Personal information is any information or opinion about you that is capable, or reasonably capable, of identifying you, whether the information or opinion is true or not and is recorded in material form or not.
Sensitive information includes such things as your racial or ethnic origin, political opinions or membership of political associations, religious or philosophical beliefs, membership of a professional or trade association or trade union, sexual orientation or criminal record, that is also personal information. Your health, genetic and biometric information and biometric templates are also sensitive information.
We collect personal and/or sensitive information to provide you with the products and services you request as well as information on other products and services offered by or through us. The law requires us to collect personal and/or sensitive information.
Your personal and/or sensitive information may be used by us to administer our products and services, for prudential and risk management purposes and, unless you tell us otherwise, to provide you with related marketing information. We also use the information we hold to help detect and prevent illegal activity. We cooperate with police and other enforcement bodies as required or allowed by law.
We disclose relevant personal information to external organisations that help us provide services. These organisations are bound by confidentiality arrangements.
You can seek access to the personal information we hold about you. If the information we hold about you is inaccurate, incomplete, or outdated, please inform us so that we can correct it. If we deny access to your personal information, we will let you know why. For example, we may give an explanation of a commercially sensitive decision, or give you access to the information through a mutually agreed intermediary, rather than direct access to evaluative information connected with it.
1. What personal information is collected?
We only collect personal information that is reasonably necessary to provide financial services and management to our customers, which may include individuals ("you" or "your") related to these customers (for example, company directors). The types of personal information we collect and hold will depend on the types of services our customers request from us, which may include:
Your name, date of birth, address, contact information and relevant identification documents;
Communication between our asset advisors, custodians, legal or other advisors (including their brokers or other agents);
Transaction information about the use of the service.
We are required by law to identify you if you are opening a new account or adding a new signatory to an existing account. Anti-money laundering laws require us to sight and record details of certain documents (i.e. photographic and non-photographic documents) in order to meet the standards set under those laws.
Where it is necessary to do so, we also collect information on individuals such as:
(c) company directors and officers;
(d) officers of co-operatives and associations;
(e) customer’s agents;
(f) beneficial owners of a client; and
(g) persons dealing with us on a “one-off” basis
We may take steps to verify the information we collect; for example, a birth certificate provided as identification may be verified with records held by the Registry of Births, Deaths and Marriages to protect against impersonation, or we may verify with an employer that employment and remuneration information provided in an application for credit is accurate.
We only collect personal information about you directly from you (rather than someone else) unless it is unreasonable or impracticable to do so or you have instructed us to liaise with someone else.
If it is impracticable or unreasonable for us to collect the personal information directly from you, we may collect such information from agents, or from your family members or friends. If you are not aware that we have collected the personal information, we will notify you of collection and the circumstances of collection, if we consider it is reasonable to do so.
The Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) and Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1) requires us to collect certain identification information about you. We must collect personal information from third parties in respect of AML/CTF checks which are required to be carried out, under AML/CTF Legislation.
2. How do we use your personal information?
Providing customers with the products and services they request and, unless they tell us otherwise, to provide information on products and services offered by us and external product and service providers for whom we act as agent. (If you have provided us with your email or mobile phone details, we may provide information to you electronically with respect to those products and services);
Managing the provision of services between us, including but not limited to billing, internal reporting and analysis, and any other auxiliary matters;
Complying with the information required by or disclosed to regulatory agencies, governments, agencies or organisations;
Obtaining advice, accepting services or providing information to third parties relating to matters that may affect Oli Capital;
Complying with any legal obligations, requirements or good practices of laws, regulations, associations, voluntary codes we decide to adopt in any jurisdiction;
Monitoring and evaluating products and services;
Gathering and aggregating information for statistical, prudential, actuarial and research purposes;
Assisting customers with queries;
Confirming and verifying your identity (this may involve the use of credit consulting agencies or other third parties as our agents) and conducting due diligence, including "know your customer" checks and other procedures we take during the onboarding process. We may also block potential customers that appear on public government and/or law enforcement agency sanctions lists;
Discovering, investigating and preventing fraud and other crimes or malfeasance;
Obtaining legal opinions or establishing, exercising or defending legal rights for the purpose of or related to any legal process (including future legal process); and
In the course of our legal financial services business activities, any other purpose incidental to or directly related to the above purposes.
