We are bound by the Privacy Act 1988 (Cth) (Act) and the Australian Privacy Principles (APPs) set out in the Act.
We will ensure that all officers, employees and subcontractors are aware of and understand the A Firm’s obligations as well as their own obligations under the Act. We will achieve this through the provision of training and thorough maintaining and implementing internal policies and procedures to prevent personal information from being collected, used, disclosed, retained, accessed or disposed of improperly. We will also provide all officers, employees and contractors’ appropriate training and updates.
Some of the work performed by the A Firm falls within the following permitted general situations as set out in section 16A of the Act:
• The collection, use or disclosure is reasonably necessary for the establishment, exercise or defence of a legal or equitable claim; or
• The collection, use or disclosure is reasonably necessary for the purposes of a confidential alternative dispute resolution process.
The purpose of this Policy is to:
• Give you a better and more complete understanding of the kinds of personal information we collect and hold;
• Clearly and concisely communicate how and when we collect, disclose, use, store and otherwise handle personal information;
• Inform you about the purposes for which we collect, hold, use and disclose personal information;
• Provide you with information about how you may access your personal information, and seek correction of your personal information;
• Provide you with information about how you make a complaint, and how we will deal with any such complaint;
• Advise you of the circumstances in which we are likely to disclose personal information to overseas recipients; and
• Enhance the transparency of our operations.
For the purpose of this Policy, the following terms will have the following meanings, as attributed to them by section 6 of the Act:
Health information means:
(a) Information or an opinion about:
(I) The health or disability (at any time) of an individual; or
(ii) An individual’s expressed wishes about the future provision of health services to him or her; or
(iii) A health service provided, or to be provided, to an individual; this is also personal information; or
(b) Other personal information collected to provide, or in providing, a health service; or
(c) Other personal information about an individual collected in connection with the donation, or intended donation, by the individual of his or her body parts, organs or body substances; or
(d) Genetic information about an individual in a form that is, or could be, predictive of the health of the individual or a genetic relative of the individual.
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.
Sensitive information means:
(a) Information or an opinion about an individual’s:
(i) Racial or ethnic origin: or
(ii) Political opinions; or
(iii) Membership of a political association; or
(iv) Religious beliefs or affiliations; or
(v) Philosophical beliefs; or
(vi) Membership of a professional or trade association; or
(vii) Membership of a trade union; or
(viii) Sexual orientation or practices; or
(ix) Criminal record
that is also personal information; or
(b) Health information about an individual; or
(c) Genetic information about an individual that is not otherwise health information; or
(d) Biometric information that is to be used for the purpose of automated biometric verification; or
(e) Biometric templates.
Collection of personal information
The A Firm collects personal information in order to provide services to you. We collect this information from you when you engage our services, are registered within our website, make an order, subscribe to our newsletter, reply to a survey, or complete a form. We do not collect personal information unless it is reasonably necessary for, or directly related to, one or more of the services we provide or functions we carry out.
The types of personal information we generally collect include but is not limited to:
• Date of birth
• Residential address.
• Postal address.
• Email address.
• Home telephone number.
• Work telephone number.
• Mobile telephone number.
• Your occupation and business address.
• Financial information including details of your employer, income, name of bank or financial institution.
• Details of your spouse, de facto, dependent children, and roommates.
• Details of properties owned by you.
• Personal government identifiers, for example, Tax File Numbers.
• Criminal history.
We will not ordinarily ask you to provide sensitive information. However, there may be circumstances where the information provided reveals sensitive information. For example:
• You may require your Will to include details pertaining to your choices with regards to organ donation. This may reveal health information.
• In providing details of your spouse or de facto partner, this may reveal sensitive information regarding your sexual orientation.
We will only collect sensitive information in circumstances where:
• It is reasonably necessary for one or more of the services we provide or functions we carry out; and
• You consent to the collection of the information; and
• We are required or authorised by law to collect the sensitive information.
We will, if it is reasonable or practicable to do so, collect your personal information directly from you. This may happen when you fill out a form or when you give us personal information in person, or via telephone, email, correspondence or our website.
Sometimes we will collect personal information from a third party or a publicly available source. For example, we may need to collect personal information from a credit reporting agency, your legal advisor, or your past or current employers.
If we receive personal information that we did not solicit, we will determine as soon as reasonably practicable whether we could have lawfully collected that information as part of our functions or activities. If we are not satisfied that we could have lawfully collected the information, then we will (if it is lawful and reasonable) destroy the information or ensure that it is de-identified.
