Secure Invoicing
I have a few concerns about the new Secure Invoicing upgrade we are being basically forced to do. We don't have online payments from our customers and probably never will. So now instead of emailing...
Forum Discussion
I am just sharing my experience and offering no advice, however my opinion is that MYOB are placing themselves in a very risky predicament regarding litigation if (read when) they have a data breach and have collected unnecessary information on businesses contrary to Australian law. I cannot believe they haven't learnt from the Optus saga and others. AFCA are very helpful and their cases are an easy to navigate process. If you believe any financial services provider is not acting lawfully or reasonably, I would suggest talking to them.
Hi b_schmaal and all
The business verification process is a one time step. The documents are not stored or 'mined'
We verify, then move on, think of it like showing ID to purchase a bottle of wine. The bottle store isnt keeping your ID, they verify it and then it's done.Mike, MYOB require a DD authority for the service - even if it is not used. This is stored in perpetuity and is contradiction to Australian law. There are other issues, but this is the main problem with your statement.
Mike, looking at your example, an ABN verification should be enough. They don't ask for financial statements, turnover, trust deeds and bank access at the bottle shop.
Hi Mike_MYOB, the bottle shop doesn't ask for digital copies of Trust Deeds, passports or licences and doesn't require a direct debit agreement, bank account info or cash flow. The bottle shop only needs my ID to verify that I am old enough to buy alcohol. Although the bottle shop needs to comply with strict regulations not to sell alcohol to minors, it is not necessary to see ID from EVERY Customer.
MYOB on the other hand, requires Verification of ALL customers, even though there is no legal basis for the request, (unless you want to use MYOB's Secure Payment System), which many of us don't).
You keep saying that MYOB does not store the data, and you have even suggested that data is securely deleted after use. MYOB's privacy policy says different, as does FrankieOne (The third party verifier)
This is part of FrankieOne's pricacy policy
- My bank or other company uses your services to verify my identity; what data do you hold about me?
Our customer sends us data which we use to verify your identity on their behalf. Usually this includes your name, address and ID documents. We're a data processor over this data, which means we can only hold it in accordance with our customer's instructions, and it is our customers’ duty to provide us with a legal basis for processing this data. This also means that if you have any questions about how your data is used in this way, you should first contact the organisation which asked you to provide your data. We also retain a copy of your data that was sent to us to ensure we can respond to legal claims, and comply with our legal obligations in connection with anti-money laundering.
is this correct or are there different privacy policies out there?
Hi DR321 , they are obviously not direct comparisons.
I believe you are twisting my replies at this point.
I was addressing the concern that MYOB was 'data mining' identification from customers which is absolutely not the case, so I wanted to provide something similar where ID is provided and verified one time.
- My bank or other company uses your services to verify my identity; what data do you hold about me?
