Privacy Policy

This Privacy Policy describes how Viera Digital Pty Ltd (ABN 93 696 985 047) ("UniPay", "UniCash", "we", "us", "our") collects, uses, stores, and discloses personal information when you use the UniPay merchant platform, including the UniPay web app, UniPay mobile app, and associated merchant services (collectively, the "Service").

UniPay is operated by Viera Digital Platforms Pty Ltd (ACN 698 942 817). We are committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

1. Information We Collect

Merchant account information

• Business name, trading name, and ABN or business registration number
• Contact email address and mobile phone number
• Account PIN (stored as a one-way hash — we cannot recover your PIN)
• Your chosen @handle within the platform

Identity verification

UniPay merchant accounts require identity verification. We collect:

• Full legal name, date of birth, and residential address of the account holder
• Government-issued identity document (passport or driver's licence)
• A selfie/liveness check for identity confirmation

Banking and payout information

• Nominated bank account details (BSB and account number) for AUD payouts
• Payout history and payout request records

Transaction and invoice data

• Payment amounts, timestamps, and account references
• Invoices generated via the UniPay app
• Payment confirmation records and payout history
• UniPay Terminal and POS device transaction logs

Technical data

• IP addresses and approximate geolocation (via Cloudflare)
• Device type, operating system, and browser
• App usage logs and error reports
• Session tokens and active device information

2. How We Use Your Information

• To create and manage your UniPay merchant account
• To verify your identity and comply with our internal risk‑management and fraud‑prevention requirements
• To process UniCash payments received at your business and maintain accurate transaction records
• To deliver AUD bank payouts to your nominated bank account
• To generate and deliver invoices, payment confirmations, and payout receipts
• To operate and support UniPay Terminal and POS hardware registered to your account
• To send OTP codes for account verification and login
• To detect and prevent fraud and other illegal activity
• To respond to merchant support requests
• To comply with our internal policies, risk controls, and any applicable legal requirements

3. Disclosure of Your Information

We do not sell your personal information. We may share your information with:

• Amazon Web Services (AWS): For SMS delivery, email delivery, and secure data storage. AWS processes data in accordance with their privacy policy
• Cloudflare: For content delivery and DDoS protection. Cloudflare processes network-level data in accordance with their privacy policy
• Banking and payment partners: Bank account details shared only as required to deliver your UniPay merchant payouts
• KYC verification providers: Identity documents shared with our identity verification service provider under strict data processing agreements
• Accounting integrations (Xero, MYOB): If you connect an accounting integration, transaction data is shared with your chosen provider only with your explicit authorisation

We will not disclose your personal information to any other third party without your consent, except where required by applicable law.

4. Data Storage and Security

Your UniPay merchant data is stored on secure servers. We implement industry-standard security measures including:

• Encryption in transit (TLS 1.2+) and at rest (AES-256)
• Access controls and audit logging
• Regular security reviews and hardening
• Two-factor authentication for all administrative access

While we take reasonable steps to protect your information, no system is completely secure. If a data breach occurs that is likely to result in serious harm, we will notify you and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches (NDB) scheme.

5. Data Retention

We retain your personal information for as long as your UniPay merchant account is active and for seven (7) years following account closure, in line with our internal compliance and record‑keeping requirements.

KYC documents are retained for seven (7) years from the date of collection or the end of the merchant relationship, whichever is later.

6. Your Rights

Under the Australian Privacy Principles, you have the right to:

• Access the personal information we hold about you
• Request correction of inaccurate or outdated information
• Make a complaint if you believe we have breached the APPs

To exercise these rights, contact us at [email protected].

Note: certain information may be required to be retained by law and cannot be deleted upon request.

7. Cookies and Tracking

The UniPay web app uses browser local storage to maintain your session. We do not use third-party advertising cookies or tracking pixels. Cloudflare may set a security cookie (__cf_bm) for bot detection.

8. Children's Privacy

UniPay is intended for use by businesses and is not available to persons under the age of 18. We do not knowingly collect personal information from minors.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or in-app notification. Continued use of the Service after changes take effect constitutes acceptance of the updated policy.

10. Contact Us

For privacy-related enquiries or complaints:

• Email: [email protected]
• Company: Viera Digital Pty Ltd
• Country: Australia

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).