1 Digital Identity Transactions
(a) We offer an “Identity Service” whereby you can request us to provide identity and attribute information (together Identity Data) about you to a third-party service provider so that you can conduct business with that third service provider (the Service Provider). Identity Data may include information such as your name, telephone number, email, date of birth or address.
(b) This service is only available where the eligibility criteria set out in section the section entitled “Eligibility” have been met, and where the Service Provider holds valid accreditation as part of the “ConnectID Network”.
(c) The “ConnectID Network” facilitates the transfer of Identity Data between us and Service Providers (each a Digital Identity Transaction). The ConnectID Operator does not access or hold your Identity Data and the transfer of Identity Data occurs directly from us to the relevant Service Provider.
(d) Any Digital Identity Transaction only occurs at your request, and any Identity Data will only be provided to the Service Provider selected by you and with your express consent. If you do not provide your consent, we will not perform the Digital Identity Transaction.
(e) Each Digital Identity Transaction is a one off-transfer of Identity Data, and any further transfers of Identity Data, including to the same Service Provider, will require further consent from you and a new Digital Identity Transaction.
We will only execute Digital Identity Transactions for you if:
(a) you have a digital account enabled with us;
(b) you are at least 18 years old; and
(c) we are confident that certain core identity data is current and correct.
2 Customer acknowledgments
(a) You acknowledge and agree that:
(i) any Digital Identity Transaction requested by you using the “Identity Service” is governed by these terms;
(ii) each time you request that we transfer your Identity Data to a Service Provider, you have ensured that the Service Provider’s request is valid and is made by a Service Provider that requires your Identity Data;
(iii) you will be asked by us to review the Identity Data to be transferred to the Service Provider, to verify its accuracy and expressly consent to such transfer;
(iv) where you consent to the transfer of Identity Data to a Service Provider:
(a) we cannot control and are not responsible for the security or handling of any Identity Data that has been transferred to the relevant Service Provider;
(c) if the Service Provider suffers a security or data incident that impacts your Identity Data, you acknowledge the Service Provider may provide us information about such incident, including your Personal Information impacted by the incident, which we may use to seek to prevent or respond to cyber security incidents, fraud, scam activity or identify theft;
(v) We do not endorse or make any representations or recommendations in respect of any Service Providers, including in respect of the suitability of their security or privacy practices.
(vi) both us and the ConnectID Operator exclude all liability to you to the maximum extent permitted by law in connection with any acts or omissions of the Service Provider.
(a) The exclusions in this section that relate to the ConnectID operator are held on trust by us for the ConnectID Operator. This means that, although the ConnectID Operator is not a party to these terms, it can rely on your acknowledgement of and agreement to these exclusions.
(b) Please note that Digital Identity Transactions operate separately to requests made pursuant to the Consumer Data Right scheme. If you would like to learn more about how you may use the Consumer Data Right scheme please visit Open Banking.
3 Your Transaction Record
(a) If we participate in a Digital Identity Transaction relating to you, we will keep a record of Digital Identity Transaction processed or requested (even if not completed) (Your Transaction Record).
(b) Your Transaction Record is accessible by you via your consent transactions dashboard. For more information on how to access your consent dashboard please see ConnectID and your digital identity.
(c) Your Transaction Record contains the following information relating to each Digital Identity Transaction;
(i) the identity of the Service Provider;
(ii) the date of the transaction; and
(iii) the types of identity data shared with the Service Provider (if any).
4 Withholding the service
Acting reasonably may withdraw or suspend the Identity Service, and we may also be unable to process a Digital Identity Transaction relating to you for a number of reasons, including if:
(a) you do not meet the eligibility requirements set out in the section entitled “Eligibility”;
(b) we have been unable to confirm the accuracy of Identity Data we hold about you or cannot meet the requirements for the Identity Data requested by the Service Provider;
(c) we suspect on reasonable grounds that any fraud (including identity fraud) or security incident has or may be occurring in connection with you, your account or the relevant Service Provider;
(d) our participation in the “ConnectID Network” has been suspended or terminated;
(e) we have restricted or blocked you from transacting with us in accordance with any of our applicable product terms and conditions;
(f) we reasonably believe that the Digital Identity Transaction requires intervention, for example because it relates to you as a vulnerable person; or
(g) the Service Provider that you wish to conduct business with:
(i) has made a request which is not consistent with the requests they are permitted to make as a participant in the “ConnectID Network”; or
(ii) provides services that you have elected to exclude yourself from in accordance with our processes for the same, for example if the Service Provider offers gambling services and you have blocked your account with us from being used for gambling transactions.
We will not charge you any fees to perform a Digital Identity Transaction for you, however we may receive a commission or other payment from the ConnectID Operator as a result of successfully executing the Digital Identity Transaction.
6 Access and updates to your Identity Data
(b) For clarity, where you update your record of Personal Information with us, this will not update your existing record with a Service Provider.
(c) If you have any suspicions of fraud in relation to your identity or account with us or any Digital Identity Transaction that you did not authorise, you must notify us as soon as possible.
(a) If you have any complaints relating to our participation in a Digital Identity Transaction relating to you, visit nab.com.au/contact-us/feedback.
(b) If you wish to raise a dispute relating to a Digital Identity Transaction, visit Report fraud and scams.
(c) However, please note that if your complaint or dispute relates to activities of a Service Provider to whom you have requested we disclose Identity Data, we may direct you to contact that Service Provider directly.
8 Dictionary definitions
ConnectID Operator means eftpos Digital Identity Pty Ltd trading (ABN 80 648 970 101) as “ConnectID” or its Related Bodies Corporate (as this term is defined in the Corporations Act 2001 (Cth)).
Personal Information means personal information, as that term is defined in the Privacy Law.
Privacy Law means the Privacy Act 1988 (Cth) [or as applicable] and any privacy legislation which applies to you from time to time in force in Australia.
Service Provider has the meaning given in section 1(a).
We means National Australia Bank. Any other grammatical form of the word “we” has a corresponding meaning.
Your Transaction Record has the meaning given in section 3(a).
You means the customer, member, client, service recipient or other person that we provide services to from time to time. Any other grammatical form of the word “you” has a corresponding meaning.
Apologies but the Important Information section you are trying to view is not displaying properly at the moment. Please refresh the page or try again later.