Who are we?
One Click Verify provides a fast and effective digital solution for business users in the financial services sector to verify clients and automatically maintain those client verifications and for individuals to verify themselves.
What is our privacy commitment to you?
The secure processing and confidentiality of personal information is essential for reducing identity theft, fraud and other exploitation. To minimise the risks involved in the identification of individuals, we have developed our services for use by the government agencies and other organisations who have a need to verify identities, for example to meet Know Your Client/ Anti-Money Laundering (KYC/ AML) purposes;
We are committed to protecting the privacy and confidentiality of all the information we collect on behalf of visitors to our website, people who contact us, our Clients, their Authorised Users, the End Users and our suppliers and partners.
One Click Verify systems are designed in accordance with applicable privacy laws, including the Australian Privacy Act 1988 (Cth)
What personal information do we collect, store and how do we collect this?
One Click Verify collects personal information from:
- Visitors to our websites
- Persons about enquiring or applying for use of our service
- Clients and their Authorised Users
- End Users
- Anyone who downloads the One Click Verify mobile application; and
- Our partners and suppliers.
Clients and Authorised Users
Personal information we collect about Clients (if they are individuals rather than incorporated entities) and Authorised Users may include:
- Name, address and contact details (email and mobile phone number)
- Client’s or Client’s employer’s physical address and mailing address
- Your Tax Agent Number
- Date of birth
- Verification information (as described below)
- Account related information, including user name and password
- Information relating to your use of OCV and your account, including interactions with End Users.
End Users
Personal information we collect about End Users may include:
- Name, address and contact details (email and mobile phone number)
- Date of birth
- Your Tax File Number
- Information included in documents used for identity verification services, including details of your Passport, Driver’s Licence or, Medicare card
- Facial biometrics (where supported as part of the identity verification process and with your consent)
- Verification information (as described below)
- Account related information, including user name and password
- Information relating to your use of OCV and your account, including your interactions with Clients and Authorised Users.
Our Partners and Suppliers
Personal information we collect about our partners and suppliers (including individuals who are or work for and on behalf of our partners and suppliers) may include:
- Contact information (such as name, postal or e-mail address, date-of-birth and phone number) only if necessary
- Business contact and other information (such as job title, department, name of organisation and dealings with us directly or on behalf of the relevant supplier or business partner).
Visitors to Our Websites
Personal information we collect about visitors to our website may include personal information which:
- Is provided by the visitor during their visit (e.g. via chat, or doing business with us like contacting us or providing information to us including through forms available at the website
- Is generated when you visit our website e.g. when browsing or searching information (eg login information, language, device ID and type, operating system, application settings as well as other data collected by means of cookies and like technology, as further described below).
Verification Information
As part of our verification of the identities of users we record certain information including:
- A verification reference number as proof of verification attempt.
- What record was queried.
- If any given verification attempt succeeded/failed.
- Reason for a failure e.g. first name did not match.
- Key timing events for the match request.
How we collect your personal information
Most of the personal information we collect is collected directly from you, including through completion of online forms, setting up accounts, emails, telephone calls and use of our website and mobile application.
We collect information about End Users when personal information is entered into One Click Verify by an Authorised User when inviting as individual to become and End User.
We also collect Verification Information as part of the identity verification process.
Cookies
We use “cookies” as fundamental part of our interactions with your Internet browser. The purpose is to provide you with better and more customised service and with more effective and efficient website.
A “cookie” is a small text file placed on your computer by our web server. A cookie can later be retrieved by our web servers. Cookies are frequently used on almost all websites and your can choose if and how cookie will be accepted on the initial visit to the site or by configuring your preferences and options in your web browser.
One Click Verify uses cookies from unsecure areas of the website and may allocate a cookie for the purposes of storing information related to personalisation of the website.
One Click Verify also uses cookies for secure services (that is, an area where you are required to log on) on the website. These cookies are used for a variety of purposes, including for security and personalisation reasons, If your browser is configured to reject all cookies you may be unable to use secure services on the Mobile Business Devices Pty Ltd website that require cookie in order to participate. You may still be able to use some of the information-only pages even if you do not accept cookies.
The One Click Verify website may periodically be promoted using online display advertising and remarketing tools connected with Google Analytics. One Click Verify, and third-party vendors, including Google and Microsoft, may use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) together to inform, optimize, and serve ads based on individuals’ past visits to this website. This is intended to help make ads relating to this site more relevant to people who have or have not visited this website and to minimise ads displayed to people who may not need the services of this site. Visitors can opt-out of Google Analytics for Display Advertising and customize Google Display Network ads using Google’s Ads Settings.
