Brentnalls Management Services (WA) Pty Ltd ACN 613 295 480 (in this document referred to as “Brentnalls WA”, “we”, “us” and “our”) is committed to protecting the privacy of the personal information we collect from you and handling your personal information in a responsible manner.
This Policy explains how we collect, store, use and disclose your personal information, how you can access and seek correction of the information we hold about you and how we otherwise manage your personal information. This Policy also explains how you can make a complaint about any breach of the Act or APPs in relation to your personal information.
This Policy only applies to Brentnalls WA and we make no guarantees about the manner in which third parties handle your personal information. If you exit the Brentnalls WA website or are disclosing your personal information to an entity other than Brentnalls WA, you are no longer protected by this Policy.
Review of this Policy
This Policy will be reviewed and updated on a regular basis. Any updates to this Policy will be posted on our website, www.brentnallswa.com.au. Alternatively, a copy can be made available to you upon request by contacting us. Please see the ‘Contact Us’ section of this Policy for our contact information.
Collection of Personal Information
What personal information we collect
We collect and hold personal information about you that can identify you and is necessary and relevant to providing you with professional services that you are seeking. The kinds of information we typically collect includes:
- Contact information such as your name and address, telephone numbers, email address and date of birth;
- Financial information, including bank account details and credit card details;
- Business details, including Australian Business Number;
- Tax file number;
- Details of investments; and
- Other information we may be required by law to collect to perform our services or voluntarily provided by you.
Brentnalls WA’s website collects the following information from users:
- Your server address;
- Your top level domain name (for example, .com, .gov, .au etc);
- The date and time of your visit to the site;
- The pages you accessed;
- The type of browser you are using or the type of mobile operating system you are using; and
- Any other information you voluntarily provide through completing forms on our website.
Except as otherwise permitted by law, we only collect, use and disclose sensitive information about you if you consent to the collection, use and disclosure of the information and if the information is reasonably necessary for the performance of our functions and activities.
If Brentnalls WA receives any personal information which it has not solicited from an individual it will take such steps as are necessary to lawfully destroy or de-identify the information if Brentnalls WA cannot establish that it could otherwise have lawfully obtained the information.
How We Collect Personal Information
Wherever practicable, we will only collect information from you personally, for example when we deal with you in person or over the phone, when you send us details via correspondence or when you subscribe electronically to our publications or when you complete forms we have provided you (either via the website, online surveys, in person or via correspondence).
Sometimes it may be necessary to collect your personal information from a third party. An example of this could be when we collect personal information about you from your authorised or personal representative or from a publically available record. We may also collect information about you from your use of our websites or through any registration process on our website. If you provide us with someone else’s personal information, you should only do so when you have their permission. You should also take reasonable steps to inform that person of the matters set out in this Policy.
There may, however, be some instances where personal information about you will be collected indirectly because it is unreasonable or impractical to collect personal information directly from you. We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.
Use, Disclosure & Purpose
We collect, hold and disclose your personal information for the following purposes:
- As a necessary part of providing services to you;
- To assist you in managing your financial and corporate affairs, including dealing with your bank accounts with your instructions;
- Organising other services on your behalf from third parties related to our services;
- To comply with statutory and contractual obligations placed upon us;
- To inform you of new services and offers (unless as directed otherwise);
- To determine sections of interest on our website and to optimise your experience with the site;
- To provide you with the opportunity to meet other people and attend seminars, conferences or other events in your type of business, or other area of expertise or interest;
- To analyse our services and client needs with a view to improving those services;
- For engagement of service providers, contractors or suppliers relating to the operation of our business; and
- In the selection process for employment at Brentnalls WA; and
- Other purposes related to any of the above.
If you do not want to receive marketing material from us, you can contact us to request your contact details be removed from our marketing list(s). Please see the ‘Contact Us’ section of this Policy for our contact information.
Generally, personal information is submitted through the website is used and disclosed for:
- The purpose for which it is submitted (primary purpose); any secondary purpose related to the provision of our services;
- Purposes where it can be reasonably inferred from the circumstances that you consent to your personal information being used (implied consent). For example, if you provide us with your personal information to subscribe to our newsletters, your consent will be implied for us to use and disclose your information to inform you of products and services that we believe may interest you. However, your implied consent for us to do this can be withdrawn at any time by telling us; and
Confidentiality of Your Personal Information
Brentnalls WA has a duty to keep your information confidential. Our duty of confidentiality applies except where we have consent to disclose your information, the disclosure is permitted under the Act, APPs or where it is compelled by law.
Brentnalls WA will only use your information for the purposes for which it was collected (“primary purposes”) or a purpose related to the primary purpose, if this use would be reasonably expected by you, or otherwise, with your consent.
