Privacy Policy

Privacy & Data Security Policy

REZCHAIN is a product and service belonging to the Webjet group of companies.  Webjet is subject to and complies with the Australian Federal Privacy Act 1988 (as amended from time to time) and the ten National Privacy Principles in the Act.

Our Commitment

This privacy policy sets out our policy in respect of personal information which we may collect about you and the Data you may transmit via REZCHAIN. Personal information is any information by which your identity can be reasonably determined.  Data is your customer’s credit card information and any other details you pass through to the REZCHAIN service.

We recognise that your privacy is very important to you and we are committed to promoting confidence in the way your personal information is handled by us. By providing your personal information you agree and consent to the collection, use, disclosure, storage and holding of your personal information in accordance with this privacy policy.

You are encouraged to check the privacy and data security policy at periodically, as we may from time to time make alterations, which will come into effect from the time of posting of an amended Privacy & Data Security Policy on

Information We Collect About You

We collect your personal information when you choose to provide it, so we are able to make contact with you to provide more information about REZCHAIN, and to answer any questions you have asked.  Should you become a subscriber of REZCHAIN services we collect and store your information in order to provide you with the services and to connect you with your chosen participating partners (Third Party Endpoints) on REZCHAIN. 

We collect your email address when you request to be added to our mailing list or when you have subscribed to the service, to receive updated information about products and services. You can unsubscribe at any time.

In the normal course of using the REZCHAIN service, Data is received, stored and retrieved by REZCHAIN at your direction.   

Using and Disclosing Your Personal Information

Your personal information will only be used or disclosed as is necessary to provide you with the services available through the REZCHAIN service, for administrative purposes (including fraud and security checks) and to provide you with information and offers relevant to our services. You may opt-out of receipt of any such offers at any time through the methods described in any e-mails we may send you.

Your personal information is securely accessed by staff in our Melbourne, Australia office.

We will disclose personal information as required to the Third-Party Endpoints you have directed us to connect your Data to. You accept that not all recipients of your information may have privacy policies or be subject to privacy laws equivalent to ours and consent to the disclosure of your personal information for that purpose.

When you send us email, we may record this information to improve our service and assist you with any requests. This information will not be disclosed to any third party, except as required to provide you with the products and services you request.

Wherever it is lawful and practicable, we will endeavour to provide you with the option of not identifying yourself or not providing personal information when entering transactions with us. However, failure to provide full and complete information we request may mean that we are unable to provide our services to you.

We will not, without your prior consent, disclose personal information for any purpose other than those purposes described in this Privacy & Data Security Policy to which you have already consented.

We may disclose your personal information where required or authorised by law to do so.

Using and Disclosing Your Personal Information

In the normal course of using REZCHAIN, you will exchange your Data for a unique token.  This token is used to retrieve the Data from REZCHAIN or redirect the Data to a Third-Party End Point.  You are responsible for securely storing the token provided and ensuring no unauthorized access is possible. REZCHAIN will only return to you or on-forward your Data on presentation of the appropriate token.  Note that any Third-Party End Points you direct REZCHAIN to forward your Data to will have their own privacy and security policies that may differ from REZCHAIN.


When you visit our website, details may be recorded about your visit, such as time and date, your server address, pages accessed, time spent and type of browser. We may record visitor activity such as mouse clicks, mouse movement and other user experience-based metrics. 

We may use Cookies to identify your browser so that next time you visit our website we remember your log in details if relevant. A cookie is a small file which remains on your computer and contains information enabling our website to recognise your browser. If you do not wish to use cookies, you can adjust the settings on your browser to reject cookies or notify you when they are being used.

We may use Google Analytics to understand anonymised browsing behaviour on our site, and to understand other user behaviours.

This information is used in an anonymous form for statistical purposes and as such cannot identify you individually.

If you do not wish to use cookies, you can adjust the settings on your browser to reject cookies or notify you when they are being used.

Storage And Security Of Personal Information

We take all reasonable steps to protect the personal information we hold from misuse and loss and from unauthorised access, modification and disclosure. This includes the use of access control via unique user account keys.

We will not be responsible for any access or change made to your personal information occurring as a result of you disclosing your account keys to a third party, or through any unauthorised access.

You can also help us keep your personal information secure by ensuring that any account keys you use to access the REZCHIAN service is kept strictly confidential.

Storage and Security of Data

REZCHAIN is a service that exchanges your Data for a unique token.  REZCHAIN stores your Data in a secure vault and will only release your Data back to you or forward it to a Third Party End Point as directed by you on presentation of the unique token.

Should you lose a unique token REZCHAIN will not be able to release the Data to you.

Secure storage of your unique tokens is your responsibility.

Trans-Border Data Flows and Third Party End Points

Use of REZCHAIN entails allowing the Third-Party End Points you have selected to be forwarded certain Data you have made available via REZCHAIN.  The Third-Party End Points may be outside Australia. You accept that these Third Parties may not have in place equivalent privacy policies or be subject to equivalent privacy laws as REZCHAIN.

This website may contain a number of links to other websites. If you use those links to access those websites, be sure to check their privacy policy as we are not responsible for privacy policies or practices of other websites.

Accessing, Changing and Deleting Your Personal Information

Your personal information that REZCHAIN holds is accessible by REZCHAIN. You may make changes to your personal information, if you wish, at any time by sending an email to requesting the changes you require. 

We will retain your information to communicate with you, until you request that we delete it from our database. To request that your personal information be removed from our database, please send your request to us via email to If this occurs, we will no longer be able to provide you with services or customer support.

Complaints Resolution

We are committed to providing users with a fair and responsible system for the handling of customer complaints.

If at any time you have any concerns or complaints in relation to privacy or the operation REZCHAIN, please contact us on or contact your REZCHAIN point of contact directly so that we may resolve them.

Further Information on Privacy

Further information may be obtained on privacy issues in Australia by visiting the Australian Federal Privacy Commissioner’s web site at

Last updated 10 June 2018