top of page
Brumby Pay Logo Green_edited_edited_edited_edited_edited.png

Privacy Policy

Brumby Finance Pty Ltd (referred to as “Brumby", "Brumby Pay”, “we”, “us”, or “our”) is committed to protecting your privacy. This policy applies to all personal information collected through our websites, platforms, and services, including our trading name Brumby Pay.

​

Brumby Finance complies with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), which govern how personal information is collected, used, disclosed, stored, and accessed.

​

Collection of Personal Information:

We collect personal and business-related information in a fair and lawful manner for the primary purpose of delivering our milestone-based rewards and invoice engagement platform.

​

Depending on your interaction with Brumby Pay, we may collect:
 

  • Name, business/trading name

  • Date of birth, ABN/ACN or registration info

  • Contact details (email, phone, address)

  • Invoice and payment data (amount, status, history)

  • Information provided during onboarding or when rewards are issued

  • Email/message engagement activity (clicks, opens)

  • Technical session info (IP address, browser, device type, usage data)

​

​If you provide us with personal information about yourself or someone else (such as a payer or reward recipient), you confirm that you consent, or have obtained their consent to share that information with us. We may ask for proof of that consent if required.

​

We only collect sensitive information with your consent or where legally required.

​

Use of Personal Information:

We use personal information for the following purposes:

Facilitating voluntary invoice engagement
Triggering and issuing milestone-based rewards
Delivering messages on behalf of the creditor
Monitoring invoice outcomes and audit trails
Providing support, platform access, and account security
Improving our services and compliance reporting
Meeting legal and operational obligations

We do not use your data for unrelated marketing, nor do we profile users.
 

Disclosure of Personal Information:

We may share personal data where necessary for service delivery or legal compliance. Third-party disclosures may include:

 

  • Payment service providers to process invoices

  • Reward vendors where used (Brumby funds and issues rewards directly)

  • IT, legal, or compliance providers under confidentiality agreements

  • Regulators or enforcement bodies, if legally required (e.g. OAIC, ASIC)
     

We never sell, rent, or share your personal data for advertising purposes.
 

Third-Party Services & Cross-Border Disclosure:

Some services used by Brumby Pay may process or store data overseas. We ensure that:
 

  • All vendors comply with the Privacy Act or equivalent standards

  • Data handling contracts are in place to maintain protection

  • We assess third-party practices for privacy and security controls


Data Security:

We protect your personal data using technical and administrative safeguards including:
 

  • End-to-end encryption (HTTPS)

  • Access controls, authentication layers, and audit logs

  • Regular risk assessments and system security reviews

  • Credential security and data isolation protocols
     

While we apply strong protections, online data transmission carries inherent risks.
 

Access & Correction:

You may request access to, or correction of, your personal data at any time. We may require identity verification.
We may lawfully deny access in limited circumstances, such as legal privilege or serious security risk.
 

Data Retention & Destruction:

We retain your data only as long as necessary for the purpose collected or as required by law.
When no longer needed, personal information is securely destroyed or de-identified.
 

Cookies & Web Analytics:

We may use cookies and analytics tools to understand how users interact with our platform. This may include:
 

  • Pages visited, session time, click-throughs

  • Browser/device details

  • Feature usage and performance data
     

Brumby does not use cookies or analytics tools for behavioural advertising or third-party marketing.
You can opt out of cookies through your browser settings.
 

External Links:

Our website may link to third-party sites. Brumby Finance is not responsible for the privacy practices or content of external websites. We encourage you to review their privacy policies separately.
 

Making a Privacy Complaint:

If you believe we have mishandled your information, please contact us directly. We will respond within 30 days.

If you are not satisfied with our response, you may escalate to:
 

Office of the Australian Information Commissioner (OAIC)
GPO Box 5218, Sydney NSW 2001
1300 363 992
enquiries@oaic.gov.au
www.oaic.gov.au

 

Changes to This Policy:

We may update this Privacy Policy from time to time to reflect changes in law, technology, or our business operations.
The current version will always be available on our website and is effective from the date of publication.
 

Contact Us:

For privacy-related enquiries or access requests:

support@brumbypay.com.au
Brumby Finance Pty Ltd

© 2025 Brumby Finance Pty Ltd. All rights reserved.
This document is provided for general information purposes. It may not be reproduced, distributed, or used for commercial purposes without the prior written consent of Brumby Finance Pty Ltd.

bottom of page