The below outlines your rights and obligations to using this automated bank statement retrieval service

Individuals have the right to request to opt out of direct marketing and we must give effect to the request within a reasonable period of time.

Individuals may also request that we provide them with the source of their information. If such a request is made, Paymay must notify the individual of the source of the information free of charge within a reasonable period of time.

Subject to the exceptions set out in the Privacy Act, individuals may gain access to the personal information, including credit information, which we hold about them by contacting the Privacy Officer; Rose Gundogan , phone (02) 9676 1974 or e-mail We will provide access within 30 days of the individual’s request

We have nominated Illion bank statements as our external bank statement retrieval provider to retrieve and review your bank statement(s), as required by law to assess your loan application.

  • Access to your transaction history and any accounts linked to the internet banking log in details you enter on a read-only base
  • Money Plus collects at least 90 days of your transaction history, or such period as required by us.
  • We do not hold or store your log-in information.

We will not use identifiers assigned by the Government, such as a tax file number, Medicare number, passport number or drivers licence number., for our own file recording purposes, unless one of the exemptions in the Privacy Act applies. Paymay endeavours to avoid data-matching. We do not disclose this information unless permitted by law. We may use Government identifiers to verify your identity when you deal with us.

We encourage individuals to contact us in order to update any personal information we hold about them. If we correct information that has previously been disclosed to another entity, we will notify the other entity within a reasonable period of the correction. Where we are satisfied information is inaccurate, we will take reasonable steps to correct the information within 30 days, unless the individual agrees otherwise. We do not charge individuals for correcting the information.

The individual will be able to look at his or her personal information at our head office or other offices as agreed beforehand. We will require identity verification and specification of what information is required. An administrative fee for search and photocopying costs may be charged for providing access.

This Policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and the business environment.

We take reasonable steps to ensure that the personal information, including credit information, we collect, use and disclose is relevant, accurate, complete and up-to-date

It is the responsibility of our management to inform employees and other relevant parties that the Privacy Policy is maintained and enforced. Management must ensure that they periodically advise our employees and other relevant Third Parties of any changes to the Privacy Policy.

It is the responsibility of all employees and other relevant parties to ensure that they understand and comply with this Privacy Policy.

All new employees are provided with timely and appropriate access to Paymay’s Privacy Policy. All employees are provided with opportunities to attend privacy training, which covers our obligations under the Act, the APPs and Guidelines and the Code. Employees must ensure that they understand the Privacy related issues that could adversely affect Paymay and its customers if not properly handled.

Privacy breaches must be reported immediately to management by employees and relevant Third Parties. Employees or other relevant Third Parties that do not comply with our Privacy Policy may be subject to disciplinary action.