If you require any further information concerning privacy and the ways in which we handle your personal information, please contact us using the contact details set out at the end of this policy.
1. What information do we collect and hold?
We may ask you for a range of personal information because of the nature of the products and services we provide as well as government regulations and taxation laws. The type of personal information that we collect may include (but is not limited to) name, gender, marital status, mailing address, telephone and fax numbers, email address, date of birth, income, assets and liabilities, account balances, tax and financial statements, tax file number, account details, employment details, financial information, credit history, transaction history and whether a client is an Australian citizen.
Sometimes we need to collect sensitive information about you, for instance in relation to some insurance applications we may also collect medical and lifestyle information. This may include information on your sexual preferences and is collected so the insurers and their agents may assess whether to accept your insurance proposal and, if so, on what terms. If you are using our legal or estate planning services, we may also request that you provide personal information regarding potential or current beneficiaries. The type of information may include (but is not limited to) name, marital status, date of birth, relationship to you, occupation and financial dependency. Unless required by law, we will only collect sensitive information with your consent.
We may collect information about you because we are required or authorised by law to collect it. There are laws that affect financial institutions, including company and tax law, which require us to collect personal information. For example, we require personal information to verify your identity under Commonwealth anti-money laundering law.
We may also be required to collect information relating to your tax residency status to comply with information sharing agreements that the Australian Government has entered into with other countries, such as our obligations under the Foreign Account Tax Compliance Act (FATCA) in the U.S.
If you provide personal information to use about someone else, you must ensure that you are entitled to disclose that information to us and that, without us taking any further steps required by privacy laws, we may collect, use and disclose such information for the purposes described in this Policy.
2. How do we collect your personal information?
We normally obtain personal information directly from our clients, for example through taking instructions, completing or reviewing “fact find” forms, calls, emails and making and maintaining records of information provided in the course of providing our clients with products or services. We may also collect personal information from you in the course of your use of our website if you input any personal information. In addition, we also access cookies on your computer, which enables us to tell when you use the website and also to help customise your website experience (see Internet Privacy below). From time to time, we may also ask for additional information (for example, through market research, surveys or special offers) to enable us to improve our service or consider the wider needs of our clients or potential clients. When we receive personal information from you directly, we’ll take reasonable steps to notify you how and why we collected your information, who we may disclose it to and outline how you can access it, seek correction of it or make a complaint.
There may be occasions when we need to source personal information about you from a third party. For example, we may collect personal information from third party product providers, brokers or government agencies. In some cases, we may be provided with your personal information from other sources, such as accountants, brokers, agents or by family members or friends. We will take reasonable steps to let you know that we have your personal information, unless it is obvious from the circumstances that you know or would expect us to have the information. Reasonable steps may include asking the person who gave us your information to let you know that we have that information.
You may also choose not to provide certain personal information. However, if you choose not to provide information requested for the purposes of fulfilling your request for a specific product or service, we may not be able to provide you with the requested product or service, or the product or service which we do provide might not fully meet your needs.
How do we take care of your personal information?
We take appropriate steps to protect the personal information we hold about you from interference, misuse, loss, unauthorised access, modification or disclosure. Specifically, our security measures include:
- educating our staff about their obligations with regard to your personal information and taking appropriate disciplinary action where there is a breach
- confidentiality requirements of our employees
- only giving access to personal information to a person who is verified to be able to receive that information
- electronic security systems, such as firewalls and data encryption on our websites
- appropriate security access to our office premises
- providing secure storage for physical records
- the use of passwords to access database information
- the use of document shredders for the disposal of written information.
Our client login area on our website uses a 256-bit Secure Sockets Layer (SSL) protocol that was developed to protect confidential information such as financial data from interception and hacking. We cannot be held responsible for lapses in security caused by third-party access to information as a result of your failure to keep your personal information private. We reserve the right to gather more extensive information about any attempted access to our website that raises security issues and, if appropriate, make disclosures to the relevant authorities.
What happens when we no longer need your information?
Subject to relevant laws, where we hold personal information about you and that information is no longer needed for any purpose, we will take reasonable steps to destroy or permanently de-identify the relevant information. Where we receive unsolicited personal information about you, we will check whether that information is reasonably necessary for our functions or activities. If it is, we’ll handle this information the same way we handle other information we seek from you. If not, we will take reasonable steps to destroy or permanently de-identify the relevant information.
3. How we use your personal information
The purpose for collecting personal information is to provide you with the products and services you’ve asked for, to understand and meet your needs and provide you with a wide range of financial and other products and services. The types of products and services provided by us include (but are not limited to) strategic financial planning and investment advice, portfolio and self managed superannuation fund administration and legal services.
We may also use and disclose your personal information:
- to give you information about a product or service and/or consider whether you are eligible for a product or service
- to process your application for a product or service and/or administer the product or service we provide you
- to allow us to run our business and perform administrative and operational tasks such as training staff, developing and marketing products and services, risk management, systems development and testing, including our websites and other online channels, undertaking planning, research and statistical analysis
- to determine whether a beneficiary will be paid a benefit
- to identify you and prevent or investigate any fraud or crime, or any suspected fraud or crime
- if it will prevent or lessen a serious and imminent threat to somebody’s life or health
- as required by law and regulation or codes binding us, including the Anti-Money Laundering and Counter-Terrorism Financing Act 2006
- for any purpose for which you have provided express (verbal or written) or implied consent.
