Adopt Cashless
Book a Demo Login / Register
LEGAL

Privacy Policy

Last updated: December 14, 2025

PRIVACY POLICY

Effective Date: 1 October 2025

Introduction

Adopt Cashless ("we," "us," or "our") is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our web-based application (the "Platform").

We provide a specialised software solution that bridges the gap between unattended retail payment terminals (such as Nayax devices) and the end consumer. By using our Platform, you consent to the data practices described in this policy.

Entity Information: This Platform is operated by ADOPT CASHLESS PTY LTD (ABN: 21 690 812 821).

Definitions

To ensure clarity regarding how data moves through our ecosystem, we define our users in three categories:

  • "Operators": Business owners (e.g., car wash owners, laundromat operators) who subscribe to our Platform to manage their customers, fleet accounts, and devices.
  • "End Users": Individuals or companies (B2B fleets) who register an account to use RFID cards, manage payments, and receive tax invoices.
  • "Resellers": Authorised third-party partners, distributors, or sales agents who have a contractual agreement with Adopt Cashless to market, sell, and support the Platform to Operators.

Information We Collect

We collect information that identifies you personally ("Personal Information") and information related to your usage of unattended services.

Information You Provide to Us

  • Account Registration: Name, email address, mobile phone number, date or birth and password.
  • B2B/Fleet Data: Business name, ABN, vehicle registration numbers (if applicable), and employee names (for multiple cardholders under one account).
  • Financial Information: We do not store full credit card numbers. We utilise third-party payment processors (e.g., Stripe, Nayax) to process payments. We retain only limited payment information such as the last four digits, expiry date, and payment tokens required for recurring billing or "Auto Top-Up" features.
  • Support Data: Information you provide when contacting our support team (e.g., troubleshooting requests regarding RFID cards).

Information Automatically Collected

  • RFID Usage Data: When you use an Adopt Cashless registered RFID card at a participating Operator's terminal, we collect transaction details including:
    • Time and date of usage.
    • Location (Specific Operator site and machine ID).
    • Amount spent.
    • Service selected.
  • Device & Log Data: IP address, browser type, operating system, and access times.

How We Use Your Information

We use the data we collect for the following purposes:

  • Service Delivery: To create and manage your account, process top-ups, and link your RFID card to specific payment terminals.
  • Unified Login & Interoperability: To allow End Users to maintain a single profile while interacting with multiple independent Operators.
  • Transaction Processing: To generate consolidated tax invoices for End Users and settlement reports for Operators.
  • Operator Services: To allow Operators to identify who is using their facility, manage fleet accounts, and offer loyalty incentives/bonus credits.
  • Reseller Management: To track sales performance, facilitate Operator support, and calculate commissions or revenue shares payable to our authorised Resellers.
  • Communication: To send you administrative information, such as invoice receipts, low-balance alerts, or changes to our terms.
  • Platform Improvement: To analyze usage trends (e.g., B2B vs B2C adoption) to improve V3.0 features and future iterations.

Disclosure of Your Information

A core function of Adopt Cashless is bridging the gap between the Customer, the Operator, and the Support Network. Therefore, data sharing is intrinsic to our service.

Sharing with Operators

If you are an End User, when you link your account to a specific Operator or use your RFID card at their facility, we share your relevant details with that Operator.

  • This includes your name, transaction history at their location, and fleet details (if applicable).
  • Important: Operators are independent controllers of the data they receive. While we encourage best practices, Adopt Cashless is not responsible for the privacy practices of individual Operators.

Sharing with Resellers

If you are an Operator who subscribed to Adopt Cashless through an authorised Reseller, or if your account is managed under a Reseller’s portfolio:

  • Access Rights: We may share your account details, usage statistics, and settlement reports with that Reseller to facilitate account management, support, and commission calculation.
  • Support Function: Resellers may have administrative access to your Operator Portal to assist with configuration, onboarding, and troubleshooting. This enables them to provide first-level support to you.
  • End User Data: By extension, Resellers may have incidental access to End User data contained within the Operator’s portal. Resellers are bound by confidentiality agreements with Adopt Cashless, but they act as independent processors.

