CDR Policy
Scope
GoGive Pty Ltd offers a round-up donation solution, providing Australians with a convenient way to passively donate small amounts at the time. Our software securely accesses your personal banking information through the government's Open Banking initiative. The regulations governing Open Banking, outlined by the Consumer Data Right (CDR), aim to empower Australians with greater choice and control over their data usage and disclosure.
To access customer banking data, individuals must be identifiable or ‘reasonably identifiable,’ and the requested data from nominated bank accounts must be relevant and suitable for the intended purpose. This encompasses banking data from joint accounts as well.
Collection of Your Personal Banking Data
GoGive Pty Ltd adopts a data minimization approach and only collects information necessary to provide its personal finance management service.
There are no fees for accessing your personal banking data, and GoGive Pty Ltd does not accept consumer requests to access any additional data such as voluntary product or consumer data that the bank may have but is not obligated to supply under the CDR rules.
All data collected, with a person’s consent, is used in providing GoGive Pty Ltd round-up donation method. In this context, data which GoGive Pty Ltd will access for the duration of the consent is:
- Customer and account information
- Transactions made from the bank account nominated
This will occur several times a day to supply the most up-to-date information related to the daily contribution of our users.
A consent receipt is provided at the time of providing consent. Both the consent provided, in terms of its scope and duration, and a summary of data retrieved from the nominated bank account are provided in a dashboard available from the donor portal (donor.gogive.com.au). GoGive Pty Ltd customers will be able to change the consent provided or communicate any changes via this dashboard.
Classes of CDR Data
The following classes of data are held by GoGive Pty Ltd:
Account Information
- Transaction Details
Incoming and outgoing transactions
- Amounts
- Dates
- Descriptions of transactions
- Details of the parties involved (e.g., their name, BSB, account number)
Purposes of CDR Data
GoGive Pty Ltd needs transaction details to allow donors to make micro-donations (round-ups) every time they shop using their bank card.
Disclosure
To provide a positive consumer experience and ensure consumer control over their data, GoGive Pty Ltd does not provide information to third parties to engage in direct marketing.
GoGive Pty Ltd does not disclose or use personal data (including banking data) for commercial purposes.
GoGive Pty Ltd does not disclose personal banking data to any non-accredited or accredited persons, whether in Australia or overseas.
Outsourced Service Providers
GoGive Pty Ltd does not provide CDR data to any outsourced providers. GoGive Pty Ltd develops and maintains its own software for use with banking data collected under the CDR Rules.
How to Contact Us
You can contact us by email at any time at admin@gogive.com.au. Once we have received your email, we will respond as soon as is practical.
How to Make a Complaint or Request Redress
If you believe that there has been a breach of the CDR rules by GoGive Pty Ltd or wish to request a correction, deletion, or apology, please submit your CDR consumer data complaint via email to admin@gogive.com.au.
Please include the following information when submitting your complaint:
Your name Your contact details Your preferred contact method of the complainant (phone / email / letter) The details of your complaint A CDR complaint can be made at any time. Once your complaint is received, GoGive Pty Ltd will acknowledge receipt of the complaint within one (1) business day.
GoGive Pty Ltd will investigate your complaint and attempt to provide you with a written response to resolve the complaint within thirty (30) calendar days of receipt of your complaint.
If your complaint remains unresolved after thirty (30) calendar days, you will be advised in writing that additional time is required to complete the investigation and to provide a response.
When the complaint is resolved, you will receive a ‘final response’ letter within 45 days, informing you of the final outcome of your complaint or dispute, your right to take their complaint or dispute to External Dispute Resolution, and if you are not satisfied with the response, you may lodge a complaint with the Australian Financial Complaints Authority or the Office of the Australian Information Commissioner.
If your complaint remains outstanding within thirty (30) days, GoGive Pty Ltd must write to you to inform you of the reasons for the delay, specify a date when a decision can be reasonably expected, inform you of your right to take your complaint or dispute to an External Dispute Resolution, and if you are not satisfied with our response, you may lodge a complaint with the Australian Financial Complaints Authority or with the Office of the Australian Information Commissioner (OAIC).
Events for Notifying CDR Consumer
GoGive Pty Ltd does not make a consumer’s banking data accessible or visible to outside organizations. GoGive Pty Ltd employs stringent up-to-date information security practices.
In the event of a data breach (e.g., unauthorized access resulting in the loss of CDR data), GoGive Pty Ltd would notify a CDR consumer as soon as practical for the consumer to take appropriate action if required.
GoGive Pty Ltd will also inform you:
- When you consent to collect, use and/or disclose your CDR data
- When your consent expires
- When you amend or withdraw consent
- When GoGive Pty Ltd discloses to any accredited persons
- When GoGive Pty Ltd discloses to any non-accredited entities such as a trusted advisor
- When GoGive Pty Ltd accesses your data
- When you request a correction of your data
Notifications will be provided either at the time of the event when you are present, via email or in-app notification, and the consent dashboard will update with information about when your data was last accessed.
Consequence of Withdrawing Consent
When you stop sharing data with GoGive Pty Ltd, we will stop collecting transactions from this account. We will be unable to process further round-up donations, therefore all your round-up donation plan will stopped and no further contributions will be received by your elected charity.
Deleting CDR Data
You can stop sharing data with us at any time. We will delete all banking data collected under a user’s consent, along with any derived data, within 24 hours of the following events:
- Your consent for access to banking data expires
- You stop sharing data with us before consent expires, or you request data sharing to stop via the bank holding the account
- You delete your GoGive Pty Ltd account
- Your bank notifies us that you cease to be an eligible consumer with them
When any of these events occur, subject to not requiring that the data is held by Australian law, GoGive Pty Ltd will delete the user's data using a scheduled daily process. The process deletes all bank data for the accounts for which consent was held. This includes data derived from the banking data obtained.
For more information regarding our CDR policy, please contact us at admin@gogive.com.au