Last updated 1 July 2021

This is the Privacy Policy of HUBconnect Pty Ltd (ABN 80 140 899 252) (“HUBconnect”). In this Privacy Policy “HUBconnect”, “we”, “our” and “us” have the same meaning.

Protecting your personal information is important to us. We respect your privacy and we are committed to protecting your privacy. Your personal information will be treated strictly in accordance with the Australian Privacy Principles contained within Act 1988 (Cth) (Privacy Act).

This Privacy Policy explains our privacy practices and provides information on how and why we collect, use and share your personal data from our customers, website visitors, and end users of our products and services (collectively “you”, “your”) through our interaction with you and through our products and services and when you visit our website, available at www.hubconnect.com.au/ and associated sub-domains (“Website“), our desktop and mobile applications (“Apps“) (together our “Services”). The policy also describes your choices regarding use, access, deletion, and correction of your personal information.

Our Privacy Policy applies to the HUBconnect Website and Apps that link to or reference this Policy. Additional information on our personal information practices may be provided in supplemental term and conditions, supplemental privacy collection statements, or notices provided prior to or at the time of data collection.

Your privacy is important to us

HUBconnect’s commitment to openness, transparency and your privacy has been unwavering since its inception and is wholly aligned with the Australian Privacy Principles. Beyond their legal obligations, HUBconnect considers these principles to be good business practice.

HUBconnect is also committed to providing you with a better online experience and a more personalised service and will endeavour to do so as technology evolves, and new products become available. It will be necessary for our Privacy Policy to change from time to time to account for further developments of the HUBconnect App and we will provide you with reasonable notice of any significant changes.

Please note that this Privacy Policy is specific to HUBconnect and the services it provides, and does not apply to any third party services or sites you may access via the HUBconnect Website or Apps. We encourage you to consult the privacy policy of any third party prior to using their services.

What information do we collect?

As used in this Policy “personal information” is information that can identify you. HUBconnect believes you should have complete control over your online identity. The information HUBconnect collects from you or about your use of our Services is dependent on how you access and use the features we offer. We must obtain personal information about you so we can provide the most appropriate products and services to you, provide information and marketing material to you and satisfy certain legislative and regulatory requirements. We will only collect personal information that is necessary to provide our products and services to you, including information needed to comply with legal and regulatory requirements.

The main ways we may collect personal information about customers are:

• if you subscribe to any of our information or other services;
• you sign up for, or log into our Services;
• if you give information or other material to any part of HUBconnect or its related bodies corporate;
• if the information is provided to us by a third party;
• we also maintain records of transactions and activities for your HUBconnect account and your investment accounts held by external parties, which are linked and viewable through HUBconnect.

Information you actively provide to us

Personal Information which we may collect from you includes the following:

• name, job title, company details, address, contact details, date of birth, payment information (if required), username for our online products, information about your device and browsing patterns and information about other products or services of ours or any related body corporate that you may hold or use.

Although we generally only collect information that has been provided directly by you, there are times that we may collect information from third parties e.g. a company that provide services to us or an information service provider. For example in cases where your Account Provider holds your financial Account Information and provides this directly to us to facilitate your use of our Services, you acknowledge and accept this sharing of personal information occurs in accordance with this Privacy Policy and the Privacy Act.

We may be required to collect your name, address, date of birth and other verification information under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act). We collect personal information for the purposes of setting up your HUBconnect user account (“User Account”). To use our Services we always require an email address and basic information including your first name and last name.

When HUBconnect collects personal information, it is held digitally on secure servers accessible by HUBconnect employees, contractors or its related bodies corporate, in accordance with this Privacy Policy and for the purpose of facilitating the services or products you have subscribed to.

Information we collect automatically when you visit the HUBconnect Website or Apps

Our Website

If you are a visitor to the HUBconnect Website, we do not collect personal or sensitive information from or about you from the unsecure areas of the HUBconnect Website. If you are a visitor who does not log in to a HUBconnect App with a username and password, you therefore remain anonymous.

Our Apps

Whether you access a HUBconnect App through our website or mobile application, HUBconnect will collect, display and store personal information of Organisation Users and Guest Users, in accordance with this Privacy Policy, the HUBconnect Collection Notice and Terms and Conditions, or other documentation made available to Organisation and Guest Users from time to time.

