Covalent API Privacy Collection Statement

The information you provide on this form is collected by Covalent API Pty Ltd (ABN 65 652 751 598) (‘Covalent API’) for the purposes of registering you for Member Rewards and providing services to you associated with Member Rewards. If you do not provide the requested information, Covalent API may not be able to perform these services. Your personal information may be shared with third parties, in order to be able to provide the services to you or for the operation, development and improvement of Member Rewards. Covalent API may provide information to government, regulatory or other bodies if required to by law. For further information, please refer to Covalent API’s privacy policy. It sets out how Covalent API use the information it holds about you, how you can access and correct the information, how you may complain about a breach of privacy and the process for resolving privacy related enquiries and complaints.

Covalent API Privacy Policy

LAST UPDATED: 29 January 2024
Member Rewards by Teachers Health Group is operated by Covalent API Pty Ltd, ABN 65 652 751 598.
For the purpose of the Privacy Act 1988 (Cth), Covalent API Pty Ltd (we, us) is the APP entity and data controller. This means that we are responsible for and control the processing of the Personal Information that we collect about you (as the user of Member Rewards). “Personal Information” or “personal data” means information that can be used to identify or contact you.
This Privacy Policy (together with the Member Rewards Terms & Conditions) applies to Personal Information we collect about you and to your use of Member Rewards, which may be incorporated into an application and service operated by Covalent API. . It also covers how we use your Personal Information, who we disclose it to, where we might transfer it to, how we protect it and your rights in relation to it.
Please read the following information carefully. By using Member Rewards, we will assume that you have read and understood this Privacy Policy.

1. Personal Information Collection

Once you enroll for Member Rewards, we may collect a variety of information about you, including some of the categories of information described below.
We may combine the information you provide to us directly with information we collect about you and information we receive about you from other sources, and use the combined information for the purposes set out below (depending on the types of information we receive).
We shall retain your Personal Information for as long as we provide Member Rewards to you and for such additional period after that as is necessary to allow us to meet our legal and regulatory obligations.

2. Personal Information that you provide to us directly

You may provide Personal Information to us in various ways including when:
  • A. Registering to use Member Rewards;
  • B. Filling in information;
  • C. Using Member Rewards (such as registering your payment card);
  • D. Corresponding with us; or
  • E. If you enter a competition, promotion or survey or provide us feedback.
Personal Information you give us may include your full name, address, e-mail address, age, date of birth, gender, financial and payment card information such as card number and expiry date.

3. Personal Information we receive from other sources

We may receive information about you from third parties we work closely with (including, for example, payment schemes, payment card issuers, retailers, other business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers and search information providers). We receive this information so that we can provide Member Rewards to you and as part of our legitimate interest to help us provide Member Rewards to you in accordance with your requirements and to improve and personalise our services.
Specifically, we receive transaction information from your payment scheme (Visa, Mastercard, and EFTPOS Australia as applicable) about purchases you make with your registered payment card (“Linked Payment Card”) at Partner Retailers, including purchase amount, purchase time and date, Partner Retailer name and location. We may also receive some or all of this information from the Partner Retailers who we partner with directly. This information will be used, for example, to allocate rewards and other benefits to you and to provide the other aspects of Member Rewards to you.
By connecting any Linked Payment Card via Member Rewards, you authorise your payment network to examine transactions on your Linked Payment Card and to share the transaction data with us in order to facilitate your receipt of Member Rewards and for reporting to the relevant Partner Retailer. You give us the right to receive this transaction data from your Linked Payment Card until you remove your Linked Payment Card from Member Rewards. You may remove your Linked Payment Card to prevent future transactions associated with the Linked Payment Card being shared with us. It may take a short period of time for the removal of your Linked Payment Card to take effect.
We may retain the data associated with your Linked Payment Cards for historical transactions which will be used to provide a historical transaction overview for you and Partner Retailers and which will allow you to monitor, preserve and track your collection of rewards and other benefits.
If you have any questions about the data we keep in this context, please email Teachers Health Group with “Privacy Member Rewards” in the subject line. The relevant contact details are included in clause 16. Teachers Health Group will forward your privacy-related enquiry to Covalent API.

4. Use Of Your Personal Information

We use your Personal Information on the following legal basis for the following purposes:

1. To perform our agreement to provide Member Rewards to you including:

  • A. To verify your identity;
  • B. To provide you with Member Rewards and carry out our obligations under our agreement with you including, for example, to allocate rewards and other benefits to you and to provide the other aspects Member Rewards to you;
  • C. To provide you with information relating to Member Rewards
  • D. To provide you with information about Partner Retailers where you can use Member Rewards, including information about new Partner Retailers joining Member Rewards, presenting you with opportunities to earn rewards from Partner Retailers and other benefits, products and services available to you from Partner Retailers;
  • E. To provide you with information about products or services that you request from us; and
  • F. To notify you about changes to Member Rewards.

