Privacy and Data Protection Guide
Advisor Plus Pty Ltd (ABN 52 600 655 936) (AFSL 474520) respects and understands any concerns regarding the collection and privacy of your Personal Information. The security of our customers’ Personal Information and the use of this information solely for the purpose that it was given to us are important and receive the highest care and attention.
In this Privacy and Data Protection Guide (Privacy Guide) we, us or AdvisorPlus means AdvisorPlus Pty Ltd (AdvisorPlus).
AdvisorPlus is committed to safeguarding your Personal Information in accordance with the Australian Privacy Principles of the Privacy Act 1988. Personal Information for the purposes of this policy is information about and which identifies individuals, whether that information is obtained from the relevant individual or a third party.
AdvisorPlus must also report unauthorised access to, disclosure of, or loss of, personal information it holds in circumstances where the disclosure is likely to result in serious harm to any of the individuals to whom the information relates. When AdvisorPlus becomes aware (or suspects) that a breach has occurred, it must take all reasonable steps to decide within 30 days whether it needs to notify.
What this Privacy Guide covers
- This Privacy Guide covers the following topics:
- collection of Personal Information
- Personal Information about third parties
- use and disclosure of Personal Information
- security of your Personal Information
- access to your Personal Information
- updating and correcting Personal Information
- direct marketing
- unauthorised access to your Personal Information
- Data Breach Notification
- changes to this Privacy Guide.
1. Collection of Personal Information
AdvisorPlus will not ordinarily collect information about you except where you provide it to us or it is provided to us with your authority. AdvisorPlus will only collect Personal Information by lawful and fair means and not in an unreasonably intrusive way. The types of Personal Information we collect generally include your name, address, telephone number, email address.
In certain circumstances we may also collect Personal Information, which is sensitive. Sensitive information includes information about your tax file number, company or trust details. Unless the collection of sensitive information is required or permitted by or under law, we will obtain your consent to the collection.
We may also listen to and/or record telephone calls to which you are a party with us for training, transaction verification and quality control purposes. On occasions AdvisorPlus may need to collect Personal Information about you from third parties. If required by law, we will obtain your consent to collect Personal Information from third party sources.
As a general rule AdvisorPlus will only collect information about you that is necessary for us to provide a service to you or maintain our relationship with you. Additionally, the purposes for which we will generally collect and use your Personal Information will include:
- complying with legislative and regulatory requirements,
- considering any account opening application you make to us,
- performing our administrative operations, including accounting, risk management, record keeping, archiving, systems development and testing and staff training,
- conducting market or customer satisfaction research,
- developing and identifying products and services that may be of interest to you;
- informing you about products and services.
We also advise you that our website uses “cookies”. A “cookie” is a file of information that a website places on a server when you visit a site for the first time (and sometimes on subsequent visits). The use of “cookies” allows information about use of our website to be collected by us and to provide more customised services to you on your subsequent visit to our website. This can make navigating our website more efficient for you. You may configure your web browser not to accept cookies, however this may mean that you are not able to use our website.
2. Personal information about third parties
If at any time you supply us with Personal Information about another person you should ensure that you are authorised to do so and you must agree to inform that person who we are, that we will use and disclose that Personal Information and that they may gain access to it should we hold that information.
3. Use and disclosure of Personal Information
We will not use or disclose information collected about you other than for a purpose made known to you, a purpose you would reasonably expect, a purpose required or permitted by or under law or a purpose otherwise authorised by you.
You authorise us to disclose necessary information to related companies and to any agents or contractors who provide services to us in connection with the provision of services you have sought from us. These parties are prohibited from using your Personal Information except for the specific purpose in which we supply to them.
- Subject to what is permitted by law, the types of third parties we may disclose your Personal Information to include:
- market participants such as Morrison Securities Pty Ltd ABN 50 001 430 342 AFSL 241737 and its related bodies corporate;
- clearing participants such as Morrison Securities Pty Ltd ABN 50 001 430 342 AFSL 241737 and its related bodies corporate;
- other financial service providers such as Interactive Brokers ABN & Macquarie Bank Limited ABN 46 008 583 542,
- any personal organisation who introduces you to us,
- your referees,
- your executor, administrator, trustee, guardian or attorney,
- debt collecting agencies,
- your securities and guarantors and prospective securities and guarantors,
- government bodies and agencies;
any person to the extent necessary, in our view, in order to carry out any instruction you give to us. In some cases, we may need to transfer your Personal Information outside Australia. If we believe that the overseas third party is not subject to privacy obligations equivalent to those which apply to us we will seek your consent to transfer the information, except where the Australian Privacy Principles do not require us to do so.
