Privacy Policy

Last updated: February 2026  |  Effective: February 2026

FinSeeker is committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles (APPs). This policy explains how we handle your personal information. Please read it carefully.

1. Who We Are (APP 1)

FinSeeker ABN 78 792 538 395 ("FinSeeker", "we", "us", or "our") operates the online finance matching platform at finseeker.com.au (the "Platform").

We maintain a publicly available privacy policy (this document) in accordance with APP 1.3 and take our obligations under the Privacy Act 1988 (Cth) seriously. If you have any questions about how we handle your personal information, please contact our Privacy Officer at contact@finseeker.com.au.

2. What Is Personal Information?

Under the Privacy Act, "personal information" means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not, and whether recorded in a material form or not (s 6).

"Sensitive information" (s 6) — such as health, racial or ethnic origin, and financial details beyond what is necessary for our service — attracts heightened protection. We do not intentionally collect sensitive information unless you provide it voluntarily and we have your express consent, or collection is required or authorised by law.

3. Collection of Personal Information (APP 3)

We collect personal information that is reasonably necessary for our functions and activities. The types of information we collect include:

  • Identity & contact details: full name, email address, phone number, company name, and ABN/ACN.
  • Funding request details: loan amounts, finance types, security types, business descriptions, and documents you upload to the Platform.
  • Account credentials: email address and hashed (bcrypt-encrypted) password. We never store passwords in plain text.
  • Payment information: credit/debit card processing is handled entirely by Stripe Inc. (PCI DSS compliant). We do not store, transmit, or have access to your full card number, CVV, or banking credentials.
  • Usage & technical data: IP address, browser type, device identifiers, pages visited, session data, and anonymised analytics collected via Vercel Analytics.
  • Communications: content of messages submitted via our contact form, email correspondence, and support requests.

How we collect: We collect personal information directly from you when you register, submit a funding request, pitch on a request, purchase credits, contact us, or otherwise interact with the Platform. We may also collect information from publicly available sources (e.g. ASIC Connect, ABN Lookup) to verify information you provide.

Consequences of not providing: You are not required to provide personal information, but if you choose not to, we may be unable to provide you with access to the Platform, process your registration, or respond to your enquiries (APP 3.6).

Anonymity: Where practicable and lawful, you may interact with us anonymously or using a pseudonym. However, most Platform functions require you to identify yourself (APP 2).

4. Notification of Collection (APP 5)

At or before the time of collection (or as soon as practicable), we notify you of:

  • Our identity and contact details.
  • The fact and circumstances of the collection.
  • Whether collection is required or authorised by law.
  • The purposes for which we collect the information.
  • Any third parties to whom we usually disclose the information.
  • Whether we are likely to disclose information to overseas recipients and, if so, which countries.
  • Your right to access and seek correction of your personal information.
  • How to complain about a breach of the APPs and how we will deal with such a complaint.

This Privacy Policy fulfils our APP 5 notification obligations. Additional notice is provided at registration and at each collection point on the Platform.

5. Use and Disclosure of Personal Information (APPs 6 & 8)

We use and disclose personal information only for the primary purpose for which it was collected, or for a secondary purpose where:

  • You would reasonably expect us to do so, and the secondary purpose is related (or, for sensitive information, directly related) to the primary purpose; or
  • You have consented; or
  • Use or disclosure is required or authorised by law.

We use your personal information to:

  • Provide, operate, maintain, and improve the Platform and its services.
  • Match Borrowers seeking finance with relevant registered Lenders.
  • Process credit purchases and manage your account.
  • Send transactional emails (registration confirmations, password resets, lender-match notifications).
  • Respond to enquiries and provide customer support.
  • Comply with legal and regulatory obligations, including under the AML/CTF Act 2006 (Cth) where applicable.
  • Detect, investigate, and prevent fraud, unlawful activity, and breaches of our Terms of Service.
  • Send service-related updates and, where you have expressly consented, direct marketing communications.

We may disclose your personal information to:

  • Lenders on the Platform — when a Lender uses a credit to connect with your funding request, your name, email, phone number, and funding details are disclosed to that Lender.
  • Service providers — Resend Inc. (email delivery, US servers), Stripe Inc. (payment processing, US and other servers), and Vercel Inc. (hosting and analytics, US servers). Each is bound by contractual data protection obligations.
  • Professional advisers — lawyers, accountants, and insurers, on a confidential basis.
  • Regulatory & law enforcement bodies — including ASIC, the ATO, AUSTRAC, and police, where required or authorised by law.
  • Successors in business — in connection with a merger, acquisition, or sale of all or substantially all of our business, subject to the acquirer maintaining equivalent privacy protections.

