- We are committed to complying with the Privacy Act 1988 (Cth) (Privacy Act) in relation to all personal and credit information we collect. Our commitment is demonstrated in this policy. The Privacy Act incorporates the Australian Privacy Principles (APPs). The APPs set out the way in
which personal information must be treated.
- This policy applies to any person for whom we currently hold, or may in the future collect, personal or credit information.
- This policy applies to personal and credit information. In broad terms, ‘personal information’ is information or opinions relating to a particular individual who can be identified, whether the information or opinion is true or not.
- Information is not personal information where the information cannot be linked to an identifiable individual.
How do we manage the personal information we collect?
- We manage the personal information we collect in numerous ways, such as by:
- implementing procedures for identifying and managing privacy risks at each stage of the information lifecycle, including collection, use, disclosure, storage, destruction or de-identification;
- implementing security systems for protecting personal information from misuse, interference and loss from unauthorised access, modification or disclosure;
- regularly attending training on privacy issues;
- appropriately supervising any staff who may handle personal information; and
- appointing a privacy officer within the business to monitor privacy compliance.
- As with all personal information, we will take reasonable steps to destroy or permanently de-identify personal information if that information is no longer needed for the purposes for which we are authorised to use it.
- In limited circumstances, it may be possible for you to use a pseudonym or remain anonymous when dealing with us. If you wish to use a pseudonym or remain anonymous you should notify us when making first enquiries or providing initial instructions. We will use our best endeavours to deal with your request, subject to our professional obligations and ability to perform the accounting service to you without using your name. In most cases, our professional obligations will require you to deal with us using your real name.
- We are also subject to professional obligations which may affect how we deal with personal information.
What kind of information do we collect and hold?
- We may collect and hold personal information about you, which may include:
- sensitive information (see below);
- contact information;
- financial information;
- date and place of birth;
- employment history;
- tax returns and tax file numbers;
- information about family situations;
- banking details; and
- any other personal information required to perform the financial or accounting service for you.
Sensitive information is a subset of personal information and includes personal information that may have serious ramifications for the individual concerned if used inappropriately.
The sensitive information we collect and hold about an individual may include any of the following if it is relevant in providing the accounting or financial service to you (such as completing tax returns):
- health information;
- religious affiliation;
- political opinions;
- membership of professional or trade associations; and
- membership of trade unions.
- We will not collect sensitive information without the individual’s consent to whom the information
relates unless permitted under the Privacy Act.
How and when do we collect personal information?
- Our usual approach to collecting personal information is to collect it directly from you. We may also collect personal information in other ways, which may include:
- through referrals from individuals or other entities;
- from third party providers and suppliers;
- from paid search providers; and
- from government agencies (such as the Australian Taxation Office).
- You do not need to provide all the information requested by us, but this may prevent us from providing some or all of our services to you.
How do we hold personal information?
- at our premises (securely); and
- off-site, by third party physical storage providers (securely);
- on secure online servers; and
- by a third party data storage provider..
- using keys to access areas that contain personal information;
- using secure measures to access printers;
- using secure servers to store personal information;
- using unique usernames, passwords and other protections on systems that can access personal information;
- keeping certain sensitive documents in lockable areas.
Why do we collect, hold use or disclose personal information?
- We take reasonable steps to use and disclose personal information for the primary purpose for which we collect it. The primary purpose for which information is collected, held and disclosed varies, depending on the particular service being provided, but is generally to provide accounting or financial services to your or your business. The other primary purposes for which we may
collect and use your personal information include:
- to provide you with updates and alerts that are relevant to you or your business;
- to promote or market our products to you; and
- other purposes related to the above.
- to other service providers or referral partners in order to provide the accounting or financial service to you, or to assist our functions or activities (such as debt collection agencies or law firms);
- to other third parties with your consent;
- to Government agencies, such as the Australian Taxation Office.
- Otherwise, we will only disclose personal information to third parties if permitted by the Privacy Act.
- Personal information may also be used or disclosed by us for secondary purposes which are within your reasonable expectations and which are related to the primary purposes of collection.
How do we manage your credit information?
- In the course of providing accounting or financial services to you, we may collect and hold the
following kinds of credit information:
- your identification information;
- information about any credit that has been provided to you;
- your repayment history;
- information about your overdue payments;
- if terms and conditions of your credit arrangements are varied;
- if any court proceedings are initiated against you in relation to your credit activities;
- information about any bankruptcy or debt agreements involving you;
- any publicly available information about your credit worthiness; and
- any information about you where you may have fraudulently or otherwise committed a serious credit infringement.
- We may also collect information that may affect your credit worthiness from other credit providers (e.g. banks) that have collected the information from a credit reporting body. The kinds of information we collect may include any of those types of credit information outlined in section 8.1 of this policy.
- In most cases, we will only collect credit information about you if you disclose it to us and it is relevant in providing you with the accounting or financial service.
- Other sources we may collect the credit information from include:
- banks and other credit providers;
- other individuals and entities via referrals; and
- your suppliers and creditors.
- We do not collect and hold credit information from credit reporting bodies unless it is incidentally collected in providing the accounting or financial service to you.
- We store and hold credit information in the same manner as outlined in section 3 of this policy.
- Our usual purpose for collecting, holding, using and disclosing credit information about you is to enable us to provide you with the accounting or financial service and to process payments.
- This may include disclosing your credit information to any entity listed in section 6.2 of this policy, if it is necessary to provide you with the accounting or financial service.
- We will not disclose your credit information to entities without an Australian link unless you expressly advise us to.
- You can access and correct your credit information, or complain about a breach of your privacy in the same manner as set out in the next section of this policy.
How do you make complaints and access and correct your personal information or credit information?
- It is important that the information we hold about you is up-to-date. You should contact us if your personal or credit information changes.
- You may request access to the personal or credit information held by us or ask us for your personal or credit information to be corrected by using the contact details in this section.
- We will grant you access to your personal or credit information as soon as possible (but within 30 days), subject to the request circumstances.
- In keeping with our commitment to protect the privacy of personal and credit information, we may not disclose personal or credit information to you without proof of identity.
- We may deny access to personal information if:
- the request is unreasonable;
- providing access would have an unreasonable impact on the privacy of another person;
- providing access would pose a serious and imminent threat to the life or health of any person;
- providing access would compromise our professional obligations; or
- there are other legal grounds to deny the request.
- We may deny access to credit information if we are not satisfied that the credit information is inaccurate, out-of-date, incomplete, irrelevant or misleading.
- If we deny your access or correction request we will notify you in writing of this, set out our reasons for refusing the request and provide you with information about the process for making a complaint if you are not happy with this outcome.
- We may charge a fee for reasonable costs incurred in responding to an access request. The fee (if any) will be disclosed prior to it being levied.
- If the personal information that we hold is not accurate, complete and up-to-date, we will take reasonable steps to correct it so that it is accurate, complete and up-to-date, where it is appropriate to do so.
- If you wish to complain about an alleged privacy breach, you must follow the following process:
- The complaint must be firstly made to us in writing, using the contact details in this section. We will respond to the complaint within 30 days from the date the complaint is received.
- In the unlikely event the privacy issue cannot be resolved, you may take your complaint to the Office of the Australian Information Commissioner.
- A person may make a complaint or request to access or correct personal information about them held by us. We will take reasonable steps to ensure the personal or credit information we hold is accurate and complete. Such a request must be made in writing to the following address or contact officer.
Changes to the policy
- We may update, modify or remove this policy at any time without prior notice. Any changes to the
- This policy was last updated in December 2019. If you have any comments on the policy, please
contact the privacy officer with the contact details in the section of this policy.