Sovereign Wealth Financial
Privacy Policy - February 2022
1 Background
1.1 Overview
(a)Regal Advice Pty Ltd adhere to the Australian Privacy Principles (APPs) and are bound by the Privacy Act 1988 (Cth) (Privacy Act). It is important to us that personal information collected by us is protected.
(b)If you want more information about this Privacy Policy, or if you want to inquire about any of personal information held by us, or if you believe personal information held by us is inaccurate, incomplete or out-of-date, please contact us.
(c)Our business is providing financial services to retail clients. When providing such services, we may have access to personal information relating to our clients.
(d)The purpose of this Privacy Policy is to outline how we collect, use, disclose and retain personal and sensitive information. It also sets out how you can make a complaint and how you can access the personal information we hold about you.
2 What is personal information?
2.1 What is personal information?
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable: (a) whether the information or opinion is true or not; and (b) whether the information or opinion is recorded in a material form or not. For the purposes of this policy, personal information may include:
(a)name;
(b)address;
(c)nationality;
(d)residency status;
(e)e-mail address;
(f)Tax File Number; and
(g)financial information.
3 Collection of personal information
3.1 Collection of personal information
(a)We may collect and hold personal information from you for the purposes of enabling us to provide our services to you. For example - when we provide financial services to you (eg. when we recommend a financial product to you or to arrange for you to invest in a financial product). When doing so, we may collect personal information about you as part of forming our recommendation or providing our arranging services.
(b)If you give us personal information about you, we will only use and disclose that information for the relevant purposes set out below. You can also access the information we hold about you.
(c)Any personal information held by us may be held in a number of ways including via hard copy, soft copy or offsite on electronic servers.
(d)Where we obtain sensitive information (e.g. racial or ethnic origin, political opinions, religious beliefs or affiliations or criminal record), we will only do so with your consent and where the collection of such information is reasonably necessary for us to perform our function.
3.2 Dealing with unsolicited personal information
If we receive unsolicited personal information, we will within a reasonable period after receiving the information, determine whether or not we could have collected the information under Australian Privacy Principle 3. If the information could not have been obtained under APP 3, we will take steps to destroy or de- identify the information as soon as practicable, if it is lawful and reasonable to do so.
3.3 Notification of the collection of personal information
At or before the time we collect personal information from you, or if that is not practicable, as soon as practicable after, we will take reasonable steps to ensure you are aware of:
(a)who we are and our details;
(b)how we collect the personal information and whom from;
(c)whether the collection of the personal information is required or authorised by or under an Australian law or a court/tribunal order;
(d)the purposes for which we collect the personal information;
(e)the main consequences (if any) if we do not collect all or some of the personal information;
(f)any other person or body to whom we would disclose the personal information that we have collected;
(g)information about how you may access the personal information held by us about you and how you may seek correction of such information;
(h)how you may complain about a breach of the Australian Privacy Principles and how the entity will deal with such a complaint;
(i)whether we are likely to disclose the personal information to overseas recipients (if so where).
3.4 Anonymity and pseudonymity
Whilst you may wish to deal with us anonymously, this is likely to limit the services we provide to you as our principal business is the provision of financial services which is personal to you. Given the legal requirements around anti-money laundering and counter terrorism financing, we are required to identify our clients when we deal with them. We cannot therefore provide financial services to you on an anonymous basis.
3.5 If you don’t provide us with the information we request
It is your choice as to whether you wish to provide us with the information we request. However, we may not be able to provide you with the services you require if you don’t provide us with the relevant information to help us deliver the services.
4 Use or disclosure of personal information
4.1 Use or disclosure of personal information
(a)Any personal information collected by us is solely related to the provision of financial services to you and will not be disclosed unless such disclosure is required as part of providing services to you. For example, we may disclose information to our external compliance consultants who audit the financial services we provide to ensure they comply with the legal and regulatory requirements.
(b)If we specify that personal information is collected for a specific purpose, we will not use or disclose the information for another purpose unless you consent to the use or disclosure of the information or an exception in the APPs applies.
4.2 Direct marketing
We may use and disclose your personal information to keep you informed about the range of services that we think may be relevant or of interest to you. You can opt out of receiving information from us at any time by contacting us.
5 Security and access
5.1 Information accuracy
We take reasonable steps to ensure that all personal data collected is accurate, up to date and complete. You can ask us to correct any inaccurate information we hold or have provided to others by contacting us using the details in this policy. If the information that is corrected is information we have provided to others, you can ask us to notify them of the correction.
5.2 Security of personal information
We take care to protect the security of your personal information. We may hold personal information in a combination of secure computer storage facilities, paper-based files and other formats. We take reasonable steps to protect personal information from misuse, loss, unauthorised access, modification or improper disclosure. These include instructing our staff who handle personal information to respect the confidentiality of customer information and the privacy of individuals. Please note, we are required by law to retain your personal information for a specific amount of time. We will generally destroy or de-identify personal information if it is no longer required.
5.3 Access to and collection of personal information
(a)You can contact us to access or correct any personal information we hold about you. However, in certain situations, we are permitted to refuse access to personal information. These situations include where:
(i)giving access would have an unreasonable impact on the privacy of other individuals
(ii)giving access would be unlawful, or where denying access is required or authorised by an Australian law or a court order
(iii)giving access is likely to interfere with law enforcement activities.
For other situations, please consider Australian Privacy Principle 12.
(b)If we receive a request to access personal information, we aim to respond to that request in a reasonable timeframe. In general, we will not impose an access charge unless the request of access and correct personal information is excessively onerous.
(c)If we refuse access to personal information, we will provide you with reasons as to why access was refused and provide you with information on how to lodge a complaint about the refusal.
5.4 Data breach
(a)A data breach occurs when personal information held by us is lost or subjected to unauthorised access, modification, disclosure, or other misuse or interference. Examples of a data breach are when a device containing personal information of clients is lost or stolen, or when a database containing personal information is hacked or if we mistakenly provide personal information to the wrong person.
(b)Under the Privacy Amendment (Notifiable Data Breaches) Act 2017, we have an obligation to assess within 30 days whether a data breach amounts to an ‘eligible data breach’ if we become aware that there are reasonable grounds to suspect that data breach may have occurred.
(c)If we form the view that the data breach would likely result in serious harm to any of the individuals to whom the information relates despite any remedial action taken by us, then the data breach will constitute an ‘eligible data breach’. If an eligible data breach occurs, we have an obligation to notify you and the Office of the Australian Information Commissioner and of the details of the eligible data breach.
6 Complaint
6.1 Complaint
If you would like to make a complaint about this policy or the personal information held by us, please contact us on the contact details below.
7 Contact us