This policy explains our policies and practices with respect to the collection and management of personal information we may collect from you
Your privacy is important to us. We are bound by the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs). This Policy explains how we manage your personal information and the safeguards we have in place to protect your information. For the avoidance of doubt, this Policy also applies to how we manage the personal information of AFS Licensees and their advisers and representatives, and our employees.
We may update this Policy from time to time for any reason and without notice. We recommend that you regularly review this Policy from the links provided on our website (located at the bottom of each web page). Alternatively, you can contact us to request a copy free of charge.
We will collect information from you to provide you with services and products. This includes, collecting information when you:
 Where Netwealth is an administrator for a third-party issuer, or where you have asked a third party to send us your personal information, you should read the privacy section of the relevant issuer’s disclosure document and the privacy policies of any third parties involved in that arrangement to understand details about how your personal information will be managed and who you should contact in the first instance.
2.2 How we collect personal information
Most of the personal information we collect will be directly from you (including via your financial, legal or other adviser or representative) when you submit an application or other form (including an enquiry form via a third-party product provider website), login online and make changes or when you talk to us in person or over the phone.
Sometimes, we collect information about you from other parties without your direct involvement, such as:
2.3 What if you do not provide us with the information that we request?
You are not required to give us the information that we request. However, if you do not provide us with the information, or provide us inaccurate information, it may:
3.1 How we handle your information
We handle your personal information carefully. We collect and hold your personal information for the purposes of:
 If you do not want to receive direct marketing messages, you must inform us. You can do this by contacting us on Free call 1800 888 223 (within Australia) or by writing to us.
From time to time, we may also combine information that we have about you with other data we hold or have collected from a third party. This information helps us understand trends in the industry as a whole, or in particular segments, how you use our services and how we can improve our services. We may also collect, use and exchange your information for other reasons where the law allows or requires us to do so.
3.2 Sensitive information
The collection of sensitive information is restricted by the Privacy Act. This includes information such as your ethnicity, health, religion or criminal record. If we need this type of information, we will ask for your permission, except where otherwise permitted by law.
4.1 Sharing your information with third parties
We share your information with other entities within the Group and in some instances, with third parties. Professional Third Party accounts can be opened on the Netwealth platform to provide professionals, like accountants, the ability to service their Netwealth clients. With granted access, Professional Third Parties can view Netwealth client accounts online, run detailed portfolio and transaction reports, and download client statements.
Third parties we share your information with may include:
Where you have registered your interest in a Netwealth product via the website of a third-party product provider, we may share information with that provider including your name, your association with Netwealth, and the amount initially invested into the provider’s managed investment scheme/s.
If you die while you are a Netwealth client, we may share details about your Netwealth account and insurance with your nominated beneficiaries and legal personal representative (generally, your legal personal representative will be the executor of your estate) as appropriate. The information we share may include the names of your nominated beneficiaries, your account balance, and any insurance amount payable.
4.2 Sending information overseas
The data centres of some organisations that we share information with may be located overseas, which means your personal information may be stored or accessed in overseas countries, including Canada, Malaysia, New Zealand, United Kingdom, Ireland, Germany, Japan and the United States of America. In addition, we may share some information of some financial advisers and clients with international fund managers to fulfil their obligations where we have an agreement in place and obligation to do so.
If you instruct us to invest in any international assets, or to acquire or administer any non-custodial assets that are international assets, we may share your personal information (including Tax File Number) with the relevant overseas issuer, asset manager, registry, or administrator (as applicable) in connection with your investments or implementing your instructions. The overseas recipients might not be subject to the Privacy Act or other laws protecting personal information. We don’t assess the privacy arrangements of overseas recipients and we do not take steps to ensure that overseas recipients do not breach the APPs in relation to the personal information. Subclause 8.1 of the APPs will not apply to such overseas disclosures. Netwealth will not be responsible for the overseas recipient’s use of your personal information, and you will not be able to seek redress under the Privacy Act.
For information on applicable privacy and data obligations that may arise from time to time under international privacy, data sharing and other laws (such as the European Union General Data Protection Regulation (GDPR) and the United States Foreign Account Tax Compliance Act (FATCA)) and how we satisfy any such applicable obligations, please contact us via one of the means in Section 8 below.
5.1 How you can access your personal information
You can request access to your personal information held by us. In most cases, we will grant you access after receiving sufficient information to verify your identity. Access requests may be made in writing, by email or by telephone using the contact details in Section 8 below.
