Logo
HomeAboutLearnHelp Centre
Mobile menu closed

Privacy Policy

1. Introduction

This document is dated 10 July 2026 and explains how we collect, use, disclose, store and protect personal information (or personal data) when you use Bless Payments' (defined below) services, including our website, mobile application, and any other interface approved by Bless Payments to fund a Bless wallet, send and receive funds cross-border, exchange currency, make payments using a Visa card (including instore or online), withdraw cash at ATMs, manage card controls and settings, and any other Bless Payments services that may be offered from time to time (collectively, the "Services").

We are committed to handling personal information in accordance with applicable privacy and data protection laws, including:

  • in Australia, the Privacy Act 1988 and the Australian Privacy Principles (collectively, the "Privacy Act");
  • in Canada, the Personal Information Protection and Electronic Documents Act ("PIPEDA") (and any applicable provincial privacy laws); and
  • where applicable, certain US and EU/UK laws (for example, California consumer rights and GDPR).

This Privacy Policy contains information about how:

  • we comply with our privacy obligations;
  • we collect, use and disclose personal information we hold about you;
  • you may access and correct your personal information;
  • we protect your personal information;
  • you may complain about a breach of privacy obligations; and
  • we will deal with a privacy complaint.

2. Who Is "Bless Payments"? (Entities Covered by This Policy)

This Privacy Policy applies to the following entities operating under the "Bless Payments" brand:

  • Bless Payments Canada Inc. ("Bless Canada", "we", "us", "our")
  • Afmoom Trading Pty Ltd (trading as Bless Payments) ("Bless Australia", "we", "us", "our")

3. Which Entity You Contract With & Which Entity Is Responsible for Your Information

If you are a Canadian user, you onboard with and contract with Bless Canada, and your account is provided by Bless Canada.

If you are an Australian user, you onboard with and contract with Bless Australia, and your account is provided by Bless Australia. Both entities may share resources and engage affiliates/service providers. Where permitted by law, your personal information may be accessed or processed across borders (see Section 11).

4. What Kind of Personal Information Do We Collect and Hold?

We may collect and hold a range of personal information about you to provide you with the Services and to meet our compliance obligations as a regulated financial services business (including as a money services business/remittance provider).

(A) Information You Provide to Us

  1. Contact information (e.g. name, address, date of birth, phone number, email address, occupation).
  2. Financial information (e.g. bank account details, payment method details, transaction history).
  3. Identification & Verification Information (e.g. driver's licence, national ID).
  4. Business User Information (e.g. business name, directors/officers, beneficial ownership information, control structure, supporting corporate records).
  5. Recipient Information (e.g. name, phone number, email address, bank details and transaction information of the recipient).
  6. Source of Funds Information (e.g. bank statements, financing documentation, supporting documentation).
  7. Communications (e.g. if applicable, messages to Bless Payments' support staff, emails, chat logs, call recordings).

(B) Information We Collect Automatically

We may automatically log certain information about you and your device, such as:

  1. Device data: operating system, device type, manufacturer/model, browser type, screen resolution, unique device identifiers, language settings, IP address and general location (city/region).
  2. Online activity data: pages/screens viewed, time spent, navigation paths, access times, and interactions with you.
  3. Cookie and tracking data: as described in Section 8.

(C) Information We Collect From Third Parties

We may collect personal information from third parties such as:

  1. electronic identity verification services and fraud prevention providers;
  2. banks, payment providers, foreign exchange providers, and other financial institutions involved in processing transactions;
  3. referrers and marketing agencies; and
  4. publicly available sources and databases, where permitted and relevant for compliance and fraud prevention.

(D) Information We Do Not Collect

In Australia, we will not collect "sensitive information" (as defined under the Privacy Act) without your consent, unless an exemption applies (for example, where required/authorized by law or necessary for suspected unlawful activity or serious misconduct).

In Canada, we treat sensitive personal information with heightened safeguards and will obtain consent where required/appropriate.

(E) No Anonymity/Pseudonymity

You do not have the option of dealing with us anonymously or under a pseudonym, because it is impractical and, in many cases, unlawful given our regulatory obligations (including AML/CTF obligations).

5. How Do We Collect Personal Information?

We generally collect personal information:

  1. directly from you when you register or use our Services, complete forms or contact us; and/or
  2. indirectly from third parties as described above.