• An Organisation User is a member of a company or professional who subscribes to HUBconnect to access the financial data of their clients via their HUBconnect User Account. In order to access the secure, password protected features of the HUBconnect App, Organisation Users may be asked to provide certain personal information and data as listed above.
• A Guest User is typically a client of an Organisation User. For example, an Organisation User may be a financial adviser with a separate contractual arrangement in place allowing them to access their client’s financial account information from a third-party Account Provider such as a bank, platform or other data aggregator (“Account Provider”). This Privacy Policy applies to all personal information HUBconnect collects, including but not limited to, a Guest User’s financial information, such as, account name, number, balance, transactions and holdings information (“Account Information”).

User Credentials

All Users of HUBconnect Apps will be entitled to, and will be issued with, a single login and password (which may change from time to time) to access and use each HUBconnect App (“HUBconnect User Account Credentials”).

Organisations Users will be required to enter their Account Provider credentials, (or be provided with access by another Organisation User e.g. an Adviser providing their assistant with access), when setting up their HUBconnect User Account, to access Client financial Account Information. Account Provider credentials are separately issued to Advisers or other Organisation Users, directly by the third party Account Provider (“Account Provider Credentials”). If the Account Provider Credentials are not correct, the Organisation User will not be able to access relevant Account Information from the particular Account Provider, through HUBconnect.

Organisation Users consent to our use of your Account Provider Credentials, for the purpose of accessing your client’s Account Information from third party financial institutions (e.g. platforms, banks, stockbrokers, mortgage brokers, and superannuation funds) in order to provide you with the services you access through HUBconnect. Organisation Users acknowledge that when we use your Account Provider Credentials, we can access your, or your client’s, Account Information with third party financial institutions on your, or your client’s behalf, and in doing so you may not be in compliance with the terms and conditions of your financial institution.

Telephone recording

HUBconnect or third parties providing connected services, may record telephone conversations. If HUBconnect does record conversations, this will be disclosed prior to connecting to a HUBconnect staff member and you will be given an opportunity to refuse such recording.

IP addresses, cookies and data

When you visit our Website or Apps, we may collect certain information automatically from your device.

Usage information – We keep track of your activity in relation to the Website and Apps, the configuration of your device, and performance metrics related to your use of the Website and Apps. For example, when you use our Services, we may collect:

• Network monitoring data to enable us to maintain the security and agility of our internal networks;
• Log data about when you use the Services including Internet Protocol (“IP”) address, browser type, referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyse trends in the aggregate and administer the site;
• Device data about any device including mobile phone number and other information related to mobile devices like operating system and model if you use our Services via our Apps. For other devices information collected by cookies and other similar technologies. We use various technologies to collect information which may include saving cookies to your computers;
• The record contains various attributes of the call, such as time, duration, completion status, source number and destination number;
• Meta data, which is data created about other data which can include size, formatting, other characteristics of a data item;
• Emails/communications with us;
• Billing data, which includes any payment data; and
• Cookies in order to provide you with the best online experience possible, to monitor traffic patterns, to assist with managing your HUBconnect User Account, and to identify you on return visits. These cookies are small data files sent and stored in your web browser on your computer’s hard drive. HUBconnect may access these to understand more about your preferences in order to deliver a more relevant service. For instance, HUBconnect may learn from these what kind of offers you like and be able to limit the amount of times you see offers not relevant to you. Cookies may also be used for other purposes on the HUBconnect Website. In each case, none of the information collected can be used to identify you personally. If you wish to know when or if you receive cookies from the HUBconnect Website, you can manually set your browser to notify you of this or, in the case you do not wish to receive cookies, to reject cookies. If you disable the use of cookies on your web browser or remove or reject specific cookies from the website or linked sites, then you may not be able to gain access to all of the content and facilities within our Website.

Although our systems do not collect any personal or sensitive information from or about Website visitors, they do collect metadata such as the date and time of each unique visit, any pages viewed, and any content downloaded. They also log the number of times Website visitors click on content featured on the Website. This information is collected only to further develop the HUBconnect services and products and improve the facilities and/or services we are able to offer.

We may use third party service providers to help us analyse certain online activities. For example, these service providers may help us measure the performance of our online campaigns or analyse visitor activity on HUBconnect. We may permit these service providers to use cookies and other technologies to perform these services for HUBconnect. We do not share any personal information about our customers with these third party service providers, and these service providers do not collect such information on our behalf. Our third party service providers are required to comply fully with this Privacy Policy.

