Privacy Policy

This is how your information 
is used and kept safe

Privacy Policy
Privacy Policy

The use of humm’s websites, products and services are subject to the terms and conditions set out below.

In this document, “humm”, “we”, “us”, and “ours” refers to Certegy Ezi-Pay Pty Ltd ABN 28 129 228 986.


At humm we manage your personal information securely and consistently with relevant legislation, including the Privacy Act 1988 (Cth) ("Privacy Act"), the Australian Privacy Principles and the Credit Reporting Privacy Code (where applicable).

This Privacy Policy explains:

  •   the kinds of personal information we collect and the purposes for which we do that;
  •   how we manage your personal information;
  •   how you can seek access to and correction of that information;
  •   if necessary, how you can make a complaint relating to our handling of that information;

This Privacy Policy is not limited to current customers. It also relates to other individuals who deal with us, whether in relation to us providing
 credit or otherwise.

Information we may collect

We will collect certain personal information about you depending on the circumstances in which the product or service is being provided. This can include the following types of personal information:

  • key personal information such as your name, date of birth, residential address, telephone numbers, email and other electronic addresses;
  • financial and related information such as your occupation, accounts, assets, expenses, income, dependents, and in relation to your employment,
 financial and business dealings and other relevant events;
  • your transaction history with Certegy Ezi-Pay and its associates or relevant third parties. This information includes products you may have used with
 us in the past, your payment history, and the capacity in which you have dealt or deal with Certegy Ezi-Pay;
  • other relevant information depending on the circumstances and this may include sensitive information such as health and medical information
 (e.g. if it is relevant to a hardship request) or other government identifiers (e.g. if relevant to identifying you).

We will also need to collect personal information about you that relates to credit, including information such as account numbers or customer
 identifier numbers.

Applicability of Privacy Policy to credit related information

The Privacy Act has specific rules about two types of consumer credit related information that we may collect:

  • Credit information This type information relates primarily to your credit-related dealings with us. For example identification information, information about your account with us and its status (whether it is still on foot, payment and internal default information), as well as any publicly available information.
  • Credit eligibility information This information is provided to a credit provider by credit reporting bodies (“CRBs”), or derived from it, so it may also include information about your credit related dealings with other credit providers.

We collect and hold credit information but we do not collect credit eligibility information from CRBs.

How we collect information

In many circumstances, we will collect the above information primarily from you (or from someone who is representing or assisting you). However, there are certain instances in which we will collect information about you from third parties where it is unreasonable or impracticable to collect it directly from you. For example, where we need to verify information you have provided. Even where your application is for consumer credit, we may collect information about you from a business which provides information about commercial credit worthiness for the purpose of assessing your application.

Other third parties that we may collect your information from include:

  • our agents;
  • your employers, accountant, referees, banks, landlords, guarantors, lawyers, financial advisers or others with whom you have previously had dealings;
  • other related entities who may have information about you;
  • in relation to credit information, by contacting other credit providers who may have information about you relevant to us;
  • by accessing information about you that is in the publicly available (e.g. internet sources or through the white pages);
  • your executor, administrator or attorney;
  • service providers to us (including debt collection agencies, introducers, private investigators, professional advisers);
  • professional organisations;
  • public and subscriber only databases;
  • any person considered necessary in our view to execute your instructions; and
  • government authorities.

We may also log information about your access and use of our website for example, through the use of internet cookies and your communication with our website. Our 'Website Terms of Use' provides more information on this.


One way of collecting information is through cookies. Cookies are small text files that websites send to your computer or other Internet-connected device to uniquely identify your browser or to store information or settings in your browser. Cookies allow us to recognize you when you return. They also help us provide a customized experience.

In many cases, the information we collect using cookies and other tools is only used in a non-identifiable way, without reference to Personal Information. For example, we use information we collect about website users to optimize our website and to understand website traffic patterns.

  • Third party vendors, including Google, use cookies to serve ads based on your prior visits to their websites.
  • Google’s use of the DART cookie enables it and its partners to serve ads to you based on your visit to sites and/or other sites on the Internet.
  • You may opt out of the use of the DART cookie by visiting the advertising opt-out page. (Alternatively, you can opt out of a third-party vendor’s use of cookies by visiting the Network Advertising Initiative opt-out page.)

You can use Ads Settings to manage the Google ads you see and opt out of interest-based ads. Even if you opt out of interest-based ads, you may still see ads based on factors such as your general location derived from your IP address, your browser type and recent, previous searches related to your current search.


