netwealth - Privacy policy

1. About Netwealth

This Privacy Policy (Policy) applies to Netwealth Group Limited (NGL) (ABN 84 620 145 404) and its subsidiaries (the Group, (Netwealth, we, us, our). The Group includes Netwealth Holdings Limited (NHL) (ABN 57 133 790 146), Netwealth Investments Limited (NIL) (ABN 85 090 569 109), Netwealth Group Services Pty Ltd (NGS) (ABN 89 135 940 840), WealthTech Pty Ltd (ACN 637 362 460) and Netwealth Superannuation Services Pty Ltd (NSS) (ACN 636 951 310).

Your privacy is important to us. We are bound by the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs). This Policy explains how we manage your personal information and the safeguards we have in place to protect your information. For the avoidance of doubt, this Policy also applies to how we manage the personal information of AFS Licensees and their advisers and representatives, and our employees.

We may update this Policy from time to time for any reason and without notice. We recommend that you regularly review this Policy from the links provided on our website (located at the bottom of each web page). Alternatively, you can contact us to request a copy free of charge.

2. Collection of personal information

2.1 What personal information we collect

We will collect information from you to provide you with services and products. This includes, collecting information when you:

Use our website and mobile application (Netwealth app) – we will collect information about your preferences, your location, gender, interests, language, age range, device(s) used to access the web or app, usage of app features, third party websites you visit and your IP address. This includes the use of cookies. For more information on how we manage cookies, please refer to our policy located at www.netwealth.com.au/web/cookie-policy/. For more information, including about the ability to edit or remove some of this information, refer to our website terms and conditions (located at netwealth.com.au/web/terms-and-conditions/).
Contact us – we will require information to verify who you are, such as your name, address, date of birth, email and other personal information (unless you contact us via phone or one of Netwealth’s social media channels to make a general enquiry, complaint or comment only, in which case you may choose to be anonymous or use a pseudonym although we may require further information to respond to your complaint, enquiry or comment).
Wish to provide products and services offered by or available via us to your representatives or clients (where you are an AFS Licensee, adviser or representative) – we will require information to verify who you are, your bank details and other credentials as required by us to assess, record and review matters relevant to our obligations and risks.
Open or use one or more of our products or services, or one or more of the products or services that we administer for a third party issuer [1] – we will require your personal information, along with other information to enable us or the third party issuer, whichever relevant, to offer that product or service, such as name, date of birth, contact details, identification documents, tax information, residency status, bank account details, occupation status, and any other personal information for us to comply with our obligations, manage risks, and facilitate your instructions (including instructions to administer your non-custodial assets). If you have a financial, legal or other adviser or representative, broker or agent, we will require their personal information to facilitate communications and relevant authorities.
Utilise one or more of our optional services/functionalities connected with the products or services offered or available via our platform, such as nominating beneficiaries, requesting particular investment options, or requesting the administration of, or giving us instructions in relation to non-custodial assets. We will request details to be able to provide these services, such as the beneficiary details, and specific authorisations around the investment option or asset.
Utilise one or more of our services, such as Self-Managed Superannuation Fund (SMSF) administration.
Utilise a service you’ve subscribed to – we may request details such as your SMSF, your property(s) or bank account details to provide a Whole of Wealth view, your Netwealth account details to provide you access to the service, as well as a bank account to deduct subscription fees.
Request for us to facilitate any other arrangement involving a third party who provides services in accordance with your request, including where you enquire about a Netwealth product via a third-party product provider website 1 – such as where we provide a link to a third-party website and/or you request that third parties send us your personal information (for example, bank feeds and other data feed arrangements).
Request additional products or services provided by a third party – such as a request for insurance through your superannuation or a request to use BPAY.
Seek employment or contracting opportunities with us – we collect personal information from you to identify who you are, your employment history, and sensitive information where required and with your consent, to assess your application. Information about referees may also be requested and if so, please ensure you obtain their prior consent before providing us with their personal information. We will also collect information from service providers who conduct background checks on our behalf. If you are employed/engaged by us, from time to time we will also collect information throughout your employment relating to payroll, emergency contacts, bank details, and other information relevant to managing your employment with us. We also may require attestation of past information provided and/or additional personal information, including sensitive information with your consent, in accordance with policies or procedures or to meet other obligations and manage risks.
[1] Where Netwealth is an administrator for a third-party issuer, or where you have asked a third party to send us your personal information, you should read the privacy section of the relevant issuer’s disclosure document and the privacy policies of any third parties involved in that arrangement to understand details about how your personal information will be managed and who you should contact in the first instance.

