – We may record any calls that you make to us. This information may be used for staff training and dispute resolution.
Prezzee operates as a Data Controller in respect of your personal data, but in specific contractual circumstances where we are required to do so, Prezzee operates as a Data Processor.
For users of the Prezzee Buzz service
The Prezzee Buzz service requires the processing of the following data elements, all of which we are required to collect for us to provide you with the service:
1. Email address
2. Name
3. Employer/organization
4. Location/region
5. Gift card name, denomination, region
6. Slack user IDs
7. Slack workspace ID
8. Slack token to call slack APIs
9. Text content of recognition messages sent between employees
10. Microsoft tenant ID
11. Microsoft Teams ID
12. Microsoft graph API access token to interact with Graph API
4. Why we collect Personal Information
We collect Personal Information so that we can carry out the following actions:
(a) to enable you to use our Prezzee App;
(b) to provide and enable you to use our Services;
(c) to communicate with you, including about our Services and offers which might interest you;
(d) to provide information or advice;
(e) to help process payments by or to you in connection with our Services;
(f) to create accounts, tax invoices or receipts;
(g) to provide your personal information to third parties (sub processors and retailers) in order for them to supply the Services to you;
(h) to consider and respond to complaints made by you.
(i) to communicate with you about research opportunities relating to our products and Services;
(j) to evaluate, operate, analyze and improve our business, including developing new products and services, managing our communications, conducting market research, performing data analytics, and undertaking auditing, accounting, and other internal functions.
We may disclose additional purposes for collection of your Personal Information in collection statements at the point and time of collection.
5. How information is collected
Information is collected directly from you in association with your use of the Services, when you make an inquiry about Prezzee or generally deal with us directly or via our Services. If you are a Gift Card recipient, Personal Information is collected from the person who purchased the Gift Card.
As you navigate through and interact with the Services, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions, and patterns, including details of your visits to the Services, including traffic and location data, and information about your computer, device and internet connection, including your IP address, operating system, and browser type.
We also purchase personal information that is already in the public domain from organisations that aggregate and filter that information.
6. When Personal Information is used and disclosed
We will not use any Personal Information other than for the purpose for which it was collected and with the individual’s permission or as otherwise outlined in this Notice.
Our use of Personal Information may include, but is not limited to:
(a) Processing and completing transactions relating to the Services, we will disclose your Personal Information to the Retailer(s) that you (or the Gift Card recipient) selects and may also disclose your Personal Information to persons that are involved in processing payments you make (including to third party payment providers);
(b) Requesting feedback with respect to your use of the Services, its products or other companies, and other news and promotions we think will be of interest to you;
(c) Responding to your emails, questions, comments, requests and complaints so as to provide customer service;
(d) Monitoring and analyzing Service usage and trends;
(e) Performing analytics and to increase the Service’s functionality, market profile and user friendliness;
(f) Investigating and preventing fraudulent transactions and other illegal activities. Prezzee employs both human and artificial intelligence methods to combat fraud;
(g) Sending notifications regarding important changes to the Services;
(h) Using for the purpose for which the information was collected;
(i) Sending you confirmations, updates, security alerts, additional information about our products and services and support, and otherwise assist with your use of the Services and;
(j) For users of our Android mobile application, ad tracking is enabled by default and resultant information is shared with our Content Delivery Partner (CDP) network. Users of our iOS mobile application will be required to provide consent in order to enable ad tracking.
Subject to Section 13 of this Privacy Notice, we will retain Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Notice unless a longer retention period is required or permitted by law.
Subject to clauses 9 and 17 and where otherwise stated in this Notice, we will not sell or otherwise provide or share an individual’s Personal Information to unrelated third parties unless:
(a) you consent to the sharing of your Personal Information; and/or
(b) in connection with, or during negotiations of any merger, sale, financing or acquisition of Prezzee assets where this information may be disclosed or transferred as one of Prezzee’s business assets.
There are some circumstances in which we must disclose an individual’s information:
(a) To fulfill the purpose for which you provide it;
(b) Where we reasonably believe that an individual may be engaged in fraudulent, deceptive or unlawful activity that a governmental authority should be made aware of;
(c) To enforce or apply this Privacy Notice, or our terms, conditions and policies and/or agreements;
(d) As required by any law;
(e) In order to sell our business (in that we may need to transfer Personal Information to a new owner); and/or
(f) To contractors, service providers, and other third parties we use to support our business and who are bound by contractual obligations to keep personal information confidential and use it only for the purposes for which we disclose it to them
7. Sensitive Information
Sensitive information is information about you that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs or affiliations, membership of a professional or trade association, membership of a trade union, details of health, disability, sexual orientation or criminal record.
