Last updated 11 December 2018
If you give us personal information about another person, you represent that you are authorised to do so and agree to inform that person who we are, that we will use and disclose that information for the relevant purposes set out below, and that they can access the information we hold about them.
Your personal information will be treated strictly in accordance with the Australian Privacy Principles contained within the Privacy Act, as amended from time to time.
This policy outlines for our customers and prospective customers:
Personal information is information that can identify you. We must obtain personal information about you so we can provide the most appropriate products and services to you, provide information and marketing material to you and satisfy certain legislative and regulatory requirements.
We will only collect personal information that is necessary to provide our products and services to you, including information needed to comply with legal and regulatory requirements.
We may collect the following types of personal information:
We are required to collect your name, address, date of birth and other verification information under the Anti-Money Laundering and Counter Terrorism Financing Act 2006 (Cth). We are authorised to collect tax file numbers under tax laws and the Privacy Act.
HUBconnect or third parties providing connected services, may record telephone conversations. If HUBconnect does record conversations, this will be disclosed prior to connecting to a HUBconnect staff member and you will be given an opportunity to refuse such recording.
Cookies may also be used for other purposes on the HUBconnect website. In each case, none of the information collected can be used to identify you personally but rather identifies your computer. You can configure your browser to notify you when you receive a cookie and this will provide you with an opportunity to either accept or reject it each time.
If you do not give us your personal information some or all of the following may happen:
Personal information will generally be collected directly from you through the use of any of our standard forms, through the HUBconnect portal, via email, or through a telephone conversation with you. For example, we may collect personal information from you using any of these methods when:
There may, however, be some instances where personal information about you will be collected indirectly because it is unreasonable or impractical to collect personal information directly from you. We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.
Other than as required by law, we will generally only collect, hold, use and disclose your personal information for the purposes of:
We will only use or disclose personal information we collect about you for the purpose for which it was collected, or related purposes which would reasonably be expected, or as otherwise permitted by the Australian Privacy Principles.
We will not sell your personal information to other organisations. Nor will we provide organisations outside our group with your personal information for purposes unrelated to the provision of services to you.
Personal information may be disclosed to external parties including the following:
We do not disclose your personal information to persons located outside of Australia.
Our website may contain references or links to other external websites. Those references or links may in turn refer or link to other references or links. We, our directors, officers, employees or agents are not responsible to you or any person for the privacy practices of linked websites and linked websites are not subject to our privacy policies and procedures.
We may also send you direct marketing communications and information about our products and services that we expect may be of interest to you. These communications may be sent in various forms, including mail, SMS, fax and email. By using our services, you consent to us sending you those direct marketing communications by any of those methods. At any time you may opt-out of receiving marketing communications from us by contacting us (see contact details below) or by using the opt-out facilities provided in the marketing communications and we will then ensure that your name is removed from the relevant mailing list.
Please note that, if we are currently providing you with services or products, we will still need to send you essential information about your account, the relevant services or products and other information required by law.
We invest considerable resources to keep your personal information secure from misuse, loss, interference, unauthorised access, modification or disclosure. Access to and the use of personal information is regulated to prevent misuse or unlawful disclosure of the information. We use security procedures such as encryption, firewalls, intrusion detection and anti-virus technology to prevent unauthorised access. We also use valid log-in identification and password based security to achieve electronic information security.
We retain information for so long as may be necessary to respond to issues that may arise at a later date, and longer in appropriate cases where required by law. When personal information is no longer required by us, it is destroyed or de-identified.
As our website is linked to the internet, and the internet is inherently insecure, we cannot give any assurance to any person regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.
Under the Privacy Act, you have the right to obtain a copy of any personal information which we hold about you and to advise us of any inaccuracies.
To make a request, you will need to write to us verifying your identity and specifying what information you require. We will try to respond to your request within 7 days. If the information sought after is extensive we may charge a fee to cover cost.
In normal circumstances we will give you full access to your information. However, there may be times where some legal reason requires us to deny access, such as where granting access would interfere with the privacy of others or it would result in a breach of confidentiality. If access is denied, we will give you written reasons for any refusal.
We aim to ensure that the personal information held about you is accurate, complete and up to date. You should contact us as soon as possible if any of your details change. You can also contact us at any time and ask us to correct personal information you if you feel the information we have about you is inaccurate or incomplete. If we do not agree that there are grounds for amendment then we will add a note to the personal information stating that you disagree with it. We will also give you a written notice that sets out our reasons for refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.
We request that complaints about breaches of privacy be made in writing, so we can be sure about the details of the complaint. We will attempt to confirm as appropriate and necessary with you your understanding of the conduct relevant to the complaint and what you expect as an outcome. We will inform you whether we will conduct an investigation, the name, title, and contact details of the investigating officer and the estimated completion date for the investigation process.
After we have completed our enquiries, we will contact you, usually in writing, to advise the outcome and invite a response to our conclusions about the complaint. If we receive a response from you, we will assess it and advise if we have changed our view.
If, after this process, you are not satisfied with our response, you can submit a complaint to the Office of the Australian Information Commissioner. To lodge a complaint, visit the ‘Complaints’ section of the Australian Information Commissioner’s website, located at http://www.oaic.gov.au/privacy/privacy-complaints, to obtain the relevant complaint forms, or contact the Australian Information Commissioner’s office.
The Privacy Officer
GPO Box 529
SYDNEY NSW 2001
Phone: 1300 370 095
Should you wish to obtain further information about privacy you can do so by visiting the Office of the Australian Information Commissioner (OAIC) website www.oaic.gov.au.