This policy applies to First Capital Financial Planning Pty Ltd and all its associated and related entities, and all its directors and representatives (we, our or us) . This documentexplains our policy in relation to the collection and management of personal information we collect from individuals. The Privacy Act 1988 requires us to handle personal information in
accordance with the Australian Privacy Principles (APP).
In addition, Item 6 of the Code of Professional Conduct under the Tax Agent Services Act 2009 (section 30-10) prohibits us from disclosing any information relating to your affairs to athird party without your permission.
Personal information means information, or an opinion about, an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion. Our businessincludes entities that are an Australian financial services (AFS) licensee and registered tax (financial) adviser. When we provide you with financial services and tax (financial) advice services we may be required by Corporations Act 2001 and Tax Agents Services Act 2009
to obtain certain personal information about you, including, but not limited to, your:
- Name, date of birth, contact details and Government indicators such as your tax file
- Employment details and employment history
- Financial details, including your needs and objectives
- Details of your investment preferences and attitude or tolerance to investment and
- Details of your investment preferences and attitude or tolerance to investment and
- Information about your family commitments and social security eligibility
We may also need to collect sensitive information if we organise insurance covers for you. Sensitive information includes health information, racial information, genetic information, etc.
We will only collect sensitive information that is reasonably necessary for us to perform our functions or activities in advising you, acting for you and dealing with you.
We collect personal and sensitive information in a number of ways, including:
- Directly from you, such as when you provide us with information at meetings, by phone, email, or in data collection forms and when you visit our websites or from other parties with whom you instruct us to deal on your behalf.
- Our website may use “cookies”. Cookies are small data files that are downloaded from our website and stored on your computer when you visit our website. Cookies are used to allow us to see which pages and what information is of most interest to visitors to our website, which in turn enables us to improve our offerings to our customers. Your computer’s web browser will allow you to configure your computer to refuse to accept cookies. You can also delete cookies from your computer’s hard drive at any time. However, please note that doing so may hinder your access to valuable areas of information within our site.
- Indirectly from fund managers, superannuation funds, life insurance companies and other product issuers once you have authorised us to obtain such information or authorised other parties to provide us with this information.
You are not required to provide us the information that we request, or to allow us to collect information from third parties. However, where you choose not to provide us with the information we request, we may not be able to provide you with services that you have requested from us, and we may elect to terminate our arrangement with you. Importantly, if you provide either inaccurate or incomplete information to us you risk obtaining products or services that may not be appropriate or suitable for your needs and you may risk suffering a financial detriment or financial loss.
Where we receive unsolicited personal information about you, we will consider if we could have collected the information if we had solicited the information. Where we determine that we could have collected the personal information from you, we will treat your personal information in the same manner as if we had solicited the information directly from you. Where we determine that we could not have collected the personal information, we will destroy the information or ensure that the information is de-identified as soon as practicable.
We use your personal information for the primary purpose for which the information was obtained; i.e. for the provision of financial services. As an AFS licensee, that will typically mean for the purpose of:
- Providing financial services and tax (financial) advice services to you
- Implementing investment or risk management recommendations on your behalf
We may also use the information for the secondary purpose of:
- Attempting to identify other products and services that may be of interest to you.
- Conducting any professional quality control review program.
- Managing our business operations such as maintaining secure IT systems.
We may use your personal information to offer you products and services that we believe may interest you. We may also disclose your personal information to external associates and service providers who assist us to market our products and services.
If you do not want to receive marketing offers from us, please inform us by sending an email to email@example.com or calling 02 9222 1202.
With your permission, we may disclose your personal information to:
- Our representatives.
- The product issuers of products and services that you have elected to acquire, vary or dispose of using our assistance.
- Parties who we think are necessary or convenient to provide financial services to you.
- Our service providers.
- Third parties whom we have referred you to.
- Prospective entities interested in acquiring all or part of our business.
For example, information may be disclosed to the following parties:
- Product issuers for the purpose of giving effect to the recommendations made by us, and other organisations who support the products and services we offer
- Other parties involved in the administration of your financial products or insurance cover (e.g. custodians, brokers, credit reporting bodies, actuaries, call centres, mail houses, product registries, any persons who propose to guarantee (or have guaranteed) repayment of any credit provided to you, claims assessors etc.)
- Our external service providers (e.g. IT providers, professional advisers and contractors)
- Government and regulatory authorities and other organisations, as required or authorised by law
- Any person considering acquiring, or acquiring, an interest in our business
- Third parties (e.g. accountants and solicitors) whom we have referred you to for the purpose of providing you with relevant services
Although in certain circumstances we are required to collect government identifiers such as your tax file number, Medicare number or pension card number, we do not use or disclose this information other than when required, authorised by law or unless you have voluntarily consented to disclose this information to any third party.
We store personal information in our chosen Business Services and/or Client Relationship Management (CRM) systems. Personal information stored within these systems is encrypted. We may store hard copy files of personal information. Where we store hard copies of personal information it is kept securely, and is destroyed when it is no longer required or upon your instruction, where we are allowed to do so by law.
We take reasonable steps to ensure the personal information collected and held by us is protected from misuse, interference, loss, unauthorised access, modification or disclosure.
In the event you cease to be a client of ours, any personal information which we hold about you will be maintained for a period of not less than 7 years in order to comply with legislative and professional requirements.
We are required to notify you and the Information Commissioner of an eligible data breach. An eligible data breach happens if:
- there is unauthorised access to, unauthorised disclosure of, or loss of personal information held by us; and
- the access, disclosure or loss is likely to result in serious harm to you.
If you receive a statement of an eligible data breach from us, you should read and implement the recommendations about the steps you should take in response to the eligible data breach.
You may request access to the personal information we hold about you, and we will respond within a reasonable period after the request is made. Where we provide you access to such information, we may charge a reasonable fee to cover our costs. We will disclose the amount of such costs to you prior to providing you with the information.
We will take reasonable steps to ensure that the personal information that we collect, use or disclose is accurate, up-to-date, complete and relevant and not likely to mislead. In the event that you become aware, or believe, that any personal information which we hold about you is inaccurate or incomplete, you may contact us to correct the information.
If we disagree about the correction you have supplied, and refuse to correct the personal information, or if we believe that we are unable to comply with your request to access the personal information that you have provided us, we will give you a written notice to that effect. You have a right to make a complaint if you disagree with our decisions in relation to these matters (see below).
We will, when necessary, disclose personal information to organisations and persons overseas.
Instances when we will do this include:
- When we are authorised or required by an Australian law or a court/tribunal to do so;
- When we have engaged an overseas service provider to deliver services central to our financial service and credit service business operations (e.g. email, calendaring, and storing of corporate documents).
We use Google Apps, which is a cloud-based service and has geographically distributed data centers based in America, Asia and Europe. Access to data centers is limited to select Google employees and personnel.
We will ensure that we satisfy one of the requirements below when transferring personal information to foreign jurisdictions:
- we will take reasonable steps to ensure the overseas recipient does not breach the
Australian Privacy Principles in relation to the information;
- we form a reasonable belief that the overseas recipient is subject to a law, or binding scheme, that has the effect of protecting the information in a way that, overall, is at least substantially similar to the way in which the APP protect the information and there are mechanisms that the individual can access to take action to enforce that protection of the law or binding scheme; or
- we will seek your informed consent prior to disclosing your personal information overseas.
Your complaint will be investigated and responded to within 30 days. If you are not satisfied with the outcome of your complaint, you are entitled to contact the Office of the Australian Information Commissioner.
Tell us what you think
We welcome your questions and comments about privacy. If you have any concerns or complaints, please contact us directly or use the below form.