FinFinda logo
FinFinda

Privacy Policy

About this Policy

FinFinda (ABN 92070030160)
Effective date: 21st March 2026

This Privacy Policy explains how FinFinda (“Finfinda”, “we”, “us”, “our”) handles personal information in connection with our main website and related serv

  • We are committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
  • By using our survey or asking us to assist with your credit needs, you consent to us collecting, using and disclosing your personal information as described in this Privacy Policy.

Who we are & how to contact us

Entity:

FinFinda (ABN 92070030160)

Contact details:
Phone: -

Email: admin@finfinda.com.au
Website: https://finfinda.com.au

If you have any questions about this policy or how we handle personal information, please contact us using the details above.

What personal information we collect

The type of personal information we collect depends on how you interact with us. For the survey and our credit-related services, we may collect:

Information you provide directly:

  • When completing a survey, your contact details (such as your name, email address, phone number).
  • Information about your financial position and credit needs (for example income, expenses, assets, liabilities, loan objectives) as you choose to provide them in the survey.
  • Answers to survey questions, including any free-text responses.
  • Preference information (for example, communication preferences).

When you contact us or use our services:

  • Identification and contact details.
  • Information about your credit needs and objectives so we can provide assistance.
  • Any other information you choose to give us in correspondence, phone calls, or meetings.

You do not have to provide all of the information we request. However, if you choose not to provide some information, we may not be able to properly advise or assist you with your credit needs or respond to your enquiry.

Information we collect automatically


When you visit our survey or website, we may automatically collect:

  • Technical information about your device and browser (for example IP address, browser type and version, operating system).
  • Usage information, such as pages viewed, time spent on pages, referring URLs and clickstream data.
  • Basic security and diagnostic information (for example, error logs and access logs).
  • This information is usually collected via cookies and similar technologies (see Section 10 - Cookies and similar technologies).

Information from third parties
In some cases, and where permitted by law, we may receive information about you from third parties, such as:

  • Our credit licensee or aggregator (for supervision, compliance and administration).
  • Credit reporting bodies or lenders (where relevant to your credit application and with appropriate consent).
  • Service providers who help us verify or enrich data (for example, address validation tools).

Why we collect and use your personal information

We collect, hold, use and disclose personal information only where it is reasonably necessary for our functions and activities, including

  • to provide our survey and credit assistance services
  • To operate the survey at survey.themoneyhub.com.au.
  • To assess your circumstances, objectives and preferences.
  • To provide information, general guidance or, where applicable, credit assistance in relation to loans and related products.

Communicate with you

  • To send you a copy of your survey responses.
  • To respond to enquiries and support requests.
  • To send you information you request from us.

Manage our relationship with you

  • To maintain our records.
  • For invoicing, administration and internal reporting.
  • To follow up with you and conduct client surveys.

Direct marketing (optional)

  • To let you know about promotions, new services, special offers, events or
  • articles we think may be of interest to you.
  • We may contact you by email, phone or post, unless you tell us you do not
  • wish to receive marketing communications.
  • You can opt out of marketing at any time by following the unsubscribe instructions in our emails or by contacting us.

Analytics, service improvement and security

  • To understand how our survey and website are used so we can improve the experience.
  • To monitor, detect, prevent and investigate fraud or security issues.
  • To maintain backups and business continuity.

Legal, regulatory and risk management

  • To comply with our legal and regulatory obligations (for example, under credit and consumer laws).
  • To manage actual and potential disputes and complaints.
  • To cooperate with law enforcement and regulators where required.
    We may also use de-identified or aggregated information (which does not identify you) for analytics, reporting and research.

Direct marketing and your choices

We may use your contact details to send you:

  • Information about products or services we believe may be relevant to you;
  • Invitations to events, webinars or surveys.

You can opt out of marketing at any time by:

  • Clicking the “unsubscribe” link in any marketing email
  • Contacting us asking to be removed from our marketing list.
  • We do not sell, rent or trade your personal information to third parties for their own marketing purposes.

