About this Policy
This policy also contains information about how you can access the information 360Private holds about you, how you can seek to have us correct any such information, and how you can make a complaint if you have any concerns about how your information is being managed.
By personal information, we mean information or a statement of opinion about you.
360Private is bound by the Privacy legislation and the 13 Australian Privacy Principles established under the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (APPs). A summary of the APPs is available by contacting our office. Our contact details are provided at the end of this document.
The Privacy legislation relates only to personal information concerning individuals, not companies or other types of organisations.
What kinds of personal information do we collect?
As a financial services provider 360Private needs to obtain certain personal information from and about our clients so that we can understand and effectively meet your specific needs. Obtaining this information also allows 360Private to meet our legislative obligations, particularly under the Corporations Act 2001 and the Anti-Money Laundering and Counter-Terrorism Financing Act 2006.
For us to provide you with a comprehensive financial planning and advice service, information we need to collect and store may include:
- addresses, telephone numbers, email address and date of birth;
- details of your relevant personal circumstances, including your objectives, needs and financial situation (e.g. assets, liabilities, income, expenses, insurance policies, superannuation funds etc.);
- details of your investment preferences and your aversion or tolerance to risk;
- information about your current employment and employment history, family commitments and social security eligibility;
- tax file numbers;
- details related to your health (or other sensitive personal information), particularly when we are recommending risk insurance policies; and
- other relevant matters as they arise.
If 360Private cannot collect personal information about you, we may not be able to provide you with the financial services you require.
How do we collect your personal information?
Wherever possible, 360Private will collect personal information directly from you. We will only collect this information about you if you have:
- knowingly provided your personal information to us; or
- have authorised a third party to provide us with your personal information; or
- if the information is publicly available (for example from sources such as websites, telephone directories or electoral roles).
Your personal information will only be collected, maintained and used, as required, to provide you with our financial services such as:
- financial planning and associated advice;
- the preparation of accounting records and tax returns;
- administration of your superannuation fund; and
- wills, powers of attorney and estate planning in general.
Collecting Sensitive Information
Sensitive information is personal information about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record, health or genetic information.
360Private will not collect or disclose sensitive information about you, unless we need that specific information to provide you with the financial service you need and we have your prior consent, or if we are required to do so by law.
For example, in order to provide you with advice on appropriate risk insurances such as life, income protection or trauma, 360Private will need to collect health information from you or your medical practitioner in order to obtain relevant quotes and help you with your application.
How will we use your personal information?
The purposes for which we may use your personal information include:
- to consider whether we can provide you with the financial services you require;
- to enable 360Private to determine what financial service or product will meet your needs and objectives;
- to assist you in completion of any applications for financial products or risk insurances;
- to assist you in establishing a self managed superannuation fund if appropriate;
- to consider any concerns or complaints you may raise about our services.
How might we disclose your personal information?
We will not disclose your personal information for any purpose other than:
- the purpose for which you provide us with that information, or a related secondary purpose where you would reasonably expect us to use or disclose the information; or
- where you have consented to such disclosure; or
- where we are required or authorised under law, in circumstances relating to public health and safety and in connection with certain operations by or on behalf of an enforcement body.
We are obliged under the Corporations Act 2001 and the National Consumer Credit Protection Act 2009 to maintain certain records and make them available for inspection by the Australian Securities and Investments Commission. The Anti-Money Laundering/Counter-Terrorism Financing Act 2006 also requires us to collect certain personal information about new and existing clients.
In addition, we may contract external parties to conduct due diligence, compliance or financial audits and this may involve the disclosure of your personal information.
We may disclose your personal information to superannuation fund trustees, insurance providers, mortgage providers and product issuers to give effect to your financial strategy, the recommendations we make to you and the administration of your affairs.
Disclosing your personal information overseas
It is unlikely that 360Private will need to disclose your personal information to organisations located overseas. However, if you require 360Private’s assistance to acquire a financial product from an overseas organisation, 360Private may need to provide your personal information to that entity.
If we disclose your personal information overseas, we are required to take steps to ensure that your personal information is substantially treated in accordance with the Australian standards.
We may use your personal information to provide you with direct marketing material that you may find of interest.
You can contact us at any time if you do not want to receive this information and we will stop sending it to you within two weeks of your request.
How do we manage your personal information?
360Private protects your personal information from misuse and loss, and from unauthorised access, modification or disclosure. At all times your personal information is treated as confidential and can only be accessed by persons who have been properly authorised.
360Private may store personal information in hard copy or electronically. Physical security of paper files and data storage is maintained through locks and a security system.
All computer-based information is protected through the use of access passwords on each computer. Data is backed up each evening and stored securely off site.
In addition, 360Private monitors its online services, such as the Client Portal to ensure that your personal information is appropriately protected when you use this service.
