“Personal data” means any information relating to you, such as your name, contact details, but does not include data where you can no longer be identified from it such as anonymised, aggregated data.
Types of personal information
In the course of providing products and services we may collect and hold information that is reasonably necessary for the performance of our functions and activities, including maintaining a registry of investor detailsand other functions. This information may include, but is not limited to:
• names, addresses and other contact details; • date of birth; • financial information; • nationality and country of birth; • data required for AML/CTF purposes; and•government identifiers (such as TFN where necessary and relevant).
We may collect Sensitive Information about you, with your consent. Sensitive Information is a subset of personal information that is given a higher level of protection under the APPs. Sensitive Information means information relating to your racial or ethnic origin, health, political opinions, religion, trade union or other professional associates or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information. Provided that you consent, your Sensitive Information may only be used and disclosed for purposes that you have consented to or which are directly related to the primary purpose for which the Sensitive Information was collected, including (but not restricted to):
• for the purpose of us maintaining a comprehensive company file; • for the purpose of data compilation or analysis for internal purposes; • in an anonymised format for the purpose of data compilation or analysis to share with third parties; and • to be used or disclosed as required or authorised by law.
Collecting and holding your personal information
How we collect personal information is dependent upon whose information we are collecting. If it is reasonable and practical to do so, we collect personal information directly from you.
Where possible we standardise the collection of personal information by using specifically designed forms (e.g. our application forms). However, given the nature of our operations we often also receive personal information by email, through our website, online forms, letters, notes, in face-to-face meetings and through financial transactions. We may also collect personal information from third parties or independent sources. However, we will only do so where it is not reasonable and practical to collect the information directly from you.
We hold your personal information:
• in a variety of formats including on databases, in hard copy files and on computer devices, including computers; • only for as long as is reasonably necessary for the purpose for which it was collected or to comply with any applicable legal reporting or document retention requirements; and • using standard security methods to protect your personal information from unauthorised access, modification or disclosure and from misuse, interference and loss.
Where practicable we maygive you the option of not identifying yourself or using a pseudonym in your dealings with us
The use of your personal information
We only use personal information that is reasonably necessary for one or more of our functions or activities (the primary purpose) or for a related secondary purpose that would be reasonably expected by you, or to which you have consented. Our uses of personal information include, but are not limited to:
• providing you with one of more of our financial products or services including to assess your application for a financial product or service; • fulfilling our legal and regulatory obligations; • performing our associated administration and organisational functions and tasks; and/or • to communicate with you about the products and services that we offer.
If we collect, hold or use personal information in ways other than as stated in his policy, we will ensure we do so pursuant to the requirements of the Privacy Act.Employee records are not generally subject to the Privacy Act and therefore this policy may not apply to the handling of information about employees by us.
Disclosure of your personal information
We do not routinely disclose personal information to other organisations unless one or more of the following apply:
• you have consented; • you would reasonably expect us to use or disclose your personal information in this way; • we are authorised or required to do so bylaw; • where a permitted general situation under the APPs applies.
This may include disclosure of your personal information to our employees, contractors and related entities, as well as third parties who supply services to us to assist us in performing ouradministrative functions and in fulfilling our legal and regulatory obligations (e.g. legal and accounting firms, data storage systems and certain SaaS providers). We will take reasonable steps to ensure that they handle your personal information in the same way that we do and in accordance with the Privacy Act and the APPs.
We may use Google Analytics to collect and process data. To find out how Google uses data when you use third party websites or applications, please see www.google.com/policies/privacy/partners/ or any other URL Google may use from time to time.
We may also share non-personal, de-identified and aggregated information for research or promotional purposes. Except as set out in this policy, we do not sell to, or trade personal information with third parties.
Disclosure outside of Australia
In certain limited circumstances, your personal information may be shared with the ATO, and/or ASIC which will then exchange this information with similar overseas regulatory bodies as a result of Australia’s participation in the Common Reporting Standard and Foreign AccountTax Compliance Act.
Your right of access, correction and restriction
You may request access to the personal information we hold about you, or request that we change the personal information, by contacting us in the manner outlined below. You may also contact us if any of the details you have provided change or if you believe that the information we have about you is not accurate, complete or up-to-date. If we do not agree to provide you with access or to amend your personal information as requested, you will be notified accordingly. Where appropriate we will provide you with the reasons for our decision and you may seek a review of our decision. If the rejection relates to a request to change your personal information you may make a statement about the requested change and we will attach this to your record.
You may also request that we restrict the use of your personal information for direct marking purposes by contacting us using the contact details below. Alternatively, to unsubscribe from our e-mail database or to opt-out of communications (including marketing communications) you may use the opt-out facilities provided in the communication.
If you wish to make a complaint about a breach of the APPs by us, you may do so by providing your written complaint by email, letter or personal delivery to any one of our contact details as noted below. Where possible, the complaint should include enough information to allow us to identify and resolve it.
We will respond to your complaint in writing within a reasonable time (usually no longer than 30 days) and we may seek further information from you in order to provide a response.
If you are not satisfied with our response to a complaint, you may lodge a complaint with the Office of the Australian Information Commissioner by visiting www.oaic.gov.au.
We do not charge for receiving a request for access to personal information or for complying with a correction request.
• Emailing Daniel Szekely – email@example.com • Writing to our Privacy Office at Suite 2501, Westfield Tower 1, 520 Oxford Street, Bondi Junction NSW 2022