- Welcome to reternX. The reternX platform is owned and operated by ReternX Pty Ltd (ACN 633 965 287) (‘reternX’).
- reternx is an online platform used by Forwarding Agents that consolidate and send care packages known as Balikbayan Boxes to the Philippines. It includes various applications including a mobile application used by customers of the Forwarding Agent to book, pay and track their packages.
- reternX supplies software through various platforms including at our website located at www.reternx.com and when available as a mobile app for download from the iTunes Store or the Google Play Store. The Platform includes:
- Customer mobile app;
- Delivery Agent mobile app;
- Warehouse Scanning mobile app; and
- Forwarding Agent Desktop app.
(collectively our ‘Services’)
- reternX values transparency and privacy. We are committed to maintaining the security of personal information (“Personal Information”) provided to us.
- We adhere to the Australian Privacy Principles contained in the Privacy Act 1988 (Cth), the Privacy Amendment (Notifiable Data Breaches) Act 2017 (NDB), the Privacy Act 1993 (New Zealand), the EU General Data Protection Regulation (GDPR), The California Online Privacy Protection Act (CalOPPA), (collectively “Privacy Laws”).
What Personal Information is collected and Purpose
- "Personal Information” is information about an individual whose identity is apparent or can reasonably be ascertained from that information and includes information about an individual consumer collected online and maintained in an accessible form.
- reternX may collect Personal Information you provide while interacting with us through the supply of our Services including through subscriptions to our software solutions and our sign in and authentication procedures.
- We receive and store Personal Information you provide to us through our business activities, through your use of our Platform, when we answer your queries or when you provide Personal Information to us as an employee or applicant for employment.
- We or our service providers may collect, store and process Personal Information from you when you use our Platform, subscribe to and register services, and respond to marketing or support materials.
- For any of our Services that require a password, it is your responsibility to keep your password confidential and secure.
- We ask you to provide Personal Information and obtain other information using our Platform, such as the following categories of information:
- name, phone number, address
- usernames, passwords, email addresses
- bank, credit or other financial account information
- passport information
- forms submitted and user preferences
- non-identifiable device information, IP addresses, location data, system logs, browser activity, operating system, length of visit, number of visits and referral sources, user preference settings, unique IDs generate for each App sign in, product descriptions viewed, videos watched
- information from authorised third party sources may include name, addresses, email addresses, phone number and demographic data
- information collected through the supply of our Services and employment opportunities.
- We may collect additional data from you at other times, including but not limited to, when you provide feedback, change your content or email and SMS notification preferences, respond to surveys and promotions, or communicate with our customer support.
- We also collect Personal Information to improve our Services through marketing communications and data analytics.
- We do not knowingly collect any Personal Information from you that is considered sensitive or a “Special Category” under the GDPR such as Personal Information revealing physical or mental health, racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, data concerning health or data concerning a natural person’s sex life or sexual orientation. We collect biometric data in the form of finger prints to unlock our Customer App (‘Biometric Data’). You explicitly consent to us collecting your Biometric Data by clicking the ‘register’ button when you join our Platform. The special legal basis for us to collect your Biometric Data is to verify your identity when using our Customer App and to fulfil the terms of our Services to you. You may withdraw your consent at any time by contacting us.
How we collect your Personal Information
- reternX collects Personal Information from you in a variety of ways, including when you interact with us electronically or in person, when you access our Platform, when we provide our Services to you or for employment purposes.
- Personal Information may be provided by you directly or may be sent to us automatically when you use our Platform.
How we use your Personal Information
- reternX uses your Personal Information and you consent to us using your Personal Information to:
- supply you with our Services through our Platform in accordance with our Terms;
- provide you with information and updates about our Platform and our Services;
- communicate with you by a variety of measures including, but not limited to, by telephone, email, SMS or mail;
- manage, research and develop our Platform and our Services including through data analytics;
- administer our business activities and internal record keeping;
- meet legal, regulatory and compliance obligations; and
- investigate any complaints.
- If you choose to withhold your Personal Information, it may not be possible for us to provide you with our Services or for you to access certain parts of our Platform and for us to respond to your query.
- reternX uses your Personal Information and you consent to us using your Personal Information to:
Legal basis in the European Union (EU) for the collection and processing of your Personal Information
- “Personal Information” refers to any information relating to an identifiable natural person who can be identified directly or indirectly.
- The GDPR applies to the data processing activities of businesses with an establishment in the EU or where the processing activities relate to offering goods or services to individuals in the EU or monitoring the behaviour of individuals in the EU.
- If you are an individual residing in the EU, we may collect and process Personal Information about you in accordance with the GDPR. A “Data Controller” says how and why Personal Information is processed and a “Data Processor” acts on behalf of the Data Controller by processing the data. reternX operates both as a Data Controller and a Data Processor when controlling or processing the Personal Information of customers, employees and forwarding agents.
- When you use our Platform, we process Personal Information on your behalf as a Data Processor where you are the Data Controller and otherwise to the extent that we are a Data Controller as defined in the GDPR.