If you do not wish to provide personal information for any of the purposes listed above (except for the purpose of providing you with marketing information), we will not be able to provide you with financial services.
In order to provide you with marketing information related to our products or services in the investment management business, you voluntarily provide us with personal information.
3. What if you do not provide certain information?
If the application you provide to us is incomplete, we may not be able to serve our customers until the application is complete.
If you do not provide us with all relevant identity verification documents, or do not fully meet the electronic identity verification requirements, we may not be able to provide services to our customers, or continue to provide services to them.
If you choose not to disclose your details or answer the verification question correctly, we may not be able to process the transaction requested by the customer.
In most cases, before or at the time of collecting your personal information, we obtain your consent to the purposes for which we intend to use and disclose your personal information.
If you don’t give us consent, we may not be able to provide you with the products or services you want. This is because we are required to collect this information to provide you advice.
Having provided consent, you are able to withdraw it at any time. To withdraw consent, please contact our office. Please note that withdrawing your consent may lead to us no longer being able to provide you with the product or service you enjoy given that, as mentioned above, it is impracticable for us to treat some customers differently.
In addition to the above conditions of collecting personal information, we only collect sensitive information about you if we obtain prior consent to the collection of the information or if the collection is required or authorised by law.
Dealing with unsolicited personal information
If we receive personal information that is not solicited by us, we only retain it, if we determine that it is reasonably necessary for one or more of our functions or activities and that you have consented to the information being collected or given the absence of your consent that it was impracticable or unreasonable for us to obtain it under the circumstances.
If these conditions are not met, we destroy or de-identify the information.
If such unsolicited information is sensitive information, we will obtain your consent to retain it regardless of what the circumstances are.
Quality of personal information
We ensure that the personal information we collect and use or disclose is accurate, up to date, complete and relevant.
Please contact us if any of the details you have provided to us change or if you believe that the information we have about you is not accurate or up to date.
We may also take steps to update personal information we hold, for example, an address, by collecting personal information from publicly available sources such as telephone directories or electoral rolls.
Security of personal information
We are committed to ensure that we protect any personal information we hold from misuse, interference, loss, unauthorised access, modification and disclosure.
For this purpose, we have a range of practices and policies in place to provide a robust security environment. We ensure the on-going adequacy of these measures by regularly reviewing them.
Our security measures include, but are not limited to:
(a) educating our staff as to their obligations with regard to your personal information;
(b) requiring our staff to use passwords when accessing our systems;
(c) encrypting data sent from your computer to our systems during Internet transactions and customer access codes transmitted across networks;
(d) employing firewalls, intrusion detection systems and virus scanning tools to protect against unauthorised persons and viruses from entering our systems;
(e) using dedicated secure networks or encryption when we transmit electronic data for purposes of outsourcing;
(f) providing secure storage for physical records; and
(g) employing physical and electronic means such as alarms, cameras and guards (as required) to protect against unauthorised access to buildings.
Where information we hold is identified as no longer needed for any purpose we ensure it is effectively and securely destroyed, for example, by shredding or pulping in the case of paper records or by degaussing (demagnetism of the medium using alternating electric currents) and other means in the case of electronic records and equipment.
5. Use and disclosure of your personal information
We may collect, use and disclose your personal information for the main purpose of providing services requested by customers and related purposes, including:
Verifying your identity or transactions that you may enter into with us;
Processing customer service applications;
Managing the services we provide;
Responding to enquiries, complaints or providing our general customer service to you;
Providing your asset advisors, custodians, legal or other advisors with detailed information about your investments;
Providing you with quotations for our other services, and improving and personalising our services;
Complying with legal and regulatory requirements, including anti-money laundering, financial services and tax laws, or compliance with any requirements of government agencies in legal procedures or prevention or detection of fraud and crime;
Complying with our risk management policies and procedures;
Conducting product and market research;
Training our employees; or
If you attend our office in person, assisting us to provide a safe environment for employees and visitors.
