HikePay Privacy Policy
Last updated: 14 July 2026
This Policy applies to HikePay across Australia, Canada, the European Economic Area, Hong Kong, New Zealand, Singapore, the United Kingdom and the United States.
HikePay is operated by NadaPay Pty Ltd (ABN 48 651 065 273), a sister company of Hike POS Pty Ltd. HikePay operates across multiple regions and can be used as a standalone payment service or with Hike POS.
This Privacy Policy explains how HikePay collects, uses, stores, discloses and protects personal information when you visit HikePay pages, contact us, apply for HikePay, use HikePay services, use a payment terminal, access payment tools, receive support or interact with our sales and marketing channels.
This Policy applies in addition to Hike’s general Privacy Policy. Where the policies conflict in relation to HikePay payment services, this Policy applies to the extent of the conflict.
Depending on where you are located, additional privacy laws and Regional Privacy Provisions in section 14 may apply.
1. Who Is Responsible for Your Information
Unless your onboarding agreement or Regional Privacy Notice states otherwise, NadaPay Pty Ltd, trading as HikePay, is the organisation responsible for personal information it collects and controls in connection with HikePay.
Hike POS Pty Ltd may receive or process information where HikePay is connected with Hike POS or where Hike provides support, technology, administration or related services.
Payment Partners, Acquirers, Scheme Owners, Issuing Banks, digital-wallet providers and identity-verification providers may separately determine how they handle certain information. They may act as separate controllers, businesses or regulated entities under applicable law.
HikePay is delivered with Payment Partners identified during onboarding, which may include Adyen N.V. Adyen privacy information is available at adyen.com/privacy-policy.
2. Personal Information We Collect
The information we collect depends on how you interact with HikePay, your region, business type, approved Services and legal requirements.
2.1 Business and Account information
Business name, trading name and business structure
Business registration number, ABN, ACN, EIN, company number, tax number, UEN or local equivalent
Registered, trading and postal addresses
Industry, products, services, websites and sales channels
Expected and actual Transaction volumes
Account settings, applications, plans and service preferences
Business bank account and Settlement information
2.2 Owners, representatives and authorised users
Full name, date of birth and contact details
Residential or business address
Role, authority and relationship to the business
Director, shareholder, beneficial-owner and authorised-signatory information
Government-issued identity-document details
Verification results, risk indicators and compliance information
Account access, permissions and authentication activity
2.3 Transaction and payment information
Transaction date, time, amount, currency and reference
Payment Method and payment-channel information
Last four digits or tokenised payment identifiers where available
Authorisation, Settlement, Refund, reversal, Chargeback and dispute information
Receipts, order references and customer-payment records
Fraud, risk, security and compliance signals
HikePay generally does not receive or store complete card details where payments are processed through tokenised or Payment Partner-controlled systems, except where a supported service and applicable security requirements allow.
2.4 Device, terminal and technical information
Terminal identifiers, model, status, location settings and basic telemetry
IP address, browser type, operating system and device type
Login, authentication, access and security logs
Application, portal, terminal and feature usage
Network, connectivity, diagnostic and error information
Cookie, analytics and advertising identifiers
2.5 Communications and marketing information
Support tickets, chat messages, emails and phone-call records or notes
Sales enquiries, demo requests and onboarding communications
Feedback, survey responses and reviews
Marketing preferences, consent records and engagement information
2.6 Sensitive information
HikePay does not generally seek to collect sensitive or special-category information. Limited sensitive information may be collected or received where required for identity or biometric verification, fraud prevention, sanctions screening, accessibility, legal compliance or Payment Partner requirements. Where required, HikePay will rely on an appropriate legal basis and obtain consent or provide additional notice.
