Privacy Policy
Infomedia (“Infomedia”, “we”, “us”, “our”) respects your right to privacy and is committed to protecting the privacy and security of information you share with us.
This Privacy Policy (the “Policy”) describes how we will collect, use, share and otherwise process your personal information (also known as personal data) in connection with your use of our website, services and any other interactions we have with you.
If you have any questions about our use of your personal information, or you wish to exercise any of your privacy rights, please contact us using the details provided in section 14 below.
1. About us
We are Infomedia Pty Ltd, together with its subsidiaries IFM Americas Inc., IFM Europe Limited, Nidasu Pty. Ltd, IFM Deutschland GmbH, SimplePart LLC (collectively the “Infomedia Group”). This Policy applies to all members of the Infomedia Group. In this Policy, references to “Infomedia” are to the applicable Infomedia Group entity/ies involved in processing the personal information.
Please note, this Policy does not apply to Simplepart’s customer e‑commerce parts websites which Simplepart may host or operate on behalf of our customers. Customer websites are governed by the customer’s privacy notice. On those websites, Simplepart acts as the customer’s service provider/processor under our data processing agreement and handles personal information solely on the customer’s instructions. If your request relates to a customer parts website, please contact that customer directly. We will support them in responding.
Where you share personal information with a member of the Infomedia Group, that party may share your personal information with other members of the Infomedia Group as detailed in section 7 below.
Our contact details are provided in section 14 below.
2. When this Policy applies to you
By using any Infomedia website and by installing, accessing and/or using any of our services or by otherwise interacting with us, you consent to the collection of personal information in accordance with this Policy.
3. Information we may collect about you
We collect personal information about you when you create an account with us, otherwise use the services, or interact with us in some other way.
The personal information we collect will vary depending on the nature of the services or interaction and may include:
- Identity Data: first name, last name, title, date of birth and Profile Data.
- Contact Data: first name, last name, contact address, email address and telephone numbers, delivery point identifier, your communication preferences and copies of the communications between you and us.
- Profile Data: your email address, username, password and (if applicable) profile photo.
- Audio Data: audio recordings of your voice, such as when you contact customer support or interact with voice-related features of our services.
- Transaction Data: billing and delivery addresses, history of your payments, purchases, deliveries, returns and refunds and the applicable terms and conditions of your purchases.
- Payment Data: your bank account details for direct billing purposes (applicable services only).
- Vehicle Data: information about your vehicle.
- Device Data: the type of device you use, your IP addressand related information.
- Content Data: information that you store via our services.
- Usage Data: logs and detail of your use of our services, error or debugging information, and the actions we and you take in relation to them and Cookies Data.
- Security Data: information we collect about your use of our Services and our websites and applications in order to ensure your and our other users’ safety and security.
- Cookies Data: the information collected through the cookies and similar technologies as detailed in our Cookie Policy.
- Direct Marketing Data: your direct marketing preferences, consents for receiving direct marketing from us and/or our third parties and the history of the direct marketing communications we have sent to you.
- Location Data: your current location for the time period where you have permitted us to collect it.
- Connected Data: information stored on your Device that you permit the services to connect to, such as contacts lists, login information etc.
- Feedback Data: your feedback and survey responses.
- Personalisation Data: Cookies Data, Device Data, Content Data, Transaction Data, Connected Data, Usage Data, Location Data, and the preferences we have inferred you have and use to personalise the services.
We do not typically collect “sensitive information” about you, such as information about your health, biometrics, racial or ethnic origin, religious beliefs or sexual orientation. If at any time we were to require sensitive information from you in order to provide our services, we would only collect it with your express consent or as otherwise permitted by applicable laws.
It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during our relationship with you.
4. How we collect information
Infomedia collects information in the following ways:
- Registration: We collect your Identity Data, Contact Data and Profile Data when you register your account with us. For services which require direct debit, we may collect your Payment Data.
- Communication: When you communicate with us via email, telephone, chat or another method we collect your Contact Data and may collect Audio Data. If the communication relates to an error or problem you are having with the one of our Services, we will also collect Usage Data for diagnosis and improvement.