If we hold personal information about you that was collected for a particular purpose (“primary purpose”) above, we do not use or disclose the information for another purpose (“secondary purpose”) unless:
We have obtained your consent to use or disclose the information; or
you would reasonably expect us to use or disclose the information for the secondary purpose and the secondary purpose is:
if the information is sensitive – directly related to the primary purpose; or
if the information is not sensitive – related to the primary purpose;
the use or disclosure of the information is required or authorised by or under an Australian law or a court/tribunal order; or
a permitted general situation exists in relation to the use or disclosure of the information by us; or
a permitted health situation exists in relation to the use or disclosure of the information by us, in which case we de-identify the information before disclosing it; or
we reasonably believe that the use or disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
We may disclose your personal information to:
Your asset advisor, custodian, legal or other advisor, including your broker or other agent;
Affiliated product and service providers and external product and service providers for whom we act as agent (so that they may provide you with the product or service you seek or in which you have expressed an interest);
Auditors we appoint to ensure the integrity of our operations;
Any person acting on your behalf, including your solicitor, settlement agent, accountant, executor, administrator, trustee, guardian or attorney;
Your referee (to confirm details about you;
If required or authorised to do so, regulatory bodies and government agencies;
Credit reporting agencies;
Insurers, including proposed insurers and insurance reference agencies (where we are considering whether to accept a proposal of insurance from you and, if so, on what terms);
Medical practitioners (to verify or clarify, if necessary, any health information you may provide);
Other financial institutions and organisations at their request if you seek credit from them (so that they may assess whether to offer you credit);
Investors, advisers, trustees and ratings agencies where credit facilities and receivables are pooled and sold (securitised);
Other organisations who in conjunction with us provide products and services (so that they may provide their products and services to you); and
Professional associations or organisations with whom we conduct an affinity relationship (to verify your membership of those associations or organisations).
Our use or disclosure of personal information may not be limited to the examples above.
6. Will your personal information be given to anyone else?
We will not sell, rent or trade personal information to or with others. Personal information collected by us may be disclosed within Oli Capital and to third parties to whom we outsource specialised functions (such as our registry, mailing houses or printing companies), and if so, we take steps to ensure that those parties:
do not breach the APPs when they handle personal information (regardless of whether they are a small business, and would otherwise be exempt from the APPs); and
are authorised only to use personal information in order to provide the services or to perform the functions required by us.
In all circumstances where personal information may become known to our contractors, agents and outsourced service providers, there are confidentiality arrangements in place. Contractors, agents and outsourced service providers are not able to use or disclose personal information for any purposes other than our own.
We take our obligations to protect customer information very seriously we make every effort to deal only with parties who share and demonstrate the same attitude.
The only other time we would make disclosures of personal information is to your representative, if we are required to do so by law, or if the disclosure is permitted under the Privacy Act. We are unlikely to disclose information to any overseas entity, however if we do, we will comply with the requirements set out above.
7. How will we protect your personal information?
Whether your personal information is collected through face-to-face meetings or interacted with us via phone, mail, Internet or other means, we will take steps to store your information securely. We store your personal information in a combination of secure computer systems, storage devices, paper documents and other formats. We have taken many measures to protect personal information from misuse, loss, unauthorised access, modification or improper disclosure. This includes instructing staff handling personal information to respect the confidentiality and privacy of personal information.
8. Access and correction
You can request us to provide you with access to the personal information we hold about you.
Requests for access to limited amounts of personal information, such as checking to see what address or telephone number we have recorded, can generally be handled over the telephone.
If you would like to request access to more substantial amounts of personal information such as details of what is recorded in your account file, we will require you to complete and sign a “Request for Access to Personal Information” form.
Following receipt of your request, we provide you with an estimate of the access charge and confirm that you want to proceed.
We do not charge you for making the request for access, however access charges may apply to cover our costs in locating, collating and explaining the information you request. The charges will be advised to you before we provide the services.
We respond to your request as soon as possible and in the manner requested by you. We endeavour to comply with your request within 14 days of its receipt but, if that deadline cannot be met owing to exceptional circumstances, your request will be dealt with within 30 days. It helps us provide access if you can tell us what you are looking for.
Your identity is confirmed before access is provided.
In particular circumstances we are permitted by law to deny your request for access or limit the access we provide. We let you know why your request is denied or limited if this is the case. For example, we may give an explanation of a commercially sensitive decision rather than direct access to evaluative information connected with it.
Refusal to give access and other means of access
If we refuse to give access to the personal information or to give access in the manner requested by you, we will give you a written notice setting out the reasons for the refusal, the mechanisms available to complain and any other relevant matter.
Additionally, we endeavour to give access in a way that meets both yours and our needs.
