This Privacy Policy governs your use of the software applications, websites, and related services (collectively, the “Services”) provided by PokitPal Pty Ltd (“PokitPal,” “we,” “us,” or “our”). PokitPal is a rewards and cashback platform and is committed to protecting your privacy and follow ISO 27001 certification guidelines for information security management. As a registered entity under Australia’s Consumer Data Right (CDR) framework, we adhere to strict standards for handling open banking data and follow PCI guidelines where appropriate.
To access and use our Services, registration is required to uniquely identify you and enable core functionalities. When you register or interact with our Services, you may provide:
Our Services may collect certain information automatically, including:
This information helps us optimise the Services, improve user experience, and provide aggregated insights to our enterprise partners.
As a CDR-registered entity, we may collect and process accredited financial data (e.g., transaction history or account details) with your explicit consent. This data enhances our ability to offer tailored rewards and cashback opportunities aligned with your financial activity.
With your consent, we may collect real-time location data to enable features such as redeeming rewards or cashback offers at specific locations. This data is used solely to enhance your experience and provide relevant services. We do not share your precise location with third parties, though anonymised, aggregated statistics may be shared with our partners to improve offer relevance.
We use the information we collect to:
When you link a payment card to participate in our rewards program, we require your affirmative consent to authorise transaction monitoring.
By signing up to a PokitPal service, You authorise my the payment card networks (e.g. Visa, Mastercard) to monitor activity on my linked payment card(s) to identify qualifying transactions, and for such payment networks to share such transaction details with PokitPal Pty Ltd to enable my card-linked offer(s), and facilitate my participation in the Program. You may opt-out of transaction monitoring by contacting support@pokitpal.com with 'Opt-Out Request' in the subject line.
We may disclose User-Provided and Automatically Collected Information:
We do not sell, rent, or lease your personal information to third parties for their own marketing purposes.
Our Services may include advertising or analytics features to enhance functionality and user experience. We may partner with third-party advertising networks or analytics providers who collect data about your interactions with the Services. This data is used to deliver relevant offers and measure engagement but does not directly identify you as an individual.
If you link a payment card to our rewards program, We may monitor transactions on your linked card(s) to identify qualifying activities and share Transaction Data with us to enable your rewards and cashback offers. Details of this process are outlined in our Program Terms. You may opt out of transaction monitoring at any time by visiting your account settings or contacting us at support@pokitpal.com with “Opt-Out Request” in the subject line.
You can opt out of marketing communications by following the unsubscribe instructions in any email we send or by contacting us directly. To stop all data collection by our mobile application, you may uninstall it using your device’s standard uninstall process.
If you’ve consented to share CDR data, you may withdraw consent at any time via your banking provider or by contacting us, subject to applicable legal requirements.
You can review or update your account details by logging into the Services or contacting us at support@pokitpal.com with “Privacy” in the subject line.
We retain User-Provided and Automatically Collected Information for as long as necessary to provide the Services and fulfil our obligations to you and our partners, or as required by law (e.g., PCI, ISO27001, CDR compliance). If you request deletion of your data, we will comply within a reasonable timeframe, though some information may be retained to meet legal or operational needs. To request deletion, email support@pokitpal.com with “Privacy” in the subject line.
We prioritise the security of your information and comply with ISO 27001 certification guidelines to ensure robust information security practices. We implement physical, electronic, and procedural safeguards to protect the data we process. Access is restricted to authorised personnel who require it to operate, develop, or enhance our Services. While we strive to maintain strong security, no system can guarantee absolute protection against all potential breaches.
When you link a payment card to our Services, we do not store the Primary Account Number (PAN). Instead, we securely pass this information directly to the relevant scheme provider (e.g., Visa, Mastercard) for processing, ensuring your payment details remain protected.
We may use this information to:
We may update this Privacy Policy periodically to reflect changes in our Services, legal requirements, or industry standards. Updates will be posted on our website, and significant changes may be communicated directly to you. We encourage you to review this policy regularly.
By using our Services, you consent to the collection, processing, and sharing of your information as described in this Privacy Policy, including under the CDR framework where applicable.
By creating an account, you provide affirmative consent to our Terms and Privacy Notice through a distinct action (e.g., clicking a button or checking a box), separate from any consent for card-linking or transaction monitoring. By using our Services, you further consent to the collection, processing, and sharing of your information as described in this Privacy Policy, including under the CDR framework where applicable.
For questions, concerns, or requests regarding your privacy, please reach out to us at: Email: support@pokitpal.com (include “Privacy” in the subject line)