You may choose to deal with us anonymously or under a pseudonym where lawful and practical. Where anonymity or use of a pseudonym will render us unable to provide the relevant service or do business, we may request that you identify yourself. For example, whenever documents are to be submitted to government agencies or financial institutions, it is essential that we record your name accurately.
The information which we collect will depend upon the reason for which it is collected. The main reasons are:
• To provide business services – in the course of acting for a client we are likely to collect personal information about individual clients and third parties. The type of personal information collected will vary according to the services provided
• To personalise your encounter – your information helps us to better reply to your individual needs and to improve our customer service support. Your information assists us to successfully reply to your customer service requests and support needs
• For marketing – during client meetings we sometimes collect your contact details in order to be able to send you newsletters and updates about accounting and legal developments in your area of interest or to otherwise administer an event, promotion, survey or other website function which markets our services to you
• To process transactions
• To deliver periodic electronic mails and to respond to enquiries, comments or requests made via our website.
Your information, no matter whether public or non-public, shall not be sold, exchanged, transferred or given to any other firm for any reason in any respect, without having your consent, other than for the specific objective of offering the purchased item requested.
Use and disclosure of personal information
Any personal information collected by the A Firm will only be used and disclosed for the purpose for which it has been provided to us or as authorised under law.
We will not disclose your personal information to government agencies, private sector organisations or any third party unless one of the following applies:
• You have consented.
• You would reasonably expect, or you have been told, or form part of the works and services performed by us, that information of that kind is usually passed to those individuals, bodies or agencies.
• It is otherwise required or authorised by law.
• It is reasonably necessary for enforcement related activities conducted by, or on behalf of, an enforcement body (e.g. police, ASIC, Immigration Department).
Personal information provided to the A Firm may be shared with its related companies. We will take all reasonable and practical measures to keep such information strictly confidential.
We do not market, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who aid us in working our website, running our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is proper to comply with the law, enforce our website policies, or guard ours or others rights, property, or safety.
We may use your contact details to send you firm newsletters, accounting or legal updates or invitations to the A Firm’s events or seminars, which may be of interest to you. However, you may at any time opt out of receiving such materials by contacting the A Firm on email@example.com or sending a request to the address below. Upon receiving such a request, the A Firm will remove your contact details from our distribution lists.
The A Firm may transfer your personal information to an overseas entity in order to perform or process one or more of our functions. Such overseas entity includes, but not limited to, the Philippines. In these circumstances, we will take reasonable steps to ensure that the overseas recipient does not breach the Australian Privacy Principles in relation to the information.
Personal information may need to be disclosed to external service providers or third parties engaged by the A Firm in order for those service providers to fulfil their obligations to the firm. For example:
• Australian government agencies
• IT service providers who assist in managing the A Firm’s networks and servers may need to access client data in order to maintain the exchanges
• Experts engaged on behalf of a client to provide an accounting or a legal opinion for a client matter may require access to certain personal information held by the A Firm in relation to that matter in order to provide the opinion.
Sometimes, at our discretion, we may involve or offer third party products or services on our website. These third party websites have separate and self-sufficient privacy policies. We consequently have no responsibility or liability for the content and activities of these linked websites. Nonetheless, we seek to protect the integrity of our website and welcome any feedback about these websites.
The A Firm will take reasonable steps to ensure, in circumstances where personal information is disclosed to an external party, that the external party treats such information confidentially and in accordance with the APPs.
In circumstances where the A Firm collect a client’s government related identifier such as a tax file number or Centrelink reference number, we will not disclose such information unless we are required or authorised to do so by law or by a court or tribunal order, or in order to fulfil our obligations to a State or Territory authority.
Accuracy of personal information
The A Firm will take reasonable steps to ensure that all personal information it collects, uses or discloses is accurate, complete and up-to-date.
If you believe your personal information is not accurate, complete or up-to-date, please contact us (see the Contacting Us section for more information).
Personal information may be stored by the A Firm electronically or in hard copy documents. The A Firm is committed to keeping personal information safe and secure. Some of the ways we do this are:
• Ensuring the terms of employment with the A Firm include a confidentiality agreement
• Secure hard copy document storage (i.e. storing hard copy documents in locked filing cabinets)
• Requiring security passwords and measures for access to our computer network
• Providing a discreet environment for confidential discussions
• Ensuring all personal data is stored securely
• Providing security measures when accessing our building
• Providing security measures for our website (further information listed under Your Privacy on the Internet section of this document)
• As required, we will review and update our security measures.
In addition, and from time to time, the A Firm will review the personal information held by us, ensuring that information which is no longer needed for a purpose for which it was initially collected is destroyed or de-identified (provided it is lawful for us to do so).