2.2 How we collect personal information

Most of the personal information we collect will be directly from you (including via your financial, legal or other adviser or representative) when you submit an application or other form (including an enquiry form via a third-party product provider website), login online and make changes or when you talk to us in person or over the phone.

Sometimes, we collect information about you from other parties without your direct involvement, such as:

Third party product and services providers, such as your insurer or annuity provider, or an online electronic services provider for the purposes of verifying your identify or other information, or where your adviser has received your prior consent to send your details to Netwealth.
When you request to use our Bank Feeds Service or you or your adviser use our Property Feeds Service, we will collect financial information via a third party about your banking or property details.
Where your adviser or representative has signed up to utilise a data integration service with a third party (where they supply data they hold about you to us).
AFS Licensees and their advisers and representatives.
Family members (for example where they have named you as a beneficiary of their interest in a product or service) or your appointed agent or personal legal representative.
Regulators and government agencies, such as the Australian Taxation Office, and various publicly or commercially available sources, including individual and business registers.
Other external parties, such as employers, brokers and agents.

2.3 What if you do not provide us with the information that we request?

You are not required to give us the information that we request. However, if you do not provide us with the information, or provide us inaccurate information, it may:

Prevent us from being able to offer you with products and services, or where we administer products or services for a third-party issuer, prevent that issuer from being able to offer you the products or services.
Prevent us from providing you with information on your products and services if we are unable to verify your identity.
Cause delays in processing your request(s).
Impact the tax treatment on your account.
Affect your eligibility for certain insurance cover.
Affect your job application If you have applied for a role with us.

3. Use of personal information

3.1 How we handle your information

We handle your personal information carefully. We collect and hold your personal information for the purposes of:

Verifying your identity (including via an online electronic service where you have consented to electronic use of your personal information for that purpose);
Assessing or processing your application for a product or service;
Providing you information, services and product updates;
Providing you with products and services;
Enabling us to contact you and to manage our relationship with you;
Providing information to us about our products, services and technology, and the way they are utilised and managed;
Improving our service to you;
Facilitating the provision of products and services to you from third parties, where you have requested the use of those products and services, or where you have agreed or not opted out to the sharing of your personal information with such a third party;
Complying with laws, and assist government or law enforcement agencies;
Managing risks, fraud and security (including using your mobile phone number and any other relevant identifier for two-factor authentication purposes);
Assessing and managing employee and contractor applications and records; and
Marketing our products and services to you.[2]

[2] If you do not want to receive direct marketing messages, you must inform us. You can do this by contacting us on Free call 1800 888 223 (within Australia) or by writing to us.

From time to time, we may also combine information that we have about you with other data we hold or have collected from a third party. This information helps us understand trends in the industry as a whole, or in particular segments, how you use our services and how we can improve our services. We may also collect, use and exchange your information for other reasons where the law allows or requires us to do so.

3.2 Sensitive information

The collection of sensitive information is restricted by the Privacy Act. This includes information such as your ethnicity, health, religion or criminal record. If we need this type of information, we will ask for your permission, except where otherwise permitted by law.

4. Sharing of personal information

4.1 Sharing your information with third parties

We share your information with other entities within the Group and in some instances, with third parties. Professional Third Party accounts can be opened on the Netwealth platform to provide professionals, like accountants, the ability to service their Netwealth clients. With granted access, Professional Third Parties can view Netwealth client accounts online, run detailed portfolio and transaction reports, and download client statements.

