We understand how important it is to protect and manage your personal information.  We use computer and server safeguards such as firewalls, data encryption and remote wipe options, and we apply physical access controls to our building and files to keep your personal information safe.  We only authorise access to employees who need it to carry out their job responsibilities. 

The following facts are relevant to how we protect your personal information:

Security over the internet. Find out more

No data transmission over the Internet or Website can be guaranteed to be secure from intrusion. However, we maintain commercially reasonable physical, electronic and procedural safeguards to protect your personal information in accordance with data protection legislation requirements. All information you provide to us is stored on our secure servers and accessed and used subject to our security policies and standards. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential and for complying with any other security procedures which we notify to you. We ask you not to share your password for our Services with anyone else.

Export outside the EEA. Find out more

Your personal information may be accessed by staff or suppliers in, transferred to, and/or stored at, a destination outside the European Economic Area (EEA) in which data protection laws may be of a lower standard than in the EEA. Regardless of location or whether the person is an employee or contractor, we will impose the same data protection safeguards that we deploy inside the EEA.

Storage limits. Find out more

We will retain your personal information for as long as is necessary for the processing purpose for which it was collected and in accordance with our internal record retention policy. Certain transaction details and correspondence may be retained until the time limit for claims, in respect of the specific transaction, has expired or to comply with regulatory requirements regarding the retention of such data.