Australian Payments Council

Privacy Policy


The Australian Payments Council (APC) is committed to protecting and maintaining the privacy, accuracy and security of an individual’s personal information. This Privacy Policy describes how the APC manages the personal information that it may collect, hold, use or disclose for the purposes of its functions and activities.


APC’s role in payments industry

The APC is established for the purpose of fostering the ongoing development of the Australian payments system in order to meet changing user needs, while delivering efficient and safe payment services in an environment that encourages competition.  The subscribers to the Australian Payments Council Participation Agreement (Participation Agreement) are organisations with a significant interest in the Australian payments system.  Representatives of the subscribers form the Payments Community. The administrator of the APC is the Australian Payments Clearing Association Limited, appointed under the Participation Agreement. Australian Payments Clearing Association Limited has its own privacy statement, which is available on its website

The APC undertakes its activities with transparency, fairness, rigour and integrity.

While not bound by the provisions of the Privacy Act 1988 (Cth) (“Privacy Act”), the APC voluntarily chooses to comply with the private sector provisions (other than the credit reporting provisions) of the Privacy Act.

This policy is made in accordance with Australian Privacy Principle 1, and describes the APC’s policies for handling personal information that we may collect, hold, use or disclose for the purposes of our functions and activities.


What personal information does the APC collect and hold?

The personal information we collect and hold may include your name, title, business address, other contact details and other information that we consider is reasonably necessary (such as information about your opinions, policies, statements and writings) so we can perform our legitimate functions and activities.

We will not collect sensitive personal information about you unless we have your express or implied consent or if the law otherwise permits it.

Personal information that we collect is stored or held securely by the APC’s administrator or in archives maintained by a third party information storage provider.


How is personal information collected?

We collect personal information from you directly, and from subscribers to the Participation Agreement, members of the Payments Community and members of the APC. We also collect personal information from oral sources, from correspondence and other written material either sent to us or from publicly available sources of personal information such as newspapers, electronic media, records of proceedings and public registers.

When you visit the APC website, your domain name is recorded in our logs. This information is used for statistical and web development purposes only.  The APC also collects personal information from this website through receiving emails and other electronic communications. The APC may use external service providers to analyse traffic on this website. Generally, information collected through such analysis is anonymous.

Where we consider that you may not be aware or would not have expected that we had collected personal information about you we will take such steps as are reasonable in the circumstances to let you know that we have collected the personal information, our purpose in collecting it, to whom we would usually disclose the information and whether it is likely that we would disclose the information to overseas recipients including the countries in which those recipients are located if it is practicable for us to specify those countries.


Purposes of collecting, holding, using and disclosing personal information

In general, the APC will use and disclose your personal information for the following purposes:

  • to conduct the APC’s business;
  • to provide the APC’s services;
  • to communicate with you and to facilitate communication between subscribers to the Participation Agreement, members of the Payments Community and members of the APC; and
  • to help the APC manage and enhance its services.

Specific purposes include:

  • to enable us to communicate with subscribers to the Participation Agreement, members of the Payments Community, members of the APC, the Australian Payments Clearing Association Limited and its members, the Payments System Board, and other organisations and individuals involved in the payments industry; and
  • to identify, understand and respond to policies, ideas, attitudes and opinions of those parties in representing the interests of the Payments Community and APC.


Disclosure of personal information 

We may disclose personal information to:

  • subscribers to the Participation Agreement, members of the Payments Community, members of the APC;
  • Australian Payments Clearing Association Limited and its members;
  • those organisations as required or authorised by law;
  • external parties such as your representatives, including your legal advisers;
  • our representatives, such as our legal advisers;
  • service providers such as printers and posting services and organisations involved in the provision and maintenance of our business systems and infrastructure; and
  • those organisations where you have consented.

The APC works with other payments industry representative organisations and associations in other countries.  Disclosures may occur outside Australia to overseas recipients in which case we will observe the applicable Australian Privacy Principles.

Where your personal information is disclosed, we will seek to ensure that the information is held, used or disclosed consistently with the applicable Australian Privacy Principles and other applicable privacy laws and codes.


Management of personal information

We will keep your personal information securely, having regard to its nature and source. Arrangements are in place to safeguard the information against unauthorised access, modification, disclosure and interference and from loss and misuse.

We will destroy or permanently de-identify your personal information we are holding when it is no longer needed for the purpose for which we collected it. When we destroy your personal information we will ensure that this is carried out properly and securely.

We train our staff about the requirements of the Privacy Act and the APC’s policy of voluntary compliance with the Privacy Act. Additionally, we have a designated person, the Head of Regulation at Australian Payments Clearing Association Limited, who is responsible for our overall compliance with this policy.

If you would like more information about how we manage your personal information please contact us (see “Contact details” below).


Access to personal information 

You may request access to your personal information that we hold. Before giving you access we may need to establish your identity.

You may ask us to correct your personal information that we hold if you believe it is incomplete, inaccurate, irrelevant, out of date or misleading.

This access is subject to some exceptions allowed by law. For example, we can deny you access where access would:

  • be unlawful;
  • pose a serious threat to the life, safety or health of an individual or to public health or safety;
  • have an unreasonable impact on the privacy of others;
  • involve disclosure of a commercially sensitive decision making process;
  • prejudice enforcement activities such as criminal proceedings or negotiations with you; or
  • reveal certain information relevant to legal dispute resolution proceedings.

We may also deny your request for access if it is frivolous or vexatious.

We will give you reasons if we deny your request.


Complaints about privacy

If you believe the APC has breached its obligations under this policy, you may complain to the Head of Regulation at Australian Payments Clearing Association Limited.

Your complaint may be made by telephone, mail, email or fax (see “Contact details” below).

We will acknowledge receipt of your complaint within 2 business days and will attend to your complaint and endeavour to resolve it within 14 business days.

We are unable to handle or assist you with a privacy complaint involving a financial institution or a subscriber to the Participation Agreement or a member of the Payments Community. If you have a privacy complaint about such an organisation, you should make your complaint directly to the financial institution or organisation concerned.


Contact details 

Head of Regulation

Telephone:  (02) 9216 4888

Mail: Head of Regulation (Privacy)
Australian Payments Clearing Association Limited
Level 6, 14 Martin Place
Sydney NSW 2000


Fax: (02) 9221 8057


Need more information?

If you would like more information about privacy and the Privacy Act (including the Australian Privacy Principles), you can access the Privacy Commissioner’s website at