1 October 2019
The collection of personal information about individuals by organisations is governed by the Privacy Act 1988 and the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (the Privacy Act) which contains a national scheme for the collection, use, correction, disclosure and transfer of personal information by organisations in the private sector.
The Privacy Act requires us to handle your personal information in accordance with a set of principles, known as the Australian Privacy Principles (APPs). Those Principles and our approach to those Principles are set out below.
What information do we collect?
We will collect and hold your personal information for the purposes of:
- providing advice and services to you
- recommending investment and/or insurance products to you
- managing and administering those products and services
- letting you know about other products and services
- Verifying your identity
To facilitate the above, the type of information collected from you includes personal information such as your:
- residential and/or postal address
- date of birth
- contact details (including email)
- bank account details
- financial details
- personal health details
- employment details
- insurance details
- estate planning details
- Tax File Number
- Australian Business Number
This information is collected from you at the outset of our appointment as your financial planner and is updated throughout the course of our relationship through ongoing communications with you.
We will not collect any personal information about you except where you have knowingly provided that information to us or we believe you have authorised a third party to provide that information to us.
We may also need to collect information from third parties. For example, we may need to collect information from your accountant or lawyer.
We are also required to ask for certain information by law. Wherever there is a legal requirement for us to ask for information about you, we will inform you of the obligation and the consequences of not giving us the requested information.
For example, in addition to obtaining personal information from you, whenever you acquire a new product or service from us, we will need to obtain certain documentary evidence from you as to your identity. Such evidence may include items such as a certified copy of your driver’s licence, passport or birth certificate.
What if you don’t give us the information we request?
You are not required to give us the information that we request. However, if you do not give us the information that we ask for, or the information you give is not complete or accurate, we may not be able to provide you with our advice or the advice we provide to you may be inappropriate.
Use of information
How do we use the information that we collect from you?
We use your personal information for the purposes for which it has been obtained. We collect your personal information so that we are able to act on your request, such as:
- provide financial advice to you
- establish and manage your investments and accounts
- implement your investment instructions
- establish and maintain insurance protection
- organise superannuation contributions and transfer monies
- report on your investments and provide review services
- keep you up to date on other products and services offered by us.
Personal information will also be used where you have consented to such disclosure or where it is required or authorised under law, in circumstances relating to public health and safety or in connection with certain operations by or on behalf of an enforcement body.
Who do we give personal information to?
Your personal information is made available to Century Advisory Services Pty Ltd and their Authorised Representatives. We may also disclose your personal information to a range of external organisations including:
- organisations involved in providing, managing or administering the products and/or services we have organised for you on your behalf
- third party service providers to Century Advisory Services
- businesses that may have referred you to us (for example your accountant).
There are situations where we may also disclose your personal information where it is:
- required by law (such as to the Australian Taxation Office)
- authorised by law (such as where we are obliged to disclose information in the public interest)
- required to assist in law enforcement (such as to a police force).
We will also disclose your information if you give your consent.
Will my information be disclosed overseas?
We may disclose your personal information overseas to an associated service provider based in the Philippines for the sole purpose of assisting us in the delivery of our services to you.
Access and correction of information
Can I access my information and what if it is incorrect?
You may request access to the personal information we hold about you.
There may be circumstances where we are unable to give you access to the information that you have requested. If this is the case, we will inform you and explain the reasons why.
We will take reasonable steps to ensure that the personal information we collect, hold, use or disclose is accurate, complete, up to date, relevant and not misleading.
You have a right to ask us to correct any information we hold about you if you believe it is inaccurate, incomplete, out of date, irrelevant or is misleading. If we do not agree with the corrections you have supplied and refuse to correct the personal information, we are required to give you a written notice to that effect and a statement if requested. If you wish to access your personal information, you should contact us.
If you believe that we have mishandled your personal information, in turn, breaching the APPs, you may lodge a complaint with us. The complaint must be in writing and mailed or emailed to the Privacy Officer:
PO Box 1077
HAMILTON NSW 2303
From receipt of your written complaint, we have 30 days to respond.
In the event that we are unable to resolve your complaint, you may lodge a complaint with the Information Commissioner. You can lodge a written complaint with the Information Commissioner by:
- Submitting an online form through the Information Commissioner’s website: oaic.gov.au
- Submitting a hard copy form which can be obtained at https://www.oaic.gov.au/download-privacy-complaint-form
- fax to 02 9284 9666
- email at firstname.lastname@example.org
Protection of the personal and sensitive information that we hold
How do we protect the security of your information?
We have security systems, practices and procedures in place to safeguard your privacy. Your personal information is stored on our servers and is subject to regular audit. The people who handle your personal information for us have the training, knowledge, skills and commitment to protect it from unauthorised access or misuse.
Risks of using the internet
You should note that there are inherent security risks in transmitting information through the internet. You should assess these potential risks when deciding whether to use this medium for the transmission of information.
Cookies are used for a variety of purposes, including security and personalisation of services. They are frequently used on websites and you can choose if and how a cookie will be accepted by configuring your preferences and options in your browser.
All browsers allow you to be notified when you receive a cookie and you may elect to either accept it or not. If you wish not to accept a cookie, this may impact the effectiveness of the website. Your internet service provider or other IT service provider should be able to assist you with setting your preferences.
Retention of your personal information
How long do we retain your personal information?
We are required by law to retain certain records of information for varying lengths of time. Depending on the context surrounding the information, we may be required to retain records which include your personal information from 7 years to permanently. Where your information is not required to be retained under law, we will take reasonable steps to permanently destroy your personal information when it is no longer required for the purpose for which it was collected.
European Union General Data Protection Regulation (GDPR)
If you reside in a country that is a member of the European Economic Area (the EU and Norway, Lichtenstein and Iceland), in addition to the protection you receive under the Privacy Act, you are entitled to other protections provided by the GDPR, including, in certain circumstances, the right to:
- have your personal information erased
- access your personal information in an electronic and portable format
- restrict or object to the processing of your personal information.