“we”, “us” and “our” refer to IdentityPulse Pty Ltd (ABN 88 678 817 902), operated by Marketsoft Pty Ltd (ABN 83 003 657 261). “you” or “user” means any individual who visits our website, interacts with our services, or whose personal information is processed through our platform. This includes existing and prospective clients, data subjects, employees, contractors, and partners. “Personal information” refers to information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether recorded in material form or not. “Client” refers to any organisation that accesses the IdentityPulse verification service via our API. “Consumer” refers to an individual whose personal information is submitted by a Client for identity verification.
IdentityPulse is a secure, API-based electronic identity verification (eIDV) service. Our platform enables Clients to verify consumer identities by matching submitted personal information against reference population datasets across 29 countries.
We take a serious approach to privacy, with strong emphasis on compliance with data protection and privacy standards, laws, and regulations across all jurisdictions in which we operate. This includes compliance with the Australian Privacy Principles under the Privacy Act 1988 (Cth), the Notifiable Data Breaches scheme, and applicable international privacy frameworks including the General Data Protection Regulation (GDPR) where relevant.
This Privacy Policy sets out how we collect, use, process, store, and safeguard personal information when you visit our website, engage with us commercially, or when personal information is processed through our verification platform.
If you have any queries regarding this policy, wish to request access to, correction of, or deletion of your personal information, wish to withdraw consent, or wish to object to processing, please contact our Privacy and Data Protection Officer:
Daniel Cummins — daniel.cummins@marketsoft.com.au
Alternatively, you may submit a request through the contact form on our website.
We will only disclose your personal information in the following circumstances: where you have given your consent (within the scope of the specified purpose); where we are required to do so by law or enforceable request by a regulatory body; where it is necessary for the purpose of, or in connection with legal proceedings or in order to exercise or defend legal rights; and if we sell our company, merge with another company, or go into administration (we will treat all personal information in conformance with the relevant Privacy laws and obligations).
We collect, compile and hold personal information sourced from either, or a combination of: (1) the public domain such as published directories, lists and other publicly available sources; (2) consented personal information sourced directly from individuals who have given their consent to their personal information being collected and compiled by us; and/or (3) authorised data partnerships with commercial providers (e.g. telecommunications, utilities), government and public authority records (where permitted), and licensed third-party data aggregators. All data is acquired under legal agreements that establish permitted downstream use for identity verification, in compliance with applicable privacy and data protection regulations in each jurisdiction. We regularly update and re-compile this data to maintain accuracy and reliability.
Our core service processes personal information submitted by Clients for the purpose of electronic identity verification. This processing operates as follows:
This transient processing model means that IdentityPulse does not retain, store, or persist any consumer personal information submitted by Clients. Application logs capture operational metadata only (request identifier, timestamp, country code, response code) — no personally identifiable information is logged.
IdentityPulse maintains reference population datasets sourced through authorised data partnerships. These datasets are used solely for the purpose of identity verification matching. Reference data is sourced from commercial providers (e.g. telecommunications, utilities), government and public authority records (where permitted), and licensed third-party data aggregators. All data is acquired under legal agreements that establish permitted downstream use for identity verification, in compliance with applicable privacy and data protection regulations in each jurisdiction.
When you visit our website, we may collect standard web analytics data including your IP address, browser type, pages visited, and referring URL. This information is used to improve our website and understand visitor behaviour. We do not use this data for identity verification or link it to any consumer verification data.
We collect and hold contact information (name, email, phone number, company, role) for existing and prospective clients, partners, and suppliers for the purposes of business communication, sales, and account management. This information is collected directly from you or from publicly available sources.
We process personal information under the following lawful bases, depending on the context and jurisdiction:
Consent: Consumers provide informed consent to their identity being verified prior to data submission by the Client. IdentityPulse requires Clients to obtain and maintain valid consent from consumers before submitting data for verification.
Legitimate Interests: Processing is necessary for the legitimate interests of identity verification, fraud prevention, and KYC/AML compliance.
Legal Obligation: In certain jurisdictions, identity verification is mandated by law (e.g. Anti-Money Laundering and Counter-Terrorism Financing regulations).
Contract: Processing is necessary for the performance of contracts between IdentityPulse, its data partners, and its Clients.
IdentityPulse does not retain any consumer personal information submitted by Clients. All data is processed transiently and discarded immediately after the verification response is returned. No consumer data is stored in any system, database, backup, log, or archive.