4. Security of your Personal Information
Because data transmission over the Internet can never be guaranteed to be entirely secure, we cannot warrant the security of information you give us or that you receive from our Website during transmission. When we have received your information, we will take all reasonable steps to protect the Personal Information we hold from misuse and loss from unauthorised access, modification or disclosure. We will take all reasonable steps to destroy or permanently de-identify Personal Information if it is no longer needed for any purpose for which the information may be used and disclosed under this policy.
5. Access to your Personal Information
If at any time you wish to know what Personal Information we are holding about you, you are welcome to request a copy of your details by sending a letter to the attention of the Privacy Officer, Advisor Plus Pty Ltd, Level 29, 2 Chifley Tower, Sydney NSW 2000.
Under certain circumstances we may not be able to tell you what Personal Information we hold about you. This includes where:
- it would have an unreasonable impact on the privacy of another individual,
- information relates to legal proceedings with you,
- the information would reveal a commercially sensitive decision-making process; or,
- we are prevented by law from disclosing the information, or providing access would prejudice certain investigations.
We may charge a fee for accessing your Personal Information.
6. Updating or correcting Personal Information
We will take reasonable steps to make sure that your Personal Information is accurate, complete and up-to-date. If, at any time, you believe that Personal Information we hold about you is inaccurate, in complete or out of date, contact us immediately by email at firstname.lastname@example.org and we will take all reasonable steps to correct it.
7. Direct marketing
We will use your personal details to provide you with information about products and services, which may be of interest to you If at any time you do not wish to receive such marketing information you have the option to ask us not to send any further information to you, and you may do so by contacting us by email at email@example.com or by telephone on 1300 614 002.
AdvisorPlus will not adopt, as its own identifier, an identifier that has been previously assigned by a government agency or by an agent of, or a contractor to, a government agency or contract service provider for a Commonwealth contract. We will only use and disclose such identifiers for purposes required by law.
If you believe that the privacy of your Personal Information is not being adequately protected, you should contact us by letter for the attention of the Privacy Officer, AdvisorPlus at firstname.lastname@example.org. We will make every effort to resolve your compliant internally.
If we do not resolve your complaint to your satisfaction, you may apply to the Federal Privacy Commissioner to have your complaint investigated. For more information, please contact the Commissioner’s hot line service on 1300 363 992.
10. Unauthorised access to your Personal Information
We are required to take reasonable steps to protect Personal Information that we hold from misuse, interference and loss as well as unauthorised access or disclosure.
Interference of Personal Information occurs when there is an attack on Personal Information that we hold but may not necessarily modify its content. Interference includes an attack on a computer system, that, for example, leads to exposure of Personal Information.
Loss of Personal Information includes the accidental or inadvertent loss of Personal Information held by us, for example, by failing to keep adequate backups of Personal Information if there is a systems failure. Loss may also occur as a result of theft following unauthorised access to Personal Information.
Unauthorised access of Personal Information occurs when the Personal Information that we hold is accessed by someone who is not permitted to do so. This includes unauthorised access by an employee or one of our external service providers, as well as unauthorised access by a third party (such as hacking).
Unauthorised disclosure occurs when we make the Personal Information accessible or visible to third parties or we release the Personal Information from our effective control in a way that is not permitted by the Privacy Act.
11. Data Breach Notification
Where we believe there may have been unauthorised access to or disclosure of your Personal Information or your Personal Information may have been lost, we have notification obligations under the Notifiable Data Breaches Scheme under Part 111C of the Privacy Act where the data breach is likely to result in serious harm to you (described as an eligible data breach).
Under the law we are required to notify the Office of the Australian Information Commissioner (OAIC) and all of our affected clients about eligible data breaches as soon as practicable. Notification occurs when:
- we prepare a statement (see attachment A for example) containing our contact details, a description of the data breach, the kinds of information concerned and the steps we recommend you take to mitigate any harm that may arise from the breach;
- provide a copy of the statement to the OAIC; and
- take reasonable steps based on the circumstances to notify you of the contents of the statement.
From 25th May 2018 the General Data Protection Regulation (GDPR) regulates the processing of personal information under the European Union (EU) Law. If we are offering products or services to you whilst you are located in the EU our collection, use, disclosure and processing of your information is regulated by the GDPR. A copy of our EU Data Protection Policy can be found here: https://ec.europa.eu/info/law/law-topic/data-protection/data-protection-eu_en
12. Changes to this Privacy Guide
This Privacy Guide may change from time to time. Our current Privacy Guide will be published on our website: www.advisorplus.com.au. We advise you to check it periodically for any changes.