- The legal basis we rely on to collect and process your Personal Information is based on the following:
- Contractual basis. This legal basis applies to the collection or processing of Personal Information in order to fulfil or perform a contract with you, or to which you are a party.
- Consensual basis. This applies where you have provided your consent to the collection or processing of Personal Information for a specific purpose (for example, to provide you with marketing updates). You can withdraw your consent at any time by updating your email preferences, opting-out, or by contacting us directly.
- Legitimate interests. This applies where we have a legitimate interest to collect or process your Personal Information. For example, it may be to respond to an enquiry about our Services.
- Legal obligations. This applies where it is necessary to disclose your Personal Information to comply with a legal obligation.
- When we use third parties to process your Personal Information on our behalf, we ensure that the processing of this Personal Information is confidential, pursuant to our documented instructions and in accordance with the legal basis for the processing.
- We only employ third-party Data Processors that are compliant with the GDPR requirements and that have sufficient security measures in place to protect and safeguard your data.
- In the event of a Personal Information breach including any breach of security that leads to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to Personal Information transmitted, stored or process, we will report the breach to you (where we are required to do so under the GDPR) without undue delay after becoming aware of the breach, and not later than 72 hours after the breach giving you a description of the nature of the breach.
- You own all right, title and interest in the personal information that you provide to us (“Customer Data”).
- You are solely responsible for the accuracy, quality, integrity, legality, reliability, and appropriateness of your Customer Data.
- You grant to reternX, or to any third parties used by us to provide the Platform or Services and any associated software, a non-exclusive, worldwide and royalty free licence to use, copy, display, perform, distribute, disseminate, transmit, translate, edit, cache and create derivative works of Customer Data.
- reternX or any related entities owns all right, title and interest in any data or information that we create, generate, compile, derive or produce in connection with any supply of our Platform or Services, including data and information that is:
- aggregate or raw or statistical relating to usage, analyses and results of the Platform;
- for the purpose of optimising delivery, commercialisation and performance of our Platform; and
- samples and prototypes, conclusions, techniques, know how, methods, and undocumented findings generated in the usual course of our business.
Right of Access
- Under the Privacy Laws, you have certain rights as to how your Personal Information is being controlled and used. We will provide you with reasonable access to your Personal Information in accordance with the relevant Privacy Laws.
- We comply with your rights under the Privacy Laws and the GDPR (subject to the grounds set out in the GDPR) that permit you:
- to be informed as to how your Personal Information is being used;
- to access your Personal Information and to know specifically what information is held about you and how it is processed, where and for what purpose (we will provide you with a copy of your Personal Information in electronic format free of charge if requested);
- to rectify your Personal Information if it is inaccurate or incomplete;
- to erase your Personal Information (also known as 'the right to be forgotten') if you wish to delete or remove your Personal Information;
- to restrict processing of your Personal Information;
- to retain and reuse your Personal Information for your own purposes (Personal Information portability);
- to object to your Personal Information being used; and
- to object against automated decision making and profiling.
- You can contact us any time to exercise your rights under the GDPR including as to:
- request access to Personal Information that we hold about you;
- to correct any Personal Information that we hold about you;
- delete Personal Information that we hold about you; or
- opt out of emails, marketing, and any other push notifications that you receive from us.
We may ask you to verify your identity before acting on any of your requests.
If you have any questions about reternX’s collection and storage of data, please contact us using the contact details provided below.
Data Integrity and Retention
- We take reasonable steps to ensure that your Personal Information is accurate, complete and kept up to date. You can request reternX to review, correct or update your Personal Information but we will first ensure that your identity is properly verified, and any access rights are authenticated.
- We may keep your Personal Information for a period that is consistent with the original purpose of us collecting the Personal Information from you. We do not keep your Personal Information for longer than it is necessary for the fulfilment of its purpose.
- Under the GDPR, periods of data retention will apply differently for each specific category of data. If you have any questions about the applicable data retention periods, please contact us by using the contact details provided below.
- If you request, we will delete or anonymise your Personal Information so that it no longer identifies you unless we are legally allowed or required to maintain certain Personal Information. The removal of any of your Personal Information means that we may not be able to supply you with our Services.
Disclosure of your Personal Information and Third Parties with access to it
- We may share your Personal Information with third-party service providers to help us provide our Platform and Services. Our third-party service providers may be located outside of Australia or outside of the EU.
- We may from time to time need to disclose Personal Information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request.
- If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our databases, together with any Personal Information and non-Personal Information contained in those databases.
International Data Transfers
- Subject to and in accordance with the Privacy Laws, your Personal Information may be transferred to affiliates in other countries where we operate. In this event, we will ensure that the recipient of your Personal Information offers an adequate level of privacy protection for your Personal Information.
- As part of our obligations under the GDPR, we only transfer the data of individuals residing in the EU to countries outside of the EU with adequate privacy data laws or to a third party where we have approved transfer mechanisms in place to protect your Personal Information, for example, by entering into the European Commission’s Standard Contractual Clauses for data protection for data that is transferred internationally or ensuring the entity is Privacy Shield Certified for data transfer to third parties based in the United States.
- If the above safeguards do not apply, we will request your explicit consent to any transfers, and you will have the right to withdraw this consent at any time.