Access to a credit report about you
You have the right to ask for a copy of any credit report we have obtained about you from a credit-reporting agency. However, as we may not have retained a copy after we have used it in accordance with Part IIIA of the Privacy Act the best means of obtaining an up-to-date copy is to get in touch with the credit-reporting agency direct.
You have a right to have any inaccuracies corrected or, if there is any dispute as to accuracy, to have a note added to your credit reporting agency file explaining your position.
If we decline your credit application wholly or partly because of adverse information on your credit report, the Privacy Act, requires us to tell you of that fact and how you can go about getting a copy of your credit report.
The major credit-reporting agency in Australia is Equifax, https://www.equifax.com.au/. As the largest agency, it is likely that it will be Equifax that you will need to contact in relation to access to an up-to-date copy of your credit report and any correction of information on your file. You can contact Equifax at https://www.equifax.com.au/contact.
If we find that the personal information we hold about you is inaccurate, incomplete, misleading or irrelevant, then we will take reasonable steps to modify it. If we receive your request to correct your information, then we will seek correction within 30 days. If you and we disagree with the accuracy, completeness or timeliness of our records, then you have the right to ask us to record your disagreement with these records.
If we correct your personal information that we previously disclosed to another APP entity you can request us to notify the other APP entity of the correction. Following such a request, we give that notification unless it is impracticable or unlawful to do so.
Refusal to correct information
If we refuse to correct the personal information as requested by you, we give you a written notice setting out the reasons for the refusal, the mechanisms available to complain and any other relevant matter.
Request to associate a statement
If we refuse to correct the personal information as requested by you, you can request us to associate with the information a statement that the information is inaccurate, out of date, incomplete, irrelevant or misleading. We will then associate the statement in such a way that will make the statement apparent to users of the information.
If you want to request an update or seek access to the personal information we hold about you, please see the Contact Us information.
9. Trans-border data flows
We do not disclose personal information to recipients in foreign countries.
10. Direct marketing
Direct marketing means that we use your personal information to provide you with information on our products and services that may interest you.
We will not use your personal information for direct marketing purposes unless:
We have obtained your consent, or you reasonably expect us to use your personal information for direct marketing purposes;
We provide you with an easy way to “opt-out” of receiving direct marketing; and
We have not received your "opt-out" request.
If you wish to opt-out of receiving marketing information altogether, you can:
write to us at firstname.lastname@example.org.
We will not use any sensitive information collected from you for direct marketing purposes.
11. Adoption of government related identifiers
We do not adopt a government related identifier of an individual as our own identifier unless required or authorised to do so by or under an Australian law, regulation or court/tribunal order.
Use or disclosure of government related identifiers
Before using or disclosing a government related identifier of an individual, we ensure that such use or disclosure is:
reasonably necessary for us to verify your identity for the purposes of our activities or functions; or
reasonably necessary for us to fulfil its obligations to a government agency or a State or Territory authority; or
required or authorised by or under an Australian law, regulation or a court/tribunal order; or
within a permitted general situation (other than the situation referred to in item 4 or 5 of the table in subsection 16A(1) of the Privacy Act); or
reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.
12. Complaints about your privacy
If you wish to raise any concerns about any breach or potential breach of your privacy, please contact our Privacy Officer and we will make every effort to resolve your complaint internally.
Please contact the Privacy Officer by:
Email: email@example.com; or
Post: ‘Civic Tower’ Suite 1103, 66 Goulburn Street, Sydney NSW 2000.
We offer a free internal complaint resolution scheme to all of our customers. If you have a privacy complaint, please contact us to discuss your concerns.
You also have free access to an external dispute resolution scheme in which we are member.
To assist us in helping you, we ask you to follow a simple three-step process:
Gather all supporting documents relating to the complaint.
Contact us and we will review your situation and if possible resolve your complaint immediately. We will attempt to respond within 30 days from the receipt of your request;
If the matter is not resolved to your satisfaction, please contact our Privacy Officer on via email at firstname.lastname@example.org or put your complaint in writing and send it to Oli Capital at ‘Civic Tower’ Suite 1103, 66 Goulburn Street, Sydney NSW 2000.
If you are still not satisfied, you have the right to contact the Office of the Australian Information Commissioner (“OAIC”). You can contact the OAIC to make a query concerning your privacy rights, or to lodge a complaint with the OAIC about how we have handled your personal information. You can contact the OAIC’s hotline on 1300 363 992 or visit their website at . The OAIC has the power to investigate a complaint and make a determination.