1. OBJECTIVE OF THE POLICY
The objective of the policy is to define how Koda Capital Pty Ltd; its related entities (“Koda”) and representatives will deal with your personal information. The Privacy Act 1988 requires us to handle personal information in accordance with the Australian Privacy Principles.
Under the legislation, an organisation must set out in a document clearly expressed policies on its management of personal information. The organisation must make the document available to anyone who asks for it.
On request by a person, an organisation must take reasonable steps to let the person know, generally, what sort of personal information it holds, for what purposes, and how it collects, holds, uses and discloses that information.
Where an individual requests access to personal information that the organisation is holding about them, a reasonable fee may be charged for the provision of this information. This must not be excessive and must not be charged in relation to the lodgement of the application (that is, a lodgement fee).
3. RESPECTING YOUR PRIVACY
Koda understands that you are concerned about how we deal with your private and financial information. Our aim is to deliver the best possible service and we will only collect the information necessary to enable us to do so.
Koda’s websites will not collect information about individuals using our websites except where it is knowingly provided.
In order to provide financial services to our clients, we need to request and retain some personal information. This allows us to process applications, administer your accounts and provide you with information. We may also use your personal details to communicate with you about products and services and comply with relevant laws. We consider all information about our clients to be private and confidential.
These laws regulate the way organisations:
- keep secure; and
- give people access to their personal information, (that is, information about an individual that identifies them).
This policy tells you what information we collect and keep, what we do with it, and what your rights are in relation to that information.
4. HOW WE COLLECT YOUR PERSONAL INFORMATION
Wherever practicable, Koda will collect information about you directly from you. We generally collect your information when you complete our application forms. We may also collect information from directly from you on the phone or via electronic means such as an email.
However, it may be necessary at times to collect information about you from other external sources, such as:
- your financial adviser;
- your authorised representatives, such as executors or administrators; and;
- identity verification service providers.
5. WHAT KIND OF INFORMATION WILL WE COLLECT AND HOLD
In order to establish and administer your account, and to comply with relevant legislation, we may collect all or some of the following:
- your full name, date of birth, gender and contact details including telephone, address, e-mail and fax;
- copy of your driver’s licence and /or passport for the purpose of verifying your identity and to ensure compliance with the Anti-Money Laundering and Counter-Terrorism Financing Act;
- your tax file number and bank account details for the purpose of administering your accounts;
- details about authorised signatories;
- copies of any relevant trust deeds, partnership agreements, constitutions or articles of association, which may be needed to comply with the Anti-Money Laundering and Counter-Terrorism Financing Act; and
- details of services you are interested in and about your investment needs, for the purpose of gathering demographic information.
If we do not receive the information requested we may not be able to process or accept applications from you and may not be able to provide some or all of the services you want us to provide to you.
As part of our recruitment process, we may collect personal information from potential employees and their referees. We may also collect sensitive information about potential employees as part of a background checking process. With consent, this information may be disclosed to and obtained from third party agencies that we engage to conduct probity checks on our behalf.
Unless otherwise advised by a potential candidate, we may keep information on file for any future vacancies. Candidates can request at any time, in writing to the Head of Human Resources, for us to destroy their personal information.
6. THE PURPOSES FOR WHICH PERSONAL INFORMATION IS COLLECTED, HELD, USED AND DISCLOSED.
Generally, we only use and disclose information about you for the purpose for which it was disclosed to us or related purposes which would reasonably be expected. Those purposes include:
- to establish and administer your investment accounts and your relationship with us;
- to communicate with you;
- to enable us to inform you about new and existing products and services that will enhance our relationship with you. However, we do respect your right to ask us not to do this;
- to comply with our reporting and tax obligations;
- where relevant and applicable, to provide you with financial services and advice; and
- to handle any relevant enquiries or complaints; and
- the recruitment of staff and contractors.
7. HOW WE STORE YOUR PERSONAL INFORMATION
We store your personal information in a variety of ways which includes both electronic and paper form. The security of your personal information is paramount and we take reasonable steps to protect it from misuse, interference, loss, unauthorised access, modification or disclosure. We do this in a number of ways including:
- Document security policies;
- Confidentiality requirements of our employees and contractors;
- Security measures for access to our systems;
- Restricting access to personal information only to persons who require access to carry out their responsibilities;
- Secured access to our offices; and
- Electronic security systems such as firewalls, MFA, and data encryption on our websites.
8. WHO MAY WE DISCLOSE YOUR INFORMATION TO
There are circumstances under relevant legislation where we are required to disclose certain information and there are other circumstances where some information may also be provided.