Reference datasets are maintained for the duration specified in our data partnership agreements and refreshed on a regular cycle (typically monthly) to ensure accuracy and currency. Expired or superseded data is securely deleted in accordance with our Data Retention and Erasure Policy.
Business records (contracts, financial records, employee records) are retained in accordance with applicable legal and regulatory requirements. Our Data Retention and Erasure Policy sets out specific retention periods for each record category.
IdentityPulse operates a globally distributed platform hosted within Microsoft Azure data centres across multiple regions, including Australia, Canada, United Arab Emirates, Singapore, and France. Consumer data submitted for verification is processed in the regional hub nearest to the relevant country dataset.
Where personal information is transferred across borders, we ensure appropriate safeguards are in place, including encryption in transit (TLS 1.2+) and at rest (AES-256), processing within Microsoft Azure’s certified infrastructure (ISO 27001, SOC 2 Type II), contractual data processing agreements with data partners and clients, and compliance with applicable cross-border data transfer regulations in each jurisdiction.
No personal information is stored or processed in China, Hong Kong, Iran, North Korea, Russia, or Ukraine.
We implement robust technical and organisational measures to protect personal information, including encryption of all data in transit (TLS 1.2+) and at rest (AES-256); secure cloud hosting within Microsoft Azure with geographic redundancy; role-based access controls and multi-factor authentication for all administrative access; comprehensive logging and monitoring via Azure Monitor and Application Insights; regular penetration testing by independent third-party specialists; a formal Information Security Framework comprising 60 documented policies aligned to ISO 27001; and enterprise endpoint protection and Data Loss Prevention (DLP) controls.
IdentityPulse’s operational delivery is managed by Marketsoft Pty Ltd, which has over 35 years of experience managing sensitive data for regulated enterprise and government clients, including American Express, 3M, Adobe, and NSW Government.
IdentityPulse uses the following categories of third-party service providers:
Cloud hosting: Microsoft Azure provides the infrastructure on which IdentityPulse operates. Azure holds ISO 27001, SOC 1, SOC 2 Type II, and SOC 3 certifications. Microsoft does not have logical access to application-layer data.
Data partners: Authorised data providers supply the reference population datasets used for identity verification. Data partners do not have access to the IdentityPulse platform or to any Client-submitted data.
We do not sell, trade, or otherwise share consumer personal information with any third party for marketing, advertising, or any purpose other than providing our identity verification service.
Depending on your jurisdiction, you may have the following rights in relation to your personal information:
Right of Access: Request a copy of the personal information we hold about you.
Right to Correction: Request correction of inaccurate or incomplete personal information.
Right to Deletion: Request erasure of your personal information where it is no longer necessary for the purpose for which it was collected, or where you withdraw consent.
Right to Object: Object to the processing of your personal information in certain circumstances.
Right to Withdraw Consent: Withdraw your consent to processing at any time (where consent is the lawful basis).
Right to Lodge a Complaint: Lodge a complaint with the relevant supervisory authority (in Australia, the Office of the Australian Information Commissioner — www.oaic.gov.au).
To exercise any of these rights, please contact our Privacy and Data Protection Officer using the details in Section 1.3. We will respond to your request within 30 days.
Important note for consumers: As IdentityPulse does not retain any consumer personal information submitted by Clients for verification (see Section 4.1), there is typically no personal information held by us to access, correct, or delete in relation to individual verification transactions. If you wish to enquire about personal information held in our reference datasets, please contact us and we will assist you in accordance with applicable privacy laws.
Our website uses cookies and similar technologies to improve your browsing experience and to understand how visitors interact with our site. Essential cookies are required for the website to function correctly. Analytics cookies are used to collect anonymised data about website usage to help us improve our content and services. You can manage your cookie preferences through your browser settings. Disabling cookies may affect your experience on our website.
We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or operational practices. We encourage you to review this policy periodically. Material changes will be communicated to affected parties where required.
We will take all necessary measures to remedy any breach of this policy, including the use of our disciplinary and contractual processes where appropriate. In the event of a data breach involving personal information, we will comply with the Notifiable Data Breaches scheme under the Privacy Act 1988 (Cth) and notify affected individuals and the Office of the Australian Information Commissioner as required by law.
Identity verification, rebuilt from the data layer up. Built in Australia. Supporting clients globally.
