We understand your concerns about privacy and the security of your personal information. Your privacy is important to us and we are bound by the Privacy Act 1998 (Cth) and the Australian Privacy Principles ("APPs"). We are committed to protecting the personal information that we hold about you.
1. What personal information is collected?
We only collect personal information that is reasonably necessary for us to provide our clients with financial services and to administer them, this may include collecting personal information from or about individuals (“you” or “your”) associated with those clients (for example, company directors). The kind of personal information we collect and hold will depend upon the type of services that our clients request from us and may include:
- your name, date of birth, address, contact details and relevant identification documents;
- communications between us and a client’s asset consultant, custodian, legal or other adviser, including their broker or other agent; and
- transactional information about the use of a service.
We collect sensitive information where required by law (eg. to verify your identity).
2. How is personal information collected?
We collect your personal information in a number of ways including:
- directly from you such as when you provide the information by phone, email or in an application form submitted on behalf of a client, or when you participate in a survey; and
- from third parties such as a client’s asset consultant, custodian, lawyer, broker or other agents, or identity verification service providers.
3. What if you do not provide certain information?
If you provide us with an incomplete application, we may not be able to provide our client with the service until the application is complete.
If you do not provide us with all relevant identity verification documents, or adequately satisfy electronic identity verification requirements, we may not be able to provide our clients, or continue to provide them with the service.
If you choose not to disclose your details or correctly answer verification questions, we may not be able to process transactions our client has requested.
4. Use and disclosure of your personal information
We may collect, use and disclose your personal information for the primary purpose of providing the services requested by our clients, as well as for related purposes such as:
- to verify your identity or transactions which our client may enter into with us;
- to process our client’s applications for services;
- to administer and manage the provision of our services;
- to respond to queries, complaints or to provide you or our client with our general customer services;
- to provide our client’s asset consultant, custodian, legal or other adviser with details of the investment;
- to provide our client with offers of our other services and to improve and personalise our services;
- to comply with laws and regulatory requirements, including anti-money laundering, financial services and taxation laws, or complying with any request made by a governmental authority in connection with legal proceedings or the prevention or detection of fraud and crime;
- to comply with our risk management policies and procedures;
- to conduct product and market research;
- to train our staff; or
- if attending our offices in person, to assist us in providing a safe and secure environment for employees and visitors.
We may disclose your personal information to:
- our client’s asset consultant, custodian, legal or other adviser, including their broker or other agent;
- professional service firms that provide services to us, such as, legal and audit services or data or information services;
- our related companies; or
- otherwise in accordance with this policy.
5. Use of service providers
We may contract out some of our administrative and support functions such as mailing, settlement services, document and data storage or identity verification services to external service providers from time to time. Only information necessary for the service provider to carry out their function will be provided and will be subject to confidentiality clauses in the relevant services agreement.
6. Keeping us up-to-date
Personal information such as contact details may change from time-to-time and we ask that you keep us informed of any changes by notifying us. Changes to some details, such as a change of name, may require additional documentation to verify the change. Additionally, some changes may be required to be made on a specific form.
Please see the ‘Contacting us’ information below if you would like to request an update to the personal information we hold about you.
7. Storage and security of information
We store personal information in a combination of computer storage facilities, paper-based files and other records. These are held on our premises and systems as well as offsite using trusted third parties. Some personal information may be held by data service providers located overseas (such as "Cloud" service providers for data storage and management purposes). We maintain effective control of the information under contractual arrangements. We will take reasonable steps to protect personal information from loss, interference or misuse, and unauthorised access, modification or disclosure.
Where personal information is no longer required to be retained, we will take such steps as are reasonable in the circumstances to de-identify the information or put it beyond use.
9. Access and correction
Generally, we will provide you with access to your personal information that we hold, unless a particular exception applies, such as where:
- it would be unlawful to provide the information;
- providing access would be likely to prejudice an investigation of possible unlawful activity;
- the information is relevant to legal proceedings and would not be accessible in the normal discovery process;
- giving access would have an unreasonable impact on the privacy of other individuals;
- it would pose a serious and imminent threat to the life or health of any individual; or
- the request is frivolous or vexatious.
If a request for access would divulge a commercially sensitive decision-making process, then we may provide an explanation rather than direct access to the information.
If we become aware that the personal information we hold about you is inaccurate, incomplete, misleading or irrelevant, then we will take reasonable steps to amend it. If we receive a request from you to correct your information, then we will seek to correct it within 30 days. If you and we disagree about the accuracy, completeness or currency of our records, then you have the right to request that we note your disagreement on those records.
Please see the ‘Contacting us’ information below if you would like to request an update or seek access to the personal information we hold about you.
We do not use any government-issued identifiers (such as TFNs, Medicare numbers and Drivers Licence numbers) for use as its own identifier. Instead, we issue numbers such as investor numbers and account numbers to identify our client and the services they obtain.
11. Anonymity and pseudonymity
Given legal requirements on financial institutions to identify their customers, in most situations we are unable to allow you or our client to transact with us on the basis of anonymity (including the use of a pseudonym). Access to our public website and some other interactions with us may be done anonymously, or in the case of general enquiries, using a pseudonym. However, we may not be able to respond to your queries unless you provide us with certain information.
12. Transborder data flows
At present, we do not disclose personal information to recipients in foreign countries.
13. Direct Marketing
We will not use your personal information for direct marketing purposes unless:
- we have obtained your consent or you would reasonably expect us to use your personal information for direct marketing purposes; and
- we have provided you with a simple means to ‘opt-out’ from receiving direct marketing; and
- we have not received such a request from you
We will not use any sensitive information collected from you for direct marketing purposes.
If you would like more information about how we manage your personal information or if you wish to change your contact information, please contact us on +61 2 8023 5793, or write to us at the following address:
The Privacy Officer
WaveStone Capital Pty Limited
Level 2, 5 Martin Place
Sydney NSW 2000
Complaints about your privacy
If you wish to raise any concerns about any breach or potential breach of your privacy, please contact our Privacy Officer and we will make every effort to resolve your complaint internally. If you wish to raise a concern, you should be aware of the following:
- Your complaint should be made in writing to the Privacy Officer (via post or email)
- We will attempt to respond within 30 days from receipt of your request
- If you feel your concerns have not been resolved, you may take your complaint to the Office of the Australian Information Commissioner (OAIC)
For more information on how you may lodge a complaint with the OAIC, please contact the OAIC hotline service on 1300 363 992 or email firstname.lastname@example.org.
Use of our website
We will collect some information from you when you visit our website. Your use of the facilities and services available through the website will determine the amount and type of information that we will collect about you. Some of this information will not be personal information because it will not reveal your identity.
We use third party web analytics providers to collect information on how people use our website and to help us know what our customers find interesting and useful in our website. Our web analytics providers use "cookies" and in some cases "clear gifs/web beacons" to collect information.
The only personal information which we collect about you when you use the website is what you tell us about yourself; for example, by completing an online form such as an application form or by sending us an email. We will record your email address if you send us an email.
Clear gifs (also known as web beacons) are used in combination with cookies to help us understand how visitors interact with our website. A clear gif is typically a transparent graphic image (usually 1 pixel x 1 pixel) that is placed on a site. The use of a clear gif allows us to measure the actions of the visitor opening the page that contains the clear gif.