Last updated 1 July 2021
Protecting your personal information is important to us. We respect your privacy and we are committed to protecting your privacy. Your personal information will be treated strictly in accordance with the Australian Privacy Principles contained within Act 1988 (Cth) (Privacy Act).
Your privacy is important to us
HUBconnect’s commitment to openness, transparency and your privacy has been unwavering since its inception and is wholly aligned with the Australian Privacy Principles. Beyond their legal obligations, HUBconnect considers these principles to be good business practice.
What information do we collect?
As used in this Policy “personal information” is information that can identify you. HUBconnect believes you should have complete control over your online identity. The information HUBconnect collects from you or about your use of our Services is dependent on how you access and use the features we offer. We must obtain personal information about you so we can provide the most appropriate products and services to you, provide information and marketing material to you and satisfy certain legislative and regulatory requirements. We will only collect personal information that is necessary to provide our products and services to you, including information needed to comply with legal and regulatory requirements.
The main ways we may collect personal information about customers are:
- if you subscribe to any of our information or other services;
- you sign up for, or log into our Services;
- if you give information or other material to any part of HUBconnect or its related bodies corporate;
- if the information is provided to us by a third party;
- we also maintain records of transactions and activities for your HUBconnect account and your investment accounts held by external parties, which are linked and viewable through HUBconnect.
Information you actively provide to us
Personal Information which we may collect from you includes the following:
- name, job title, company details, address, contact details, date of birth, payment information (if required), username for our online products, information about your device and browsing patterns and information about other products or services of ours or any related body corporate that you may hold or use.
We may be required to collect your name, address, date of birth and other verification information under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF Act). We collect personal information for the purposes of setting up your HUBconnect user account (“User Account”). To use our Services we always require an email address and basic information including your first name and last name.
Information we collect automatically when you visit the HUBconnect Website or Apps
If you are a visitor to the HUBconnect Website, we do not collect personal or sensitive information from or about you from the unsecure areas of the HUBconnect Website. If you are a visitor who does not log in to a HUBconnect App with a username and password, you therefore remain anonymous.
- An Organisation User is a member of a company or professional who subscribes to HUBconnect to access the financial data of their clients via their HUBconnect User Account. In order to access the secure, password protected features of the HUBconnect App, Organisation Users may be asked to provide certain personal information and data as listed above.
All Users of HUBconnect Apps will be entitled to, and will be issued with, a single login and password (which may change from time to time) to access and use each HUBconnect App (“HUBconnect User Account Credentials”).
Organisations Users will be required to enter their Account Provider credentials, (or be provided with access by another Organisation User e.g. an Adviser providing their assistant with access), when setting up their HUBconnect User Account, to access Client financial Account Information. Account Provider credentials are separately issued to Advisers or other Organisation Users, directly by the third party Account Provider (“Account Provider Credentials”). If the Account Provider Credentials are not correct, the Organisation User will not be able to access relevant Account Information from the particular Account Provider, through HUBconnect.
Organisation Users consent to our use of your Account Provider Credentials, for the purpose of accessing your client’s Account Information from third party financial institutions (e.g. platforms, banks, stockbrokers, mortgage brokers, and superannuation funds) in order to provide you with the services you access through HUBconnect. Organisation Users acknowledge that when we use your Account Provider Credentials, we can access your, or your client’s, Account Information with third party financial institutions on your, or your client’s behalf, and in doing so you may not be in compliance with the terms and conditions of your financial institution.
HUBconnect or third parties providing connected services, may record telephone conversations. If HUBconnect does record conversations, this will be disclosed prior to connecting to a HUBconnect staff member and you will be given an opportunity to refuse such recording.
IP addresses, cookies and data
When you visit our Website or Apps, we may collect certain information automatically from your device.
Usage information – We keep track of your activity in relation to the Website and Apps, the configuration of your device, and performance metrics related to your use of the Website and Apps. For example, when you use our Services, we may collect:
- Network monitoring data to enable us to maintain the security and agility of our internal networks;
- Log data about when you use the Services including Internet Protocol (“IP”) address, browser type, referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyse trends in the aggregate and administer the site;
- Device data about any device including mobile phone number and other information related to mobile devices like operating system and model if you use our Services via our Apps. For other devices information collected by cookies and other similar technologies. We use various technologies to collect information which may include saving cookies to your computers;
- The record contains various attributes of the call, such as time, duration, completion status, source number and destination number;
- Meta data, which is data created about other data which can include size, formatting, other characteristics of a data item;
- Emails/communications with us;
- Billing data, which includes any payment data; and
Although our systems do not collect any personal or sensitive information from or about Website visitors, they do collect metadata such as the date and time of each unique visit, any pages viewed, and any content downloaded. They also log the number of times Website visitors click on content featured on the Website. This information is collected only to further develop the HUBconnect services and products and improve the facilities and/or services we are able to offer.