How we store and protect your information

We take reasonable steps to protect the personal information we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure, consistent with the APPs.

Measures we use include:

  • Limiting access to personal information to staff who need it to perform their duties.
  • Secure passwords and access controls.
  • Use of reputable cloud service providers with appropriate security certifications and controls

Service providers & overseas disclosures

To operate our website, application and related services, we use specialist third-party service providers. Some of these providers may store or process personal information outside Australia.

Where this occurs, we take reasonable steps to ensure overseas recipients handle personal information in a manner consistent with the Australian Privacy Principles, including through appropriate contractual, technical and organisational safeguards.

Hosting and website delivery - Vercel


We use Vercel to host and deliver our website and application. Depending on how a person uses our services, Vercel may process customer data and technical information such as end-user IP address, location information derived from IP address, system configuration information, request and usage data, log files, diagnostics, performance information and other service telemetry needed to operate and secure the platform. Vercel states that, for customer data, it acts as a data processor on behalf of its customers.

Vercel states that its services operate on infrastructure provided by Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP), and that backups of customer data are globally replicated and retained across multiple availability zones for resiliency. As a result, personal information may be processed in the United States and other countries where Vercel and its cloud providers operate.

Database and backend infrastructure - Supabase


We use Supabase for database and related backend infrastructure services, which may include managed database, authentication, storage and associated platform functionality. Personal information that you submit to us, or that is generated through your use of our services, may be processed by Supabase on our behalf in connection with providing those services.

Supabase states that personal information may be stored on servers in the United States or in other countries where Supabase or its affiliates, subsidiaries, agents or contractors maintain facilities. Depending on the region we select and how our services are configured, personal information may be stored or processed outside Australia.

Telemetry and observability - Axiom


We use Axiom for telemetry, observability and diagnostic monitoring. Depending on how we configure the service and what events our systems generate, this may include logs, traces, metrics, events, request metadata and other technical information generated through the operation and monitoring of our services.

Axiom's data processing addendum states that it applies when Axiom processes customer personal data as a processor or service provider. Axiom's privacy policy states that its services are hosted and operated in the United States through Axiom and its service providers, with personal data hosted on U.S. servers and possibly other countries. Axiom also advertises Axiom Cloud deployment options in U.S. and EU regions. On that basis, telemetry data may be processed outside Australia, including in the United States and potentially other jurisdictions, depending on configuration.

Transactional email delivery - Postmark

We use Postmark to send and manage transactional emails, such as verification emails, sign-in links, receipts, notifications and other service-related messages. To perform that function, Postmark may process personal information such as sender and recipient details, email addresses, subject lines, message content, attachments, message metadata and delivery event data.

Postmark states that it is a U.S.-based company and stores customer data, including data processed on behalf of customers, in the United States. Postmark also states that its primary data and servers are hosted at a Deft data centre near Chicago and on AWS. Postmark further states that it stores email content, events and metadata for 45 days by default, with configurable retention from 7 to 365 days. As a result, personal information used in connection with transactional emails may be transferred to and processed in the United States.

Error monitoring and performance diagnostics - Sentry


We use Sentry to monitor software errors, crashes and performance issues. Depending on configuration and the nature of the event being reported, Sentry may receive error and exception data, stack traces, breadcrumbs, request information such as query strings, cookies and headers, tags, browser or device information, user-related identifiers and other debugging context generated at the time of the event.

Sentry states that it supports both U.S. and EU data storage locations, and that service data remains in the selected storage location. Sentry also states that it offers a data processing addendum and participates in the EU-U.S. Data Privacy Framework. Depending on the storage location we select and the way the service is configured, personal information may be processed outside Australia, including in the United States or Europe.

Other disclosures

We may also disclose personal information to:

  • Our credit licensee (for administration and supervision activities where applicable).
  • Professional advisers (for example, lawyers, auditors or accountants).
  • Regulators, law enforcement and dispute resolution bodies where required by law or reasonably necessary to handle a complaint, dispute or investigation.
  • Another entity in the event of a corporate transaction such as a sale, merger, reorganization or dissolution. In that case, we will take reasonable steps to ensure any recipient protects personal information in a manner consistent with this policy.

