This policy explains our policies and practices with respect to the collection and management of personal information we may collect from you
Your privacy is important to us. We are bound by the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs), and this policy explains how we manage your personal information and the safeguards we have in place to protect your information. For the avoidance of doubt, this policy also applies to how we manage the personal information of AFS Licensees and their advisers and representatives, and our employees.
We may update this policy from time to time for any reason and without notice, so recommend that you regularly review this policy from the links provided on our website (located at the bottom of each web page). Alternatively, you can contact us to request a copy free of charge.
We will collect information from you to provide you with services and products. This includes collecting information when you:
*Where Netwealth is an administrator for a third party issuer, or where you have asked a third party to send us your personal information, you should read the privacy section of the relevant issuer’s disclosure document and the privacy policies of any third parties involved in that arrangement to understand details about how your personal information will be managed and who you should contact in the first instance
2.2 How we collect personal information
Most of the personal information we collect will be directly from you (including via your financial, legal or other adviser or representative) when you submit an application or other form (including an enquiry form via a third party product provider website), login online and make changes or when you talk to us in person or over the phone.
Sometimes, we collect information about you from other parties without your direct involvement, such as:
2.3 What if you do not provide us with the information that we request?
You are not required to give us the information that we request. However, if you do not provide us with the information, or provide us inaccurate information, it may:
3.1 How we handle your information
We handle your personal information carefully. We collect and hold your personal information for the purposes of:
* If you do not want to receive direct marketing messages, you must inform us. You can do this by contacting us on Freecall 1800 888 223 (within Australia) or by writing to us.
From time to time we may also combine information that we have about you with other data we hold or have collected from a third party. This information helps us understand trends in the industry as a whole or in particular segments, how you use our services and how we can improve our services.
We may also collect, use and exchange your information for other reasons where the law allows or requires us to do so.
Sensitive information – the collection of sensitive information is restricted by the Privacy Act. This includes such as information about your ethnicity, health, religion or criminal record. If we need this type of information, we will ask for your permission, except where otherwise permitted by law.
4.1 Sharing your information with third parties
We share your information with other entities within the Group and we also share your information with third parties.
These third parties may include:
In addition, where you have registered your interest in a Netwealth product via the website of a third-party product provider, we may share information with that provider including your name, your association with Netwealth, and the amount initially invested into the provider’s managed investment scheme/s.
4.2 Sending information overseas
The data centres of some organisations that we share information with may be located overseas, which means your personal information may be stored or accessed in overseas countries, including Canada, Malaysia, New Zealand, United Kingdom, Ireland, Germany, Japan and the United States of America. In addition, we may share some information of some financial advisers and clients with international fund managers to fulfil their obligations where we have an agreement in place and obligation to do so. For further information on applicable privacy and data obligations that may arise from time to time under international privacy, data sharing and other laws (such as the European Union General Data Protection Regulation (GDPR) and the United States Foreign Account Tax Compliance Act (FATCA) and how we satisfy any such applicable obligations, please contact us via one of the means in Section 8 below.
5.1 How you can access your personal information
You can request access to your personal information held by us. In most cases, we will grant you access after receiving sufficient information to verify your identity. Access requests may be made in writing, by email or by telephone using the contact details in the Contact us section below.
We do not charge a fee to you when you request a copy of the personal information held about you and generally will not charge you for the provision of your personal information. However, if the request is likely to take us a longer period of time to produce (i.e. more than 2 hours), we will let you know the charge, so you can choose if you want to go ahead. The fee will be an hourly rate to cover the expense of providing you with the data and you will need to make payment before we start.
Information will generally be provided within 30 days of successful verification of your identity and payment of any charge to provide the information (if applicable).
5.2 Can we refuse to provide you with information?
In some cases, we can refuse to provide you with access to information or provide you with access to only some information. This could occur where the information requested is commercially sensitive, would breach the privacy of another person or where we have another lawful reason to refuse. Where we cannot provide you with information, we will write to you to provide an explanation of our decision.
5.3 Updating your information
We will take reasonable steps to ensure that the personal information we hold is accurate, up to date, complete and relevant. If you believe your personal information requires updating, you can contact us over the phone or complete the update yourself through our online service or a relevant form.
6.1 Protecting your information
We may hold your personal information in secure data centres or paper-based files and have implemented a range of physical and electronic security measures to protect your personal information from misuse, unauthorised access and improper disclosure. We also monitor and maintain our security system to ensure that our online services are secure and your personal information is protected appropriately.
To protect privacy, we encourage you to keep passwords and access codes confidential and secure at all times. This means that you should not disclose your password or access codes to others and should contact us immediately if you believe that your password or access codes may have been disclosed to another person or if you would like to change your password.
6.2 Destroying or de-identifying your information
We try to ensure that we only keep personal information only for the period we need it. When we no longer require your personal information we will take reasonable steps to destroy or de-identify the data securely.
We will do whatever possible to securely delete or dispose of any material that is provided to Netwealth and not required for the operation of your account, however there may be circumstances where full deletion/disposal may not be possible such as where data has been automatically saved as a result of the data back-up process.
6.3 Data breach response
In accordance with the Notifiable Data Breaches scheme, established by the Privacy Amendment (Notifiable Data Breaches) Act 2017 , organisations with existing personal information security obligations under the Privacy Act must notify any individuals likely to be at risk of serious harm by a data breach. The Office of the Australian Information Commissioner must also be notified.
If an unforeseen event were to occur and our data, including client personal information was interfered with our accessed by unauthorised persons, we have in place mechanisms to contain the breach and assess the impact. If your personal information were to be accessed or interfered with by unauthorised persons, we would comply with any applicable legal notifications to notify you.
7.1 How to make a complaint
If you are not happy with the way we handle your personal information, please contact us. We take complaints seriously and will try to resolve your concern according to our Complaints Handling and Compensation Policy.
We aim to respond to your complaint as soon as possible and will provide you with a final response to your complaint within 30 days of receiving the complaint. If we cannot respond in this time, we will provide you with reasons why and what we are doing to try to resolve your complaint.
7.2 Other options if you are not satisfied with our response
If you are not satisfied with the response we provided to your complaint, you can approach the following free and independent dispute resolution services.
For privacy-related complaints that also involve broader, non-privacy issues, the Australian Financial Complaints Authority (AFCA) can consider and deals with most complaints from consumers in the financial system, including complaints about superannuation.
Australian Financial Complaints Authority
GPO Box 3
Melbourne VIC 3001
Phone 1800 931 678
If your complaint is about how we handle your personal information, you can contact the Office of the Australian Information Commissioner.
Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Phone 1300 363 992
If you wish to contact us about privacy related matters, you may contact us by email, telephone or in writing to:
The Privacy Officer
Netwealth Group Limited
PO Box 336
South Melbourne VIC 3205
Freecall 1800 888 223 (within Australia)
Phone 03 9655 1300