Six Park Asset Management Pty Ltd (ACN 610 445 479) (‘Six Park’, ‘we’, ‘our’, ‘us’) is bound by the Privacy Act 1988 (‘Privacy Act’), including the Australian Privacy Principles (‘APPs’).
Ensuring the confidentiality and security of your personal information is important to us. Any third parties (for example, our suppliers, agents, or sub-contractors) that have access to information we collect are also bound by this Policy.
Copies of this Policy are available free of charge on our website or by contacting our Privacy Officer.
What types of information do we collect?
We collect Personal Information. Personal Information is information or an opinion about a person, which can be used to identify that person. We may collect and hold personal information about (amongst other people) the following individuals:
- clients and potential clients;
- people who visit our website or download our Apps;
- anyone who provides a service to us.
Some examples of personal information that we collect are:
- contact details;
- date of birth;
- employment details;
- bank account details;
- tax file number; and
- any other information that is relevant to the services that we provide.
Sensitive information is personal information that includes information relating to a person’s racial or ethnic origin political opinions, religion, trade union or other professional or trade association membership, sexual preferences, criminal records and health information. We will not collect sensitive information about you without your consent unless an exemption in the APPs applies. These exceptions provide for collection by law or to take appropriate action in relation to suspected unlawful activity or serious misconduct.
How will we collect your personal information?
We generally collect personal information directly from you. For example, personal information will be collected when you:
- create a Six Park Profile;
- undertake the Six Park Risk Assessment;
- complete any other forms we may ask you to fill out;
- have any other interactions with us in the course of us providing you with our products and services, and
- visit the website or use our app.
We may also collect personal information about you from a third party, such as VEDA for identity verification services. Personal information about you may be collected from a party who has passed on your details to us because they think you may be interested in our services. If so, we will take reasonable steps to ensure that you are made aware of this Policy.
Collection of information through the website or app
Cookies do not contain personal information in themselves but can be used to identify a person when combined with other information. Cookies are small text files which are transferred to your computer’s hard drive through your web browser that enables our web site to recognise your browser and capture and remember certain information.
How will we use your personal information?
We collect and hold your personal information so that we can:
- provide you with our services and information we think is relevant to you;
- meet your needs, and review those needs as appropriate;
- comply with our legal and regulatory obligations;
- continue improving our service and resolve any complaints about our existing service;
- communicate with third parties on your behalf including accountants, financial advisers or similar person or entity that may have referred you to our services;
- keep improving our offering.
We may use and disclose your personal information for any of these primary purposes. We may also use and disclose your personal information for secondary purposes which are related to the primary purposes listed above, or in other circumstances as authorised by the Privacy Act.
Your personal information will be used and disclosed only for the purpose for which it was provided (or a directly related secondary purpose), unless you agree otherwise or an exemption in the Privacy Act applies.
What if you refuse to provide your personal information?
Unfortunately, we cannot give you the option of using our services anonymously or with a pseudonym. This is because it is impracticable, and may be illegal. You can make an anonymous general inquiry about our Services by calling us.
To whom will we disclose personal information?
We may share your personal information with:
- one of our related entities;
- our AFSL holder;
- service providers involved with the provision of our services to you;
- anyone we engage to carry out our functions and activities; this may include other organisations such as our lawyers and accountants, or anyone we require to assist us in a transfer or sale of our assets or business;
- accountants, financial advisers or any person or entity who may have referred you to our services;
- banks and other financial institutions who are involved in the management of our finances;
- regulatory bodies, government agencies, law enforcement bodies and courts; and
- anyone with whom you authorise us to share it or to whom disclosure is required by law.
If we share your personal information with any of these parties they may only use your personal information for the specific purpose for which we supply it to them. We will ensure that all contractual arrangements with third parties adequately address privacy issues and will make third parties aware of this Policy.
We may disclose the following personal information to credit providers or Credit Reporting Agencies (CRBs), in order to comply with our obligations under the Anti-Money Laundering and Counter Terrorism Financing Act 2006 (Cth) (AML/CTF obligations):
- date of birth; and
- residential address.