3. How We Collect Personal Information
HikePay may collect personal information:
- Directly from you, your business, directors, owners, representatives or authorised users
- Through applications, onboarding forms, Hike accounts, HikePay portals, terminals, applications and payment tools
- From Hike POS Pty Ltd and related entities where necessary to provide connected services
- From Payment Partners, Acquirers, Scheme Owners, Issuing Banks and financial institutions
- From identity-verification, fraud-prevention, sanctions-screening and credit providers
- From public registers, government databases, sanctions lists and publicly available sources
- From customers and Transaction participants
- From cookies, analytics, advertising technologies and website interactions
- From support, sales, marketing, event and partner interactions
4. Why We Use Personal Information
HikePay uses personal information to:
- Receive, assess and manage HikePay applications
- Verify identity, business ownership, authority and bank accounts
- Provide, configure, support and improve HikePay Services
- Process Transactions, authorisations, Refunds, Chargebacks, disputes and Settlements
- Provide standalone HikePay services and Hike POS-connected payment functionality
- Manage Accounts, authorised users, terminals and payment tools
- Detect, investigate and prevent fraud, money laundering, terrorism financing, security incidents and unlawful activity
- Conduct risk, credit, compliance, sanctions and regulatory checks
- Comply with laws, regulatory duties, court orders, Scheme Rules and Payment Partner requirements
- Communicate Account, billing, Settlement, fraud, security and service notices
- Provide customer support and resolve complaints
- Enforce agreements, recover amounts owed and protect legal rights
- Analyse performance, troubleshoot issues and develop products
- Send marketing where permitted and measure campaign effectiveness
- Complete a sale, merger, financing, acquisition or restructure of the business
5. Legal Bases for Processing
Where privacy law requires HikePay to identify a legal basis, HikePay relies on one or more of the following:
- Contract: processing necessary to assess an application, enter into an agreement or provide the Services
- Legal obligation: processing required for payment, financial-crime, tax, regulatory, reporting or other legal duties
- Legitimate interests: processing necessary to operate, secure, improve and protect HikePay, prevent fraud, manage risk, support customers and administer the business, where those interests are not overridden by individual rights
- Consent: processing based on consent, including certain marketing, cookie, biometric or sensitive-information activities
- Legal claims or substantial public interest: processing required to establish, exercise or defend legal claims or meet important regulatory and public-interest obligations
Where processing is based on consent, consent may be withdrawn at any time. Withdrawal does not affect processing that occurred before withdrawal or processing based on another lawful basis.
6. Who We Share Personal Information With
HikePay may share personal information with:
- Payment processors, Acquirers, facilitating banks and other Payment Partners
- Scheme Owners such as Visa, Mastercard, American Express, UnionPay, eftpos where supported, and others
- Issuing Banks, financial institutions and Settlement providers
- Hike POS Pty Ltd and related entities involved in connected services, support, operations or administration
- Identity-verification, biometric-verification, sanctions-screening, credit and fraud-prevention providers
- Cloud hosting, data storage, cybersecurity and technology providers
- CRM, support, communications, analytics, advertising and marketing platforms
- POS, eCommerce, accounting or software-integration partners where requested or required
- Digital-wallet, device-manufacturer and operating-system providers
- Professional advisers, auditors, accountants, insurers and legal counsel
- Regulators, tax authorities, courts, law-enforcement agencies and government bodies
- Debt collection, recovery, insolvency and dispute-resolution providers
- A buyer, investor or successor in a sale, merger, financing or restructure
- Other parties with your instruction, consent or authorisation
HikePay shares only the information reasonably necessary for the relevant purpose and requires service providers to protect personal information where appropriate.
7. International Transfers
HikePay, Hike entities and service providers operate across multiple countries. Personal information may be stored, accessed or processed outside your country, including in Australia, Canada, the European Economic Area, Hong Kong, India, New Zealand, Singapore, South Africa, the United Kingdom, the United States and other locations where Payment Partners or service providers operate.
Where required, HikePay uses safeguards such as data-processing agreements, contractual protections, standard contractual clauses, transfer-risk assessments, access controls and security measures.
Some overseas recipients may be subject to different privacy laws. Local law may permit government, regulatory or law-enforcement access to information.