If the personal information we request is not provided, we may not be able to provide our products and Services.

6. Unsolicited Personal Information

We may receive unsolicited personal information about you. Where required, we destroy or de-identify all unsolicited personal information we receive, unless it is relevant to our purposes for collecting personal information and we are permitted by law to retain it. If retained, it will be handled in accordance with this Privacy Policy.

7. Who Do We Collect Personal Information About?

The personal information we may collect and hold includes (but is not limited to) personal information about users or potential users of our Services and limited information about our website visitors.

8. Website Collection, Cookies and Similar Technologies

We collect personal information when we receive completed online generated forms from our website (www.blesspayments.com) and application. We may use cookies and similar technologies (including tracking pixels, web beacons and local storage) to analyse traffic on our website and allow the technical operation and enhance the functionality of our website or application, and to help us understand user activity and improve our Services.

To use our website, you must consent to our use of cookies. You can withdraw or modify your consent to our use of cookies at any time. If you no longer wish to receive cookies, you can use your web browser settings to accept, refuse and delete cookies. To do this, follow the instructions provided by your browser. Please note that if you set your browser to refuse cookies, you may not be able to use all of the features of our website. Cookies do not contain personal information in themselves but can be used to identify a person when combined with other information. Cookies are small text files which are transferred to your computer's hard drive through your web browser that enables our website to recognize your browser and capture and remember certain information.

9. Why Do We Collect and Hold Personal Information?

We may use and disclose the information we collect about you for the following purposes:

  • Provide the Services: To provide you with our products and Services, create and administer your account, process transactions and manage transaction-related communications and provide customer support.
  • Comply with Law: To verify your identity in order to meet our know-your-customer obligations and related onboarding requirements and to comply with applicable laws, regulations and guidance including anti-money laundering and counter terrorism financing obligations and reporting obligations, monitor transactions and detect/prevent fraud, money laundering, sanctions evasion and other unlawful activity, investigate suspected unlawful activity or serious misconduct and maintain records, as required by law.
  • Improve & Operate Our Business: To improve and personalize your Services, maintain and improve the security, integrity and resilience of our systems, review and meet your ongoing needs, conduct analytics and quality assurance and to enforce our terms and protect our legal rights.
  • Direct Marketing: To the extent permitted by law and with your consent, to let you know about other products or services we offer, send you information about special offers or invite you to events. You may opt out of receiving such communications at any time.
  • Address Complaints: To consider any concerns or complaints you may have and address them accordingly.

We may use and disclose your personal information for any of these purposes. We may also use and disclose your personal information for secondary purposes which are related to the primary purposes set out above, or as otherwise authorized by applicable law.

10. Who Might We Disclose Personal Information To?

We may disclose personal information to:

  • a related entity or affiliate of Bless Payments;
  • an agent, contractor or service provider we engage to carry out our functions and activities, such as our bankers, lawyers, accountants, debt collectors or other advisers and consultants (including auditors, IT/security providers, identity verification, fraud prevention, transaction monitoring, analytics providers and customer support vendors);
  • organisations involved in facilitating remittance payments or currency conversions on our behalf, including banks, payment service providers, foreign currency providers and other financial institutions;
  • regulatory bodies, government agencies, law enforcement bodies and courts (including where required by money service business and AML laws);
  • financial product issuers;
  • potential buyers, sellers and professional advisors in connection with a business transaction (see "Change of Control" below); and
  • anyone else to whom you authorize us to disclose it or where required by law.

If we disclose your personal information to service providers that perform business activities for us, we require (where appropriate) that they only use your personal information for the relevant purpose for which we supply it and maintain appropriate safeguards.

11. Sending Personal Information Overseas

(A) Australia Users

Bless Australia may disclose personal information outside Australia to service providers and affiliates where necessary to provide the Services and operate our business.

(B) Canada Users

Bless Canada may disclose personal information outside Canada to service providers and affiliates where necessary to provide the Services and operate our business.

(C) Hosting Locations

  • We may store and process personal information in the countries where we, our affiliates, or our service providers operate. This means your personal information may be transferred to, stored in, or accessed from locations outside your state, province, or country of residence. We take reasonable steps to ensure that personal information receives an appropriate level of protection in the locations where it is hosted.
  • In some cases, we may take steps to configure certain data or personal information to be stored in particular regions; however, due to the nature of cloud services and our global support operations, personal information may still be processed or accessed from other locations as described above.

