(updated May 2017)
By using any of our products or services, or by providing us with personal information, you confirm that you have read and accepted the terms of this policy and expressly consented to the collection, storage, use and disclosure of your personal information in accordance with the terms of this policy.
This policy is in addition to any other terms and conditions applicable to the products and services we provide and your use of our website, www.financialmindfulness.com.au and all subdomains thereof (“website”). We may amend this policy at our discretion, in which case we will publish the amended version of the policy on our website. You acknowledge that that updated policy will apply to the collection, storage, use or disclosure of information from the date of publication and it is your responsibility to regularly check our website for updates.
If you do not agree to the terms of this policy, you must not use our products and services or our website.
- Types of Personal Information We Collect
We only collect personal information that is reasonably necessary for one or more of our functions or activities or is required by law. The types of personal information that we collect and hold about you could include your name, email address or phone number, gender, professional public register information and professional activity details relating to our products and services, information you submit to us in forms, provide us by email, telephone, online chat or in connection with the use of our products and services, enquiry complaint details and other contact details such as social media accounts.
Sensitive information requires a higher level of protection under the Privacy Act 1988 (the “Act”). If we need to collect sensitive information about you, we will seek your consent at or before the time we collect it.
- How We Collect and Hold Personal Information
We may collect personal information:
- from people who access our website, our products and our services;
- if you create an account with us, or subscribe to receive any publications or newsletters from us;
- during conversations between you and our representatives;
- when you communicate with us via email, chat, post or fax; and
- from other people who are connected to our operations and activities – including employees, service providers and suppliers.
We will collect your personal information from you unless it is unreasonable or impracticable to do so. In some cases, we may be required to collect personal information about you from third parties. For example, we may collect personal information from companies with whom you work, other organisations with whom you have dealings, credit reporting bodies, information service providers or from public sources. Where we collect information about you from a third party, we will take reasonable steps to ensure that you are made aware of the fact and circumstances of that collection.
We will do all that is reasonable in the circumstances to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure. Personal information we collect and store is stored on secure servers, and is only accessible by those persons who need access to the information in order to carry out their business functions. We also maintain physical security measures to protect the use and storage of physical records containing personal information. If your personal information can no longer be used for a purpose permitted under the Act, we will take reasonable steps to destroy the information or ensure that it is de-identified.
- Website usage information and cookies
We collect limited information about people who use our online resources, in order to track use of those resources and to maintain and improve those resources. Information collected may include:
- server addresses;
- top level domain names;
- the date and time of visits;
- pages access and documents downloaded;
- previous sites visited;
- if the person has visited our website before; and
- types of browsers used.
We may also use similar means to track usage data in relation to our products and services including cumulative operating hours, the hardware type and operating system of the devices you use to access the products and services, and other data connected with the operation of the products like (internal) operating temperature (collectively, “Usage Information”).
Usage Information will be aggregated with other users and will not be associated with an identifiable person.
You may decline our cookies if your browser or browser add-on permits, but doing so may interfere with your use of our website, products and services. You can refer to the ‘help’ section of your browser or installed applications for instructions on blocking, disabling or deleting cookies.
- The Purposes for Which We Collect, Hold, Use and Disclose Personal Information
We may collect information about you because we are required or authorised by law to collect it. We collect personal information so that we can carry out our business activities in a professional and efficient manner, in particular to:
- advise customers which price plans are most appropriate;
- set-up and configure customer accounts;
- identify our customers, potential customers and people acting on their behalf;
- improve our service offerings;
- record and maintain user details and profile information;
- provide information on services available to subscribers and users;
- provide client and user support;
- deliver targeted marketing regarding new services and offers we believe may be of interest to you;
- collect fees and payments owing to us;
- respond to your enquiries and concerns and resolve disputes;
- contact you by email or telephone (by voice call or SMS); and
- compare information provided by you for accuracy and verify it with third parties.
We will not use or disclose your personal information for a purpose (secondary purpose) other than the main reason for which it was originally collected (primary purpose), unless:
- you have consented to the use or disclosure of your personal information for the secondary purpose;
- you would reasonably expect us to use or disclose the information for the secondary purpose and the other purpose is related to, or directly related to in the case of sensitive information, the first particular purpose;
- the use or disclosure of the information is required or authorised by or under an Australian law or a court/tribunal order; or
- the use or disclosure is otherwise permitted by the Privacy Act (for example, as a necessary part of an investigation of suspected unlawful activity).