Third parties we share your information with may include:

AFS Licensees, their advisers and representatives and other third parties who you may engage to act on your behalf, such as your Professional Third Party representative, your parent (if you are under 18), guardian, or attorney;
Other financial services organisations or asset managers, including banks, BPAY, insurance companies, responsible entities of managed investment schemes, superannuation funds, stockbrokers, custodians, fund managers and annuity providers (for AFS Licensees and advisers, please note that your personal information may be provided to annuity or other product providers when you register with us, or at a later time, unless you opt out in writing or phone);
Complaint resolution schemes, for example the Australian Financial Complaints Authority (AFCA);
Agents of our parent company, NGL, who are authorised to collect shareholding information;
Entities requesting your personal information with a valid court order;
Domestic and foreign regulators, government bodies and law enforcement agencies;
Organisations that help identify illegal activities and prevent fraud;
Organisations that provide online electronic services to verify your personal information, where you have consented to such use;
Organisations that provide employee background screening services;
Our contractors and external service providers, for example, auditors, mail house, marketing providers, printers and technology service providers;
Other people (such as family members) that are linked on your account; and,
Third parties engaged by your Nominated Financial Adviser (such as provision of your data to your Nominated Financial Adviser’s client relationship management system).

Where you have registered your interest in a Netwealth product via the website of a third-party product provider, we may share information with that provider including your name, your association with Netwealth, and the amount initially invested into the provider’s managed investment scheme/s.

If you die while you are a Netwealth client, we may share details about your Netwealth account and insurance with your nominated beneficiaries and legal personal representative (generally, your legal personal representative will be the executor of your estate) as appropriate. The information we share may include the names of your nominated beneficiaries, your account balance, and any insurance amount payable.

4.2 Sending information overseas

The data centres of some organisations that we share information with may be located overseas, which means your personal information may be stored or accessed in overseas countries, including Canada, Malaysia, New Zealand, United Kingdom, Ireland, Germany, Japan and the United States of America. In addition, we may share some information of some financial advisers and clients with international fund managers to fulfil their obligations where we have an agreement in place and obligation to do so.

If you instruct us to invest in any international assets, or to acquire or administer any non-custodial assets that are international assets, we may share your personal information (including Tax File Number) with the relevant overseas issuer, asset manager, registry, or administrator (as applicable) in connection with your investments or implementing your instructions. The overseas recipients might not be subject to the Privacy Act or other laws protecting personal information. We don’t assess the privacy arrangements of overseas recipients and we do not take steps to ensure that overseas recipients do not breach the APPs in relation to the personal information. Subclause 8.1 of the APPs will not apply to such overseas disclosures. Netwealth will not be responsible for the overseas recipient’s use of your personal information, and you will not be able to seek redress under the Privacy Act.

For information on applicable privacy and data obligations that may arise from time to time under international privacy, data sharing and other laws (such as the European Union General Data Protection Regulation (GDPR) and the United States Foreign Account Tax Compliance Act (FATCA)) and how we satisfy any such applicable obligations, please contact us via one of the means in Section 8 below.

5. Accessing and updating your information

5.1 How you can access your personal information

You can request access to your personal information held by us. In most cases, we will grant you access after receiving sufficient information to verify your identity. Access requests may be made in writing, by email or by telephone using the contact details in Section 8 below.

We do not charge a fee to you when you request a copy of the personal information held about you and generally will not charge you for the provision of your personal information. However, if the request is likely to take us a longer period of time to produce (i.e. more than 2 hours), we will let you know the charge, so you can choose if you want to go ahead. The fee will be an hourly rate to cover the expense of providing you with the data and you will need to make payment before we start. Information will generally be provided within 30 days of successful verification of your identity and payment of any charge to provide the information (if applicable).

5.2 Can we refuse to provide you with information?

In some cases, we can refuse to provide you with access to information or provide you with access to only some information. This could occur where the information requested is commercially sensitive, would breach the privacy of another person, or where we have another lawful reason to refuse. Where we cannot provide you with information, we will write to you to provide an explanation of our decision.