(D) Transfer Mechanisms/Safeguards

Where applicable and to ensure the secure and lawful transfer of personal information across international borders in a secure and legally compliant way, we may employ one or more of the following safeguards for international transfers:

  1. Standard Contractual Clauses (SCCs), as contemplated under the GDPR, or equivalent contractual protections;
  2. transfer to jurisdictions recognized as providing adequate protection under applicable law; and/or
  3. other supplementary safeguards required or permitted by applicable law.

12. Sharing of Personal Information & Third-Party Providers

In the course of providing services to you, we may share your personal information with certain third-party service providers for the purpose of enhancing and facilitating the services offered, particularly in the context of international payments. This sharing of information will be conducted in a manner that is consistent with the Privacy Act, GDPR, PIPEDA, and any other applicable international personal information protection laws. We may also share your personal information with regulatory authorities to the extent required to comply with applicable law.

The types of personal information that may be shared include, but are not limited to, your contact and location information, financial information, and identification information. This sharing of personal information is necessary for the execution of transactions, provision of customer support, and improvement of service quality.

Before sharing any personal information with a third-party service provider, we ensure that adequate data protection measures are in place and that the sharing is in compliance with applicable privacy laws.

13. Change of Control

In the event of a merger, acquisition, asset sale, financing, insolvency, or business reorganization, your personal information may be transferred to a successor or affiliate as part of that transaction, subject to appropriate privacy protections.

14. Management of Personal Information

We take reasonable steps to ensure your personal information is protected from misuse, interference, loss, and unauthorised access, modification or disclosure. Our safeguards include:

  • ensuring that all personal information is stored in secure, encrypted databases;
  • employing industry-standard cybersecurity practices;
  • limiting access to personal information to authorized personnel only, based on the principle of least privilege, with multi-factor authentication for staff access;
  • encrypting data during transmission, using TLS (Transport Layer Security);
  • processing card payments through PCI-DSS compliant service providers, such that full card details are not stored or processed on Bless Payments' systems;
  • implementing robust procedures for detecting, reporting, and investigating security breaches;
  • implementing regular security and penetration assessments/testing;
  • engaging with third party service providers that adhere to equivalent standards of personal information protection; and
  • training employees on best practices for personal information protection and the importance of maintaining the confidentiality and security of personal information.

However, no system is completely secure and we cannot guarantee the security of your personal information. You should notify us as soon as possible if you become aware of any security issues relating to your account.

15. Direct Marketing

We may use your personal information for direct marketing, where permitted by law and where we obtained your consent. You may withdraw your consent at any time by using the "unsubscribe" mechanism (in the case of email communications) or contacting us using the details set out in Section 24.

16. How Do We Keep Personal Information Accurate and Up to Date?

We take reasonable steps to ensure that the personal information we collect, use and disclose is relevant, accurate, complete and up-to-date. We encourage you to contact us to update your information. If we correct information that has previously been disclosed to another entity, we will notify the other entity of the correction, where required or appropriate. We aim to address correction requests within 30 days, unless you agree otherwise, subject to legal and operations constraints.

17. Accessing Your Personal Information

Subject to legal exceptions, you may gain access to the personal information that we hold about you by contacting our Privacy Officer.

We will require identity verification and details the information requested. We aim to respond within 30 days of the individual's request, subject to permitted extensions and legal exceptions. If we refuse to provide the information, we will provide reasons for the refusal where required by law.

18. Updates to This Privacy Policy

This Privacy Policy may be updated from time to time to take account of new laws and technology, and changes to our operations and the business environment. The latest version of the Privacy Policy will be available on our website.

19. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal, regulatory, and contractual obligations. Specifically:

  • Identity and Transaction: We retain identification information and transaction records (including suspicious transaction reports) for a minimum of 7 years from the date of the last transaction or account closure, or such longer period as may be required by applicable anti-money laundering, counter-terrorism financing, or other financial regulations.
  • Marketing and Communications: If you have consented to receive marketing communications, we will retain your contact information until you withdraw your consent or opt out of such communications. Records of communication between you and our customer support team (including emails, chat transcripts and call records) are also retained by us for 7 years for service quality and compliance purposes.
  • Technical and Cookie: Technical data and cookies are typically retained for shorter periods as described in our cookie settings, generally not exceeding 24 months.
  • Legal Claims: In some circumstances, we may retain personal information for longer periods where necessary to establish, exercise, or defend legal claims.