If you use the Client Portal, you can assist us in protecting your personal information by ensuring that you keep your username and password secure at all times. You should contact 360Private immediately if you suspect that your username and password have been disclosed to another person.
In the event you cease to be a client, any personal information that we hold will be maintained on site or in a secure off-site storage facility for at least seven years in order to comply with legislative and professional requirements. After that time, the information may be destroyed.
How can you access your personal information?
With some exceptions, you may request access to the personal information 360Private holds about you; however, before providing you with any of your personal information, we will have to verify your identity.
We will provide you with access by whichever means you request, as long as it is reasonable and practical to do so and within a reasonable amount of time. Depending on the complexity of the request, there may be a fee for this service.
We will not provide you with access to personal information which would reveal any confidential formulae or the detail of any in-house evaluative decision making process. Instead, we may give you the result of the formulae or process or an explanation of that result.
The Australian Privacy Principals place other restrictions on accessing your personal information. Some of the restrictions include where:
- providing access would have an unreasonable impact on the privacy, or would pose a serious and imminent threat to the health, of any individual;
- the request for access is frivolous or vexatious; or
- the provision of access is unlawful or would be likely to prejudice a criminal investigation.
If 360Private is unable to provide you with the requested information, we will provide you with a written notice giving our reasons and how you can complain about the refusal.
How can you have your personal information corrected?
360Private strives to ensure that, at all times, the personal information we hold about you is accurate and up to date. If you can show us that the personal information we hold about you is inaccurate, incomplete or outdated, and we agree that the information requires correcting, we will take all reasonable steps to correct it.
If 360Private does not believe that the personal information we hold about you is inaccurate, incomplete or out of date, we will write to you giving our reasons and how you can complain about the refusal.
If 360Private refuses your request, you can ask us to include a statement in your file that the information is inaccurate, out of date, incomplete, irrelevant or misleading.
How will we resolve your concerns?
If at any time you believe we have compromised your privacy, or if you believe 360Private has breached the Privacy legislation, you have a right to complain.
To lodge a complaint you can contact our Privacy Officer via the means referred to below. We will try to resolve any concerns you may have to your satisfaction within seven working days. If this is not possible, 360Private will contact you within that time period to let you know how long it will take to resolve your complaint.
Privacy or Data Breach
The Privacy Amendment (Notifiable Data Breaches) Act 2017 established the Notifiable Data Breaches (NDB) scheme in Australia.
The NDB scheme introduces an obligation for agencies to notify individuals whose personal information is involved in a data breach that is likely to result in serious harm. In this context, serious harm refers to serious physical, psychological, emotional, financial or reputational harm to an individual or individuals.
360Private will manage all data breaches in accordance with the NDB.
If a suspected or known data breach occurs, 360Private’s Privacy Officer will initially respond and work with the affected area to contain further access or disclosure of the data. The Privacy Officer will then determine whether serious harm is likely from the suspected or known breach.
If serious harm is likely from the data breach, 360Private will immediately notify the affected individuals to advise that a suspected or known data breach has occurred which includes their personal information, and actions are being undertaken to limit or mitigate the harm as much as possible.
360Private will also prepare a statement to the OAIC via the NDB Statement – Form (available from www.oaic.gov.au) notifying the following to the OAIC:
- 360Private’s identity and its contact details
- A description of the breach and actions being undertaken to limit the breach
- The type of information concerned
- Recommended steps for the affected individuals
360Private will then work with OAIC on any recommendations or directions from the Information Commissioner relating to the breach.
360Private will review the incident to determine possible causes of the breach and revise its internal policies and/or procedures to prevent reoccurrence. Possible actions will include updating policies and procedures relating to records management and additional staff training on privacy.
Our Contact Details
|To:||The Privacy Officer|
|Address:||Level 1, 170 Greenhill Road Parkside SA 5063|
|GPO Box 946 Unley SA 5061|
|Telephone::||(08) 8291 2111|
|Facsimile||(08) 8291 2101|
If you are unhappy with our response, you are entitled to contact the Office of the Australian Information Commissioner who may investigate your complaint further.
Additional information about privacy in Australia may be obtained by visiting the web site of the Office of the Australian Information Commissioner at www.oaic.gov.au.
1 Includes the following entities: 360Private Wealth By Design Pty Limited ACN 169 464 135 AFSL & Australian Credit Licence 458669, 360Private Pty Limited ACN 064 634 546, 360Private Estate Management Pty Limited ACN 088 309 804, Australian Masters Equity Management Pty Ltd ACN 141 461 083, 360Private Advisory Pty Limited ACN 079 229 968, 360Private Legal Pty Ltd ACN 609 085 967, 360Private Software Developments Pty Limited ACN 626 050 744, 360Private Audit Pty Ltd ACN 609 416 597.