1. Background and Purpose
Alpha Vista Financial Services Holdings Pty Ltd (‘we’, ‘us’ or ‘our’) is committed to respecting your right to privacy and handling your personal information in an open and transparent way. We are bound by the provisions of the Privacy Act 1988 (Cth) (‘the Privacy Act’) which contains thirteen Australian Privacy Principles (‘APPs’) which regulate how we collect, use, disclose and keep your personal information secure.
The APPs are legally binding principles that are designed to ensure that your personal information is protected throughout the information lifecycle – that is, from the time the information is collected through to its destruction.
2. Types of Personal Information Collected
Information we collect in order to provide professional services to clients
Personal information is collected from you to enable us to establish, manage and deliver professional services to you (or to perform due diligence checks before we agree to provide professional services).
In addition, some laws require us to collect personal information from you. These include the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth), the Corporations Act 2001 (Cth) and the Foreign Account Tax Compliance Act (USA).
The information we may request includes (but is not limited to) your name, contact details, Australian Company Number (ACN), Tax File Number (TFN) and bank account details.
In some cases, we may also request the personal information of relevant third parties, such as your own clients.
In the event that you provide us with the personal information of a third party, we will take steps to ensure that you have complied with the relevant obligations under the Privacy Act in relation to accessing this information. This may include seeking evidence that you have provided any and all relevant individuals with a Notice of Collection (and other matters) and have obtained any necessary consent for us to collect, use and disclose that information.
Information we collect to assist us in providing professional services
We may also collect personal information (such as contact details and bank account details) from suppliers, contractors and third party service providers that we engage to help us operate our business.
Information we collect via our website
Our website only collects standard internet log information, including your IP address, browser type and language, access times, and referring website addresses. We do not seek or collect personal or sensitive information from visitors using our website.
Sensitive information includes information or an opinion relating to a person’s racial or ethnic origin, political views or memberships, religious beliefs or affiliations, membership of a professional or trade association or trade union, sexual orientation or practices and criminal record. It also includes information about a person’s health and medical history. The APPs set out restrictions about the way sensitive information can be used.
It is unlikely that we will need to collect sensitive information in order to provide professional services to you. However, in the event that sensitive information is required, it will always be collected with your consent (unless the collection is required or authorised by law or necessary to take appropriate action in relation to suspected unlawful activity or serious misconduct).
3. How Personal Information is Collected
We will collect your personal information directly from you where this is reasonable and practical. We gather this information either through applications or other forms that you complete, or by recording the information you provide via phone calls, emails and other forms of communication.
We may also collect personal information about you from a third party, such as identity verification services, referrers or marketing agencies. If so, we will take reasonable steps to ensure that you are made aware of our identity and our contact details.
We do not give you the option of dealing with us anonymously, or using a pseudonym. This is because it is illegal or impractical for us to deal with clients who are not identified.
4. Using Personal and Sensitive Information
How do we use the personal information we collect from you?
We use the personal information that we collect from you to provide you with agreed professional services. The agreement we have in place with each client governs the provision of our services and sets out the purposes for which we may use the information that you provide to us. We do not use that information for any other purposes, unless disclosure is required or authorised by or under an Australian law or a court or tribunal order.
The way we use personal information varies depending on the client. For example, we might use personal information:
- To provide you with agreed professional services.
- Collected by you as part of your ordinary business activities in the course of helping you develop strategic initiatives for your business.
- About your own clients to help you improve the quality of the services you offer.
- To keep you informed of the services we offer and industry developments that may be of interest to you, and to notify you of service offerings, seminars and other events we are holding.
- For general management and reporting purposes, such as invoicing and account management.
Do we use personal information to market goods and services to you?
Your personal information will never be added to a third party’s general marketing database. We do not sell, rent or trade clients’ personal information to or with third parties for the purpose of allowing them to send marketing material to you.
If you provide us with your email address, we may use it to communicate with you. If you no longer wish to receive electronic marketing communications from us, you can click the unsubscribe function on electronic communications, or contact us using the details provided below.
How do we use the information collected via our website?
We may use the personal information collected via our website:
- To manage and improve the website.
- To tailor the content of the website to provide visitors with a more personalised experience and draw attention to information about our services that we feel may be of interest.
- To seek feedback on our services.
- For market or other research purposes (however, we will only ever report aggregated results of any research we undertake, and will never include personal information in those results unless we explicitly ask for your consent).
Are there any other ways we use personal information?
We may also use personal information to protect our rights and those of our clients or to comply with a legal or professional right or duty.
5. Disclosing Personal Information
When will we disclose personal information?
We may disclose personal information collected directly from you to a related entity of us, or to third parties that we engage to assist us in providing professional services to our clients or in the operation of our business (i.e. our subcontractors, advisors and suppliers). Where we disclose personal information to third party service providers, we will ensure that all contractual arrangements adequately address privacy issues and we will at all times remain responsible for their handling of that information. This includes taking steps to ensure that those recipients protect that information from unauthorised access, modification or disclosure, and from misuse, interference and loss.
We may also be required to disclose personal information to law enforcement, regulatory government agencies, or to other third parties in order to comply with legal or regulatory obligations or requests or where there is a legal or professional right or duty to disclose. These entities may include government institutions and regulatory authorities including the Australian Taxation Office (ATO), the Australian Securities and Investments Commission (ASIC), the Australian Transaction Reports and Analysis Centre (AUSTRAC) and the Office of the Australian Information Commissioner (OAIC). These entities may also include courts and tribunals, including the Financial Ombudsman Service (FOS).
Disclosure of information to overseas recipients
Some of the entities we share information with may be located in, or have operations in, other countries. As at the date of this Policy, your personal information may be provided to IBM in the United States.
We will not disclose your personal information to overseas recipients without your consent unless and until we have taken reasonable steps to ensure that the overseas recipient will collect and store your personal information in a manner that is consistent with the Australian Privacy Principles.
6. Storing and Protecting Personal Information
We take reasonable steps to store your personal information securely and prevent it from being misused. For example, we hold your personal information in a combination of secure computer storage facilities, paper-based files and other formats.
We also have a number of physical, operational and technological controls to protect your personal information from misuse, loss, unauthorised access, modification or improper disclosure. In relation to information that is held on our computer database, we apply the following controls:
- Passwords are required to access the system and passwords are routinely checked;
- Data ownership is clearly defined;
- The system automatically logs and reviews all unauthorised access attempts;
- Unauthorised employees are barred from updating and editing personal information;
- All computers which contain personal information are secured both physically and electronically;
- Data is encrypted during transmission over the network;
- Data is encrypted while it is being stored; and
- Print reporting of data containing personal information is limited.
In addition, staff are provided with regular training to ensure they are aware of our privacy obligations when handling personal information.
While we take reasonable precautions to secure personal information, data protection measures are never completely secure and we cannot guarantee the security of personal information.
The personal information provided to us is only retained for as long as necessary to fulfill the purposes for which the information was collected, unless we are required to retain the information under an Australian law or court or tribunal order. Once no longer required, we take such steps as are reasonable in the circumstances to destroy or de-identify personal information.
7. Accessing and Correcting Personal Information
You have a right to know what personal information we hold about you and to obtain access to it if required. You may request access to your personal information by contacting us using the details provided below. Proof of identity may be required before access is provided.
There are circumstances where we are not required to provide, or are prevented from providing, you with access to your personal information. Where access to personal information has been denied or not provided in the manner reasonably requested, we will provide you with a written notice setting out the reasons for our denial of the request (unless having regard to the grounds for the refusal, it would be unreasonable to do so) and the mechanisms available to make a complaint about the refusal.
We aim to ensure that personal information is up-to-date and complete. However, we also rely on you to advise us of any changes to your personal information. Please contact us using the contact details below as soon as possible if the personal information we hold may not be accurate, complete or up-to-date, so that we can update the file accordingly.
Proof of identity may be required before information is corrected. Personal information we have disclosed to another organisation will also be corrected on request unless it is impracticable or unlawful for us to do so.
If we do not agree with the corrections requested, we are not required to alter the information. In such circumstances we will provide you with a written notice setting out the reasons for our denial of the request (unless having regard to the grounds for the refusal, it would be unreasonable to do so) and the mechanisms available to make a complaint about the refusal.
8. Privacy and the Internet
Website analytics measurement software is used to assist in tracking traffic patterns to and from the websites, anonymously surveying users of the sites. The system is used by us to collect such information about the number of unique visitors, how long these visitors spend on the website when they do visit, and common entry and exit points into and from the website. This non-personal information is collected and aggregated by third party software and provided to us to assist in our analysis of our websites. The information that is collected and logged on our behalf through this technology is not information from which visitors can be personally identified.
Links to Third Party Websites
9. Making a Complaint
If we receive a privacy complaint it will be treated seriously and dealt with promptly, in a confidential manner and in accordance with our internal complaints handling procedures. We will contact the complainant if we require any additional information and will notify the complainant in writing of the outcome of the investigation.
10. Contacting Us
Our Privacy Officer can be contacted on:
Alpha Vista Financial Services Holdings Pty Ltd
Phone: 8823 3724
We take all privacy complaints we receive seriously. We will acknowledge the receipt of a complaint immediately and will work with the complainant to resolve it. However, if a complaint regarding a privacy issue is not resolved by us to the complainant’s satisfaction, the complaint may be referred to the Office of the Australian Information Commissioner (OAIC).
Director of Compliance (Investigations)
Office of the Australian Information Commissioner
Phone: 1300 363 992
Fax: 02 9284 9666
Address: GPO Box 5218 Sydney NSW 2001
11. Additional Information
Where can you find out more about privacy rights?
For further information about privacy and the protection of privacy, visit the Office of the Australian Information Commissioner’s website at www.oaic.gov.au