Service Providers & Hardware Partners

We may share data with third-party vendors who perform services for us, specifically:

  • Hardware Partners: Nayax and other terminal providers to ensure the RFID card signal triggers the correct machine.
  • Payment Processors: To facilitate secure credit card top-ups.
  • Cloud Hosting: Our Platform is hosted on secure servers (e.g., AWS, Azure).

Legal & Regulatory

We may disclose your information where required to do so by law or subpoena, or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement.

Payment Data & Financial Security

  • Tokenisation: All credit card transactions are processed via PCI-DSS compliant payment gateways. We use tokenisation to ensure your full credit card details are never stored on our servers.
  • Surcharges & Credits: Transaction records regarding surcharges paid during top-ups and bonus credits awarded by Operators are maintained for 7 years for tax and audit purposes.

Data Retention

We retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy.

  • Active Accounts: Retained indefinitely to maintain your service history and loyalty balances.
  • Inactive Accounts: If you request account deletion, we will delete your personal contact details. However, we must retain financial transaction records (invoices and usage logs) for a minimum period (usually 7 years) to comply with Australian Tax Office (ATO) requirements and relevant international tax laws.

International Data Transfers

Adopt Cashless is an Australian-based company with global operations. Your information may be transferred to, and maintained on, computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ.

  • If you are located outside Australia and choose to provide information to us, please note that we transfer the data, including Personal Data, to Australia (and potentially US-based cloud servers) for processing.

Security of Your Data

We use administrative, technical, and physical security measures to help protect your personal information. This includes HTTPS encryption for all data in transit and secure database practices for data at rest. However, no electronic transmission over the internet or information storage technology can be guaranteed to be 100% secure.

Your Rights

Depending on your jurisdiction (including the Privacy Act 1988 in Australia), you have the right to:

  • Access: Request copies of the personal data we hold about you.
  • Correction: Request that we correct any information you believe is inaccurate (e.g., updating a Vehicle Registration number).
  • Deletion: Request that we erase your personal data (subject to our legal tax retention obligations).

To exercise these rights, please contact us at the details below.

Cookies and Tracking

We use cookies and similar tracking technologies to track the activity on our Platform and hold certain information. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Platform (e.g., staying logged in).

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes.

Additional Disclosures for International Users

For Users in the European Economic Area (EEA) and United Kingdom (GDPR)

If you are located in the EEA or UK, the following provisions apply to you in accordance with the General Data Protection Regulation (GDPR):

1. Legal Basis for Processing: We process your personal data based on the following legal grounds:

  • Contractual Necessity: To provide the Adopt Cashless services, process your payments, and manage your account.
  • Legitimate Interests: To prevent fraud, ensure network security, and allow Operators to manage their fleets.
  • Consent: Where you have explicitly agreed (e.g., marketing communications).

2. Controller vs. Processor:

  • When we act as a Controller: Adopt Cashless is the Data Controller for your specific Account Registration data (login details) and platform-wide billing information.
  • When we act as a Processor: For data specific to your usage at a Operator's facility (e.g., which machine you used, local loyalty points), the Operator is the Data Controller, and Adopt Cashless acts as the Data Processor. Requests regarding this data may need to be directed to the specific Operator.

3. Your GDPR Rights: In addition to the rights listed in Section 10, you have the right to:

  • Data Portability: Request a copy of your data in a structured, machine-readable format to transfer to another service.
  • Restrict Processing: Ask us to suspend the processing of your personal data in certain scenarios.
  • Lodge a Complaint: You have the right to complain to a Data Protection Authority (DPA) about our collection and use of your personal data.

For Users in the United States (California Privacy Rights)

If you are a resident of California, the California Consumer Privacy Act (CCPA) provides you with specific rights:

1. "Do Not Sell My Personal Information": Adopt Cashless does not sell your personal information to third parties for monetary value. We do share data with Operators and Resellers solely for the purpose of providing the service, which is a business purpose under the CCPA.

2. Right to Know: You have the right to request that we disclose certain information to you about our collection and use of your personal information over the past 12 months.

3. Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not deny you goods or services, charge you different prices, or provide you with a different level or quality of services.

Contact Us

If you have questions or comments about this Privacy Policy, please contact us at:

Adopt Cashless Attention: Privacy Officer Email: [email protected] Address: PO Box 8432, Gold Coast MC, QLD 9726, Australia.