The purpose of disclosing this information is to enable us to verify whether the personal information collected matches the identification information held by the CRB. We may, upon request, provide you with an alternative method of verification, however, any alternative verification method must also comply with the AML/CTF legislation.
Do we send your information overseas?
We are likely to share your personal information to service providers located in the following countries:
- United States
Our systems use cloud storage servers that are hosted both in Australia and internationally. Therefore, the list of countries to which your information may be disclosed is likely to change. Where it is reasonably practicable to do so, we will update this list appropriately.
We will not share your personal information to overseas recipients without your consent unless:
- the overseas recipient is subject to a similar information privacy regime as here in Australia and
- we have taken reasonable steps to ensure that the recipient does not breach the Privacy Act or the APPs.
If you consent to your personal information being disclosed to an overseas recipient, and the recipient breaches the APPs, we will not be accountable for that breach under the Privacy Act, and you will not be able to seek redress under the Privacy Act.
How do we protect your personal information?
We recognise the importance of securing your personal information. There are always risks involved when you send information by the internet. You should assess these potential risks when deciding whether to use our online services. We have implemented procedures to ensure your personal information is as safe as practicable. To the extent we use paper files, they are stored in secure areas. Your personal information is generally stored in our encrypted computer database.
We keep your data safe by applying the following guidelines:
- encrypting data while it’s being transferred;
- encrypting data stored in our computer database;
- staff are required to enter a secure login and password to access client information;
- access is limited to staff based on their role;
- the premises are securely locked each night with access restricted to the building after hours; and
- we regularly review, test and revise the security provisions around our website, app and systems.
Do we use your personal information for direct marketing?
We may use personal information we collect from you for the purposes of direct marketing without your consent if:
- the personal information does not include sensitive information;
- you would reasonably expect us to use or share the information for the purpose of direct marketing;
- we provide a simple way of opting out of direct marketing; and
- you have not requested to opt out of receiving direct marketing from us.
We will only use information obtained from a third party for direct marketing if:
- you have consented;
- it is impracticable to obtain your consent; or
- we have provided a simple way to request not to receive direct marketing.
You have the right to request us not to use or hold your personal information for the purposes of direct marketing, or for the purposes of allowing direct marketing by other organisations.
We must process your request to not use or share your personal information within a reasonable period of time. You may also request that we tell you the source of the information. If a request is made, we must inform you of the source of the information free of charge within a reasonable period of time.
Do we use identifiers?
We only use identifiers assigned by the Government (for example, your driver’s licence), where it is reasonably necessary for us to do so for verification purposes.
Updates to this policy
This Policy will be reviewed when required to take account of new laws and technology, as well as any changes to our operations and business environment.
It is our responsibility to ensure that our employees are adequately trained in relation to the handling of personal information and that our employees and relevant third parties are:
- aware of the operation of this Policy;
- informed of any changes to this Policy;
- given timely and appropriate access to this Policy;
- aware that non-compliance with this Policy may lead to disciplinary action in the case of employees.
How do we keep personal information accurate and up to date?
We are committed to ensuring that the personal information we collect, use and disclose is relevant, accurate, complete and up to date. We encourage you to update any personal information we hold about you, through our website, our App or by contacting us.
Accessing your personal information
Subject to the exceptions set out in the Privacy Act, you may gain access to the personal information that we hold about you by contacting our Privacy Officer. We will provide access within 30 days of your request. If we refuse to provide the information, we will provide reasons for the refusal.
We will require identity verification and specification of what information is required. An administrative fee for search and photocopying costs may be charged for providing access.
Any questions, concerns or complaints?
If you would like further information about this Policy, or wish to make a complaint regarding our use of your personal information, you can contact us by:
- telephoning – 1300 851 779
- writing – our Privacy Officer, Level 2, 696 Bourke St, Melbourne VIC 3000
- emailing – [email protected]
If you are not satisfied with our response to your complaint, you can also refer your complaint to the Office of the Australian Information Commissioner by:
- telephoning –1300 363 992
- writing – Director of Complaints, Office of the Australian Information Commissioner, GPO Box 5218, SYDNEY NSW 2001
- emailing – [email protected]