- Information you generate when using our services: Each time you access and use our services we collect Content, Device, Cookies, Personalisation and Usage Data. We collect Content Data where you upload it to the services. We collect Device, Cookies, Personalisation and Usage Data as detailed in our Cookie Policy.
- Information we collect through monitoring the use of our website and services: Each time you access and use our website and services we collect information about that access and use, being Device, Content, Cookies, and Usage Data.
- Additional information we otherwise collect through our website and services where we have your consent to do so: When you interact with voice feature of our services, such as AI-powered voice agents, we may collect and process Audio Data. Where you provide your consent, we may collect your Location Data on an ongoing basis while you are using the services.
- Direct Marketing: We collect and record Direct Marketing Data when we add you to our marketing database, you request to change your direct marketing preferences, or you interact with our direct marketing communications, including where we receive these instructions from others.
- Connected Data: We collect Connected Data when you choose to connect your connected device to your account, including where we are provided with the Connected Data by others.
- Information we receive from third parties: We may receive personal information about you from third parties, such as our customers, security partners to protect against fraud, abuse and other threats, marketing vendors who provide us with information relating to potential customers, advertising vendors and event organisers.
- Publicly available information: We may collect publicly available information about our service users, customers and potential customers.
- Unique application numbers: When you want to install or uninstall a service containing a unique application number or when such a service searches for automatic updates, that number and information about your installation, for example, the type of operating system, may be sent to us.
When we collect personal information in Australia, we do so in accordance with the Australian Privacy Principles, including providing notice of collection at or before the time of collection.
5. How your information will be used
We may use your personal information for a range of purposes relating to our business and services, including:
- to provide and maintain our services
- to enhance, develop and improve our services
- to monitor your use of the services
- to personalise your use of the services
- to keep our services secure
- to provide support for your use of the services such as resolving bugs, queries and other issues
- to facilitate our customers’ use of our services, and improvements to their services
- to communicate with you
- to comply with our legal obligations
- to prevent fraud, criminal activity and to protect the security of our services
- where we are a customer, for use relating to our receipt of third party services
We may aggregate or de-identify your personal information (ensuring you can no longer be identified) and use this for a range of purposes including assessing the effectiveness of our services, updating and improving our services, conducting research and other analytics.
Australian personal information
If you are located in Australia, we will only use or disclose your personal information for the primary purpose for which it was collected, or for a directly related secondary purpose that you would reasonably expect. We will otherwise only use or disclose your personal information with your consent or as required by applicable law.
Non-Australian personal information
We will only use your personal information when we have a lawful basis to do so. Most commonly, we will use your personal information in the following circumstances:
- Legitimate interests. Where it is necessary for our legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal information for our legitimate interests. You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.
- Consent. Where you have freely consented before the processing in a specific, informed and unambiguous indication of what you want. You can withdraw your consent at any time by contacting us.
- Performance of a contract. Where we need to process your personal information to perform a contract with you or where you ask us to take steps before we enter into a contract with you. Where we rely on performance of a contract and you do not provide the necessary information, we will be unable to perform your contract.
- Legal obligation. Where we need to use your personal information to comply with a legal or regulatory obligation. Where we rely on a legal obligation and you do not provide the necessary information, we may be unable to fulfil a right you have or comply with our obligations to you, or we may need to take additional steps, such as informing law enforcement or a public authority or applying for a court order.