8. Cookies, Analytics and Advertising
HikePay’s websites, applications and portals may use cookies and similar technologies to:
- Operate essential website and Account functions
- Maintain sessions, preferences and security
- Understand usage and improve performance
- Measure marketing and campaign effectiveness
- Personalise content where permitted
- Deliver or measure relevant advertising
Where required, HikePay requests consent before using non-essential cookies. Cookies can be managed through available consent tools or browser settings. Blocking cookies may affect functionality.
Advertising and analytics providers may collect identifiers, IP addresses, browser information, pages viewed and interactions. Depending on local law, you may have a right to opt out of targeted advertising or the sale or sharing of personal information as those terms are legally defined.
9. Marketing
Where permitted, HikePay may send information about HikePay, Hike POS, related products, services, offers, updates, support content and business tools.
You can opt out of marketing emails using the unsubscribe link and may manage other marketing preferences through available settings or by contacting HikePay. Non-marketing communications about your Account, security, billing, Settlement, fraud, compliance, support or service operation may continue.
10. Security and Data Breaches
HikePay takes reasonable technical, organisational and physical measures to protect personal information against misuse, interference, loss, unauthorised access, modification and disclosure.
Measures may include:
- Encryption in transit and at rest where appropriate
- Authentication and role-based access controls
- Security monitoring, logging and testing
- Secure hosting and network controls
- Staff confidentiality, privacy and security training
- Vendor due diligence and contractual controls
- Incident response and business-continuity procedures
- Payment security and PCI DSS controls through HikePay and Payment Partners
No transmission, storage or security method is completely secure. If a data breach occurs, HikePay will investigate and notify affected individuals and regulators where required by applicable law.
11. Data Retention
HikePay retains personal information for as long as reasonably necessary to provide the Services, maintain business and Transaction records, comply with legal and regulatory duties, manage risk, resolve disputes, prevent fraud, complete audits and enforce agreements.
Payment, onboarding, identity-verification, financial-crime and Transaction records may need to be retained for several years after an Account closes. Retention periods vary by region, information type, legal requirement, Payment Partner and risk.
When information is no longer required, HikePay takes reasonable steps to delete, anonymise or securely archive it, subject to legal holds, backups and technical limitations.
12. Your Privacy Rights
Depending on your location and applicable law, you may have the right to:
- Request access to personal information HikePay holds about you
- Request correction of inaccurate, incomplete or outdated information
- Request deletion of certain information
- Restrict or object to certain processing
- Request a portable copy of certain information
- Withdraw consent where processing is based on consent
- Opt out of marketing
- Opt out of certain targeted advertising, profiling or sale or sharing activities where applicable
- Complain to HikePay or an applicable privacy regulator
- Not be unlawfully discriminated against for exercising privacy rights
These rights are not absolute. HikePay may need to retain or continue processing information for payment processing, fraud prevention, identity verification, anti-money laundering, tax, audit, dispute, regulatory or legal reasons.
HikePay may verify your identity and authority before responding. An authorised agent may submit a request where local law permits and appropriate authority is provided.
13. Business Customer and Cardholder Information
HikePay primarily provides services to business customers. A Merchant may provide HikePay or a Payment Partner with limited information about its customers or Cardholders in connection with Transactions, receipts, disputes, fraud checks or support.
Merchants are responsible for providing appropriate privacy notices to customers and ensuring that personal information submitted to HikePay is collected and disclosed lawfully.
Cardholders should contact the relevant Merchant first about purchase, delivery, refund or customer-service issues. HikePay may direct a Cardholder to the Merchant or relevant Payment Partner where appropriate.
14. Regional Privacy Provisions
14.1 Australia
For individuals in Australia, HikePay handles personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles and the Notifiable Data Breaches scheme. You may request access or correction and may complain to HikePay. If you are not satisfied with the response, you may contact the Office of the Australian Information Commissioner at oaic.gov.au.
14.2 Canada
For individuals in Canada, HikePay handles personal information in accordance with the Personal Information Protection and Electronic Documents Act and applicable provincial privacy laws. Depending on the law that applies, you may request access or correction, withdraw consent subject to legal limits, or complain to the Office of the Privacy Commissioner of Canada or the relevant provincial regulator.