Your privacy on the internet
The A Firm takes care to ensure that the information you provide to us via our website is protected. Our website has electronic security systems in place, including the use of firewalls.
The A Firm supplies the use of a safe hosting server. All supplied sensitive/credit information is encrypted into our Database. Such information is accessed only to those approved with special entry rights to our confidential information.
You may be able to access external websites by clicking on links we have provided. Those other websites are not subject to our privacy standards, policies and procedures. You will need to contact or review those websites directly to ascertain their privacy standards, policies and procedures.
Cookies are tiny files that a website or its service supplier transfers to your computer systems hard disk through your internet browser that allows the websites or service providers systems to acknowledge your browser and capture and keep in mind certain information.
The cookie’s purpose is to notify our web page server that the same visitor has returned to our web site and to collate anonymous information on when and how our website is used. The information collected is not linked to your identity in any way or any other information provided by you.
You may prefer to have your computer warn you each time a cookie is being sent, or you can opt for to turn off all cookies via your browser settings. Like most internet websites, if you turn your cookies off, some of our services may not perform properly. However, you can still place orders by contacting the A Firm.
The email address you provide may be used to send you information, respond to enquiries, and/or other requests or questions.
If you have registered through our website to receive email communications from us and later change your mind, you may contact us to have your name removed from our distribution lists.
Accessing and correcting personal information
You may request access to personal information that the A Firm holds about you (see the Contacting Us section for more information).
The A Firm will acknowledge your request within 7 working days of the request being made. In circumstances where access is denied, we will endeavour to advise you, in writing, of the denial of access and the reasons for same within 10 working days of our acknowledgement. Similarly, where access is confirmed, such access will generally be completed within 10 working days of our acknowledgement. In circumstances where the request involves voluminous photocopying or scanning or complex considerations, within 14 working days. The A Firm will inform you which time frame applies to your request and if any delays are anticipated.
The A Firm requires that you verify your identity before access to your personal information is granted.
We cannot and do not charge an ‘application fee’ for you applying to access your personal information, however, the A Firm may charge a fee for actually giving you access to your personal information in your preferred format (where reasonable and possible). This fee is to cover our costs involved in locating and collating information as well as reproduction costs.
Once your request has been processed by us, you may be forwarded the information by mail or email or you may personally inspect it at the location where the information is held or another appropriate place. Whenever possible, we will endeavour to make the information available to you in the manner requested by you unless it is unreasonable for us to do so (e.g. if you have asked for the information to be emailed to you, we will endeavour to email the information to you. If the file size would be too large, we may send you the information by hard copy instead of email).
If you are aware that we hold personal information about you that is no longer accurate, complete or up-to-date, please contact us (see theContacting Us section for more information).
If you request access to your personal information, or if you request that we correct your personal information, we will allow access or make the correction unless we consider that there is a sound reason to withhold the information, or not make the correction.
Under the Act, we may refuse to grant access to personal information if:
• We believe that granting access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety
• Granting access would have an unreasonable impact upon the privacy of other individuals
• Denial of access is required or authorised by law or by a Court or Tribunal order
• Giving access would be unlawful
• The request for access is frivolous or vexatious
• Legal proceedings are underway or anticipated and the information would not be accessible by way of the discovery process in those proceedings
• Giving access would reveal our intentions in relation to negotiations between us and you in such a way as to prejudice those negotiations
• Giving access is likely to prejudice enforcement related activities conducted by, or on behalf of, an enforcement body
• Giving access is likely to prejudice action being taken or to be taken with respect to suspected unlawful activity or serious misconduct relating to our functions or activities
• Giving access would reveal information in connection with a commercially sensitive decision making process.
If we do not agree to make a correction to your personal information, you may provide a statement about the requested corrections, and we will ensure that the statement is apparent to any users of the relevant personal information.
If we do not agree to provide access to your personal information or to correct your personal information, we will provide written reasons for the refusal and the mechanisms available to complain about the refusal (see the Complaints section for more information).
It you believe there has been a breach of the APP’s, you are entitled to complain to us. Please direct any complaints to our privacy contact below. We will investigate your complaint and endeavour to resolve it.
If you consider that we have not dealt with your complaint adequately, you may complain to the Office of the Australian Information Commissioner on the below details:
Office of the Australian Information Commissioner (OAIC)
GPO Box 5218
SYDNEY NSW 2001
Telephone: 1300 363 992
To contact us about any privacy matter or to notify us that you wish to be removed from our distribution lists, please either:
• Send us an email to: firstname.lastname@example.org; or
• Send us a letter addressed as follows:
The Privacy Officer
The A Firm
PO Box 968
NERANG QLD 4211
Financial Services Guide