2. For our legitimate interest including:

  • A. To develop and improve Member Rewards, so that we can continue to provide attractive products and services to users and potential new users and to make sure we remain competitive;
  • B. To personalise your use of Member Rewards and provide tailored content to you so that you have a more relevant and better customer experience;
  • C. To make automated decisions, known as “profiling”, using your Personal Information, such as decisions to provide information about particular rewards, benefits and promotional offers to you based on your previous transactions;
  • D. To analyse and understand how Member Rewards is used including carrying out technical and statistical analysis to monitor Member Rewards; to ensure that content is presented in the most effective manner for you;
  • E. To conduct market research;
  • F. To tell you about any technical, operational or service issues;
  • G. To offer you improved customer service and support;
  • H. To comply with our contractual obligations;
  • I. To prevent fraud;
  • J. To ensure network and information security;
  • K. To meet compliance, audit or insurance requirements; and
  • L. To establish, exercise or defend legal claims.

3. To comply with our legal obligations including:

  • A. Preventing and prosecuting fraud; and
  • B. Meeting statutory, regulatory, data protection and information security legal requirements.

4. Anonymised information

We may also use anonymised Personal Information about you when we prepare aggregated data reports showing anonymised information for the purpose of advising ourselves, Partner Retailers and our other business partners regarding patterns of spending, fraud, and other insights that may be extracted from this data.

5. Sharing Your Personal Information

We may pass your details to third parties where this is necessary to fulfil our obligations to you or for the operation, development and improvement of Member Rewards. If you do not wish your Personal Information to be shared in this way, you must not register for Member Rewards and you must not use Member Rewards.
This may include sharing Personal Information about you with Partner Retailers, financial institutions and our business partners, suppliers and sub-contractors that join Member Rewards or that we engage to help us provide Member Rewards to you or to process your information including:
  • A. Sharing information about your payment cards with payment schemes and service providers so that we can identify transactions you make using your payment cards – this information is protected by being “tokenised” for us by a service provider, which means your payment card number is replaced by a different token reference number which cannot be linked to your actual payment card number;
  • B. Sharing information about you with Partner Retailers and other service providers so that we can provide customer service to you.
We may share your Personal Information with any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries.
As may be necessary for us to comply with our legal obligations, we may disclose your Personal Information to third parties (such as government or regulatory bodies, law enforcement agencies and professional services advisers) in order for us to comply with applicable laws and valid requests for information from government or regulatory bodies, or in order to enforce or apply the Member Rewards Terms & Conditions and other agreements; or to protect our rights, our customers, or others. This may include exchanging Personal Information with other companies and organisations for the purposes of fraud protection and risk management.
In accordance with our legitimate interest, we may transfer, sell or assign any of the Personal Information described in this Privacy Policy to third parties in connection with a sale, merger, consolidation, change of control, transfer of assets or reorganisation of our business, but will take appropriate steps to ensure the confidentiality and protection of your Personal Information in accordance with this Privacy Policy.

6. Your Rights

You have the following rights in relation to how we process your Personal Information.
Obtaining a copy of your Personal Information
At any point you can contact us to ask for a copy of the Personal Information about you which we hold and to request further information in relation to our processing of the Personal Information. If you do wish to receive copies of your Personal Information which we hold, please contact us through the contact details provided in clause 16.
In some instances, we will not be able to agree to your request (for example, if we have a legitimate reason for not doing so or the request is manifestly unfounded or excessive); in these situations, your request may be rejected entirely or responded to in part. We will comply with applicable legal requirements when we deal with your request.
We will provide a copy of your Personal Information free of charge, however we may charge a small fee based on administrative costs (not exceeding the maximum permitted by law) for any further copies of this information that you may request.

7. Changing, updating and erasing Personal Information

We will strive to ensure that the Personal Information that we hold on you is up to date and accurate, based on the information we collect.
If you would like us to stop using your Personal Information, you can request that we erase the Personal Information we hold but, if you do, your account will be deactivated and we will no longer be able to provide Member Rewards to you. On request, Teachers Health Group will contact us to delete a Member Rewards account on behalf of the member. Once we have processed your request, you will receive confirmation of whether all the Personal Information has been deleted or reasons why any of it cannot be deleted.
We may retain an archived copy of your records (which may include your Personal Information).
We will comply with applicable legal requirements when we deal with your requests.

