Introduction

Cherry Hub Pty Ltd (ABN 61 642 144 992) (CHUB) is committed to protecting your privacy. We maintain robust physical, electronic and procedural safeguards to protect personal information in our care. This Privacy Policy applies to CHUB’s ‘cherrypay’ reloadable and non-reloadable payment solutions and associated applications and websites.

We are bound by the Privacy Act 1988 (Cth) (Privacy Act) and will protect your personal information in accordance with the Australian Privacy Principles (as defined in the Privacy Act).

These principles govern how we collect, use, hold and disclose your personal information, as well as how we ensure the quality and security of your personal information.

‍What is personal information?
‍Personal information includes any information or opinion, about an identified individual or an individual who can be reasonably identified from the information. This may include, for example, your name, address, telephone number or email address.
‍
‍How do we collect personal information?
‍CHUB is a distributor of ‘cherrypay’ reloadable and non-reloadable prepaid solutions involving both products and services in Australia.

CHUB’s main functions and activities in connection with its supply of ‘cherrypay’ payment solutions include:
‍
• Application support and development;:
• Program maintenance and reporting;
• Account management services;
• Cardholder and card program customer service; and
• Fraud and transaction monitoring.

CHUB rarely has direct contact with the individual cardholder and we may need to collect personal information about you from other people or organisations. This may happen without your direct involvement. For instance, we may collect personal information about you from other organisations, who jointly with us, provide products or services to you.

The circumstances in which CHUB will collect personal information about you, as the holder of the prepaid solution, includes when:

• You contact us; or
• You register, activate or apply for a prepaid solution; or
• You use a prepaid solution for transactions and balance enquiries.

‍What personal information do we collect?

‍CHUB collects a variety of personal information which depends on the nature of your interaction with us.

CHUB collects and/or tracks the following types of personal information when you use our cherrypay prepaid solution:

• The personal information you have provided us through our online card activation process includes:
‍
• E-mail address
• Your name; and
• Mobile telephone number

• There is also information about your computer hardware and software that is automatically collected by CHUB.   This information can include:

• Your IP address;
• Browser type;:
• Domain names; and
• Access times

Information we receive from third parties including the issuer of the prepaid card, credit bureaus and information services and aggregation businesses, regarding verification of identification details.

While you use our prepaid solution, we may collect and hold additional personal information about you. This could include transaction information or making a record of queries or a complaint you make.

‍For what purposes do we collect, hold, use and disclose personal information?
‍The main reason we collect, use, hold and disclose personal information is to provide you with products and services.

This includes:
‍
• Checking whether you are eligible for the product or service;
• Providing the product or service; and
• Assisting you with your inquiries or concerns.

We may also collect, use and exchange your information so that we can:

• Establish your identity;
• Manage our risks and help identify and investigate illegal activity, such as fraud;
• Contact you;
• Comply with our legal obligations and assist government and law enforcement agencies or regulators;
• Conduct research and training;
• Assist our clients with the management of the cherrypay prepaid solution made available to their customers and for associated promotions; or
• Provide general statistics regarding use of the CHUB website.

CHUB encourages you to review the privacy statements of websites, if any, which are linked to our website so that you can understand how those websites collect, use and share your information. CHUB is not responsible for the privacy statements or other content on websites outside of the CHUB website.

We may aggregate and anonymise personal information (so that it cannot be used to identify you) to use in reports provided to third parties (such as venues offering the cherrypay prepaid solution to their customers) and for our own reporting for product and service development, enhancement and research.

‍Is the information disclosed to third parties?
‍CHUB may disclose your personal information to third parties:

• Who are service providers or contractors of CHUB. When your personal information is shared with service providers or contractors, it will only be to the extent reasonably necessary for the purpose of the services they are contracted to provide;
• Who offer the cherrypay prepaid solution to their customers (for hospitality, entertainment and sport membership businesses);
• Who conduct promotions at hospitality, entertainment and sport membership businesses, which utilise our cherrypay prepaid solution;
• To facilitate the operation of the prepaid solution and the completion and settlement of transactions using the prepaid solutions;
• For anti-money laundering, counter-terrorism financing, detection of crime, legal compliance and fraud prevention purposes; and
• When required or allowed by law.