People we may disclose your information to include:
- Government and associated bodies for the purpose of statutory reporting on behalf of you or your business;
- Banks and other financial organisations for the purpose of initiating financing for you; and
- Other organisations to arrange services on your behalf.
Quality, Access to & Correction of Information
You are entitled to have access to and seek correction of any information that we may hold about you. We require that requests for access to or to update or correct your information to be in writing outlining the details of your request. Such requests should be addressed to the Privacy Officer via the details provided in this Policy in the ‘Contact Us’ section.
Brentnalls WA will take appropriate steps to verify your identity (or verify that you act as a legal guardian or authorised agent of the individual concerned) before granting a request to access your information.
We will respond to your request for access to your information within a reasonable time after you make the request and if access is granted, access will be provided within 30 days from your request. Brentnalls WA will, on request, provide you with access to your information or update or correct your information, unless the Act provides an exception to us granting your request, including if:
- Giving access would be unlawful;
- We are required or authorised by law or a court/tribunal order to deny access; or
- Giving access is likely to prejudice one or more enforcement related activities conducted by an enforcement body.
Where your request for access is accepted, we will provide you with access to your information in a manner, as requested by you, providing it is reasonable to do so.
Your request for correction will be dealt with within 30 days, or such longer period as agreed by you. If we deny your request, we will provide you with a written notice detailing reasons for the refusal and the process for making a complaint about the refusal to grant your request.
Upon accepting a request for correction of your information, we will take all steps that are reasonable in the circumstances, having regard to the purpose for which your information is held, to correct your information.
We may charge a fee for providing information depending on the scope of information required and the resources involved. This fee will reflect the actual costs of providing information, depending on the complexity of each individual’s request.
By supplying, or having previously supplied, your information to us, you are agreeing to any or all of the uses outlined above. Where reasonable, we will also seek your consent verbally or in writing for use of your information for such uses in the interests of openness. Subject to the Act and APPs, should we want to use your personal information for other uses not related to the above, we will seek your consent to do this.
From time to time we may also use your personal information to communicate with you in regard to offers and promotions for our or related services. You are entitled to request that such communications cease at any time and we make provision in our materials for you to advise us of this.
Storage of Collected Information
We store your personal information in different ways, including in paper and electronic format. The security of your personal information is important to us. We take reasonable measures to ensure that your personal information is stored safely to protect it from misuse, loss, interference, unauthorised access, modification or disclosure. These measures include electronic and physical security measures, such as:
- imposing confidentiality requirements on our employees;
- implementing policies in relation to document storage security;
- Securing our premises with an alarm;
- implementing security measures to govern access to our systems including:
- Placing passwords and varying access levels on databases to limit access and protect electronic information;
- The use of firewalls, encryption, passwords and digital certificates;
- Using 2 Factor Authentication wherever possible when accessing not only our terminal server but also online software such as Xero and MYOB;
- Requiring our staff to be aware of the contents of this Policy and the relevant provisions under the Act and APPs which apply to us.
Personal information will be de-identified or destroyed when it is no longer required such that it cannot be re-identified at a later date. The de-identification and destruction process will be in accordance with the APPs. Where practical, we keep personal information only for as long as required, for example to meet Australian Taxation Office record keeping or other legal requirements or our internal needs.
If we store your personal information using a cloud storage service, or are required to disclose personal information outside the jurisdiction from which it was collected we are required to take reasonable measures to ensure that your personal information is held, managed and accessed in accordance with the standards that apply in Australia.
Online Client Portal
Brentnalls WA uses an online client portal, Blue Ocean Game Plan, to collaborate with clients and share documents.
If you access our website, we may collect additional information about you in the form of your IP address or domain name.
Complaints & Feedback
If you have a complaint about a breach of the Privacy Act, Australian Privacy Principles or a privacy code that applies to us, we ask that you contact us in writing using the details set out below in the ‘Contact Us’ section of this Policy.
Upon receipt of a written complaint we take reasonable steps to investigate the complaint and respond to you in accordance with our complaints handling procedures. If you are dissatisfied with our response you may complain directly to the Australian Information Commissioner. If you have a complaint about the privacy of your personal information, we ask that you contact us in writing.
If you wish to:
- Gain access to your information;
- Make a complaint about a breach of your privacy;
- Contact us with a query about how your information is collected or used;
- Contact us regarding any other matter concerning this Policy,
Please contact our Privacy Officer via one of the below methods and they will deal with your request:
Attention: Privacy Officer
PO Box 242
Mount Hawthorn WA 6915
(08) 6212 7200
For more information about privacy in general, you can visit the Australian Information Commissioner’s website at www.oaic.gov.au