It is our policy to only collect your sensitive information where it is reasonably necessary for our functions or activities and either you have explicitly consented, or we are required or authorized under law to do so.
8. Opting “IN” or “OUT”
By clicking “I Agree” or any other affirmative button on either our websites or mobile applications indicating your acceptance of this Notice, you expressly consent to the collection and use of your Personal Information in accordance with this Notice.
An individual may opt to not have us collect their Personal Information (for example by unsubscribing to any marketing emails or texts received – see also Section 17). This may prevent us from offering them some or all of our services and may terminate their access to some or all of the services they access with or through us.
If an individual believes that they have received information from us that they opted out of receiving, they should contact us on the contact details set out in Section 18.
9. De-Identified Information
We may use your Personal Information in de-identified form (de-identification being a process by which a collection of data or information is altered to remove or obscure personal identifiers and personal information) to assist us in performing services. We may also provide, including by way of sale, de-identified information in aggregated form, to third parties.
When your Personal Information is included in de-identified, aggregated data, it is not possible to identify you or anything about you from that data.
10. Cookies and tracking information
We may use temporary (session) cookies or permanent cookies when you access our Online platforms and/or Services. This allows us to recognize your browser and track the web pages you have visited. Some of these cookies also help improve your user experience on our websites, assist with navigation and your ability to provide feedback and assist with our promotional and marketing efforts. You can switch off cookies by adjusting the settings on your web browser.
In addition to cookies, Prezzee will utilize tracking pixels. The current list of tracking pixels is as follows:
• Snapchat
Prezzee provides the ability to prevent the operation of all but essential Prezzee cookies and tracking pixels through a cookie disclaimer banner which is presented across all of its websites, and remains persistent until a choice is selected by the website visitor.
Prezzee utilizes Giftomatic Websnippets across all of its websites, which consists of Javascript functionality to display products from Giftomatic Affiliates. We also use googleleads.g. doubleclick.net to track advertisement traffic.
11. The Safety and Security of Personal Information
(a) We may hold your personal information in either electronic or hard copy form.
(b) If you provide information to us electronically, we retain this information in our computer systems and databases. If you provide information to us in hard copy (paper) this information is normally retained in our files and a copy is made to our electronic files.
(c) We use industry standard security measures to safeguard and protect your information. We may disclose your personal information to third parties and service providers located outside your jurisdiction of residence in connection with any purpose, including to cloud computing hosts. We take reasonable steps to ensure that recipients of your personal information located outside of your jurisdiction of residence do not breach the privacy obligations relating to your Personal Information.
(d) With the exception of service providers, processors and sub processors who we engage to perform services on our behalf, we are not responsible for the privacy or security practices of other third parties, such as Retailers. The collection and use of an individual’s information by such third parties may be subject to separate privacy and security policies.
(e) If an individual suspects any misuse or loss of, or unauthorized access to, their Personal Information, they should let us know immediately.
(f) When we become aware of any breach to our security systems that breaches or is likely to result in a breach of your rights or freedoms with respect to your Personal Information, we will notify you and any supervisory authority as required.
(g) We are not liable for any loss, damage or claim arising out of another person’s use of the Personal Information where we were authorized to provide that person with the Personal Information
12. How to access and/or update information
If you would like us to update or amend your personal information or would like to request access to your Personal Information, please contact us on the contact details set out in Section 18. Please note that these rights are not absolute and are subject to applicable legal restrictions.
We may ask you to verify your identity to ensure that personal information we hold is not improperly accessed.
13. Connecting via Social Networks
You can log-in to the Service by signing into social networks such as Facebook or an Open ID provider. Providers such as Facebook provide the option of posting and sharing information with others within your social network. If you stop using the network from which you signed in to use the Service, you agree that we will still retain the Personal Information from the social network that you provided us access to in accordance with this Notice.
Social media features such as Facebook Like and Share buttons and widgets and interactive mini-programs which run within the service may collect your IP address and set a cookie to enable the feature to function properly. Your interaction with these features is under the Privacy Notice of the company providing them.