CHUB may also disclose personal information to other third parties in circumstances where:

• We must fulfil our legal obligations (for example, disclosure to Australian (and international) enforcement bodies such as the Australian Securities and Investments Commission (ASIC), the Australian Taxation Office (ATO), the Australian Transaction Reports and Analysis Centre (AUSTRAC), Centrelink or the Courts);
• It is in the public interest (that is, to protect our interests or where we have a duty to the public to disclose, or where it is necessary in proceedings before a court or tribunal) and where a crime or fraud is committed or is suspected; or
• It can be reasonably inferred from the circumstances that an individual has consented to their personal information being disclosed to a third party.

CHUB does not use or disclose the personal information for any other purpose unless one of the following applies:

• The individual has provided consent;
• The individual would reasonably expect CHUB to use or disclose the personal information for a purpose that is related to the primary purpose;
• Use or disclosure is required or authorised under Australian law or an Australian court or tribunal order; or
• The use or disclosure is reasonably necessary to lessen or prevent a serious threat to the life, health or safety of an individual and it is unreasonable or impractical to obtain consent to the disclosure.

As a matter of course, CHUB does not disclose personal information to overseas recipients.

If this position changes, we will only send your personal information outside Australia where, for example:

• You have requested or consented that we send your personal information;
• We outsource a function or service to an overseas contractor with whom we have a contractual relationship; or
• It is necessary to investigate or facilitate a transaction on your behalf.

CHUB will continue to keep your personal information as is reasonably necessary, for the purposes mentioned above, after the expiry of the prepaid solution.

‍Your consent is important
‍CHUB may require your consent to use and/or disclose your information in particular ways.

We may need your consent, for example, if we use your information for a purpose that is not related to the purpose for which we collected your information in the first place.

Depending on the circumstances, this consent may be express (for example, you expressly agree to the specific use of your information by ticking a box) or implied by some action you take or do not take (for example your agreement is implied by the fact that you have agreed to your product terms and conditions which contains information about the use of disclosure).

‍Do we collect personal information electronically?
‍Each time you visit our cherrypay website or our cherrypay app, we collect information about your use of the website or app, which may include the following:

• The date and time of visits;
• Which pages are viewed;
• How users navigate through the site/app and interact with pages;
• Location information about users;
• Information about the device used to visit our website/app; and
• IP addresses.

This information is obtained through the use of google analytics.

Security of your Personal Information
‍CHUB protects your personal information from unauthorised access, misuse and disclosure.

Our security safeguards include:

CHUB stores the personal information it holds in connection with its cherrypay pre-paid solution at datacentres in Australia.

‍Protecting your privacy
‍You can help us to protect your privacy by observing our security requirements and contacting us immediately if your contact details change.

We require you to keep your personal identification number (PIN), passwords and access codes confidential and secure at all times. This means that you should not disclose you PIN, passwords or access codes to any other person. You should contact CHUB immediately, if you believe that your PIN, passwords or access codes may have been disclosed to another person or if you would like to change your PIN or password.

‍Access to your personal information
‍You are entitled to ask us to supply you with any personal information that we hold about you. You must submit your request in writing to the appropriate address as below:

Privacy Officer
Cherry Hub Pty Ltd
Level 9, 150 George Street
Parramatta, NSW, 2150
Australia

We maintain the quality of your personal information by taking reasonable steps to ensure that the information collected, used and disclosed is accurate, complete and up-to-date.

You may also update your personal information at any time by emailing CHUB at support@cherryhub.com.au.

We may decline an access or correction request in circumstances prescribed by the Privacy Act. If complying with your request for access requires considerable time and expense on our part, we may charge you a reasonable fee for providing you with the information.

If we do refuse your access or correction request, we will provide you with written reasons for our decision and, in the case of a request for correction, we will include a statement with your personal information about the requested correction (if you ask us to do so).

‍How to make a complaint
‍CHUB welcomes your comments regarding this Privacy Policy. Should you wish to make a complaint about the way in which CHUB has handled your personal information or if you believe CHUB has breached the Australian Privacy Principles, please contact us on support@cherryhub.com.au.

We will acknowledge your complaint as soon as we can after receipt of your complaint. We will let you know if we need any further information from you to resolve your complaint.