Information we don’t collect

Government identifiers and unsolicited personal information

HUBconnect doesn’t ask for, use or disclose government related identifiers of an individual (e.g. your tax file number). Should HUBconnect come into possession of any such identifier, or personal and/or sensitive information about you, from a source other than yourself and not solicited according to this Privacy Policy, we will:

• notify you in writing of this fact;
• confirm the purpose and the circumstances around receiving your personal information; and
• take steps to de-identify and destroy the information as soon as practicable

Not providing your personal information

If you do not provide us with your personal information when requested some or all of the following may happen:

• we may not be able to provide you with access to some or all our products or services; or
• we may not be able to provide you with information about our products and services.

How do we use your information?

Other than as required by law, we will generally only collect, hold, use and disclose your personal information for the following purposes:

• to provide relevant products and services to you;
• to provide you with information you request about us or the products or services we offer through HUBconnect;
• to communicate with you about your use of our products or services;
• to provide information to persons expressly authorised by you;
• to manage the HUBconnect services and products (including your HUBconnect User Account);
• to access or directly link to third party websites and your third party accounts;
• to monitor, audit, evaluate and otherwise administer our products and services;
• to provide you with access to protected areas of our websites;
• to provide continuous service to you and conducting business processing functions including by providing personal information to our Related Bodies Corporate, contractors, service providers or other third parties, if required;
• to assist with the administrative, planning, product or service development, quality control or for research by us and our contractors and service providers;
• if necessary, to process and obtain payment for any HUBconnect products or services you subscribe to; and
• to facilitate our internal business operations, including the fulfilment of any legal requirements.

We will only use or disclose personal information we collect about you for the purpose for which it was collected, or related purposes which would reasonably be expected, or as otherwise permitted by the Australian Privacy Principles. We take reasonable steps to ensure that third party organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information.

We will not sell your personal information to other organisations. Nor will we provide organisations outside our group with your personal information for purposes unrelated to the use, access, and maintenance of your HUBconnect User Account.

We may also disclose your personal information to entities located overseas for one or more of the purposes set out below. We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the Australian Privacy Principles relating to your personal information.

Who do we share information with?

We will not rent or sell personal information about you. We may share and disclose your information that we collect with the following third parties, solely for a legitimate business or legal purposes and in accordance with applicable law:

• agents, contractors, or external service providers appointed by us (such as auditors or other professional advisers);
• your nominated financial adviser and/or accountant, unless you instruct us otherwise in writing;
• your personal representative, attorney or agent (but only with your written consent);
• another authorised party, (but only with your written consent);
• a government or regulatory body (such as ATO, AUSTRAC, ASIC or a law enforcement agency);
• financial institutions and other similar organisations that we deal with in the course of our corporate activities, or those that are nominated by you;
• external service providers and professional advisers that provide services to us; including electronic identification services;
• credit reporting agencies, any credit provider name in the report and any credit provider whose details have been provided to us by you; and
• in order to comply with a court order or in conjunction with court proceedings.

We may use your data and any personal information which you have provided to us to enhance the service we are providing to you. HUBconnect may use anonymous and aggregated data from our customers and disclose this in a non-personally identifiable manner to third parties.

You may cancel your HUBconnect User Account at any time. However, Guest Users will also need to contact their third party Account Provider directly if you wish to remove your adviser or other representatives’ access to your Account Information held with those third parties. This is because HUBconnect does not control the access your third party financial institutions provide to your adviser or representative, on your instructions.

HUBconnect reserves the right to use any aggregated and anonymous data derived from your utilisation of the service up to this point.

Direct marketing

We may share your information with our business partners for marketing purposes or we may send you information about other organisations’ products and services. We may contact you by mail, telephone, fax, email or other electronic messaging service with offers of products, services or information that may be of interest to you. By using our services, you consent to being contacted by these methods and for these purposes. At any time you may opt-out of receiving marketing communications from us by contacting us (see contact details below) or by using the opt-out facilities provided in those communications.

Keeping your information safe

We invest considerable resources to keep your personal information secure from misuse, loss, interference, unauthorised access, modification or disclosure. Access to and the use of personal information is regulated to prevent misuse or unlawful disclosure of the information. We use security procedures such as encryption, firewalls, intrusion detection and anti-virus technology to prevent unauthorised access. We also use valid log-in identification and password-based security to achieve electronic information security.

We retain information for so long as may be necessary to respond to issues that may arise at a later date, and longer in appropriate cases where required by law. When personal information is no longer required by us, it is destroyed or de-identified.