The lawful basis for our processing of categories of personal information includes:
| Purpose or activity | Type of personal information | Lawful basis for processing |
| Delivery and improvement of our services | ||
| To register you as a user | Identity, Contact, Financial, Device, Profile | Performance of a contract / Legitimate interests (delivering our services to you) |
| To provide services to you and to process and fulfil orders/purchases, including managing payments and sending you service communications | Identity, Contact, Transaction, Device, Location | Legitimate interests (delivering our services to you), and Performance of a contract |
| To enforce our terms and conditions, including to collect money owed to us | Identity | Legitimate interests (to recover debts due to us) |
| Combining the information we collect about you into a single customer account profile | Contact, Direct marketing | Legitimate Interests (to publicise and grow our business) |
| Direct marketing | ||
| To send you direct marketing communications via email, text and/or phone | Contact, Device, Direct Marketing | Consent. Unless we can rely on the soft opt-in and you have not opted out, in which case we rely on Legitimate Interest (to publicise and grow our business) |
| To send you direct marketing communications | Contact, Device, Direct Marketing | Legitimate interests (to publicise and grow our business) Unless you have opted out, in which case we rely on Consent |
| Troubleshooting, improvement and security | ||
| To administer, monitor and improve our business and services including troubleshooting, data analysis and system testing | Identity, Contact, Device | Legitimate interests (for running our business, provision of administration and IT services, network security, maintaining the security of services, providing a secure service to users and preventing fraudulent and other misuse of our services) |
| Applying security measures to our processing of your personal information, including processing in connection with the services | All personal information under this privacy notice | Legal obligation (applying appropriate technical and organisational measures |
| Otherwise monitoring use of the services and deploying appropriate security measures | Contact, Security, Transaction | Legitimate interests (running our business, provision of administration and IT services, network security, maintaining the security of our services and services, providing a secure service to users and preventing fraudulent and other misuse of our services) |
| To comply with our other legal obligations, including compliance with judicial, law enforcement and government authorities’ requests | All personal information under this privacy notice | Legal obligation |
| Cookies and personalisation | ||
| To deploy and process personal information collected via Cookies that are strictly necessary, as set out in our Cookie Policy | Cookies | Legitimate interests (delivering and securing the services) |
| To deploy and process personal information collected via Cookies that are not strictly necessary, as set out in our Cookie Policy | Cookies | Consent |
| To deliver (personalised) advertisements to you | Personalisation | Consent |
| Other communications | ||
| To notify you of changes to the services, your purchases and our terms and conditions for ongoing contracts | Contact | Performance of a contract (ongoing or prospective contracts). Legitimate interests (in servicing our users and prospective users) |
| To notify you of updates to this privacy notice | Contact, Transaction | Legal obligation (to inform you of our processing |
| To respond to your requests to exercise your rights under this notice | As relevant to your request | Legal obligation |
| To enable you to participate in a prize draw or competition (where applicable, please also see the separate prize or competition privacy notice) | Contact, Direct Marketing, Competition | Legitimate interests (in growing and publicising our business), unless you have previously opted out, where we will rely on Consent. Performance of a contract (once you have entered) |
| To ask you to complete a survey and process your response (where applicable, please also see the separate privacy notice) | Contact | Legitimate interests (to analyse how users use our services and to develop them and grow our business). Unless you have previously opted out, where we will rely on Consent |
| To interact with you via an AI-powered voice agent incorporated into our services | Contact, Audio | Legitimate interests (in servicing our users and to analyse how users use our services and to develop them and grow our business). Unless you have previously opted out, where we will rely on Consent |
| To otherwise respond to your enquiries, fulfil your requests and to contact you where necessary | As relevant to your enquiry or request | Legitimate interests (service our users and prospective users) |
| Personal information sharing | ||
| Share personal information with our third-party providers and other external parties | See section 7 | Legitimate interests (for the purpose relevant to the recipient, as set out in section 7 |
| Business contacts | ||
| Process personal information relating to staff members of our business contacts, including suppliers, customers and prospects | Contact | Legitimate interests (servicing and receiving products or services, to or from our business contacts and carry out our B2B business) |
Where you provide personal information to us about another person, you warrant that you are authorised to provide that information to us, and that you will inform that person who we are, how we use and disclose their information, and that they can gain access to that information.
6. Criminal offence data and special category data
We do not intentionally collect criminal offence data about you. However, we may process data relating to criminal offences in monitoring the use of our services for security purposes, where we suspect you may have committed a crime, such as attempting to make a fraudulent purchase or claim or circumvent the security of the services. In such circumstances, we will provide that information to law enforcement and/or use it to establish, exercise or defend a legal claim. In those circumstances, according to the type of activity and purpose, we will rely on legitimate interests (protecting our business, employees and other users) and legal obligation (where required by legal, judicial or law enforcement to disclose or process that information).
7. Who we share your personal information with
Your information will only be disclosed to parties outside of Infomedia as set out in this Policy or as otherwise notified to you at the time of collection of the information.