In carrying out our business, we may need to disclose your personal information to others, including:
- to our related entities; and
- to service providers including information technology service providers, printers and distributors of marketing material; credit reporting agencies, creditors, bankers, financiers, credit providers, mortgage insurers or trade insurers, and external business advisers (such as auditors and lawyers).
We may also be required to disclose your personal information to a third party who is involved in a dealing or proposed dealing (including a sale) of all or part of our assets or business.
We do not sell personal information to other organisations.
From time to time, we may also use your personal information to send important notices to you, such as communications about purchases you have made, or changes to our terms and conditions or other policies. This information is important to your interactions with us and you acknowledge that you may not opt-out of receiving these communications.
We may use your personal information to send you marketing and promotional information. We will provide you with an opportunity to opt-out of receiving such information. Unless you exercise your right to opt-out of such communication, you will be taken to have consented to the receipt of similar information communications from us if the future.
If you have general enquiry type questions, you can choose to do this anonymously or use a pseudonym. However, if you require information which is specific to your circumstances then it may not be possible for you to deal with us anonymously or by pseudonym.
- How You Can Access Your Personal Information That We Hold and Seek the Correction of Such Information
We will endeavour to give you access to your personal information unless there are certain legal reasons why we cannot do so. We do not have to provide you with access to your personal information if:
- we believe there is a threat to life or public safety;
- there is an unreasonable impact on the privacy of other individuals;
- the request is frivolous or vexatious;
- the information wouldn’t be ordinarily accessible because of legal proceedings;
- it would prejudice commercial negotiations, legal proceedings, enforcement activities or appropriate action being taken in respect of a suspected unlawful activity or serious misconduct;
- denying access is required or authorised by law or a court or tribunal order;
- it would be unlawful; and
- it would reveal evaluative information generated by us in connection with a commercially sensitive decision-making process.
You can ask us to access your personal information that we hold by sending us an email at email@example.com. We will respond to your request to provide access to your personal information within 30 days and you agree we may charge you reasonable costs incurred in supplying you with access to this information.
We will take such steps that are reasonable in the circumstances to ensure that:
- the personal information we collect and store is accurate, up-to-date and complete; and
- the personal information we use and disclose is accurate, up-to-date, complete and relevant.
If you believe that personal information we hold about you may not be complete, accurate and up-to-date, please email firstname.lastname@example.org so we can update your details. You accept that we will take reasonable steps to verify your identity before granting access or making corrections to or deletion of your information.
- 6. How You Can Complain About a Breach of the Australian Privacy Principles and How We Will Deal With Such a Complaint
If you feel that we have breached our obligations in the handling, use or disclosure of your personal information, you may raise a complaint. We encourage you to contact us in writing, including as much detail about the issue as possible, by emailing email@example.com.
We will investigate the circumstances included in the complaint and respond within a reasonable time (and in any event, the time required by the Privacy Act, if applicable) regarding our findings and actions following this investigation.
We will treat your complaint confidentially and, after investigating your complaint, discuss the ways in which we can remedy the situation.
- Do Not Call Register
We will not call you on a number listed on the Do Not Call Register unless this is permitted under the Do Not Call Register Act 2006 (Cth) (“Do Not Call Register Act”) and related instruments (for example, if we have your express or inferred consent to do so). If we have contacted you on a particular number in error, please let us know by emailing firstname.lastname@example.org.
We will not send you any commercial electronic messages such as SMSs or emails unless this is permitted by the Spam Act 2003 (Cth) (“Spam Act”) (for example, if we have your express or inferred consent to do so). Any commercial electronic message that we send will identify Financial Mindfulness as the sender and will include our contact details. The message will also provide an unsubscribe facility. If you do not wish to receive commercial electronic messages from us, please:
- unsubscribe from our database using the unsubscribe facility in the relevant electronic communication; or
- let us know by contacting us using the contact details provided at the end of this policy.
- Which Overseas Recipients and Countries Are We Likely to Disclose Personal Information to
We may store your information in cloud or other types of networked or electronic storage. Accordingly, we may need to share some of your information with third parties outside Australia . Although these third parties are subject to privacy and confidentiality obligations imposed by contract or the regulatory frameworks of the jurisdiction in which they are located, you acknowledge that:
- they may not always comply with those obligations, or those obligations may differ from the obligations imposed by the Privacy Act, the Spam Act and the Do Not Call Register Act;
- we will not be accountable for a breach by those third parties of any of these obligations;
- in the event of breach, you may not be able to seek redress under the Privacy Act; and
- the third party may be subject to foreign laws which might compel further disclosures of personal information (e.g. to government authorities).