14. Right to delete your account or Personal Information
You have the right to delete your account or request the deletion of your Personal Information, subject to certain exceptions. Prezzee gives you the ability to permanently delete your account or Personal Information at any time.
You may notify us about your wish to delete your Personal Information or your account at the contact details in this Notice or follow in-app prompts. All requests must be in writing.
What happens when I delete my account or Personal Information?
When your account and/or Personal Information is deleted, it is permanent, and the information cannot be restored or reactivated. This means that:
(a) If you want to continue to use your Gift Cards, you must print them before you delete your account.
(b) We may not be able to assist you if you require customer service, including if you lose your Gift Card or experience issues with your Gift Card.
How long will it take to delete my account or Personal Information?
When a request to delete your account or Personal Information has been received, we will delete (and direct our third-party service providers to delete) your account and Personal Information unless we are required to retain that information for regulatory or compliance purposes. Some Personal Information may be retained by Prezzee or our third-party service providers after an account deletion request to enable Prezzee (or our third-party service providers) to:
(a) Maintain a record that an account deletion request was made and actioned;
(b) Comply with applicable laws and legal obligations, including anti-money laundering and counter-terrorism financing laws;
(c) Comply with internal security, fraud and anti-money laundering policies;
(d) Detect security incidents, or protect against malicious, deceptive, fraudulent, or illegal activities; or
(e) Cooperate with investigations or directions from law enforcement or regulators; or
(f) Make other internal and lawful uses of that information that are compatible with the context in which you provided it.
All subject access requests, including requests to delete Personal Information, will be processed within the timeframes stipulated by local data protection regulations.
15. Right to know and Data Portability
You have the right to request that we disclose certain information to you about our collection and use of your personal information. Once we receive your request and confirm your identity, we will disclose to you:
• The categories of personal information we collected about you.
• The categories of sources for the personal information we collected about you.
• Our business or commercial purpose for collecting, using or disclosing (including selling) that personal information.
• The categories of third parties with whom we share that personal information.
If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
• Sales, identifying the personal information categories that each category of recipient purchased; and
• disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained
The specific pieces of personal information we collected about you (also called a data portability request).
16. Links
Links from our Services to third-party services that we do not operate or control are provided for your convenience. We are not responsible for the privacy or security practices of services that are not covered by this Privacy Notice. Third-party services should have their own privacy and security policies which we encourage you to read before supplying any Personal Information to them.
17. Direct Marketing
We and/or our carefully selected third-party business providers may contact you with direct marketing communications and information about the Services or other products and services offered by us via telephone, email, SMS, or regular mail.
If you have indicated a preference for a method of communication, we will endeavor to use that method wherever practical to do so.
You may opt out of receiving marketing communications at any time by responding via the channel in which you received the marketing communication, or by contacting us on the contact details set out in clause 18. You can unsubscribe:
• from telephone calls by informing the caller that you no longer wish to be contacted;
• from emails by clicking the unsubscribe link on the footer of the email communication you have received;
• from SMS messages by replying with STOP; and,
• from regular mail by contacting the telephone number shown on the letter.
18. Complaints and Disputes
If you need to contact us or have a complaint, or request for information regarding our handling of your Personal Information, please address your communication in writing to the address(es) below:
Data Protection Officer
Address: Level 3, 9 Castlereagh Street, Sydney NSW 2000 Australia
Email: privacy@prezzee.com
Phone No.: 1800 940 868
If we have a dispute regarding an individual’s Personal Information, we both must first attempt to resolve the issue directly between us.
If we become aware of any unauthorized access to an individual’s Personal Information, we will inform them and any supervisory authority as required, at the earliest practical opportunity once we have established what was accessed and how it was accessed.
If you are not satisfied with the response that you receive, you are entitled to escalate your complaint to the relevant supervisory authority. Please see Section 25 for a list of the relevant supervisory authorities.
19. Location-based Data
Prezzee provides a geo-push notification feature to customers using its mobile app to send them servicing messages and/or special offers from select retailers based on the proximity of the customer to that retailer. The app requires access to the location services on the mobile device to utilize this feature and must be manually enabled by the customer firstly. Prezzee does not retain real time location data of the customer and does not use location services and data for any other purpose.
To the extent that Prezzee provides location-based features as part of the Services, it may collect, use, and share precise location data, including the real-time geographic location of your computer or device. Where available, location-based services may use GPS, Bluetooth, and your IP Address, along with crowd-sourced Wi-Fi hotspot and cell tower locations, and other technologies to determine your devices’ approximate location. Unless you provide consent, this location data is collected in an anonymized form that does not personally identify you.