We may share your personal information:
- Our group companies. Other companies in the Infomedia Group and our part-owned entities, including Intellegam GmbH. This information is shared for the purposes described in this Policy and generally to support the operation of our businesses.
- Trusted third parties and service providers:
- Specific third parties identified as our list of sub-processors (a list is available by emailing security@infomedia.com.au).
- Third party providers of linked websites, plug-ins and integrations incorporated into or accessed via our services, such as embedded survey tools.
- Service providers which provide IT and system administration services, hosting services for our services, delivery and logistics services, payment processing, fraud and identity verification providers, customer service support, email delivery and administration, and data storage and analysis.
- Our professional advisors including lawyers, auditors, insurers and other consultants.
- Marketing, promotional and referral partners and co-operatives with whom we share data to enhance our offerings and identify prospective customers.
- Other external third parties.
- Service providers you have appointed that we need to contact to fulfil your requests, such as your banking or payment card provider to process your transactions.
- Third party partners where you have subscribed to receive marketing from or with them.
- Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal information in the same way as set out in this privacy notice.
- Regulators, law enforcement, public authorities or other third parties where necessary to exercise our rights or comply with a legal obligation.
Transfers to third parties which are located in countries outside of your home jurisdiction are covered in section 9 below.
8. Third party links, services and sites
Infomedia’s website and services may from time to time contain links to and from websites and services owned and operated by third parties, who may collect personal information about you. Please note that these websites (and any services accessible through them) are controlled by those third parties and are not covered by this Policy. You should review the third party privacy notices to understand how they use your personal information before you submit any personal information to these websites or use those services.
9. Cross Border Transfers
Sometimes we may transfer your personal information to countries other than where it originates. Those countries may have data protection laws which are different to the laws in your country.
By accessing an Infomedia website, or by installing, accessing or using Infomedia’s services, except where we have agreed under an agreement to retain such information within a specific country or region, you agree and consent to the cross-border transfer of your personal information in accordance with this clause.
Where we disclose personal information overseas in relation to our Australian operations, we will take reasonable steps to ensure the recipient does not breach the Australian Privacy Principles.
Transfers out of the EEA/UK
All transfers between our group companies are governed by our intra-group data sharing and transfer agreements. Where available, we rely on the UK government’s andEuropean Commission’s adequacy decisions. For all other transfers between our group companies, we have executed the EU Commission’s standard contractual clauses.
Whenever we transfer your personal information out of the UK orEEA other than between our group companies, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
- Adequacy decisions: Transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information.
- SCCs: Where we use certain service providers located outside the UK or EEA, we use suitable contracts governing the transfer of personal information outside of the UK and EEA.
- Exceptions: in limited circumstances we may rely on an exemption to transfer personal information.
Please contact the DPO using the contact details above if you want further information on the specific mechanism used by us when transferring your personal information out of the UK or EEA.
10. Information Security
Infomedia is committed to ensuring high standards of data security and privacy. We are ISO 27001 certified, demonstrating our adherence to best practices in information security management. This certification reflects our dedication to protecting the privacy of our customers and partners, safeguarding sensitive information, and maintaining robust security controls across all operations.
Once we have received your information, we will use strict procedures and security features to protect your personal information from loss, unauthorised use or access.
Despite our security commitment, data transmission over the Internet may not be secure and you transmit all information at your own risk. You are solely responsible for keeping your login account details including passwords confidential, your computer systems are up to date and implement antivirus and other protective measures.
11. Data Retention
We retain personal information for as long as is necessary for the purposes described in this Policy.
Details of retention periods for different aspects of your personal information are available on request. By law we have to keep basic information about our customers (including Contact, Identity, Security and Transaction Data) for a period of two years after they cease being customers.
Once we no longer have a legal right to hold your personal information, we will delete or, in some circumstances, we will anonymise your personal information (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.
In some circumstances, you can ask us to delete your data: see Your legal rights below for further information.
Your legal rights
You have the following rights under data protection laws in relation to your personal information:
- Access. Request access to and/or a copy of the personal information we process about you (commonly known as a data subject access request). This enables you to check that we are lawfully processing it.