As our website is linked to the internet, and the internet is inherently insecure, we cannot give any assurance to any person regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.

Third party sites

This Policy does not apply to, nor are we responsible for, the privacy, information or other practices of any third parties, including any third party operating any site or service to which the Website links including but not limited to social media sites. The inclusion of a link on the Website does not imply our endorsement of the linked site or service. You should check the privacy notices of those sites before providing your personal information to them.

Data retention

We will retain your personal information for no longer than is necessary to fulfill the purposes for which the information was originally collected unless a longer retention period is required or permitted by law, for legal, tax or regulatory reasons, or other legitimate and lawful business purposes.

Where we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it.

International data transfers
Data may be subject to cross border transfers and we may, at times, also disclose your personal information to entities located overseas. We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the Australian Privacy Principles relating to your personal information

Know your privacy rights

Keeping information accurate and up to date

We take all reasonable steps to ensure that all personal information we hold is as accurate as possible. You are able to contact us at any time and ask for its correction if you feel the information, we have about you is inaccurate or incomplete, or to provide us with information about changes to your personal information

Accessing personal information held by HUBconnect

Under the Privacy Act, you have the right to obtain a copy of any personal information which we may hold about you and to advise us of any inaccuracies.

To make a request, you will need to write to us verifying your identity and specifying what information you require. We will endeavour to acknowledge your request within 5 business days and communicate a decision within 30 days. We may charge you a fee to cover our administrative and other reasonable costs in providing the information to you if the request requires an extensive step (such as locating and/or tracing information). We will not charge for simply making the request and will not charge for making any corrections to your personal information.

In normal circumstances we will give you full access to your information. However, there may be times where some legal reason requires us to deny access, such as where granting access would interfere with the privacy of others or it would result in a breach of confidentiality. If access is denied, we will give you written reasons for any refusal.

We aim to ensure that the personal information held about you is accurate, complete and up to date. You should contact us as soon as possible if any of your details change. If we do not agree that there are grounds for amendment, then we will add a note to the personal information stating that you disagree with it.

Making a privacy complaint

If you have a concern or complaint about your privacy, let us know and we’ll try to fix it. If you’re not satisfied with how we handle your complaint, there are other things you can do.

How can you make a complaint?

We try to get things right the first time —but if we don’t, we’ll do what we can to fix it. If you are concerned about your privacy (including credit information), you can make a complaint and we’ll do our best to sort it out.

To make a complaint, contact our Privacy Officer and we will make every effort to resolve your complaint internally. If you wish to raise a concern, your complaint should be made in writing to the Privacy Officer (via post or email).

Attention: The Privacy Officer

HUBconnect
GPO Box 529
SYDNEY NSW 2001

Email:

How do we manage complaints?

We will:

Keep a record of your complaint.
Give you a reference number, along with a staff member’s name and contact details if you want to follow it up.
Respond to the complaint within a few days if we can, or tell you if we need more time to look into it.
Keep you updated on what we’re doing to fix the problem.
After we have completed our enquiries, we will contact you, usually in writing, to advise the outcome and invite a response to our conclusions about the complaint. If we receive a response from you, we will assess it and advise if we have changed our view.
Give our response within 30 days for privacy related matters. If we can’t give you a response in this time, we’ll get in touch to tell you why and work out a new timeframe with you.

What else can you do?

If you’re not satisfied with how we manage your complaint or our decision after you’ve been through our internal complaints process, the Australian Financial Complaints Authority (AFCA) offers a free independent dispute resolution service for consumer and small business complaints. You can contact AFCA between 9am and 5pm (Sydney time) Monday to Friday. AFCA can consider most complaints involving financial services providers.

If your complaint is about how we handle your personal information, you can also contact the Office of the Australian Information Commissioner.

Australian Financial Complaints Authority
GPO Box 3
Melbourne VIC 3001
Phone 1800 931 678 (free call)
Visit www.afca.org.au

Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Phone 1300 363 992
Visit www.oaic.gov.au

Unsubscribing
If you wish to unsubscribe from our information or registration service, contact us in writing requesting to be removed from our database. We generally do not collect sensitive information about you unless required by applicable laws or rules.

Updates to this policy
From time to time, we may change this Privacy Policy. All updates to the privacy policy will be made available on our website.

Contact us
If you have any questions regarding our Privacy Policy or handling of information, please contact us.

HUBconnect
GPO Box 529
SYDNEY NSW 2001

Phone: 1300 370 095

Email: admin@hubconnect.com.au