Privacy Policy

At Limepay Pty Ltd (ABN 39 169 399 393), we are committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) in Australia. This Privacy Policy describes our policies and practices in relation to how we collect, store, use and disclose your personal information. It also explains how you can complain about a breach of the privacy laws, how you can access the personal information we hold about you and how to have that information corrected.

How Limepay works

At a merchant’s checkout, if customers select the option to purchase by instalments, they enter into an agreement with the merchant to pay for the goods and services by instalments over time. This part of the merchant’s checkout is powered by LimePay. The merchant then assigns the debt to us, and we pay the merchant upfront for the goods and services less our fees, and collect the instalments from the customer.

If customers login to the merchant’s website to view their instalment arrangements, our platform powers this page. As well as collecting payments, we also power the communications customers receive about their payments.

Collection of personal information

‘Personal information’ means any details about you, from which your identity is apparent or can be uncovered. We collect and store the personal information necessary to give merchants the ability to offer their customers the option to purchase goods and services by instalment and for us to collect the instalments from customers. This may include a customer’s name, email address and phone number. We don’t collect a customer’s payment information e.g. credit card number, as thi is securely collected by our third party payment processor.

Merchants may provide us with a customer’s personal information, which is generally their name and contact details, when a customer makes a purchase on the merchants’ website while being registered with the merchant.

We may collect a customer’s personal information directly from the customer if the customer making the purchase is not registered with the merchant. This is generally their name and contact details. In this case, the customer may provide their personal information to the part of the checkout that is powered by us.

We use a third party payments processor to process the payments customers make e.g. credit card payments. We may collect personal information from this payment processor in order to identify the name of the customer from the name on their credit card.

In some cases, we may verify the identity of customers by requiring them to login to their LinkedIn or Uber account. From a LinkedIn account, we may collect information such as recent account activity, number of connections and job history. From an Uber account, we may collect information to verify identity, as well as information about recent payments to confirm whether the customer is likely to honour your payment obligations. We will not collect or keep a record of usernames and passwords for these accounts, as customers will enter this information directly into LinkedIn’s or Uber’s login pages.

The purposes for which we manage personal information

The main purpose for which we collect, store, use and disclose personal information is to give merchants the ability to offer their customers the option to purchase goods and services by instalment and for us to collect the instalments from customers.

Other purposes include to:

  • Manage customers’ ongoing requirements and to improve our services;
  • Meet internal functions such as administration, accounting and information technology system requirements;
  • Comply with legal requirements, prevent fraud or crime;
  • Help us improve our services, develop our products and conduct research; and
  • Providing you with information about products or services. You may opt out of this at any time by getting in contact with us.

We manage your personal information to comply with our legal obligations and in accordance with any consent we obtain from you.

We may communicate with customers by email unless they tell us that they do not wish to receive such communications.

Sharing personal information

We may disclose a customer’s personal information to:

  • Merchants who use our services. We may share customer specific insights with the merchants based on the customer’s purchases. Merchants may use this information to assist them in providing personalised offers and targeted marketing to customers;
  • Individuals or organisations who assist us to provide our services, including software providers, our third party payments processor, IT services and hosting, cloud storage providers, marketing, communication, administration services, compliance consultants, debt collectors and auditors;
  • Other organisations, service providers or business partners whom we consider may provide services or products customers would find useful, or who provide customers with products or services along with us;
  • Other companies in the event of a corporate sale, merger, reorganisation, dissolution or similar event;
  • Regulatory bodies, government agencies or law enforcement bodies; and
  • Others, if we are permitted to or required to do so by law.

We will not disclose your information to overseas recipients.

If customers don’t provide personal information

We cannot provide our services if customers do not provide their personal information to merchants, our payments processor or directly to us.

How our website manages personal information

When you use our website, in addition to the information you provide to us, we collect information including, but not limited to your IP address, browser type, version and language, operating system, pages viewed while browsing the site, page access times and referring website address. This information is used solely internally for the purpose of gauging visitor traffic, trends and delivering personalized content to you while you are at this site. From time to time, we may use customer information for new, unanticipated uses not previously disclosed in this notice. If our information practices change at some time in the future, we will only use data collected from the time of the policy change forward for these new purposes.

When merchants sign up on our website, we will collect any personal information that they provide to us e.g. the name and contact details of who we should contact at the merchant.

How we store and protect personal information

We strive to maintain the relevance, reliability, accuracy, completeness and currency of the personal information we hold and to protect its privacy and security. We keep personal information only for as long as is reasonably necessary for the purpose for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements. This will be for as long as a person has instalments we are collecting and may be for 7 years after that to comply with legal requirements and to ensure clarification of any questions.

We hold the information we collect from in physical and electronic records, which may be stored at our premises or those of our service providers, or in secure data centres or in the cloud.

We strive to ensure that the personal information is safe by using a range of physical and electronic security measures to protect it from misuse, interference, loss, unauthorised access, modification or disclosure.

Changes to this Privacy Policy

We reserve the right to make amendments to this Privacy Policy at any time. If you have objections to the Privacy Policy, you should not access or use our site, or services.

Accessing your personal information

You have a right to:

  • Request access your personal information and to ask us to correct or erase it, subject to exceptions allowed by law;
  • Request that we restrict the way we manage your personal information (for example if you dispute the correctness of the information);
  • Request that we transfer your data to another entity; and
  • Object to us managing your personal information at any time (for example, you have the right to withdraw consent you have given us to manage your personal information but this does not affect the lawfulness of us managing your personal information before you withdraw consent).

You may be required to put your request in writing for security reasons. We will also correct, amend or delete any personal information that we agree is inaccurate, irrelevant, out of date or incomplete. We reserve the right to charge a fee for searching for, and providing access to, your information on a per request basis.

In some limited cases, we may need to refuse access to your information or refuse a request for correction. We will advise you as soon as possible after your request if this is the case and the reasons for our refusal. GDPR

Making a complaint

If you have any concerns about whether we have complied with the Privacy Act, the Australian Privacy Principles, or this Privacy Policy, please write to our Privacy Officer at

We will try to respond with a decision within 30 days of you making the complaint.

If your complaint is not resolved, you may refer your complaint to the Office of the Australian Information Commissioner who can be contacted by phone at 1300 363 992, by email at, or by post at GPO Box, Sydney NSW 2001.


European Union

Office of the Australian Information Commissioner

European Data Protection Supervisor

If your complaint reasonably requires us to contact some other person, we may decide to give to that other person some of the information contained in your complaint. We do this as infrequently as possible, but it is a matter for our sole discretion as to whether we do give information, and, if we do, what that information is.

Contacting us

We welcome your comments regarding this Privacy Policy. If you have any questions about this Privacy Policy and would like further information, please contact us by email at