IDV Pacific Pty Ltd Privacy Policy
Effective Date: 1st July 2025
IDV Pacific Pty Ltd (“IDV Pacific”, “we”, “our”, “us”) is committed to protecting your privacy and managing personal information in an open and transparent way in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) relevant to our business.
This policy outlines how we collect, use, store and disclose personal information in the course of providing Verification of Identity (VoI) and related digital identity services.
1. Compliance with APP 1 – Open and Transparent Management
We manage personal information in an open and transparent manner. This includes:
- Publishing this Privacy Policy, which describes our data handling practices
- Ensuring that our systems and processes protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure
- Making this policy accessible and reviewing it periodically to reflect updates to law, technology, or our service offerings
We take our privacy obligations seriously and seek to ensure that individuals understand how their information is handled.
2. Collection of Personal Information (APP 3)
We collect personal and sensitive information (including facial images and identity document data) only where necessary to conduct a verification of identity process as authorised by you or the organisation requesting the service.
All data collection is subject to informed consent. Applicants are required to explicitly agree by ticking a consent checkbox before proceeding with any data submission. Without this consent, the transaction does not continue.
3. Notification at Collection (APP 5)
We notify individuals at or before the time we collect personal information. The information collected is used solely for the purpose of performing an identity verification as requested by a third-party organisation with whom the individual is engaging (e.g. a government agency, financial institution, or licensed business). IDV Pacific does not use or share this information for any other secondary purpose, nor do we disclose it to any unrelated party.
4. Use and Disclosure of Personal Information
We use personal information only to provide our verification services and to fulfil contractual obligations to the organisation requesting the verification. We do not share personal data with any other parties, and we do not retain biometric data once the verification transaction is complete.
5. Biometric Information Handling
Where biometric data (such as facial images for matching or liveness detection) is collected as part of a verification process, the following applies:
- The biometric data is used solely for the purpose of completing the verification process
- The biometric data is not stored by IDV Pacific after the transaction is completed
- Biometric data is deleted automatically after the conclusion of processing
6. Data Hosting and Location of Processing
All personal data collected by IDV Pacific is processed and stored within Australia. We use secure Tier III and Tier IV data centres located in Sydney and Melbourne.
We do not transfer or process any data offshore.
Data collected from individuals in New Zealand is also processed exclusively in Australia under the same security and privacy controls.
7. Cross-Border Disclosures (APP 8)
We do not disclose personal information to overseas recipients, with the sole exception of processing data for New Zealand applicants, which is hosted and processed within Australia. IDV Pacific no longer transfers any data to or associates with overseas suppliers or affiliates, including former arrangements with UK-based vendors.
8. Data Security and Retention
We use a combination of industry-standard security measures including encryption in transit and at rest, access controls, and secure development practices to protect personal information.
Personal information is retained only for as long as required to fulfil the verification process and meet legal or regulatory obligations. After that, data is de-identified or securely destroyed.
Biometric data is not retained under any circumstances beyond the immediate transaction.
9. Access and Correction of Personal Information (APP 12 and 13)
You may request access to personal information we hold about you, or request that we correct any inaccuracies, by contacting us using the details below. We will respond to such requests in accordance with the Privacy Act.
10. Contact and Complaints
If you have any questions about this policy, or if you wish to make a complaint regarding how your personal information has been handled, please contact:
Privacy Officer
IDV Pacific Pty Ltd
We will acknowledge and respond to complaints promptly, and if you are not satisfied with our response, you may refer your complaint to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
11. Policy Updates
This Privacy Policy may be updated periodically to reflect changes in legal requirements or our practices. The most recent version will always be available at: