RELEASE DATE: MAY 2018
At AMAFA (The Licensee), we understand that the privacy of your information is important to you and we respect the confidentiality of the information that you provide to us. Protecting your information is an important part of maintaining trust between us and our clients and by handling information in a secure manner we build strong business relationships.
This document provides information and details about how we manage the personal information that we collect, hold, use and disclose about individuals.
We are bound by the Privacy Act and we manage and protect your personal information in accordance with the Australian Privacy Principles.
We collect, hold, use and disclose personal information so we can provide you with financial and credit products, advice and service relevant to your needs. We may also collect, use and disclose your information for related purposes such as:
- Complying with our legal obligations, such as verifying your identity
- Assisting with your questions and complaints
- Arranging for services to be provided by third parties
- Internal operations, such as record keeping, data analytics, auditing or training
- Promotion of other products and services that may be of interest to you
We collect, use, hold and sometimes disclose personal information about financial advisers, credit representatives and other people who we do business with (including employees) in order to administer and manage our business operations. This information is afforded the same standard of care as that of our clients.
We ask people for a range of personal information to assist us in providing relevant products and services. The information we collect could include (but is not limited to) your name, date of birth, contact details, financial information, employment details, residency and citizenship status. We may also collect the personal information of your family members where it is relevant to the advice being provided.
We may also collect sensitive information about your medical history and their health and lifestyle to provide financial advice about life insurance products.
In most instances, we collect personal information directly from that person when they:
- Complete a financial product or credit product application form
- Complete an identification form
- Complete data collection documentation
- Interact with an online interactive tool, such as a budget planner
- Provide documentation to us, or
- When you communicate with us in person, over the telephone, fax, email, internet or by using other electronic devices.
Situations where we collect personal information from other people and organisations include (but are not limited to):
- A financial adviser
- A mortgage broker or other credit representative
- Other professionals who act on your behalf, such as a lawyer or accountant
- Health professionals
- Other organisations, who jointly with us, provide products or services to you, and
- Social media and publicly available sites
It’s your choice whether to provide your personal information. You have the right to not to provide personal information, including about your identity. However, in this case, your adviser will warn you about the possible consequences and how this may impact on the quality of the advice provided. Your adviser may also decline to provide advice if they feel they have insufficient information to proceed. In some instances, we will decline to provide services or advice if we feel we have insufficient information for the scope of the service or advice requested.
Further, in some circumstances the law requires us to obtain and verify details of photographic and non-photographic identification documents.
Some personal information may be collected automatically, without your knowledge, whilst navigating through and interacting with the content of our websites. The electronic methods of collection we use include log files.
Log files contain information about the devices and browsers used to access our websites and help us to diagnose problems, analyse trends, and administer the site or mobile application.
The information we collect by these electronic means is generally not stored for long – they are temporary records – and can include device-specific data or log data such as your IP address, device screen size, device type, browser information, referring domain, pages visited, the date and time website pages were visited, and geographic location (country only).
You can request access to personal information we hold. There may be a cost involved with locating, copying or sending you the information you request. The cost will be discussed and agreed with you at the time.
There may be circumstances where we refuse to provide you with the information you request, for example when the information is commercially sensitive. In these situations, we will inform you and provide an explanation as to why.
We will deal with requests for access to your personal information as soon as possible and aim to respond within 30 days. The time we require will depend on the type of information requested.
We will update your personal information if you contact us. In most cases, you can update your personal information over the phone, by contacting your adviser or broker or electronically.
If you wish to remain anonymous or to use a pseudonym when dealing with us, we may only be able to provide you with limited information or services. In many cases it will not be possible for us to assist you with your specific needs if you wish to remain anonymous or use a pseudonym.
From time to time we may share your personal information with other entities both within and outside of the Licensee. This will vary according to the product or service involved, but could include:
- Any person acting on your behalf, including your financial adviser, solicitor, accountant, executor, administrator, trustee, guardian or attorney
- Financial product and service providers, including financial planning software providers and paraplanners
- For corporate superannuation members, your employer or your employer’s financial adviser
- Lenders and other credit providers
- Other organisations within the Licensee including related bodies corporate and advice firms we have authorised
- Medical practitioners and health service providers, such as pathology services
- Companies involved in the payments system including financial institutions, merchants and payment organisations
- Organisations who assist us with certain business functions, such as auditors, compliance consultants, direct marketing, debt recovery and information and communication technology support
- Our solicitors, our insurers, courts, tribunals and dispute resolution organisations
- Other organisations who provide us with products and services so that they may provide their products and services to you or contact you on our behalf, and/or
- Anyone to whom we, or our service providers, are required or authorised by law to disclose your personal information to (for example, law enforcement agencies, Australian and international government and regulatory authorities).
We may also disclose your information to a third party where you have given your consent or where you would reasonably expect us to disclose your information to that third party.
We may also disclose the personal information we hold about our financial advisers and credit representatives to professional organisations, companies and consultants that we work with.
The only circumstances in which we would collect, use or disclose your government related identifiers is where we are required or authorised by law to do so. For example, we may be required to disclose your Tax File Number (TFN) to the Australian Taxation Office, a superannuation or retirement income product provider. Likewise, we may need to disclose your Medicare number to Centrelink in order to assess your social security eligibility. Drivers licence numbers and passport numbers may also be collected when we are required to verify your identity.
Personal information collected may also be used for direct marketing purposes to promote events, products or services that may be of relevance to you. Please contact us should you wish not to receive direct marketing.
We may disclose your personal information to service providers who operate outside Australia including the Philippines. The most common example of when we share your personal information overseas is when we work with overseas service providers who prepare financial advice documents.
When we send your personal information to overseas recipients, we make sure appropriate data handling and security arrangements are in place.
Your adviser may enter into their own outsourcing arrangements to countries other than those detailed above. If so, your adviser will disclose these arrangements separately to you. All reasonable steps will be taken to ensure that offshore service providers comply with the Privacy Act.
Personal information is generally hosted on servers located in Australia. If you access our services from outside Australia, you consent to the transfer of your personal information from Australia, to a jurisdiction that may not provide the same high level of protection we apply in Australia.
We strive to ensure that the personal information that you provide to us is stored safely and securely. We take a number of precautions to protect the personal information we hold about you from misuse, interference and loss, and from unauthorised access, modification or disclosure.
We have a range of practices and policies in place to protect personal information we hold, including:
- Educating our staff and representatives about how to protect your personal information and updating them about cybersecurity developments, threats and scams
- Requiring our staff and representatives to use passwords when accessing our systems
- Where appropriate, using strict confidentiality arrangements restricting third parties’ use or disclose of personal information for any unauthorised purposes
- Employing physical and electronic means, including access controls (as required) to protect against unauthorised access to buildings
- Employing firewalls, intrusion prevention systems and virus scanning tools to protect against unauthorised persons, malware and viruses from entering our systems
- Some of the systems we use are on dedicated secure networks or transmit electronic data via encryption, and
- Providing secure storage for physical records and securing paper files in locked cabinets and physical access restrictions
Where personal information is no longer required, we take steps to de-identify or destroy the information in a secure manner.
If you have any queries or are concerned about how your personal information has been collected, used or disclosed and you wish to make a complaint, please contact the Privacy Officer on the information below:
Mail: P O Box 1006 Kenmore Qld 4069
Phone: 07 3378 2056
We will acknowledge receipt of a complaint immediately, however, where this is not possible, acknowledgement will be made as soon as practicable. We will then investigate the complaint and respond to you within 45 days. Some complex matters may require an extension to thoroughly investigate the complaint and bring it to resolution.
If you are not fully satisfied with our response, you can contact an external body. In cases of privacy related complaints, this is generally the Office of the Australian Information Commissioner (OAIC).
The contact details for OAIC are:
Mail: GPO box 5218 Sydney NSW 2001
Phone: 1300 363 992
You may also direct privacy complaints related to financial advice to:
The Credit and Investments Ombudsman (CIO)
Mail: GPO Box A 252, South Sydney NSW 1235
Phone: 1800 367 287 (free of charge)
Fax: 02 9273 8440