Security of your Personal Information and Data Breach protocol
- We are committed to ensuring that the Personal Information you provide to us is secure. We take practical steps to protect your Personal Information from any loss, misuse, alteration, and unauthorised or accidental access or disclosure or destruction in accordance with our security policy.
- To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic, technical and managerial procedures, such as encryption of Personal Information, to safeguard and secure data and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
- These measures include where appropriate or required by law, computer safeguards and secured, Internet firewalls, intrusion detection, anti-virus protection, network monitoring and Transport Layer Security (“TLS”) or similarly encrypted browsers.
- A reportable “Data Breach” is a security incident where the integrity of Personal Information is compromised through being destroyed, lost, altered, corrupted, disclosed or accessed by an unauthorised person where it is likely to result in serious harm to any individual affected.
- We have procedures and systems in place including a data breach incident response plan, specific data breach policies and procedures and personnel to deal with an actual or suspected “Data Breach” and will notify you and the applicable regulator in accordance with our obligations under the Privacy Laws and NDB.
- No method over the transmission or storage system is 100% private and secure. You understand that we do not guarantee or warrant the absolute privacy or security of any information we collect from or about you. If you have any questions about privacy or security, please contact us.
- Please report any actual or suspected breaches in relation to the Services or Platform for investigation to reternX by using the contact details provided below.
Access to and how you can control your Personal Information
- You may request details of Personal Information that we hold about you in accordance with the provisions of the Privacy Laws. We give you access to your Personal Information for the purpose of correcting any Personal Information that is inaccurate, incomplete or not up to date.
- If you would like a copy of your data or believe that your data is inaccurate, out of date, incomplete, irrelevant, please contact us using the contact details provided below.
Third-party tools and cookies
- When you use or access our Platform or any third-party platform including third party service providers, such as Google Analytics, third-party payment gateway providers or other third-party advertising and links, there may be cookies and similar technologies that store log files to collect information about your use of the
- Cookies are small text files (often including a unique identifier) that can be stored on your computer, tablet or mobile device when you visit a website. A cookie stores a small amount of data on your device about your visit to a website.
- These small files contain information about your browsing activity. Cookies are also used to identify you when you come back to the Platform and store details about your use of the Platform. They are widely used to make websites work more efficiently, to improve user experience and to provide information to website operators.
- In addition, cookies can be used to analyse traffic and may be used to serve relevant ads to Platform visitors through third party services such as Google AdWords.
- To understand more about cookies and how they are set, visit www.aboutcookies.org or www.allaboutcookies.org.
- We may use the following cookies to help the functioning of the Platform and to improve user experience:
- Strictly necessary cookies: These cookies are necessary for the functioning of the Platform and help to improve the efficiency of the Platform for users.
- Analytical/performance cookies: These cookies monitor your use of the Platform. For example, they collect information about website traffic and use, unique users, unique sessions and store information about users’ sessions and website campaigns.
- Targeting/advertising cookies: These cookies help us to provide useful and more targeted advertising.
- Preference cookies: These cookies help us to identify Users, so that we remember your preferences on the Platform.
- We may also use web beacons, action tags, and tracking devices to provide analytical and User data that can help us monitor usage and improve the Platform.
- Non-Personal Information is information about you or your activities which cannot be used to personally identify you. We may collect non-Personal Information through your browser, through text files (cookies), applications (e.g. mobile applications), and your IP address. We use non-Personal Information to compile statistical information about the use of our Platform (or for maintenance purposes) which may include (but is not limited to) recording your server address, your top-level domain name, the date and time of your visit to the Platform, the pages you accessed and downloaded, the previous site you visited and the types of browser you are using.
How we respond to Do Not Track Signals
Our system does not currently recognise Do Not Track (DNT) signals with respect to our Platform.
Unsubscribing from our Email Database and SMS marketing communications
- If we process your Personal Information for emails and short message communications (SMS), you can unsubscribe from our email database though the “unsubscribe link” that is contained in an email from us or texting ‘STOP’ if you receive SMS communications.
California Privacy Rights for Minors
- If you are a minor and a resident in California, you may contact us to request removal of any content or information you have posted using our Services on the Platform where you are a registered user.
- Only you as the minor may request removal or anonymisation of the content that you posted on our Platform.
- The removal of the content may not ensure a complete or comprehensive removal of that content. To request removal of the content or information, you may contact us using the contact details provided below.
Advertisements and Links
- We may publish advertisements from third parties and our Platform may from time to time have links to third-party websites. Links to third-party websites does not constitute our sponsorship or endorsement or approval of these websites. We cannot control or be held responsible for third party privacy practices and advertising content.
Complaints about privacy
- If you have any complaints about our privacy practices, please contact us. We take privacy seriously and will respond promptly to your notice.
- You can contact us:
- using our support page provided on our website located at
- by telephone, on the contact number published on the reternX Platform or website; or
- by email, using the email address published on the reternX Platform or website (from time to time).
- using our support page provided on our website located at
- You can contact us:
© 2020 ReternX Pty Ltd. All Rights Reserved.