Payments off our systems
Cards are processed by a PCI-compliant provider. We never see or store a card number.
The platform · Security & privacy
Your information, properly looked after
Recovery means handling sensitive details about businesses and the people who owe them money. We treat that data the way we would want ours treated.
Debt recovery runs on sensitive information — invoices, contact details, sometimes a person's financial circumstances. We have built the platform so that information is only ever seen by the people who should see it, and so the money side is handled by specialists rather than by us.
Card payments never touch our systems. They are processed end to end by a PCI-DSS-compliant payment provider, which means we never see or store a card number. Access to every account is controlled by role: a customer sees only their own debt, a client sees only the accounts they referred, and our team sees only what the job in front of them requires. Every action is written to an audit trail, so there is always a clear, honest record of who did what, and when.
How we protect it
Security that is built in, not bolted on
Access by role
Customers, clients and staff each see only what they should — never more.
Encryption for sensitive fields
Personal contact details can be encrypted at rest, so a stolen database is not a stolen identity.
A full audit trail
Every status change, note and payment is logged — an honest record you can rely on.
Two-factor sign-in
Accounts can require a one-time code at login, so a leaked password is not enough on its own.
Handled under the Privacy Act
We collect and use personal information in line with the Privacy Act 1988 and the Australian Privacy Principles.
A clear record, always
Because everything is logged, you and your customers can trust what the system says.
Common questions
Frequently asked questions
Do you store card numbers?
No. Card payments are processed entirely by our PCI-compliant payment provider. Merion never sees or stores card details.
Who can see my information?
Only the people who need to. Access is controlled by role, so a client sees the accounts they referred and a customer sees only their own — nothing more.
How is my data handled?
In line with the Privacy Act 1988 and the Australian Privacy Principles. You can ask us what we hold about you and request a correction at any time.
Get started
Recovery you can trust with your data
Open a client account, or refer your first debt today.