20. GDPR
If you are:
(a) A resident of the UK or European Economic Area; or
(b) accessing our Prezzee Apps or receiving our Services from within the UK or European Economic Area,
then in addition to our obligations under the privacy laws, Prezzee is required to comply with the General Data Protection Regulation (EU) 2016.679 (GDPR) with respect to your Personal Information.
Any reference to Personal Information in this Privacy Notice is also a reference to Personal Data (as defined under the GDPR).
Prezzee takes the security and privacy of your Personal Information seriously and has prepared this Notice and taken measures to collect, process and hold all Personal Information in compliance with United States privacy laws and GDPR regardless of the user. Therefore, no additional terms for GDPR users are required.
21. Transfer of Personal Information
Prezzee employs sub processors to process your personal data. The sub processors may be located outside of the jurisdiction where your information was collected. Prezzee may also transfer you information to another Prezzee Group company located in a different jurisdiction. Where your information is transferred to another jurisdiction, Prezzee will ensure that your information is lawfully transferred in accordance with the Privacy Legislation of the collecting jurisdiction.
22. Additions to this Notice
We reserve the right to amend this Notice at our discretion and at any time. When we make changes to this Notice, we will post the updated notice on the Website and update the notice’s effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.
23. California Residents
If you are a California resident, California law may provide you with additional rights regarding our use of your personal information. To learn more about your California privacy rights, visit https://oag.ca.gov/privacy/ccpa.
California’s “Shine the Light” law (Civil Code Section § 1798.83) permits users of our App that are California residents to request certain information regarding our disclosure of personal information to third parties for their direct marketing purposes. To make such a request, please contact us via the information shown in Section 18.
The California Consumer Privacy Act provides California consumers with the right to obtain Prezzee information about the Personal Information that we collect, use, and disclose. You can exercise your right by contacting Prezzee in any manner set forth in Section 18.
We do not discriminate against a consumer because of the exercise by the consumer of any of their privacy rights such as right to access, deletion or opt-out from sale or sharing of your personal information. This means that we will not, because of the exercise of consumer privacy rights granted by the CPRA:
(a) Deny you goods or services.
(b) Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties.
(c) Provide you a different level or quality of goods or services.
(d) Suggest that you will receive a different price or rate for goods or services or a different level or quality of goods or services.
24. Nevada Residents
You have the right to opt-out of the sale of your personal information. Prezzee does not sell your Personal Information, other than in de-identified form.
25. Canadian Residents
We limit internal access to Personal Information to our personnel who require access for the purposes described in this Privacy Notice, including personnel in our customer service, marketing, technology, finance, security, audit and legal departments. We also have policies and procedures regarding our handling of Personal Information that are designed to facilitate our compliance with this Privacy Notice and applicable laws, including policies and procedures regarding access to Personal Information, retention of Personal Information, and handling of complaints.
In addition to the rights described above, you have the right to withdraw your consent to our processing of your Personal Information at any time, subject to contractual and legal restrictions. To exercise this right, please contact us as described in section 18 above.
26. Supervisory Authorities
In this Privacy Notice, Supervisory Authorities are organisations established within each jurisdiction to protect the privacy of the individuals residing in or accessing our systems from that jurisdiction. The following is a list of relevant Supervisory Authorities:
Australia
The Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 2001
Email enquiries@oaic.gov.au
Tel +61 1300 363 992
Web www.oaic.gov.au
Eire
Office of the Information Commissioner, 6 Earlsfort Terrace, Dublin 2, D02 W773
Email info@oic.ie
Tel +353 1 639 5689
Web www.oic.ie
United Kingdom
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
Email icocasework@ico.org.uk
Tel +44 0303 123 1113
Web www.ico.org.uk
Canada
Information Commissioner of Canada, 30 Victoria Street, Gatineau, QC, K1A 1H3
Email general@oic-ci.gc.ca
Tel +1 800 267 0441
Web www.oic-ci.gc.ca
New Zealand
The Office of the Privacy Commissioner, PO Box 10 094, Wellington 6143
Email enquiries@privacy.org.nz
Tel +64 0800 803 909
Web www.privacy.org.nz
United States
Department of State Privacy Office (privacy@state.gov) or local state Privacy Office
Updated: 23 December 2024