Information we don’t collect
Government identifiers and unsolicited personal information
- notify you in writing of this fact;
- confirm the purpose and the circumstances around receiving your personal information; and
- take steps to de-identify and destroy the information as soon as practicable
Not providing your personal information
If you do not provide us with your personal information when requested some or all of the following may happen:
- we may not be able to provide you with access to some or all our products or services; or
- we may not be able to provide you with information about our products and services.
How do we use your information?
Other than as required by law, we will generally only collect, hold, use and disclose your personal information for the following purposes:
- to provide relevant products and services to you;
- to provide you with information you request about us or the products or services we offer through HUBconnect;
- to communicate with you about your use of our products or services;
- to provide information to persons expressly authorised by you;
- to manage the HUBconnect services and products (including your HUBconnect User Account);
- to access or directly link to third party websites and your third party accounts;
- to monitor, audit, evaluate and otherwise administer our products and services;
- to provide you with access to protected areas of our websites;
- to provide continuous service to you and conducting business processing functions including by providing personal information to our Related Bodies Corporate, contractors, service providers or other third parties, if required;
- to assist with the administrative, planning, product or service development, quality control or for research by us and our contractors and service providers;
- if necessary, to process and obtain payment for any HUBconnect products or services you subscribe to; and
- to facilitate our internal business operations, including the fulfilment of any legal requirements.
We will only use or disclose personal information we collect about you for the purpose for which it was collected, or related purposes which would reasonably be expected, or as otherwise permitted by the Australian Privacy Principles. We take reasonable steps to ensure that third party organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information.
We will not sell your personal information to other organisations. Nor will we provide organisations outside our group with your personal information for purposes unrelated to the use, access, and maintenance of your HUBconnect User Account.
We may also disclose your personal information to entities located overseas for one or more of the purposes set out below. We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the Australian Privacy Principles relating to your personal information.
Who do we share information with?
We will not rent or sell personal information about you. We may share and disclose your information that we collect with the following third parties, solely for a legitimate business or legal purposes and in accordance with applicable law:
- agents, contractors, or external service providers appointed by us (such as auditors or other professional advisers);
- your nominated financial adviser and/or accountant, unless you instruct us otherwise in writing;
- your personal representative, attorney or agent (but only with your written consent);
- another authorised party, (but only with your written consent);
- a government or regulatory body (such as ATO, AUSTRAC, ASIC or a law enforcement agency);
- financial institutions and other similar organisations that we deal with in the course of our corporate activities, or those that are nominated by you;
- external service providers and professional advisers that provide services to us; including electronic identification services;
- credit reporting agencies, any credit provider name in the report and any credit provider whose details have been provided to us by you; and
- in order to comply with a court order or in conjunction with court proceedings.
We may use your data and any personal information which you have provided to us to enhance the service we are providing to you. HUBconnect may use anonymous and aggregated data from our customers and disclose this in a non-personally identifiable manner to third parties.
You may cancel your HUBconnect User Account at any time. However, Guest Users will also need to contact their third party Account Provider directly if you wish to remove your adviser or other representatives’ access to your Account Information held with those third parties. This is because HUBconnect does not control the access your third party financial institutions provide to your adviser or representative, on your instructions.
HUBconnect reserves the right to use any aggregated and anonymous data derived from your utilisation of the service up to this point.
We may share your information with our business partners for marketing purposes or we may send you information about other organisations’ products and services. We may contact you by mail, telephone, fax, email or other electronic messaging service with offers of products, services or information that may be of interest to you. By using our services, you consent to being contacted by these methods and for these purposes. At any time you may opt-out of receiving marketing communications from us by contacting us (see contact details below) or by using the opt-out facilities provided in those communications.
Keeping your information safe
We invest considerable resources to keep your personal information secure from misuse, loss, interference, unauthorised access, modification or disclosure. Access to and the use of personal information is regulated to prevent misuse or unlawful disclosure of the information. We use security procedures such as encryption, firewalls, intrusion detection and anti-virus technology to prevent unauthorised access. We also use valid log-in identification and password-based security to achieve electronic information security.