This website uses the Google AdWords remarketing service to advertise on third party websites (including Google) to previous visitors to our site. This could be in the form of an advertisement on the Google search results page, or a site in the Google Display Network. Third-party vendors, including Google, use cookies to serve ads based on someone’s past visits to our website. Any data collected will be used in accordance with our own privacy policy and Google’s privacy policy.

You can set preferences for how Google advertises to you using the Google Ad Preferences page.

How we hold and protect your personal information

We will hold your personal information in paper or other physical form but it is usually held in electronic form on our systems. Service providers may hold the information for us. Your personal information is protected by various physical, electronic and procedural safeguards. Where a service provider holds your information, we require those service providers to adhere to our approved standards of security and confidentiality to ensure the continuing protection of your personal information.

We train staff that handle your personal information to ensure that your personal information is handled appropriately. Our procedures ensure that your personal information is only made available to staff where necessary.

Purposes for which we collect, hold, use and disclose your personal information

Personal information we collect about you will only be held, used and disclosed as is reasonably necessary for our business purposes and as permitted by law.

Purposes for which we will usually collect, hold, use and disclose your personal information, depending on the circumstances and the nature of the products and services you are obtaining from us, include:

  • in order for us to decide whether to provide a product applied for or service requested (this might involve evaluating your credit worthiness);
  • providing our products or services, including related arrangements (e.g. where we provide you with credit to make a purchase, or where our product is a payment service, that includes arranging for the purchase to be paid for or the payment to be made, including providing cheque risk management, acceptance and collection services to our retailers and service providers);
  • managing the products and services the we provide;
  • the ongoing monitoring of credit worthiness;
  • to detect and prevent instances of fraud, unlawful conduct, and other risks to you or our products and services;
  • to ensure fast and accurate approval and processing of payment transactions including via cheque;
  • to assess any insurance risks or claims associated with you or our products or services;
  • dispute and complaint resolution, and assisting other credit providers to do the same;
  • enforcing our rights, including the collection of outstanding payments and where necessary, initiating legal proceedings;
  • undertaking review and maintenance of our systems and infrastructure;
  • undertaking research and development regarding potential products and services;
  • undertaking securitisation activities and other activities relating to funding and capital requirements;
  • enabling our associated entities and selected other entities to promote their products and services to customers;
  • marketing products and services provided by us and our related entities (you can request not to receive direct marketing communications at any time);
  • developing an understanding of the products and services you may be interested in receiving from us and our related entities;
  • compiling statistical data (e.g. credit scoring information);
  • assisting customers in meeting their credit related obligations;
  • enforcing our rights, including debt recovery and other enforcement;
  • dealing with serious credit infringements, and assisting other credit providers to do the same; and
  • complying with various Australian laws which may specifically require us to collect your personal information, and with other regulatory requirements and laws where collecting your information is necessary in order for us to comply with our obligations. Some of the key laws which may apply include:
    • the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth);
    • the Personal Property Securities Act 2009 (Cth), and State and Territory real property and security interests laws;
    • the Financial Sector (Collection of Data) Act 2001 (Cth);
    • the Corporations Act 2001 (Cth) and other regulatory legislation; and
    • the Taxation Administration Act 1953 (Cth), the Income Tax Assessment Act 1997 (Cth) and other taxation laws.

Disclosing your personal information to third parties (including overseas)

Where the Privacy Act permits it, we may disclose your personal information for the purposes above to third parties including:

  • your co-applicant (if any);
  • related entities based in Australia or overseas;
  • entities that provide services to us such as mailing houses or call centre operators;
  • entities providing other services to us, including legal services, financial services, market research and data providers;
  • our assignees or potential assignees, or where we act as an agent for, or otherwise on behalf of, another person, to the principal or that other person;
  • the supplier of any goods or services financed with credit we provide;
  • retailers, where the payment or credit service provided by us involves payments to the retailer for goods or services to be provided by them;
  • other financial institutions or entities such as banks and credit providers;
  • insurers, assessors, underwriters, brokers and other distributors;
  • government regulatory bodies in Australia and overseas;
  • if appropriate, guarantee or security providers;
  • organisations involved in debt assignment or securitisation arrangements;
  • debt collectors or other enforcement bodies;
  • entities who wish to be involved in our business, or acquire an interest in our business; and
  • third parties you authorise to act on your behalf or that are otherwise connected with you (e.g. your accountant, legal representative or referee).

Some of these entities may not be located in Australia and may not have an Australian link. For example, we employ service providers in countries such as the Philippines, New Zealand and Ireland.