One Click Verify partners with Microsoft Clarity to capture how you use and interact with our website through behavioral metrics, heatmaps, and session replay to improve our products/services. Website usage data is captured using first and third-party cookies for site optimization, to troubleshoot bugs, and also to determine the popularity of products/services and online activity. For more information about how Microsoft collects and uses your data, visit the Microsoft Privacy Statement.
Mobile Business Devices Pty Ltd respects the choice of any individual to opt out of common web tracking systems and encourages concerned individuals to investigate the Google Analytics opt-out browser add-on.
Why do we collect this information and what do we use it for?
One Click Verify collects, stores and uses the personal information we collect for the following purposes:
- To operate and provide the OCV
- To consider the suitability of organisations applying to use OCV as a Client
- To validate the identity of individuals completing application forms on behalf of Clients and to report verification back to the Client
- To provide the OCV services to our Clients, including by way of facilitating the verification of Client’s Authorised Users and nominated End Users’ identities
- To support sharing by Clients of End User personal information with third parties, with the consent of the End User
- To support the exercise of rights by all End Users, including the right to access or request erasure of their personal information
- To keep all Clients, Authorised Users and End Users informed about services such as requests to update personal information or identification expiring
- To help direct and inform support and contact requests
- To analyse usage behaviour, to optimise our service and to otherwise inform product development
- To ensure the information security of the Website and any services provided, including prevention of possible frauds and relevant investigations
- to administer and maintain our website, host and deliver its content and prevent or repair faults
- to run our business, including providing, researching, developing and improving our products or services; concluding and executing agreements with suppliers and partners; recording and settling incoming and outgoing services, products and materials, managing relationships and marketing, account management, and development, execution and analysis of market surveys and marketing strategies, dealing with any complaints or enquiries, purposes permitted under the Privacy Act, credit reporting legislation and debt-recovery
- To meet legal and regulatory requirements, including responding to regulator and law enforcement requests (subject to the below).
- We may also use personal information for one or more specific purposes, if the data subject has consented to that purpose or those purposes.
For End Users, we only provide your personal information:
- to the Client(s) who invited you to verify your personal information for the purpose of the services you engaged them to provide (which may include information about identification expiring and re-identification requirements)
- to Clients or third parties if it is necessary to provide you with the service or information that you requested,
- to document issuers or official record holders via third party systems for the purpose of confirming your identity
- to other third parties, if you have agreed to the Client providing it to them.
Tax File Numbers
We only collect and use End User’s TFN where the Client has confirmed that the relevant TFN can be so used for a purpose authorised by Australian taxation law, personal assistance law or superannuation law.
You are not required to provide us with your TFN, but if you do not do so, we may not be able to provide our identity verification service to you.
AML, PEP’s, Sanctions check feature
As part of our identity verification process, Clients can elect to use our Anti Money Laundering, Politically Exposed Persons and Sanctions check feature which checks an individual against lists published by various governmental and inter-governmental agencies that include the names of known criminals, sanctioned individuals, politically exposed persons and other high-risk individuals and organisations. If a person fails that check, the Client requesting it will be advised and we will comply with our obligations which may include, for example, submitting a Suspicious matter report via AUSTRAC.gov.au.
What about the use of personal information for direct marketing?
Australian privacy law limits the use of personal information for direct marketing of goods and services. We will not use the personal information of End Users for marketing purposes without their consent. We also will not sell any personal information.
Who do we share your personal information with?
Identification Verifiers
We may share your personal details using third party systems with the relevant document issuer or official record holders as required to verify said details.
Suppliers, partners and staff
We may disclose personal information for the purposes described in this Privacy Policy to:
- our staff to administer the services we offer to you;
- third party suppliers and service providers (including technology suppliers and providers) who support us in providing services to you; carefully selected business partners, advisers and agents.
Sharing with regulators and law enforcement
When we perform identity verification, which includes checking against politically exposed persons, sanctions and terrorism watch list checks, we may send your personal information to, and also use the resulting information from, regulators and law enforcement agencies to prevent fraudulent or illegal activity and to meet our compliance obligations.
We may otherwise share your personal information with regulators and law enforcement agencies wherever required to meet our legal or regulatory compliance obligations, or where required by legal obligations or in response to requests from law enforcement.