We may be required by law to disclose your personal information. For instance, we may be required to provide details to:
- Australian Government regulators such as the Australian Securities and Investments Commission (ASIC), the Australian Tax Office (ATO), the Australian Transaction Reports and Analysis Centre (AUSTRAC), and to other regulatory or government entities;
- Australian Financial Complaints Authority (AFCA) (to allow a complaint you have made about our provision of financial services to be resolved);
- as required by a court order; and
- your spouse in accordance with the Family Law Act requirements.
In order to meet your needs and provide some investor and financial services, such as administering your accounts, it may be necessary to release information or provide access to external service providers, for instance:
- any organisations involved in providing, managing or administering our products or services such as administrators, third party clearers, mail houses and software providers;
- contractors we have engaged to assist us in managing your accounts;
- auditors, consultants and other professional advisers;
- your financial adviser;
- any fund (administrator or trustee) to which your investment balance is to be transferred; your Legal Personal Representative, attorney or any other person who may be entitled to
- receive your account balance following your death and any person contacted to assist us in that process;
- other financial institutions (such as banks) who hold an account in your name, for example, where amounts have been transferred to or from that account;
- authorities investigating (or who could potentially investigate) alleged fraudulent or suspicious transactions in relation to your account.
We may also provide some information to market research companies for the purpose of analysing our client base. We may provide our clients’ contact details to market research companies to undertake research on behalf of Koda. For example, we may run client satisfaction surveys, or run focus groups on proposed products or services. These agencies must return all records of this information to Koda. Koda retains ownership of this information and will ask you if you do not wish to receive further information. You can contact us at any time if you no longer wish us to contact you for marketing purposes.
9. OVERSEAS DISCLOSURE
We may need to share some of your information (including credit information) with organisations outside Australia.
We may store your information in “the Cloud” or other types of networked or electronic storage. As electronic or networked storage can be accessed from various countries via an internet connection, it’s not always practicable to know in which country your information may be held. If your information is stored in this way, disclosures may occur in countries other than those listed.
Overseas organisations may be required to disclose information we share with them under a foreign law. In those instances, we will not be responsible for that disclosure.
10. DATA QUALITY – KEEPING YOUR PERSONAL INFORMATION UP TO DATE
Koda relies on the accuracy of the personal information provided by its clients. We aim to ensure that it is accurate, up-to-date and complete. If any of your details change, or you have any concerns regarding its accuracy you should contact us.
11. HOW AN INDIVIDUAL MAY ACCESS THEIR PERSONAL INFORMATION AND SEEK ITS CORRECTION
You may request access to any personal information we hold about you. We reserve the right to charge a reasonable fee to cover our costs. Generally, if it is incorrect, we will correct it at your request. However, this is subject to some exceptions allowed by law, for example:
- if access to information would pose a serious threat to the life or health of an individual;
- if access to information would have an unreasonable impact on the privacy of others;
- if the request is frivolous or vexatious;
- if the information relates to a commercially sensitive decision-making process;
- if providing access would be unlawful;
- if access would prejudice enforcement activities relating to criminal activities or a security function;
- if providing access would reveal the intentions of Koda in relation to negotiations with you in such a way to prejudice those negotiations;
- denying access is required or authorised by or under law.
If access is denied we will provide you with the reason why.
To contact us about access to and correction of your personal information, please contact us (see contact details at the end of this page).
12. NOTIFIABLE DATA BREACHES
A data breach happens when personal information is accessed or disclosed without authorisation or is lost.
As a regulated entity, Koda is required to comply with the Notifiable Data Breaches scheme under the Privacy Act 1988. The scheme requires Koda to notify affected individuals and OAIC when a data breach involving personal information is likely to result in serious harm.
For more information about notifiable data breaches please visit oaic.gov.au or via telephone on 1300 363 992.
13. COMPLAINTS ABOUT A BREACH OF THE AUSTRLIAN PRIVACY PRINCIPLES
If you are not happy with our handling of your personal information, you can seek to have the issues addressed.
You should initially contact Koda in writing with the details of your complaint, together with the rectification you are seeking.
If you are not satisfied with our response after 30 business days, you may in some circumstances, take your complaint to;
Australian Financial Complaints Authority
GPO Box 3
Melbourne VIC 3001
Telephone: 1800 931 678
Finally, if you are also not happy with the outcome of the hearing from the Australian Financial Complaints Authority, you may take your complaint to the Office of the Australian Information Commissioner;
Enquiries telephone: 1300 363 992
Enquiries email: email@example.com
GPO Box 5218 Sydney NSW 2001
GPO Box 2999 Canberra ACT 2601
14. CONTACTING KODA
If you have any questions relating to this privacy statement, or concerns about the way in which we have handled your personal information, please do not hesitate to contact us:
The Privacy Officer Koda Capital Pty Ltd.
PO Box R216
Royal Exchange NSW 1225
Telephone: (02) 8651 3456