We are bound by the Privacy Act and the Australian Privacy Principles. These laws regulate how we manage and protect our customers’ personal information. On this page, “Personal information” means information or an opinion about you or which can be used to identify you.
The main way by which we collect your information is when you provide it to us. We collect your personal information so that we can provide you with products and services.
We collect information such as your:
- Name and date of birth
- Contact details – addresses, telephone number and email address
- Tax file number (TFN)
- Financial details – bank account details
- Information required by anti-money laundering and counter-terrorism financing (AML/CTF) laws – identification documents and source of funds.
If you open an account with us, we also keep records of your account such as transaction records and account balances.
We also collect your information when we are legally required to do so. For example:
- To prove your identity when you open an account as required by the Anti-Money Laundering and Counter-Terrorism Financing Act
- To confirm your tax residency status as required by Tax legislation.
It is highly unlikely, but we may collect sensitive information about you. Sensitive information may be information about your race, political opinions and associations, religious beliefs or affiliations, philosophical beliefs, professional or trade association membership, trade union memberships, sexual orientation or practices, criminal record, health records and genetic or biometric information.
We do not collect sensitive information unless we have your permission or are required to do so by law.
In addition to collecting information from you directly, we may also collect information about you from third-parties. This includes:
- Your associates – for example:
- your authorised representative, or
- a person who opens an account on your behalf, including for your company or partnership
- Organisations and related bodies corporate which help us provide you with products and services
- Organisations that we have an arrangement with to jointly offer products and services
- Social networking services if you communicate with us using these services
- Credit reporting or government bodies to verify your identity
- Financial advisers and other parties who may have introduced you to us.
- Publicly available sources, for example, websites
Other reasons we may use or disclose your information include:
- Performing administrative or operational tasks – such as account management, audit, systems development, risk management, training, marketing and customer research
- Marketing – we may use your information to let you know about new or existing products and services that we or our business partner provides
- Working with other organisations – to promote or provide you with a product or service
- Considering any concerns or complaints you may have or managing legal or regulatory action
- As required by law, regulations or codes of practice.
If you prefer to opt-out of receiving any marketing from us, please let us know by email at email@example.com.
Sometimes we may need to share your information with organisations based overseas. The most common reason this occurs is because one of our service providers is based overseas. For example:
- Administration and operations – we may use overseas service providers to help us administer or operate our business. This may include website hosting and IT and data storage providers.
- Processing online applications forms – our online application form is provided by an IT provider based in the United States.
- ID verification – we may use overseas organisations to verify your identity under anti-money laundering/counter terrorism financing laws.
- If you want to access your personal information, you can make a request by email (firstname.lastname@example.org). We can usually process your request within 14 days.
- If for any reason we can’t provide you with access, we’ll tell you why and attempt to find other ways to help you get access to this information.
Correcting your personal information
- If you wish to correct any personal information held by us, you can make a request by email (email@example.com).
- If we do not agree that your information needs to be corrected, we will tell you why and what you can do if you’re unsatisfied with our response.
Protecting your personal information
We have put in place measures to protect your personal information from misuse, loss, and unauthorised access, modification or disclosure. We safeguard your personal information by:
- Computer and network security – using passwords to control access to data and completing due diligence on our third-party IT service providers and their data protection systems
- Physical security – implementing locks and security systems over any hard copy or electronic information
- Review – periodically considering the adequacy of controls used to protect your personal information
On receiving your complaint, we will do our best to:
- Respond within 48 hours to let you know who will be handling your complaint
- Investigate your complaint
- Resolve your complaint within 45 days. If this is not possible, we will contact you and let you know how long it will take
- Make a decision in relation to your complaint and provide you with our reasons in writing.
If you are not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC).
- Online: www.oaic.gov.au
- Phone: 1300 363 992
- Email: firstname.lastname@example.org
Alternatively, you may lodge a complaint with the Australian Financial Complaints Authority (AFCA).
- Online: www.afca.org.au
- Email: email@example.com
- Phone: 1800 931 678
The OAIC and AFCA are an impartial third party who may help to investigate and resolve a complaint. Please note OAIC and AFCA will generally ask you to first provide us with the opportunity to address your complaint before reviewing your complaint.