Last updated: 18th August 2023


This is the Privacy Policy of  Polymorphix Pty Ltd ACN 638 752 986 (Polymorphix) and the service that it offers through the website "" ("Finnli"). Polymorphix is committed to ensuring the privacy of your personal information and is bound by the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) (Privacy Act).  The Policy sets out how we manage your personal information . In this Privacy Policy, a reference to “we” or “us” is a reference to Polymorphix.   This Privacy Policy details how we collect, handle and deal with personal information. If you have any questions relating to this Privacy Policy, you may contact our Privacy Officer in the manner described below, under the heading “Access and correction”.

Collection of personal information

Personal Information is information about you that can be used alone, or combined with other information, to identify you personally and includes a wide range of information such as name, email address, mailing address, IP addresses and cookie identifiers. Personal Information does not include information that has been anonymized such that it does not allow for the identification of a specific individual. We collect Personal Information to operate effectively and deliver services.

How we collect personal information

In most instances, we will collect information about you:

We will normally collect your personal information directly from you, unless it is unreasonable or impractical to do so. We may collect information from you electronically from our Website. If you choose not to provide us with personal information when requested, we may not be able to provide you with the information and/or services you have requested or otherwise fulfill the purpose(s) for which we have asked for the personal information. 

Uses and disclosure of personal information

When we use your personal information, it will be (a) with your consent, or (b) for one of two basic purposes: (1) to business operations  and provide (including improving and personalizing) the products and services  we offer, and (2) to send communications, including promotional communications. For eg.

Third party service providers

While we may use third party service providers to maintain some of our data systems and provide auxiliary services, these entities are authorized to use your personal information only as necessary to provide these types of services to us. We require any person that has access to personal information that we have collected must act in a manner consistent with our obligations under the Privacy Act and with our general privacy standards. Our third party service providers may use this information for the purposes of internal reporting, assessing and improving the customer experience, and for marketing and promotional activities.

Data sharing with our business partners

We may share personal information and business-related information with our business partners for the purpose of inviting you to apply for their product and services. Our business partners use this information for the purposes of internal reporting, assessing and improving the customer experience, and for marketing and promotional activities.

How we hold personal information

We use reasonable organizational, technical and administrative measures to protect your Personal Information. Your Personal Information is limited to those who have a proper business need to access it, and those individuals will do so only in an authorised manner and will be subject to a duty of confidentiality.

Finnli uses Amazon Web Services (AWS), Azure data centers. They have numerous security certifications and Finnli implements many further security controls to safeguard data.

Finnli's use and transfer of information received from Google APIs to any other app will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Encryption: Where data is transferred over the Internet as part of a Website or Cloud Services, the data transmitted using industry standard HTTPS using TLS.

Unfortunately, no data transmission or storage system is guaranteed to be secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any account you might have with us has been compromised), please immediately notify us of the problem by emailing us in accordance with the “Contacting Us” section. Please note that third parties are not responsible for the privacy, security, or integrity of any information collected by us.

Overseas disclosures

We may disclose your personal information to our business partners, service providers and subsidiaries and affiliates who are located overseas and/or do not carry on business in Australia in order to assist us in delivering our products and services to you, such as providing customer service, securing data storage and other similar services. Where we do so, we will do so in compliance with applicable laws.

Access and correction

We try to ensure that all information about you that we collect, use or disclose is accurate, complete and up-to-date. You may,  at any time, request access to personal information  that we might hold about you and, if there is an error (or our information about you is incomplete, inaccurate or out of date), you can advise us about this matter and we will, if needed, correct, amend or add to the information we hold about you. We will not charge you a fee for your access request, but may charge you the reasonable cost of processing your request, including so as to allow us to provide you with access to your personal information.

If you would like to request access to the information that Polymorphix holds about you, please contact our Privacy Officer as follows:


Alternatively, you can contact us by postal mail at the contact address listed below.

We will respond to your request within 30 business days. We will retain your information for as long as your account is active or as long as reasonably useful for commercial purposes.

Marketing and option to opt out

Polymorphix may contact you to offer you products and services that may be of interest to you. You may choose to stop receiving our marketing material and telephone solicitations or other forms of contact from Polymorphix by following the unsubscribe instructions included in our emails or by contacting us by email at (and including your full name and business mailing email addresses and account number) or by postal mail to us at the following address: Polymorphix Pty Ltd L4, 11 York Street, Sydney NSW 2000. You may also opt-out from continuing to share any personal information that you have provided on our Website for public display, such as through contributions to publicly accessible blogs or community forums and testimonials on the Website. You may do this by contacting us on the email address provided above.

Concerns or breaches

Polymorphix takes the security of your information very seriously. If you have a complaint about our treatment or our records of your personal information, please contact our Privacy Officer (using the contact details provided above). Our Privacy Officer will investigate your complaint and endeavour to resolve any issue to your satisfaction. If we do not adequately answer your concerns, you have the right to make a complaint to the Office of the Australian Information Commissioner (OAIC) if you believe we have breached the Privacy Act, the Australian Privacy Principles, or the Privacy (Credit Reporting) Code 2014 (or other applicable code). Complaints to the OAIC must be made in writing. Further information about making a complaint to the OAIC can be found at: We may update this Privacy Policy to reflect changes to our information practices. If we make any material changes, we will notify you by email or by means of a notice on our Website prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.

Additional information relating to use of our Website

Tracking Technologies

Technologies such as cookies, beacons, tags and scripts are used by Polymorphix and our partners (for example, our marketing partners), affiliates, or analytics or service providers, including our live chat, marketing trackers, and survey tool service providers. These technologies are used in analysing trends, administering the Website, tracking users’ movements around the Website and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis. A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. We use cookies for user authentication and analytics. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our Website, but your ability to use some features or areas of our Website may be limited. If you would like to learn more about cookies or how to configure your  browser, please visit

Behavioural Advertising/Re-Targeting

We partner with third parties to display advertising on our Website and manage our advertising on other sites. Our third party partners may use technologies such as cookies to gather information about your activities on this Website and other sites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here. Please note this does not opt you out of being presented with advertisements. You will continue to be presented with generic advertisements.

Security of Information

Polymorphix takes the security of your information very seriously. Polymorphix protects your information using end-to-end encryption: 256bit-encryption and a Secure Sockets Layer (SSL) protocol. This creates an encrypted connection between your browser and our servers.

Additional Information – Links to third party sites

Our Website includes links to other websites whose privacy practices may differ from those of Polymorphix. If you submit personal information to any of those sites, your information is governed by their privacy policies and practices. We encourage you to carefully read the privacy policy of any website you visit.


Our Website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us by email at or by postal mail at the contact information listed above. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.


We display personal testimonials of satisfied customers on our Website in addition to other endorsements. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us by email at or by postal mail at the contact information listed below.

Social Media Widgets

Our Website might include social media features from Twitter, Google, Facebook. These features may collect your IP address, which pages you are visiting on our Website, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our Website. Your interactions with these features are governed by the privacy policy of the company providing it.