We aim to resolve complaints as quickly as possible. We strive to resolve complaints within five business days but some complaints take longer to resolve. If your complaint is taking longer, we will let you know what is happening and a date by which you can reasonably expect a response.

If you’re not satisfied with our handling of your matter, you can refer your complaint to external dispute resolution.

Under the Privacy Act, you may complain to the Office of the Australian Information Commissioner by calling them at 1300 363 992, online at www.oaic.com.au or writing to the Office of the Australian Information Commissioner, GPO Box 5218 Sydney NSW 2001.

‍Changes to this Statement
‍From time to time it may be necessary for CHUB to review and revise our Privacy Policy to reflect changes to our data handling practices and changes in the law. CHUB encourages you to periodically review this website to be informed of how CHUB is protecting your information. Where changes to the Privacy Policy are material, we will provide you with reasonable notice before the changes take effect. ‍

Information for Venues Using Cherrypass and Cherrypay

The following information must be provided to customers by a participating telecommunications provider that is an originating telecommunications provider under paragraphs 9(1)(a), 9(2)(d) and 9(3)(c) and by an originating telecommunications provider under section 10:

• Part 24B of the Act provides for the establishment of the SMS Sender ID Register (the Register);

• From 1 July 2026, if a sender identification message is sent which includes a sender identification that is not registered in the Register, the sender identification message will be labelled as ‘Unverified’;

• If an entity wishes to send sender identification messages, it must register its sender identification in the Register and ensure that it uses one or more participating telecommunications providers to send the sender identification messages;

• The following types of entities can be approved to make applications to register sender identifications in the Register:

• an individual;

• a body corporate;

• a corporation sole;

• a body politic;

• a government entity (within the meaning of the A New Tax System (Australian Business Number) Act 1999);

• a partnership;

• any other unincorporated association or body of persons;

• a trust;

• a superannuation fund (within the meaning of the Superannuation Industry (Supervision) Act 1993);

• For an entity to be able to have its sender identification registered in the Register, the entity must demonstrate that it has a valid use case for the sender identification;

• An entity can make an application to register its sender identification in the Register through a participating telecommunications provider that is an originating telecommunications provider. A list of all participating telecommunications providers that are originating telecommunications providers will be made available on the ACMA’s website;

Entities with an ABN

An entity with an ABN can make an application to register its sender identification through any participating telecommunications provider that is an originating telecommunications provider, or a partner of a participating telecommunications provider. In order to obtain approval to make such an application:

• the person making the request for the entity must be listed as an authorised contact for the entity on the Australian Business Register, or be otherwise authorised by that entity; and

• the person making the request must pass an identification check; and

• the person making the request must agree to the Register’s terms of use;

Note:  These requirements will be included in a determination made under section 484L of the Act.

Once the provider has made the application for registration of the sender identification on behalf of an entity, the person making the request for the entity will receive instructions from the ACMA about how to access the Register;

Once the entity is approved by the ACMA, the entity will be able to confirm the registration of the sender identification;

Note:  The requirements in paragraphs (h) and (i) will be included in a determination made under section 484L of the Act.

Any cost for registering a sender identification, including any ongoing annual charge;

Once the entity’s sender identification is registered, the entity can authorise other participating telecommunications providers to send messages using that sender identification;

An entity with an ABN can also register its sender identification through an originating telecommunications provider that is a certified telecommunications provider;

Entities without an ABN

An entity without an ABN can only make an application to register its sender identification through an originating telecommunications provider that is a certified telecommunications provider or a partner of a certified telecommunications provider. That provider or partner will conduct similar checks to those outlined in paragraph (g);

An entity without an ABN that makes an application to register its sender identification through a provider or partner of the kind referred to in paragraph (m) will not be able to gain access to the Register.

For more information, visit: Telecommunications (SMS Sender ID Register) Industry Standard 2025

Contact

If you have any questions relating to this Privacy Policy or your personal information(including if you have a complaint about our treatment of your personal information), please contact our Privacy Officer:

Cherry Hub Pty Ltd
Level 9, 150 George Street
Parramatta, NSW, 2150

Please provide us with your full name, address and contact number when contacting our Privacy Officer.

Phone: 1300 060 026
Email: support@cherryhub.com.au
Website: cherryhub.com.au