We do not sell, rent, or trade personal information to third parties for their own marketing purposes.

6. Overseas Disclosure (APP 8)

We disclose personal information to the following overseas recipients: Stripe Inc. and Resend Inc. (United States), and Vercel Inc. (United States and other jurisdictions).

Before disclosing personal information overseas, we take reasonable steps to ensure the recipient does not breach the APPs in relation to that information (APP 8.1). We do this primarily through contractual means (Data Processing Agreements).

Where we are unable to ensure an overseas recipient complies with the APPs, APP 8.2(a) applies: you acknowledge that we may not be accountable under the Privacy Act for that recipient's handling of your information. We will inform you if this situation arises.

7. Direct Marketing (APP 7)

We will only use or disclose your personal information for direct marketing if you have expressly consented. Each marketing communication will include a simple, free opt-out mechanism. You may withdraw consent at any time by:

We comply with the Spam Act 2003 (Cth) and do not send unsolicited commercial electronic messages. We will action opt-out requests within 5 business days (APP 7.3).

8. Data Quality (APP 10)

We take reasonable steps to ensure personal information we collect, use, and disclose is accurate, up to date, complete, and relevant for the purpose of its use. You can update your account information at any time by logging in or contacting us at contact@finseeker.com.au.

9. Security of Personal Information (APP 11)

We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, and disclosure. Our security measures include:

  • HTTPS/TLS encryption for all data transmitted to and from the Platform.
  • Bcrypt hashing of all user passwords — we never store passwords in plain text.
  • Role-based access controls restricting access to personal information to authorised personnel only.
  • PCI DSS-compliant payment processing via Stripe — we do not handle raw card data.
  • Regular review of our data security practices.

When personal information is no longer needed for any purpose, we will take reasonable steps to destroy or de-identify it, unless we are required by law to retain it (APP 11.2).

Notifiable Data Breaches (NDB): In the event of an eligible data breach under Part IIIC of the Privacy Act, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required by law, as soon as practicable.

10. Cookies & Analytics (APP 3)

We use cookies and similar technologies to improve your experience and collect anonymised usage analytics. Cookies are small text files stored on your device. You may configure your browser to refuse cookies; however, doing so may affect Platform functionality.

We use Vercel Analytics for aggregated, anonymised usage statistics. No personally identifiable information is shared with Vercel Analytics beyond standard server log data (IP address, browser type).

11. Access to Personal Information (APP 12)

You have the right to request access to personal information we hold about you (APP 12.1). To make a request, contact our Privacy Officer in writing at contact@finseeker.com.au. We will respond within 30 days.

We may decline access in limited circumstances permitted by the Privacy Act (APP 12.3), including where:

  • Providing access would pose a serious threat to health or safety.
  • Access would unreasonably impact another individual's privacy.
  • The information relates to existing or anticipated legal proceedings.
  • Providing access would be unlawful.

If we decline access, we will provide written reasons and information about how to complain (APP 12.9). We will not charge a fee for making an access request, but may charge a reasonable fee to cover the cost of providing access (APP 12.5).

12. Correction of Personal Information (APP 13)

If you believe personal information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, you have the right to request correction (APP 13.1). Contact us at contact@finseeker.com.au. We will respond within 30 days and, if we refuse a correction request, will provide written reasons and advise how to complain (APP 13.3).

13. Complaints (APP 1)

If you believe we have breached the APPs or any applicable privacy obligation, you may lodge a complaint with our Privacy Officer:

FinSeeker — Privacy Officer
Email: contact@finseeker.com.au

  • We will acknowledge your complaint within 5 business days.
  • We will endeavour to resolve your complaint within 30 days. If more time is required, we will advise you of the reason and expected timeframe.

If you are not satisfied with our response, you may escalate to the Office of the Australian Information Commissioner (OAIC):

  • Website: oaic.gov.au
  • Phone: 1300 363 992
  • GPO Box 5218, Sydney NSW 2001

14. Children's Privacy

The Platform is intended for use by businesses and adults aged 18 and over. We do not knowingly collect personal information from children under 18. If you believe we have inadvertently collected such information, please contact us immediately and we will take steps to delete it.

15. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or the law. We will post the updated policy with a revised "Last updated" date. For material changes, we will notify registered users by email with at least 14 days' notice before the change takes effect. Your continued use of the Platform after that date constitutes acceptance of the updated policy.

16. Contact Our Privacy Officer

For any privacy-related queries, access requests, correction requests, or complaints:
FinSeeker — Privacy Officer
Email: contact@finseeker.com.au
Website: finseeker.com.au