We do not charge a fee to you when you request a copy of the personal information held about you and generally will not charge you for the provision of your personal information. However, if the request is likely to take us a longer period of time to produce (i.e. more than 2 hours), we will let you know the charge, so you can choose if you want to go ahead. The fee will be an hourly rate to cover the expense of providing you with the data and you will need to make payment before we start. Information will generally be provided within 30 days of successful verification of your identity and payment of any charge to provide the information (if applicable).
5.2 Can we refuse to provide you with information?
In some cases, we can refuse to provide you with access to information or provide you with access to only some information. This could occur where the information requested is commercially sensitive, would breach the privacy of another person, or where we have another lawful reason to refuse. Where we cannot provide you with information, we will write to you to provide an explanation of our decision.
5.3 Updating your information
We will take reasonable steps to ensure that the personal information we hold is accurate, up to date, complete and relevant. If you believe your personal information requires updating, you can contact us over the phone or complete the update yourself through our online service or a relevant form.
6.1 Protecting your information
We may hold your personal information in secure data centres or paper-based files and have implemented a range of physical and electronic security measures to protect your personal information from misuse, unauthorised access and improper disclosure. We also monitor and maintain our security system to ensure that our online services are secure, and your personal information is protected appropriately.
To protect privacy, we encourage you to keep passwords and access codes confidential and secure at all times. This means that you should not disclose your password or access codes to others and should contact us immediately if you believe that your password or access codes may have been disclosed to another person or if you would like to change your password. Your password can also be updated online via the Netwealth platform login page.
As an additional protection against unauthorised access, we have enhanced account security by enabling two-factor authentication (2FA) when you log in to your Netwealth account. We strongly recommend you set up and use 2FA. For further information on how this feature can be utilised, please refer to https://www.netwealth.com.au/web/resources/insights/two-factor-authentication/.
6.2 Destroying or de-identifying your information
We aim to keep personal information only for the period we need it. When we no longer require your personal information, we will take reasonable steps to destroy or de-identify the data securely.
We will do whatever possible to securely delete or dispose of any material that is provided to Netwealth and is no longer needed for any purpose for which we might legitimately use or disclose it. We typically retain information as required by our regulatory obligations. There may be circumstances where it is not be possible to irretrievably destroy personal information, such as where data has been automatically saved as a result of the data back-up process
6.3 Data breach response
In accordance with the Notifiable Data Breaches scheme, established by the Privacy Amendment (Notifiable Data Breaches) Act 2017, organisations with existing personal information security obligations under the Privacy Act must notify any individuals likely to be at risk of serious harm by a data breach.
If an unforeseen event were to occur and our data, including client personal information, was interfered with and/or accessed by unauthorised persons, we have in place mechanisms to contain the breach and assess the impact. If your personal or sensitive information is involved in a data breach that is likely to result in serious harm to you, we will notify you and the Office of the Australian Information Commissioner.
7.1 How to make a complaint
If you are not happy with the way we handle your personal information, please contact us. We take complaints seriously and will try to resolve your concern according to our Complaints Handling and Compensation Policy.
We aim to respond to your complaint as soon as possible and will provide you with a final response to your complaint within 30 days of receiving the privacy complaint. If we cannot respond in this time, we will provide you with reasons why and what we are doing to try to resolve your complaint.
7.2 Other options if you are not satisfied with our response
If you are not satisfied with the response we provided to your complaint, you can approach the following free and independent dispute resolution services.
For privacy-related complaints that also involve broader, non-privacy issues, the Australian Financial Complaints Authority (AFCA) can consider and deals with most complaints from consumers in the financial system, including complaints about superannuation.
Australian Financial Complaints Authority
GPO Box 3
Melbourne VIC 3001
Phone 1800 931 678
If your complaint is about how we handle your personal information, you can contact the Office of the Australian Information Commissioner.
Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Phone 1300 363 992
If you wish to contact us about privacy related matters, you may contact us by email, telephone or in writing to:
The Privacy Officer
Netwealth Group Limited
PO Box 336
South Melbourne VIC 3205
Free call 1800 888 223 (within Australia)
Phone 03 9655 1300
¹Where Netwealth is an administrator for a third-party issuer, or where you have asked a third party to send us your personal information, you should read the privacy section of the relevant issuer’s disclosure document and the privacy policies of any third parties involved in that arrangement to understand details about how your personal information will be managed and who you should contact in the first instance.
² If you do not want to receive direct marketing messages, you must inform us. You can do this by contacting us on Free call 1800 888 223 (within Australia) or by writing to us.