- Correction. Request correction of any incomplete or inaccurate data we hold about you. (We may need to verify the accuracy of the new data you provide to us.)
- Deletion. Request us to delete or remove personal information where there is no good reason for us continuing to process it. You also can ask us to delete or remove your personal information where you have successfully exercised your right to object to processing (see below), where we have processed your information unlawfully or where we need to erase your personal information to comply with law. (In some cases, we may need to continue to retain some of your personal information where required by law. If these apply, we will notify you at the time of our response.)
- Objection. Object to us processing your personal information where (a) we are relying on legitimate interests as the lawful basis and you feel the processing impacts on your fundamental rights and freedoms, or (b) the processing is for direct marketing purposes. In some cases, we may refuse your objection if we can demonstrate that we have compelling legitimate grounds to continue processing your information which override your rights and freedoms.
- Restriction. Request that we restrict or suspend our processing of your personal information:
- if you want us to establish the data’s accuracy;
- where our use of the data is unlawful, but you do not want us to erase it;
- where we no longer require it, but you need us to hold onto it to establish, exercise or defend legal claims; or
- you have objected to our use of your data, but we need to verify whether we have overriding legitimate grounds to use it.
- Data portability. Request we transfer certain of your personal information to you or your chosen third party in a structured, commonly used, machine-readable format. This right only applies to information processed by automated means that we process on the lawful bases of consent or performance of a contract.
- Withdraw consent. Withdraw your consent at any time where we are relying on consent to process your personal information. Please know that this does not affect the lawfulness of any processing carried out before you withdraw your consent, and after withdrawal, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
- Complain to your data protection regulator. If you are unhappy with how we process your personal information, we ask that you contact us first using the details below so that we have the chance to put it right. However, you also have the right to make a complaint to the applicable data protection regulator at any time.
You can exercise any of these rights at any time by contacting us using the details below.
12. Changes and opt-out choices
You can delete or amend personal information that you have entered via our services, such as your account information. You can change your choices about receiving either subscription or general communications at the data collection point, within your account preference settings. You may opt-out at any time using the links at the bottom of any promotional email or by sending an email request to privacy@infomedia.com.au and we will limit and / or delete use and disclosure of your personal information as requested.
Please note, this option does not apply to communications primarily for the purpose of administering business relationships, including contracts, support, or other administrative and transactional notices where the primary purpose of these communications is not promotional in nature.
13. US Privacy Laws
We will comply with applicable United States privacy laws in relation to your personal information. In particular, if you are a resident of some States, you may have additional rights under State privacy laws. These include the right to opt out of the “sale” or “sharing” of your personal information for targeted advertising. You may exercise any rights available to you under US privacy law by contacting us at the details listed below.
14. Contact information and Access to information
Infomedia is committed to maintaining accurate, relevant and appropriate information about our customers, client and other stakeholders. You may contact us and/or request access to your information through our Privacy Officer as follows:
- Privacy Officer, Infomedia Pty Ltd
- Level 5, 155 Clarence Street, Sydney NSW 2000, Australia
- Telephone: +61 (0) 2 9454 1500 Fax: +61 (0) 2 9454 1799
- Email: privacy@infomedia.com.au
15. Complaints
If you have a complaint about our Policy or the collection, use or disposal of your personal information, your complaint should be directed to the Privacy Officer (see contact details above). The Privacy Officer will review your complaint and attempt to resolve it.
If you are not satisfied with the outcome of this review, then you may request an independent person investigate your complaint. If you are based in the UK, you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK regulator for data protection issues.
16. Language
This Policy is drafted in the English language, which shall be the only authoritative and binding version. Any translation of this Policy is provided for convenience only and shall have no legal effect. In the event of any inconsistency between the English version and any translation, the English version shall prevail.
17. Changes to our Privacy Policy
We keep our Policy under regular review and may need to change it from time to time to reflect regulatory, legal, technical, security or other business requirements. We will take appropriate steps to inform you about any changes relative to the significance of the changes we make. Your continued use of the service/s will constitute your agreement to the updated Policy.
You can check when this Policy was last updated by reading the “last modified” notice below.
Last Modified May 2026