In addition, some of the retailers we deal with may operate overseas. Therefore, when you ask us to make a payment to or to provide credit for a product or service from such a retailer, we will provide information to that retailer and also to banks and other financial institutions (who may also be overseas), who are involved in processing that payment. These entities are not our service providers, and we do not control how they manage your information.

Your consumer credit related information may be disclosed, where relevant, in any of the circumstances described above.

CRBs and your rights in relation to them

Although the Privacy Act permits us to disclose your credit information to CRBs for certain purposes, and to receive information from them, we no longer do this. However, we will appoint an agent to ensure that any previously listed defaults will be updated with the CRB as required (e.g. when repayments are received). CRBs may include the information provided to them in their reports to other credit providers in order for them to conduct an assessment of your credit worthiness.

The CRB details are:

Phone: 1300 734 806
Address: Public Access Centre, PO Box 7405, St Kilda, VIC 3004

Veda Advantage
Phone: 1300 762 207
Address: Veda Advantage Public Access, PO Box 964, North Sydney, NSW 2059

You are entitled to:

  • “Opt Out” of direct marketing pre screenings: CRBs often use credit information to assist credit providers to market their products and services. If you do not want a credit reporting body to use your credit information in this manner, the Privacy Act gives you the right to request you be excluded from being contacted;
  • request non-disclosure where you believe you have been, or are likely, a victim of fraud: if you believe that you are a victim of fraud, or are likely to be a victim of fraud, then you are entitled, under the Privacy Act, to request that a credit reporting body not use or disclose any of your credit information.

Your ability to access your personal information (including credit information) that we hold

You can access the personal information that we hold about you.

You can request access to the personal information we hold about you subject to certain exceptions under the Privacy Act. You are entitled to specify how you wish to access your personal information, so long as this is reasonable and practicable. In order to access your personal information, please contact humm’s Privacy Officer on 08 8232 2828.

We verify the identity of anyone requesting access to personal information. This will ensure that we do not provide information to a person who does not have the right to access that information.

We ask that your request for information be as specific as possible so that we can accommodate your request. We will usually provide you with access within thirty (30) days of a request but in some circumstances, it may take longer.

Please note, that under Australian law, we are entitled to refuse you access to your information in certain circumstances, including where:

  • access would be unlawful;
  • denying access is required or authorised by or under an Australian law or a court/tribunal order; or
  • access would prejudice enforcement activities or the taking of appropriate action in relation to unlawful activity or serious misconduct.

How you can correct the information we have about you (including credit information)

We take every step that is reasonably practicable to ensure that the personal information we collect and hold is accurate, complete and up-to-date. The Privacy Act gives you the right to request correction of your personal information. If correction of your personal information is required, please contact humm’s Privacy Officer on 08 8232 2828.

In the event that we do not agree to your request for correction, we will give you notice of this outlining our reasons and what next steps you can take. You may also request us to associate a statement with that information to the effect that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading so that it is apparent to users of the information.

Privacy complaints and disputes

The Privacy Act gives you the right to make a complaint if you believe that we have not complied with our obligations under the Privacy Act. If you believe this to be the case, please contact humm’s Privacy Officer on 08 8232 2828.

We will aim to respond within seven (7) days of you making your complaint to acknowledge receipt of your complaint. It is our policy to investigate and resolve all complaints (where practicable) within thirty (30) days of receiving the complaint. Where it is a legal requirement to do so, then in the event we need more time to investigate and resolve your complaint, we will notify you as to the reasons why and seek your agreement to extend this thirty (30) day period (if you do not agree, we may then not be able to resolve your complaint).

Please note, where your complaint relates to your credit information, we may consult with third parties where necessary and as permitted under the Privacy Act, to investigate and resolve your complaint.

In the event your complaint is not handled satisfactorily by our Privacy Officer, you can contact humm’s Customer Service Manager on 08 8232 2828.


If you do not wish to receive offers unrelated to your humm products and services, please contact us to “opt out”, via the details below.

Contacting us

To find out more about us, our Privacy Policy or privacy practices, contact us via the following details:
Telephone Number: 1800 088 151
Fax: (08) 8223 7810

Write to:
Certegy Ezi-Pay Pty Ltd
GPO Box 1878
Adelaide, SA, 5000

Via the 'contact us' page on our website

Privacy Policy changes

We may change or update this Privacy Policy from time to time. We suggest that you periodically review this Privacy Policy by checking our website at and clicking on ‘Privacy Policy’ to obtain the most current version.

This Privacy Policy was last modified on 8 April 2019.