5.3 Updating your information

We will take reasonable steps to ensure that the personal information we hold is accurate, up to date, complete and relevant. If you believe your personal information requires updating, you can contact us over the phone or complete the update yourself through our online service or a relevant form.

6. Keeping your information secure

6.1 Protecting your information

We may hold your personal information in secure data centres or paper-based files and have implemented a range of physical and electronic security measures to protect your personal information from misuse, unauthorised access and improper disclosure. We also monitor and maintain our security system to ensure that our online services are secure, and your personal information is protected appropriately.

To protect privacy, we encourage you to keep passwords and access codes confidential and secure at all times. This means that you should not disclose your password or access codes to others and should contact us immediately if you believe that your password or access codes may have been disclosed to another person or if you would like to change your password. Your password can also be updated online via the Netwealth platform login page.

As an additional protection against unauthorised access, we have enhanced account security by enabling two-factor authentication (2FA) when you log in to your Netwealth account. We strongly recommend you set up and use 2FA. For further information on how this feature can be utilised, please refer to https://www.netwealth.com.au/web/resources/insights/two-factor-authentication/.

6.2 Destroying or de-identifying your information

We aim to keep personal information only for the period we need it. When we no longer require your personal information, we will take reasonable steps to destroy or de-identify the data securely.

We will do whatever possible to securely delete or dispose of any material that is provided to Netwealth and is no longer needed for any purpose for which we might legitimately use or disclose it. We typically retain information as required by our regulatory obligations. There may be circumstances where it is not be possible to irretrievably destroy personal information, such as where data has been automatically saved as a result of the data back-up process

6.3 Data breach response

In accordance with the Notifiable Data Breaches scheme, established by the Privacy Amendment (Notifiable Data Breaches) Act 2017, organisations with existing personal information security obligations under the Privacy Act must notify any individuals likely to be at risk of serious harm by a data breach.

If an unforeseen event were to occur and our data, including client personal information, was interfered with and/or accessed by unauthorised persons, we have in place mechanisms to contain the breach and assess the impact. If your personal or sensitive information is involved in a data breach that is likely to result in serious harm to you, we will notify you and the Office of the Australian Information Commissioner.

7. Making a privacy complaint

7.1 How to make a complaint

If you are not happy with the way we handle your personal information, please contact us. We take complaints seriously and will try to resolve your concern according to our Complaints Handling and Compensation Policy.

We aim to respond to your complaint as soon as possible and will provide you with a final response to your complaint within 30 days of receiving the privacy complaint. If we cannot respond in this time, we will provide you with reasons why and what we are doing to try to resolve your complaint.

7.2 Other options if you are not satisfied with our response

If you are not satisfied with the response we provided to your complaint, you can approach the following free and independent dispute resolution services.

For privacy-related complaints that also involve broader, non-privacy issues, the Australian Financial Complaints Authority (AFCA) can consider and deals with most complaints from consumers in the financial system, including complaints about superannuation.

Australian Financial Complaints Authority
GPO Box 3
Melbourne VIC 3001
Phone 1800 931 678
www.afca.org.au

If your complaint is about how we handle your personal information, you can contact the Office of the Australian Information Commissioner.

Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Phone 1300 363 992
www.oaic.gov.au

8. Contact us

If you wish to contact us about privacy related matters, you may contact us by email, telephone or in writing to:

The Privacy Officer
Netwealth Group Limited
PO Box 336
South Melbourne VIC 3205

Free call 1800 888 223 (within Australia)
Phone 03 9655 1300
Email privacy@netwealth.com.au

¹Where Netwealth is an administrator for a third-party issuer, or where you have asked a third party to send us your personal information, you should read the privacy section of the relevant issuer’s disclosure document and the privacy policies of any third parties involved in that arrangement to understand details about how your personal information will be managed and who you should contact in the first instance.

² If you do not want to receive direct marketing messages, you must inform us. You can do this by contacting us on Free call 1800 888 223 (within Australia) or by writing to us.

Privacy Policy