At the end of the applicable retention period, we will securely delete or anonymize your personal information in accordance with applicable laws and our internal data retention policies.

20. Data Breach Notification

In the event of a personal information breach, we will act in accordance with applicable breach notification laws and regulatory expectations, including:

  • promptly investigating and assessing scope and impact;
  • notifying regulators and/or affected individuals where required (for example, under Australia's Notifiable Data Breaches scheme where an "eligible data breach" is likely to result in serious harm; under PIPEDA where a breach poses a "real risk of significant harm"; and under the GDPR where there is a "high risk to the rights and freedoms of natural persons");
  • maintaining records of breaches as required by law; and
  • if necessary, engaging third party service providers to assist in the investigation and mitigation of the breach.

21. Privacy Rights

Depending on your location and the laws that apply to you, you may have rights regarding your personal information, which may include:

  • Right of access;
  • Right to correction/rectification;
  • Right to withdraw consent (where processing is based on consent);
  • Right to object to certain processing;
  • Right to deletion/erasure in certain circumstances;
  • Right to restrict processing in certain circumstances;
  • Right to portability of personal information in certain circumstances;
  • Right not to be subject to automated decision-making, including profiling. While we may use automated systems to assess transaction risk and detect fraud or money laundering as part of our AML/KYC compliance obligations, any decisions that have legal or similarly significant effects on you will involve human review and intervention; and
  • Right to lodge a complaint with the relevant regulatory authority.

22. Children's Privacy

Our Services are not directed to individuals under the age of 18 (or under the age of majority of any jurisdiction). We do not knowingly collect personal information from children. If we learn we have collected personal information from a child, we will take steps to delete it. If you believe that a child has provided personal information to us, please contact us immediately using the contact information provided at the end of this policy.

23. Questions, Requests & Complaints

You can contact our Privacy Officer for questions, requests, or complaints at:

(A) For Canada Users

Email: hello@blesspayments.com
Postal address Canada: 36 Toronto Street, Suite 850, Toronto, M5C 2C5, Canada

If you contacted us to lodge a complaint and were not satisfied with our response, you may contact the Office of the Privacy Commissioner of Canada regarding PIPEDA compliance:

Website: https://www.priv.gc.ca/

(B) For Australia Users

Email: hello@blesspayments.com.au
Postal address Australia: 4 Gwenyfred Road, South Perth WA 6151

If you contacted us to lodge a complaint and were not satisfied with our response, you may contact the Office of the Australian Information Commissioner regarding compliance with the Privacy Act:

  • Telephone: 1300 363 992
  • Mail: Director of Complaints, Office of the Australian Information Commissioner, GPO Box 5218, SYDNEY NSW 2001
  • Online: https://www.oaic.gov.au/consumer-data-right/consumer-data-right-complaints

(C) For All Other Users, Including the EU/EEA

Email: hello@blesspayments.com.au
Postal address: 4 Gwenyfred Road, South Perth WA 6151

If you are an EU/EEA user who contacted us to lodge a complaint and were not satisfied with our response, you may submit a complaint to the relevant data protection authority in your relevant jurisdiction. A list of EU data protection authorities is available at:

https://edpb.europa.eu/about-edpb/board/members_en

Spend money anywhere Visa is accepted. Send money to 60 countries across Asia, Africa, Europe and the Middle East.
BDBangladesh
KHCambodia
EGEgypt
ETEthiopia
GHGhana
GIGibraltar
INIndia
IDIndonesia
KEKenya
LBLebanon
MYMalaysia
MAMorocco
NPNepal
NGNigeria
PKPakistan
PHPhilippines
ZASouth Africa
KRSouth Korea
LKSri Lanka
SESweden
CHSwitzerland
THThailand
TRTurkey
VNVietnam
ZWZimbabwe
Isyourcountrynotlisted?

Bless Payments Logo
About usLearnInvestors
Help CenterLegal

Follow us

facebook iconinstgram iconlinkedin icontiktok iconx iconyoutube icon