Privacy Policy

Last Updated: March 2026

1. Introduction

Banqeta Pty Ltd (ABN 81 661 222 500) ("Banqeta", "we", "our", "us") respects your privacy and is committed to protecting your personal information.

This Privacy Policy explains how we collect, use, disclose and safeguard your personal data when you visit our website at www.banqeta.com ("Website") or use our services, applications or products (collectively, "Services").

Banqeta provides technology and user interfaces that connect you to regulated financial service providers, including Layer 2 Financial Inc. (trading as Rail), Stripe, Intercash and Visa. These partners process payments, issue accounts and cards, and hold funds in accordance with their respective regulatory obligations.

2. Scope

This Privacy Policy applies to visitors to our Website, users of the Banqeta platform, and individuals or entities engaging with Banqeta through white label or partner programmes.

This Policy does not apply to personal data processed directly by our regulated partners such as Rail, Stripe, Intercash or Visa. Their own privacy policies govern how they handle such data. Rail is operated by Layer 2 Financial Inc., a company acquired by Ripple. For Rail's current privacy policy and customer agreement, please refer to their website directly as these documents may be updated from time to time.

3. Information We Collect

3.1 Personal Information You Provide

Full name, company name and contact details including email address, phone number and address. Identity verification documents such as government issued ID, passport and business registration documents. Billing and payment information. Correspondence and communication records.

3.2 Information Collected Automatically

IP address, browser type, operating system and device identifiers. Usage data including access times, pages viewed and referral links. Cookies and similar technologies as described in Section 8.

3.3 Information from Third Parties

We may receive information from our regulated partners, payment processors, compliance providers or referral partners where necessary to provide Services or comply with applicable laws.

4. How We Use Your Information

We use personal information for account setup, identity verification including KYC and KYB, and service delivery. Transaction processing and payment facilitation. Compliance with legal, tax and regulatory obligations. Fraud prevention, risk assessment and anti-money laundering checks. Providing customer support and responding to enquiries. Improving, maintaining and personalising the Banqeta platform. Communicating important updates including pricing or policy changes.

We may anonymise or aggregate data for analytics purposes, provided individuals cannot be identified from such data.

5. Legal Basis for Processing

We process personal data on one or more of the following legal bases depending on the nature of the processing and your jurisdiction.

To perform a contract with you or your organisation, including providing the Services you have requested. To comply with legal and regulatory obligations applicable to Banqeta and its regulated partners. To pursue our legitimate business interests, including platform security, fraud prevention, service improvement and business development, where those interests are not overridden by your rights and interests. With your consent, for example in relation to marketing communications, which you may withdraw at any time.

Where we rely on legitimate interests, we carry out a balancing assessment to ensure our interests do not override your fundamental rights and freedoms.

6. Disclosure of Information

We may share your personal data with regulated partners including Rail, Stripe, Intercash and Visa for account provision, card issuance and payment processing. Third party service providers for cloud hosting, identity verification, analytics or communication tools including Google Cloud, Microsoft and HubSpot. Regulators, law enforcement or government authorities where legally required. Corporate affiliates and professional advisers for legitimate business purposes.

We do not sell or rent your personal data to third parties.

7. International Data Transfers

Some of our regulated partners and service providers operate outside Australia, including in the United States, Canada, the United Kingdom and the European Economic Area.

Where data is transferred internationally, we ensure appropriate safeguards are in place in accordance with applicable law. For transfers from the UK or EEA, this includes Standard Contractual Clauses or equivalent protections. For transfers under Australian law, we apply the cross-border disclosure requirements of the Privacy Act 1988 (Cth).

8. Cookies and Tracking Technologies

Banqeta uses cookies and similar tracking technologies to enhance user experience, analyse traffic and performance, and store user preferences. You can manage your cookie preferences through your browser settings. Please note that blocking certain cookies may affect the functionality or performance of the Website.

9. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this Policy, or as required by applicable law including recordkeeping, tax and compliance obligations. When data is no longer required, it is securely deleted or anonymised.

10. Data Security

We use industry-standard security measures including encryption, firewalls and access controls to protect your personal data from unauthorised access, alteration, disclosure or destruction. While we take reasonable steps to protect your information, no method of electronic transmission or storage is completely secure and we cannot guarantee absolute security.

11. Your Rights

Depending on your jurisdiction, you may have rights in relation to your personal data. These may include the right to access your personal data and receive a copy of it. The right to correct inaccurate or incomplete information. The right to request deletion of your personal data in certain circumstances. The right to restrict or object to certain types of processing. The right to withdraw consent where processing is based on consent. The right to data portability in certain circumstances.

Users in the United Kingdom and European Economic Area have additional rights under the UK GDPR and EU GDPR respectively, including the right to lodge a complaint with a supervisory authority in their country of residence.

To exercise any of your rights, please contact us at hello@banqeta.com. We may require reasonable verification of your identity before responding.

12. Marketing Communications

We may contact you with updates, offers or information related to our Services where you have consented or where we have a legitimate interest in doing so. You can unsubscribe from marketing communications at any time by using the unsubscribe link in our emails or by contacting us at hello@banqeta.com.

13. Third Party Links

Our Website may include links to third party websites. We are not responsible for the content, security or privacy practices of those external websites and we encourage you to review their privacy policies before providing any personal information.

14. Changes to This Policy

We may update this Privacy Policy from time to time. The date at the top of this page indicates when the Policy was last updated. Where changes are material, we will notify you via our Website or by email where appropriate. Continued use of our Services following the publication of changes constitutes your acceptance of the updated Policy.

15. Contact Us

If you have any questions, requests or complaints about this Privacy Policy or how your personal information is handled, please contact us at:

Email: hello@banqeta.com Website: www.banqeta.com