To make sure we can meet your specific needs, and for the purposes described above, we sometimes need to share your personal information with others including:
- those involved in providing, managing or administering your product or service including related bodies corporate of E&P, superannuation, insurance and managed funds organisations
- external third party service providers who help us operate our business and who have been contracted to provide E&P with administrative, brokerage and settlement, banking, financial, insurance, research, tax, legal or other services, including, without limitation
- those who assist us in providing products and services to you and in managing your personal information. Where relevant or required, we will take reasonable steps to require these external service providers to comply with privacy legislation and only use personal information for prescribed purposes. In all circumstances where personal information may become known to our contractors, agents and outsourced service providers, there are also confidentiality arrangements in place
- government or regulatory bodies (including ASIC and the Australian Tax Office) as required or authorised by law
- any other individuals, bodies or agencies that you would reasonably expect, or you have been told, that information of that kind is usually passed to.
Our marketing activities
We may use information we have obtained about you to directly market our insights, or other products or services that may be of interest to you. If you no longer wish to receive direct marketing offers from us, you can unsubscribe from particular marketing material by using the electronic “manage your subscription” facility available on the material or by contacting us directly. We will process your request as soon as practicable.
We may also share anonymised or aggregated information with marketing or technology related service providers to assist us to communicate with you and similar customer audiences.
If you’d prefer that we didn’t use your information for any of the marketing activities listed above, please let us know by emailing or writing to us (see “Company Contact Details” section).
Disclosure of information overseas
We are unlikely to disclose personal information to overseas recipients. In some circumstances, we may need to obtain your consent before this occurs. Our policy is to only use cloud or other types of networked or electronic storage where infrastructure is physically located in Australia. We have carried out our due diligence regarding our cloud service providers and have entered into suitable contractual arrangements with them.
4. Access to and correction of personal information
We aim to make sure that the personal information we collect, use or disclose is accurate, complete and up to date. This way we can provide you with better service. If you believe your personal information is not accurate, complete or up to date, please contact us. We can generally update your client information over the telephone or via email. We may also take steps to update personal information, for example, an address, by collecting personal information from publicly available sources, for example, telephone directories or electoral rolls.
You may request access to your personal information, however, access is subject to some exceptions allowed by law. Factors affecting a right to access include:
- access would pose a serious threat to the life or health of any individual
- access would have an unreasonable impact on the privacy of others
- a frivolous or vexatious request
- the information relates to a commercially sensitive decision-making process
- access would prejudice enforcement activities relating to criminal activities and other breaches of law, public revenue, a security function or negotiations with you
- legal dispute resolution proceedings where a third party has given us health information about you in confidence
- denying access is required or authorised by or under law.
Requests for access to limited amounts of personal information, such as checking to see what address or telephone number we have recorded, can generally be handled over the telephone. Requests for access to more substantial amounts of personal information, such as details of what is recorded in your file should be made by contacting the Privacy Officer at the contact address below. A reasonable fee may be charged to recover the cost of retrieving the information and providing it to you.
5. Internet privacy
With the help of our service partners, we may collect information from you when you use any of our online services (such as our website and other online communications).
You have control over any personal information we collect from you through online forms, “contact us” messages, including chat transcripts, emails to us or email newsletter subscription information, and any information collected will be used:
- for the purposes for which the information was requested and other related purposes
- when required or authorised by or under law to disclose the information or with your consent.
You may be able to access external websites by clicking on links we have provided. Those other websites are not subject to our privacy standards, policies and procedures. You will need to contact or review those websites directly to ascertain their privacy standards, policies and procedures.
6. Other important things
If you have general enquiry type questions, you can choose to submit these anonymously or use a pseudonym. However, we may not always be able to interact with you this way because we are governed by strict regulations that require us to know who we’re dealing with. In general, we won’t be able to deal with you anonymously or where you are using a pseudonym when:
- it is impracticable
- we are required or authorised by or under law, such as the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) or a court/tribunal order to deal with you personally.
TFNs and other government identifiers
We will not use your tax file number (TFN), pension number or any other government agency identifier as your file, policy or application number. We only use and disclose these numbers for the purposes required by law, such as disclosing your TFN to the Australian Taxation Office. You may use a government identifier, for example, a pension number or Medicare number, to prove your identity when you deal with us.
If you have a complaint about the handling, use or disclosure of your personal information, write to E&P Privacy Officer at the contact address below. We will investigate your complaint and advise you of the outcome as soon as possible. If the matter is not resolved to your satisfaction, you can then refer your complaint to the Office of the Australian Information Commissioner, who can be contacted at:
Office of the Australian Information Commissioner
Level 3, 175 Pitt Street
Sydney NSW 2000
8. Company contact details
If you have any questions or would like further information on these privacy and information handling practices, please use the following contact details:
100 Pacific Highway
North Sydney NSW 2060
or email the E&P Privacy Officer at: [email protected]