Legal

Intellectual Property

OODLZ’ key intellectual property includes the source code of products created, bought and developed by OODLZ and the processes and technology involved in delivering the platform via website, app, browser notifier, the in-store offering and all earn products.

We protect our intellectual property through a combination of domain names and trade secrets as well as contractual provisions and restrictions governing access to our proprietary technology.

We protect our intellectual property rights by imposing contractual rights on employees and third-party contractors who develop and access our key technology. Our employees and contractors are also subject to assignment agreements whereby we obtain rights to any intellectual property that they develop for us.

Risk management

Risk management procedures

Our risk management framework is based on maintaining an effective system of setting risk appetite in a way that scales with complexity and growth and, in that context, of identifying, minimising, monitoring and controlling risk.

Our business model relies on the successful operation, oversight and accountability of our risk management and regulatory compliance framework. The framework includes a combination of accountabilities, controls, policies, systems, procedures, training and registers.

An objective of the framework is to ensure the Board, management and staff execute within established governance protocols, a structured direction and ongoing oversight of strategic and operational performance that is within explicit risk tolerances in accordance with appropriate and transparent risk management.

Data protection and cyber security

IT security and data protection are critical to building and maintaining the OODLZ platform through the desktop, mobile and Card-linked Offering. OODLZ has implemented appropriate security management protocols which it is monitoring and improving all of the time.

Processes that are used by OODLZ to enhance the data protection and cyber security include:

• independent third-party cyber security testing

• internal training, processes, controls and policies to ensure the most appropriate use of IT systems, including handling and securing of data, acceptable usage of technology and incident management framework

• cyber security solutions including anti-virus, anti-malware and firewalls to protect internal systems and data

• monitoring of networks and systems to detect and actively manage security threats

• highest levels of encryption for Users and Merchant Partners as they use the service (Secure Sockets Layer) and while data is stored (encryption at rest)

• OODLZ does not currently collect or store credit card details for Members who choose to link their debit or credit cards (product road-map). Also this service will be via thirs party who handles all data collection.