PRIVACY POLICY

Last Updated: [September 2025]

Introduction:

  1. Important Information About RNL and You

TopCashback (Australia) PTY LTD operates the website (https://giftcards.topcashback.com.au  the “Site”), which is a platform where you can purchase digital gift cards (each an “E-Gift Card”) for your favourite retailers. By visiting the Site, you accept and consent to this Privacy Policy and the practices outlined in it. The Site is powered by RUNA NETWORK LIMITED (“RNL”) (company number 09281949 registered in England and Wales, with a registered office at First Floor, One Suffolk Way, Sevenoaks, TN13 1YL). 

This Privacy Policy explains how we collect, use, disclose and protect your personal information in Australia and how you can access and correct your information or make a complaint.

  1. Information We Collect About You 

Personal Information means information or an opinion about an identified individual or an individual who is reasonably identifiable (whether true or not and whether recorded in material form or not).

We may collect, use, store, and transfer different kinds of Personal Information about you which we have grouped together as follows:

  • Identity and Contact: name, email address, telephone number, billing or delivery address.
  • Technical Data includes internet protocol (IP) address, your browser type and version, time zone settings, browser plug-in types and versions, operating system, and other technology on the devices you use to access the Site.
  • Usage Data includes information about how you use the Site.
  • Financial Data includes card details, transaction information and merchant.
  • Marketing Comms Data includes your preferences in receiving marketing from us and our third-parties and your communication preferences.

  1. How Is Your Personal Information Collected

When You use the Site, we may collect Personal Information from you directly, or we may collect Personal Information automatically when you interact with the Site.

  • Direct Interactions. You may give us your Personal Information by filing in forms or by corresponding with us through the Site (including when you process a transaction). 
  • Automated Technologies. As you interact with our Site, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this Personal Information by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. You can manage your cookie preferences when first accessing our Site.

  1. How We Use Your Personal Information

Generally

We collect, use and disclose personal information for the following purposes permitted by the Privacy Act:

  • Provide and operate the Services: to process transactions, deliver EGift Cards, facilitate redemptions, and provide customer support.
  • Verification, safety and fraud prevention: to verify identity, prevent, detect and investigate fraud, misuse or security incidents, and comply with lawenforcement requests.
  • Improvement and analytics: to understand use of the Services, maintain functionality, develop new features, and improve our user experience.
  • Legal and business operations: to comply with our legal obligations, resolve disputes, enforce our terms, and support audits, mergers, acquisitions or asset transfers.

We may deidentify personal information and use or disclose the deidentified data for research, statistics, and business purposes. Deidentified data is not considered personal information.

Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly. 

  1. Disclosures of Your Information

Generally

We may share your Personal Information with the parties set out below for the purposes outlined in the table above.

  • Brands to process your purchase transactions.
  • Service providers such as professional advisers (e.g. lawyers, accountants), web and app hosting services, website optimisation services, website usage services, email services, data management platform provision, E-Gift Card distribution services, customer relationship management services, marketing tracking partners, messaging services, online and offline marketing services, to handle, store, or use certain Personal Information on our behalf.
  • Our affiliates.
  • Third parties to whom we may sell, transfer or merge part of our business assets.
  • Regulators or legal authorities (such as law enforcement) to meet our legal obligations and to prevent criminal activity.

  1. Overseas Disclosures (APP 8)

Some recipients may be located outside Australia, including (by way of example) the United Kingdom, European Union/EEA, United States, and other countries where our technology or support providers operate. Where we disclose personal information overseas, we will take reasonable steps to ensure the overseas recipient does not breach the APPs in relation to your information (for example, by using contractual protections), unless an exception applies under the Privacy Act.

  1. Security (APP 11) 

We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

  1. Data Retention

We retain personal information for as long as reasonably necessary to fulfil the purposes described in this policy or as required by law. When no longer needed, we will take reasonable steps to destroy or deidentify the information  in line with APP 11.2.

  1. Your Legal Rights

You may request access to the personal information we hold about you and request corrections if you believe it is inaccurate, out of date, incomplete, irrelevant or misleading. Please submit your request to us by email: privacy@topcashback.com.au. 

If you have any questions or complaints about this Privacy Policy or Our privacy practices, you can reach Our data privacy officer by email at privacy@topcashback.com.au.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC):

Website: https://www.oaic.gov.au/

Phone: 1300 363 992

Mail: GPO Box 5218, Sydney NSW 2001

Third Party Links

This website may include links to third-party websites (“TPW”), plug-ins, and applications. Clicking on those links or enabling those connections may allow third-parties to collect and disclose data about you. We do not control those TPWs, and are not responsible for their privacy practices. 

Version 1.1

!