We are bound by the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs). This policy explains how and why we collect, use, hold and disclose your personal information. “We”, “us” and “our” means Colonial First State Investments Limited ABN 98 002 348 352, AFSL 232468 (CFSIL) and Fortlake Asset Management Limited ACN 643 640 939 of Level 27, 25 Bligh St, Sydney NSW 2000 (Fortlake). You consent to us collecting, holding, using and disclosing your personal information in accordance with this policy.
What is personal information?
Personal information is any information or an opinion about an identified individual or an individual who can be reasonably identified from the information or opinion. Information or an opinion may be personal information regardless of whether it is true.
What personal information do we collect and hold?
We collect information about you and your interactions with us, for example, when you purchase or use any of our products or services, call us or otherwise visit our website. The information we collect from you may include your name and date of birth, your contact details including your address, phone number(s) and email, your identity documents (including driver’s licence, passport or other), information required by product issuers (e.g. occupation, mother’s maiden name), your Tax File Number, your bank account details, your holdings of term deposits or other cash products and details of enquiries or complaints you make, provided to Fortlake by telephone, by email or otherwise.
We may collect information about how you access, use and interact with the website. This information may include:
- The time and the date that you visited;
- General usage and including any information or documentation that you have downloaded;
- Information input directly;
- Your browser type.
We use cookies on the website. A cookie is a small text file that the website may place on your device to store information. We may use persistent cookies (which remain on your computer even after you close your browser) to store information that may speed up your use of our website for any of your future visits to the website. We may also use session cookies (which no longer remain after you end your browsing session) to help manage the display and presentation of information on the website. You may refuse to use cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of the website.
Why do we collect, hold and use your personal information?
We collect, hold and use your personal information so that we can:
- provide you with products and services, and manage our relationship with you;
- contact you, for example, to respond to your queries or complaints, or if we need to tell you something important;
- comply with our legal obligations and assist government and law enforcement agencies or regulators; or
- identify and tell you about other products or services that we think may be of interest to you.
If you do not provide us with your personal information we may not be able to provide you with our services, communicate with you or respond to your enquiries.
How do we collect your personal information?
We will collect your personal information directly from you whenever you interact with us.
We may collect information from third parties such as:
- Third parties you refer us to and authorise us to talk to;
- Information that is publicly available; and
- Product issuers which may include banks, credit unions and non-bank financial institutions.
In some circumstances we may access mailing lists to obtain information to conduct market research. We use reputable mailing list companies who are also bound by the Privacy Act. We do not keep a record of any information about you from those lists unless you contact us. The information on those mailing lists remains the property of the company by whom the list was provided.
How do we store and hold personal information?
We store most information about you in computer systems and databases operated by either us or our external service providers. Some information about you is recorded in paper files that we store securely.
We implement and maintain processes and security measures to protect personal information which we hold from misuse, interference or loss, and from unauthorised access, modification or disclosure.
These processes and systems include:
- the use of identity and access management technologies to control access to systems on which information is processed and stored;
- requiring all employees to comply with internal information security policies and keep information secure;
- requiring all employees to complete training about information security; and
- monitoring and regularly reviewing our practise against our own policies and against industry best practice.
We will also take reasonable steps to destroy or de-identify personal information once we no longer require it for the purposes for which it was collected or for any secondary purpose permitted under the APPs.
Who do we disclose your personal information to, and why?
We may transfer or disclose your personal information to our related companies.
We may disclose personal information to external service providers so that they may perform services for us or on our behalf.
We may also disclose your personal information to others (outside our group of companies) where:
- we are required or authorised by law to do so;
- you may have expressly consented to the disclosure or the consent may be reasonably inferred from the circumstances; or
- we are otherwise permitted to disclose the information under the Privacy Act
- Information may be disclosed to third party electronic verification providers for the purpose of identifying you, in which case the information will be limited to your identity particulars;
- To evaluate, effect, manage and administer the services provided by us;
- To inform you of other products and services offered by other entities that provides services on our behalf. This includes marketing and promotion by way of direct mail, telemarketing, email, SMS and MMS messages. However, you may at any time “opt out” of receiving direct marketing;
- When engaging third party providers to perform services for Fortlake which involves third parties handling personal information;
- To research, develop and improve our services, including testing and improving systems for the management of the services provided;
- For security and audit purposes, service monitoring, internet traffic monitoring, trouble shooting, maintenance, to protect against and identify security breaches, inappropriate behaviour, fraud and unauthorised access to the IT systems of Fortlake;
- For communication purposes where contact details are received by us because you sent these to enable us to respond to your request;
- To conduct our business and perform other management and administration tasks;
- To manage any legal actions concerning Fortlake;
- To consider any concerns or complaints an individual may have;
- To help us improve the services offered to our client, and to enhance our overall business;
- To product issuers for which we may act as agents for the purpose of complying with anti-money laundering and counter terrorism financing laws.
If the ownership or control of all or part of our business changes, we may transfer your personal information to the new owner.
Do we use your personal information for marketing?
We will use your personal information to offer you products and services we believe may interest you, but we will not do so if you tell us not to. These products and services may be offered by us, our related companies, our other business partners or our service providers.
Where you receive electronic marketing communications from us, you may opt out of receiving further marketing communications by following the opt-out instructions provided in the communication.
Access to and correction of your personal information
You may access or request correction of the personal information that we hold about you by contacting us. Our contact details are set out below. There are some circumstances in which we are not required to give you access to your personal information.
There is no charge for requesting access to your personal information but we may require you to meet our reasonable costs in providing you with access (such as photocopying costs or costs for time spent on collating large amounts of material).
We will respond to your requests to access or correct personal information in a reasonable time and will take all reasonable steps to ensure that the personal information we hold about you remains accurate, up to date and complete.
Complaints
If you have a complaint about the way in which we have handled any privacy issue, including your request for access or correction of your personal information, you should contact us. Our contact details are set out below.
We will consider your complaint and determine whether it requires further investigation. We will notify you of the outcome of this investigation and any subsequent internal investigation.
If you remain unsatisfied with the way in which we have handled a privacy issue, you may approach an independent advisor or contact the Office of the Australian Information Commissioner (www.oaic.gov.au) for guidance on alternative courses of action which may be available.
Contact details
If you have any questions, comments, requests or concerns, please contact us during business hours, Monday to Friday at:
Phone: 1300 110 344
Post: Level 27, 25 Bligh St, Sydney NSW 2000
Attn: Privacy Officer
Fortlake Asset Management Limited
Attn: Privacy Officer
Colonial First State Investments Limited
Level 27, 25 Bligh St, Sydney NSW 2000
E-mail: [email protected]
Changes to this policy
From time to time, we may change our policy on how we handle personal information or the types of personal information which we hold. Any changes to our policy will be published on our website.
You may obtain a copy of our current policy from our website or by contacting us at the contact details above.