8. Objecting to processing of your Personal Information

You have the right to request that we stop processing your Personal Information but, if you do, your account will be deactivated and we will no longer be able to provide Member Rewards to you. Upon receiving the request, we will contact you to tell you if we are able to comply or if we have legitimate grounds to continue such processing (e.g. if you have also said that you want to continue to use Member Rewards). If Personal Information is no longer processed in accordance with your request, please note that we may need to continue to hold your Personal Information to comply with your other rights (e.g. if you want to unsubscribe from marketing communications, we will place your details on our unsubscribe list to ensure we do not contact you as requested) or our legal obligations. We will notify you of this in our response to your request to object to the processing. We will comply with applicable legal requirements when we deal with your request.

9. Make a complaint

You can make a complaint about how we have used your Personal Information by emailing Teachers Health Group atprivacyofficer@teachershealth.com.auwith “Privacy Complaint Member Rewards” in the subject line. Teachers Health will forward your privacy-related complaint to us.
In the event that you are not satisfied with our response, you may take your complaint to the Office of the Australian Information Commissioner (OAIC).
The OAIC can be contacted at:
  • by email: enquiries@oaic.gov.au
  • by post: GPO Box 5218 Sydney, NSW 2001
  • by phone: 1300 363 992
See also the OAIC website for further details:  https://www.oaic.gov.au/privacy/privacy-complaints/

10. Information Security

We take the security of your Personal Information very seriously and use strict procedures and security features to prevent unauthorised access to your Personal Information.
We have put into place additional procedures to protect the Personal Information we hold about you from misuse and loss, and from unauthorised access, modification or disclosure. We work hard to maintain these procedures and keep them current and up to date.

11. International Transfers

The information that we collect from you may be transferred to, and stored at, a destination outside Australia. It may also be processed by staff operating outside Australia work for us or for one of our service providers to allow us to continue to provide Member Rewards to you. Any transfer of your Personal Information will be in accordance with our legal obligations to ensure the safeguarding of your Personal Information during such transfer. By submitting your Personal Information, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your Personal Information is treated securely and in accordance with this Privacy Policy.

12. Data Retention

We will keep your Personal Information for as long as you are our customer.
Once our relationship with you has ended, we will only keep your Personal Information for a period of time that is appropriate for the type of personal data, and the purpose for which we hold it.
We will only keep information that allows us to:
  • A. Maintain business records for reporting, analysis or audit purposes;
  • B. Monitor compliance with applicable laws and regulations;
  • C. Defend or take legal action;
  • D. Respect marketing preferences;
  • E. Deal with customer service enquiries or complaints;
  • F. Help with monitoring fraud.
If your Member Rewards account is deleted, we will keep your Personal Information for up to one year in a live operational environment (or less than 30 days if you make a formal data deletion request) before it is anonymised and stored in a data archive for legal and regulatory reasons, typically for six years.
We will keep your Personal Information after this time only if we have to do so to comply with applicable law, if there are existing legal claims or complaints or for regulatory or technical reasons.

13. Direct marketing

When you join Member Rewards, you will automatically receive direct marketing and promotional information on ways to earn rewards and Member Rewards retail offers. You can opt-out of direct marketing by clicking the opt-out link in the footer of any newsletter, emails, or other marketing sent to you bymemberrewards@covalentapi.com. It may take up to 10 business days to process your direct marketing opt-out request.
If you opt-out of direct marketing, you will still receive service-related messages such as messages related to your account or your account balance. Opting out of receiving direct marketing for Member Rewards will also not change your existing direct marketing preference with your private health fund.

14. Enquiries

When contacted with an enquiry from someone who is not a registered user, we will hold the name and contact details only for the purposes of handling the enquiry.

15. Changes To This Policy

Our Privacy Policy may change from time to time. If we change this Privacy Policy, we will post the revised Privacy Policy with the date from which it is effective. If we make significant changes to the Privacy Policy which affect the manner in which we use your Personal Information, we will normally tell you before we make such a change and if you are not satisfied with the changes, you can end our agreement with you by cancelling Member Rewards.

16. Contacting Us

If you have any questions about this Privacy Policy or wish to contact our Privacy Officer, need further information, wish to exercise any of your rights outlined in this policy or lodge a complaint, please contact privacyofficer@teachershealth.com.au by email and mark your email “Privacy Member Rewards” in the subject line. Teachers Health Group will forward your privacy-related enquiry to Covalent API.