We retain information for so long as may be necessary to respond to issues that may arise at a later date, and longer in appropriate cases where required by law. When personal information is no longer required by us, it is destroyed or de-identified.
As our website is linked to the internet, and the internet is inherently insecure, we cannot give any assurance to any person regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.
Third party sites
This Policy does not apply to, nor are we responsible for, the privacy, information or other practices of any third parties, including any third party operating any site or service to which the Website links including but not limited to social media sites. The inclusion of a link on the Website does not imply our endorsement of the linked site or service. You should check the privacy notices of those sites before providing your personal information to them.
We will retain your personal information for no longer than is necessary to fulfill the purposes for which the information was originally collected unless a longer retention period is required or permitted by law, for legal, tax or regulatory reasons, or other legitimate and lawful business purposes.
Where we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it.
International data transfers
Data may be subject to cross border transfers and we may, at times, also disclose your personal information to entities located overseas. We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the Australian Privacy Principles relating to your personal information
Know your privacy rights
Keeping information accurate and up to date
We take all reasonable steps to ensure that all personal information we hold is as accurate as possible. You are able to contact us at any time and ask for its correction if you feel the information, we have about you is inaccurate or incomplete, or to provide us with information about changes to your personal information
Accessing personal information held by HUBconnect
Under the Privacy Act, you have the right to obtain a copy of any personal information which we may hold about you and to advise us of any inaccuracies.
To make a request, you will need to write to us verifying your identity and specifying what information you require. We will endeavour to acknowledge your request within 5 business days and communicate a decision within 30 days. We may charge you a fee to cover our administrative and other reasonable costs in providing the information to you if the request requires an extensive step (such as locating and/or tracing information). We will not charge for simply making the request and will not charge for making any corrections to your personal information.
In normal circumstances we will give you full access to your information. However, there may be times where some legal reason requires us to deny access, such as where granting access would interfere with the privacy of others or it would result in a breach of confidentiality. If access is denied, we will give you written reasons for any refusal.
We aim to ensure that the personal information held about you is accurate, complete and up to date. You should contact us as soon as possible if any of your details change. If we do not agree that there are grounds for amendment, then we will add a note to the personal information stating that you disagree with it.
Making a privacy complaint
If you have a concern or complaint about your privacy, let us know and we’ll try to fix it. If you’re not satisfied with how we handle your complaint, there are other things you can do.
How can you make a complaint?
We try to get things right the first time —but if we don’t, we’ll do what we can to fix it. If you are concerned about your privacy (including credit information), you can make a complaint and we’ll do our best to sort it out.
To make a complaint, contact our Privacy Officer and we will make every effort to resolve your complaint internally. If you wish to raise a concern, your complaint should be made in writing to the Privacy Officer (via post or email).
Attention: The Privacy Officer
GPO Box 529
SYDNEY NSW 2001
How do we manage complaints?
Keep a record of your complaint.
Give you a reference number, along with a staff member’s name and contact details if you want to follow it up.
Respond to the complaint within a few days if we can, or tell you if we need more time to look into it.
Keep you updated on what we’re doing to fix the problem.
After we have completed our enquiries, we will contact you, usually in writing, to advise the outcome and invite a response to our conclusions about the complaint. If we receive a response from you, we will assess it and advise if we have changed our view.
Give our response within 30 days for privacy related matters. If we can’t give you a response in this time, we’ll get in touch to tell you why and work out a new timeframe with you.
What else can you do?
If you’re not satisfied with how we manage your complaint or our decision after you’ve been through our internal complaints process, the Australian Financial Complaints Authority (AFCA) offers a free independent dispute resolution service for consumer and small business complaints. You can contact AFCA between 9am and 5pm (Sydney time) Monday to Friday. AFCA can consider most complaints involving financial services providers.
If your complaint is about how we handle your personal information, you can also contact the Office of the Australian Information Commissioner.
Australian Financial Complaints Authority
GPO Box 3
Melbourne VIC 3001
Phone 1800 931 678 (free call)
Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Phone 1300 363 992
If you wish to unsubscribe from our information or registration service, contact us in writing requesting to be removed from our database. We generally do not collect sensitive information about you unless required by applicable laws or rules.
Updates to this policy
GPO Box 529
SYDNEY NSW 2001
Phone: 1300 370 095