PURPOSE AND SCOPE
Oceana recognises that your privacy is important and needs to be protected. Oceana is bound by the Australian Privacy Principles (APPs) in the Privacy Act 1988 (Cth) and we take these obligations seriously.
COLLECTION AND USE OF PERSONAL INFORMATION
To provide you with products and/or services, we may need to collect your personal information. The personal information collected will depend on the products and/or services we provide to you so in most cases we will only collect the personal information we need to provide and market our products and services in the context of our day to day business.
We may collect any of the following personal information, depending upon the products and/or services we may offer or provide to you which may include: your name, gender, date of birth, phone numbers, postal and residential addresses, email address, occupation, professional experience and qualifications, financial information and bank account details.
We may collect information about you from third parties, including but not limited to:
- financial advisers
- unit registrars and administrators
Where possible, we will collect personal information directly from you and explain to you, in general terms, why we are collecting it and how we will use or disclose it. If we collect personal or sensitive information from someone other than you, where practicable, we will tell you that we have it, who it came from and the circumstances of the collection. Sensitive information, such as country of origin or health status will only be collected with your express consent.
Where possible, we will only use personal and sensitive information for the purpose for which it was collected. Occasionally the information may be used for another purpose, such as marketing. In these situations we will only use the information if we have your consent or if the reason we want to use it is directly related to the purpose for which it was initially collected or it could be reasonably expected that we would use it for such a purpose.
From time to time, we may use your personal information to tell you about products or services we think you might be interested in. If you don’t want to receive direct marketing messages or want to change contact preferences you may request not to receive any direct marketing by contacting the sender using the details set out in the communication.
If you hold notes or units in Oceana, your personal information is used to carry out registry functions. Registry functions include making distribution payments, sending
corporate communications, informing you of updates concerning Oceana and our products and services or your investment, maintaining records and contact details, processing transactions, responding to queries or complaints and to comply with any law or regulation.
Note registers may be maintained by external parties who will be required to have arrangements in place to protect personal information they collect on behalf of Oceana.
THIRD PARTY LINKS
DISCLOSING PERSONAL INFORMATION
Oceana is careful about how we use your information and who we share it with. We may share information with other employees of Oceana without disclosing this to you. We may also disclose your personal information to third parties who assist us in the operation of our business and/or the provision of our products and services such as custodians and unit registry providers. Personal information could also be disclosed to:
- service providers, such as your financial adviser. If a financial adviser’s stamp appears on your application form or if you otherwise inform us of having a financial adviser, we may supply your financial adviser with information about your accounts unless you instruct us otherwise in writing;
- other professional advisors such as accountants, lawyers, consultants and other business advisors as advised to us;
- mail houses, archive providers, our related bodies corporate, contractors, or other third parties for the purposes specified above;
- third party service providers, contractors and partners who help us manage our business and deliver our services, including IT service providers who manage our applications, systems and networks and/or provide hosting, storage and maintenance and support services;
- regulatory authorities or government agencies or bodies where required by law; and
- other third parties where required, or allowed under law, or in connection with legal proceedings.
Where possible, Oceana will not transfer personal or sensitive information to a party in a foreign country, unless we are reasonably satisfied that the recipient of the information is subject to information privacy requirements similar to those of Australia, the recipient agrees to abide by Australian privacy laws in its handling of personal and/or sensitive information, you have consented to the transfer, the disclosure is required or permitted by Australian law or court/tribunal order; or the information is required under a foreign law or regulation.
KEEPING YOUR PERSONAL INFORMATION SECURED
We take reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure.
We may hold your personal information in either electronic or hard copy (paper) form. We retain your personal information in our computer systems and databases, and in our physical files. We use technologies and processes such as access control procedures, network firewalls, encryption, password protected databases and physical security measures to protect your personal information.
If we establish that your personal information has been accessed or disclosed without authorisation, Oceana has an obligation under the Privacy Amendment (Notifiable Breaches) Act 2017 (Cth) to investigate the circumstances of the breach and take appropriate action to correct it. Where it is determined that a reasonable person would conclude that the access or disclosure to your personal information would likely result in serious harm to you, we will advise you and the Office of the Australian Information Commissioner (OAIC) of the incident and provide details of the remedial actions we are taking to correct it. “Serious harm” is defined as a situation where the person affected could suffer serious physical, psychological, emotional, economic or financial harm, or serious harm to their reputation. In such situations, Oceana will assess the data breach considering the list of relevant matters included in legislation.
ACCESSING PERSONAL INFORMATION
We will take reasonable steps to ensure that the information we collect, use and disclose is relevant, accurate, up- to-date, and complete. In some cases, the accuracy of that personal information largely depends on the details you provide to us. Please keep us up to date with any changes to your personal information. You have the right to ask us what personal information we hold about you and request that changes be made to the information. If you wish to request access to the personal information we hold, you can contact us by email at firstname.lastname@example.org.
If we correct personal or sensitive information about an individual which was previously provided to a third party, and the individual requests us to notify the third party of the correction, we will take all reasonable steps to give that notification, unless it is impracticable or unlawful to do so.
We may charge a fee for responding to a request for personal information to cover our reasonable costs in locating and supplying the information. There is no cost for asking for access to information and we will make sure any charges for suppling the information are not excessive.
There are several exceptions in the Privacy Principles that allow us to refuse your request for access to your personal information. The exceptions are summarised in Privacy Fact Sheet 17: Australian Privacy Principles which is available from the OAIC. If we deny a request for access, we will explain why.
If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, you can ask us to amend it. If you contact us for a correction, we will review the information to ascertain if correction is required and take the appropriate action. In some circumstances, we may not agree that the information should be changed. If this happens, we will provide a reason explaining our decision and we will add a note to the personal information stating that you disagree with it.
WHERE DO I GO TO FIND OUT MORE ABOUT PRIVACY?
Please contact us if you would like to know more about the Privacy Act, or if you would like more information about the way Oceana uses personal information.
If you think Oceana has have breached your Privacy, or you wish to make a complaint about the way we have handled your personal information, please contact us using the contact details set out below. We will investigate your complaint. After Oceana has completed its investigation, we will contact you to advise the outcome. If your complaint is not satisfactorily resolved, you may apply to the Office of the Australian Information Commissioner (OAIC) to have the complaint heard and determined.
SPECIFIC RIGHTS FOR EUROPEAN UNION (EU) RESIDENTS ONLY
If you are domiciled in the EU, then you may have additional rights. Some of these rights will only apply in very limited circumstances.
- You can ask us to confirm if we are using or holding your personal information.
- You can ask us to delete your personal information. This right applies only on limited circumstances and will not usually apply where it remains necessary for is to use your information for the purposes for which it was collected, we are required by law to retain your information or your information is relevant to a legal dispute.
- You can ask us to help you move your personal information to other companies, where this is technically possible and only if we have collected and used your data via automatic means.
- You have the right to be informed and now about any protections that we have in in place where we are transferring your data overseas.