14.3 European Economic Area
Where the General Data Protection Regulation applies, you may have rights of access, rectification, erasure, restriction, objection and portability, and the right to withdraw consent. You may complain to the supervisory authority in the country where you live, work or believe a breach occurred.
NadaPay Pty Ltd is the controller for HikePay information it controls unless your onboarding notice identifies another controller. Where Article 27 GDPR requires an EU representative for your Account, the representative identity and contact details will be provided during onboarding before HikePay collects personal information for that Account and can be obtained at any time through support@hikeup.com.
14.4 Hong Kong
For individuals in Hong Kong, HikePay handles personal data in accordance with the Personal Data (Privacy) Ordinance. You may request access to and correction of personal data and may complain to the Office of the Privacy Commissioner for Personal Data at pcpd.org.hk.
14.5 New Zealand
For individuals in New Zealand, HikePay handles personal information in accordance with the Privacy Act 2020. You may request access to and correction of personal information and may complain to the Office of the Privacy Commissioner at privacy.org.nz.
14.6 Singapore
For individuals in Singapore, HikePay handles personal data in accordance with the Personal Data Protection Act 2012. You may request access or correction, withdraw consent subject to legal limits, or complain to the Personal Data Protection Commission at pdpc.gov.sg.
14.7 United Kingdom
Where the UK GDPR and Data Protection Act 2018 apply, you may have rights of access, rectification, erasure, restriction, objection and portability, and the right to withdraw consent. You may complain to the Information Commissioner’s Office at ico.org.uk.
NadaPay Pty Ltd is the controller for HikePay information it controls unless your onboarding notice identifies another controller. Where Article 27 UK GDPR requires a UK representative for your Account, the representative identity and contact details will be provided during onboarding before HikePay collects personal information for that Account and can be obtained at any time through support@hikeup.com.
14.8 United States
Residents of certain US states may have rights to know, access, correct, delete or obtain a copy of personal information, and to opt out of certain targeted advertising, profiling or sale or sharing activities, subject to legal thresholds and exceptions. Requests and appeals may be submitted using the contact details in section 19. You may also contact the relevant state attorney general or privacy regulator.
15. Children
HikePay is a business payment service and is not directed to individuals under 18. HikePay does not knowingly allow children to open merchant Accounts.
A Merchant may process a lawful payment from a minor where permitted, but the Merchant remains responsible for compliance with applicable consumer, age-verification and privacy laws.
16. Complaints and Requests
To exercise a privacy right or make a complaint, contact HikePay using the details in section 19. Please describe your request and the HikePay Service or Account involved.
HikePay will acknowledge and respond within the period required by applicable law. If a request cannot be fulfilled, HikePay will explain the reason where required.
You may also complain to the privacy regulator or supervisory authority in your region.
17. Data Protection Officer and Regional Representatives
A Data Protection Officer is appointed only where required by applicable law. Privacy requests should be directed to the HikePay Privacy Contact in section 19.
Where HikePay is required to appoint an EU or UK representative, the appointed representative details are provided in the onboarding privacy notice for the relevant Account. The current representative details can also be requested through support@hikeup.com. HikePay does not describe a Payment Partner as its representative unless that partner has been formally appointed to that role.
18. Changes to This Policy
HikePay may update this Policy to reflect changes to HikePay, regional availability, Payment Partners, technology, legal requirements or privacy practices.
The latest version will be published on the Hike website with the updated date. Where required, HikePay will provide additional notice of material changes by email, Account notice, website notice or another appropriate method.
19. Contact Us
For privacy questions, rights requests, complaints or requests for EU or UK representative details:
- Controller: NadaPay Pty Ltd, trading as HikePay, unless your onboarding notice identifies another controller
- ABN: 48 651 065 273
- Registered office: Level 15, 28 Freshwater Place, Southbank VIC 3006, Australia
- Privacy email: support@hikeup.com
- Email subject: HikePay Privacy Request
- Website: hikeup.com
- Contact page: hikeup.com/contact/
- Help centre: help.hikeup.com