This policy applies to information collected by Euroz Securities Limited and its related bodies corporate (“Euroz” or “we” or “us”). It outlines how we collect and use personal information that we hold about you in accordance with the Australian Privacy Principles in the Privacy Act 1988 (Cth) (Privacy Act) and the subsequent 2012 and 2016 amendments (Mandatory Data Breach Notification), and the General Data Protection Regulation (GDPR).
This policy has been developed in accordance with the Australian Privacy Principles (APP).
What personal information is collected?
We only collect personal information that is reasonably necessary for us to provide our products and services. If you do not provide the information that we ask for, we may not be able to provide the products or services you have requested. We may collect information such as your name, address, phone number, email address, tax file number, bank account details, other information that may be required for identification purposes, information about your investments and transactions and other information related to the services we provide.
We do not collect sensitive information from you because it is not reasonably necessary for us in providing our services to you. Sensitive information includes health information, racial information, genetic information, and religious beliefs.
How personal information is collected?
We will generally collect your personal information in the course of you applying to open an account with Euroz. By using Euroz’s services you consent to Euroz collecting your information from you or from a person who is acting as your agent. We may also collect information directly from you or your agent, such as when you or your agents provide information by phone, email or in an application form.
What happens if we obtain information about you which we have not solicited?
Where we receive unsolicited personal information about you, we will consider if we could have collected the information if we had solicited the information. Where we determine that we could have collected the personal information from you, we will treat your personal information in the same manner as if we have solicited the information directly from you. Where we determine that we could not have collected the personal information, we will destroy the information or ensure that the information is de-identified as soon as practicable.
Use and disclosure of your personal information
Euroz may use your personal information for the primary purpose of providing ﬁnancial services to you, as well as for related purposes such as:
- to verify your identity or transactions which you may enter into with us;
- to administer and manage the provision of our products and services;
- to comply with laws and regulatory requirements including complying with any request made by a governmental authority or regulator, including in connection with legal proceedings or the prevention or detection of fraud and crime;
- to comply with Euroz’s risk management policies and procedures;
- those involved in providing, managing, or administering the products or services you have requested, including those advisers, paraplanners and organisations who work with us:
- conducting due diligence as part of acceptance of your account with Euroz and its related bodies corporate; or
- another purpose related to the primary purpose.
For the purposes we have described, we may disclose your personal information:
- to our suppliers (including service and content providers), contract and service providers, professional advisers, dealers and agents;
- to government agencies or individuals responsible for the investigation and resolution of disputes or complaints covering your use of our services and facilities including for example ASIC, AUSTRAC or the OAIC;
- other parties involved in the administration of your investments including securities exchanges, product issuers, investment registries or mailing houses;
- anyone to whom our assets or business (or any part of it) is transferred (or offered to be transferred, subject to confidentiality provisions);
- other entities in the wider Euroz group; or
- where you have otherwise consented or as otherwise required or authorised by law.
Do we disclose personal information for marketing?
We may use your personal information to offer products and services that we believe may interest you. We may also disclose your personal information to external service providers who assist us to market our products or services.
We are permitted to use personal information for marketing if the client would reasonably expect us to do so and when the client has been provided with a simple means of opting out of the marketing service.
Government related identifiers
Although in certain circumstances we are required to collect government identifiers such as your tax file number, Medicare number or pension card number, we do not use or disclose this information other than when authorised by law or unless you have voluntarily consented to disclose this information to a third party.
Access and correction and updating personal information
Generally, we will provide you with access to your personal information that we hold within a reasonable time of a request unless an exception applies under the Privacy Act. Where we provide you with access to such information, we may charge you a reasonable fee to cover our costs.
We will take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, up to date, complete and relevant. In the event that you become aware, or believe, that any personal information which we hold about you is inaccurate or incomplete, you may contact us to correct the information.
If we disagree about the correction you have supplied, and refuse to correct the personal information, or if we believe that we are unable to comply with your request, we will give you a written notice to that effect. You have the right to make a complaint if you disagree with our decisions in relation to these matters.
Your Rights under the GDPR
If you are an individual residing in the European Union (EU), you have certain rights as to how your personal information is obtained and used. Euroz complies with your rights under the GDPR as to how your personal information is used and controlled if you are an individual residing in the EU.
Except as otherwise provided in the GDPR, you have the following rights:
- To be informed how your personal information is being used;
- Access to your personal information (we will provide with a free copy of it);
- To correct your personal information if it is inaccurate or incomplete;
- To delete your personal information (also known as ‘the right to be forgotten’);
- To restrict processing of your personal information;
- To retain and reuse your personal information for your own purposes;
- To object to your personal information being used; and
- To object against automated decision making and profiling.
Storage and security of information
Euroz stores personal information in a combination of computer storage facilities, paper-based files and other records. We will take reasonable steps to protect personal information from loss, misuse, unauthorised access, modification or disclosure.
Where we employ data processors to process personal information on our behalf, we only do so on the basis that such data processors comply with the requirements under the Australian Privacy Act and GDPR and that have adequate technical measures in place to protect personal information against unauthorised use, loss and theft.
Cross-border disclosure of personal information
We do not currently disclose your personal information overseas, however some third party providers we may engage with from time to time may have registered overseas locations. In the event that we do disclose your personal information overseas, Euroz will make reasonable steps to ensure that the foreign recipient will not breach the APPs and to ensure that they are subject to similar privacy laws that will afford protection in the same manner as the APPs.
You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.
Contacting us and complaints
If you wish to contact us for any purpose regarding this policy including making a complaint about the way we have handled your personal information (including if you think we have breached the Privacy Act) you may do so to our Head of Risk in writing, by mail or fax to the address or fax number set out at the end of this policy. When you contact us, include your email address, name, address and telephone number and clearly describe your complaint. Our Head of Risk will investigate the complaint and respond to you promptly. If you consider that we have failed to resolve the complaint satisfactorily, and you are an individual located in Australia, you can complain to the Office of the Australian Information Commissioner.
Euroz Securities Limited Privacy Officer
Mailing Address: PO Box Z5036
Perth Western Australia 6831
Street Address: Level 18, Alluvion
58 Mounts Bay Rd
Perth Western Australia 6000
Telephone: +61 8 9488 1400
Fax: +61 8 9488 1477