How long we keep your information (retention)

  • We aim to keep personal information only for as long as we reasonably need it for the purposes described in this notice and to meet our legal obligations. After that, we delete or de-identify it according to our data destruction procedures.
  • Unless required to keep information longer by law, we currently apply the following retention approach:
  • Survey submissions: kept for 24 months from submission, unless they become part of an ongoing customer record (e.g. if you proceed with credit assistance), in which case they may be retained for longer in line with our legal and regulatory obligations.
  • Security & access logs (including CDN logs): typically kept for up to 90 days to help us detect security issues and troubleshoot problems.
  • Backups: encrypted rolling backups kept for up to 90 days, then overwritten as part of normal backup cycles. (Vercel)
  • Analytics data: retained for around 6 months, after which it is either deleted or aggregated/de-identified.
  • Retention periods may change over time as we update our systems and obligations. Where we are required by law to keep information longer (for example, under financial or credit legislation), we will do so.

Cookies and similar technologies

We use cookies and similar technologies on survey.themoneyhub.com.au and themoneyhub.com.au to help our websites function and to understand how they are used.

Types of cookies we use
Essential cookies

  • Required to provide core survey and website functionality.
    For example, to keep your session active while you complete the survey or to deliver content securely.
  • You cannot opt out of these cookies via our banner as the site will not function properly without them.

Performance / analytics cookies

  • Help us understand how visitors use our survey and website so we can improve the experience.
  • May record page views, time on page, navigation paths and similar metrics.
    Where feasible, we use privacy-respecting analytics approaches (for example, aggregated or pseudonymous statistics).

Your cookie choices

  • Most web browsers allow you to accept or reject all cookies, and delete cookies or receive a warning before cookies are stored.
  • If you disable or block cookies, some parts of our survey or website may not function correctly.

How you can access and correct your information

Survey verification & corrections

After you complete a survey, you may contact us if you’d like update your responses.

General access and correction

You have the right to request access to the personal information we hold about you, and to ask us to correct any information you believe is inaccurate, incomplete or out of date, subject to certain exceptions under the Privacy Act.

To request access or correction:

  • Put your request in writing.
  • Provide enough information for us to identify you and the information you are referring to.
  • Send it to: admin@finfinda.com.au

We will:

  • Respond to your request within a reasonable period.
  • Provide access in the manner you request where it is reasonable and practicable.
  • Correct, amend or delete any personal information that we agree is inaccurate, out of date, incomplete, irrelevant or misleading.
  • We do not charge a fee for receiving an access or correction request or for providing access to personal information.

What if you don’t provide some information?

You are free to choose what information you provide. However:

  • We only ask for information that is reasonably necessary for us to assist you (for example, to understand your credit needs).
  • If you do not provide complete or accurate information, we may not be able to properly advise or assist you with your credit needs or respond fully to your enquiry.

Complaints and how we will handle them

We take privacy concerns seriously and aim to resolve them quickly and fairly.

Internal Dispute Resolution (IDR)

If you have a complaint about how we have handled your personal information, please contact us by email at admin@finfinda.com.au.
Please include as much detail as possible so we can understand and investigate your complaint. We will

  • Acknowledge your complaint within a reasonable time.
    Investigate the issues raised.
  • Respond to you in writing, setting out our findings and any steps we will take to address your concerns.
  • If you are not satisfied with our response, you may be able to lodge a complaint with The Office of the Australian Information Commissioner (OAIC), which oversees compliance with the Privacy Act.

Changes to this Privacy Policy

We may update this Privacy Policy from time to time, for example to reflect:

  • Changes to our services or business practices.
  • Changes to our service providers or data locations.
  • Updates to legal or regulatory requirements.
  • The updated policy will be posted on https://finfinda.com.au. We encourage you to review this page periodically to stay informed about how we handle your personal information.