We will not use or disclose your personal information for enforcement related activities conducted by, or on behalf of, a law enforcement body unless:
- We are satisfied that the enforcement body reasonably suspects that a person has committed an offence against a law of the Commonwealth or of a State or Territory that is punishable on conviction by imprisonment for at least 3 years or started proceedings against a person for such an offence; or
- We are satisfied that the enforcement body reasonably suspects that a person has breached a law imposing a penalty of 180 penalty units or more (for an individual) or 900 penalty units or more (for a body corporate), or has started proceedings against a person in relation to the breach; or
- The information is used or disclosed under a warrant issued by a magistrate, judge or member of a tribunal; or
- The use or disclosure is otherwise required by a law or a Trusted Digital Identity Framework Requirement that applies to and is binding on us.
To support transparency of our interactions with law enforcement, we will publish an Annual Transparency Report that will disclose:
- The name of each law enforcement body that has requested Digital Identity Information from us since the previous report;
- The total number of such requests received by us;
- Details of the type or kind of Digital Identity Information requested by each law enforcement body (but not so as to include the personal information of an individual); and
- The total number of requests that resulted in us providing Digital Identity Information in response to the request.
For the purposes of this section:
“Digital Identity Information” means any information that is generated in, obtained from or collected for the purposes of the OCV system; and
“Law enforcement body” means mans an Enforcement Body as defined in the Privacy Act 1988 (Cth). More information is available here.
How can One Click Verify Users update or amend their information?
You can easily update the information we hold about you by logging in online to the One Click Verify system or contacting us at [email protected].
If any of the documents used to verify your identity have changed or expired, you will be required to re-verify those documents, which may include submitting updated documents and details.
How do we store and protect the information we hold about you?
We store your information encrypted in electronic systems under our control and with employed developers. We take appropriate steps to protect the security of the information we hold about you, including protections against unauthorised access, virus or other electronic intrusions, fire, theft or loss. We require our supplier to do the same. Our staff are bound by strict requirements regarding the protection of the privacy of the information we collect and hold about you.
All personal information is hosted on a cloud platform in Australia.
Do you send my information overseas?
One Click Verify has strict agreements with government agencies and as part of our Operational Security Framework we do not share or send any personal information overseas.
For how long do you keep my personal information?
We generally keep your personal information active for as long as is reasonably required to enable us to meet your needs.
We keep identification records and other personal information encrypted on file for up to 3 years at which point you are required to update the information held. As part of our data security, we regularly backup and archive our electronic databases.
You can request that we erase your personal information at any time, initiated through the account portal. The request will be vetted and actioned by a dedicated One Click Verify Staff member and a confirmation email will be sent out upon completion. See You can request the erasure of your data below.
Accounts are required to be kept up to date whilst using this service. When an account is not updated in the case of; identification used expiring or, after 3 years since last verification, the account is determined to be inactive. An inactive account will be archived, and data will be kept only for compliance purposes.
Your rights
You have a right to see what information we hold about you and to correct it
Under Australian privacy law, you have a right to access the personal information we hold about you. These rights also include correction of any errors in this information.
You can access most information we hold about you via your account.
You can also ask us to provide access or to correct to your information by contacting us via the contact details below. Unless the access you request will require special steps or significant resources, there will be no charge for providing you with this access.
You can request erasure of your data
You can request erasure of the personal information we hold about you at any time by completing our Erasure Request Form. We will do our best to comply with any request, subject to our legal obligations and other allowable exceptions.
Please note that we will retain metadata relating to account activity which may be provided to regulators, law enforcement and other parties in the future.
What if I want more information on how we protect your privacy or I have a complaint?
We are required to comply with applicable Commonwealth, State and Territory Privacy Law. Under these privacy laws, we are required to comply with a set of privacy principles. The core principles are in the Privacy Act 1988 (CTH). More information about these principles and Australian privacy law can be found on the Australian Information Commissioner’s website www.oaic.gov.au.
How can I contact you?
Please do not hesitate to contact us if you have a concern, issue or complaint in relation to how we collect, store, use or disclose your personal information.
Please contact us by email to [email protected]
Definitions
In this Policy:
- “Authorised User” means a person who is authorised by the Client to access the One Click Verify service on behalf of the Client;
- “Client” means the agency, business or other organisation that has been approved to use OCV;
- “Client Account” means an account set up by the Client with an ID and password that the Client and its Authorised Users use to access the One Click Verify service;
- “End User” means a customer of the Client who is using OCV or any other individual who is using OCV for their own purposes;
- “OCV” means the one click verify digital system and service provided by us;
- “We”, “our”, “us” and “One Click Verify” refers to One Click Legal Pty Ltd ABN 87 640 442 771 trading as One Click Verify, and all related entities and affiliates.
Terms not otherwise defined, like “personal information” and “sensitive information” have the same meaning as in the Privacy Act 1988 (Cth).