This Policy relates to E&P Financial Group Limited and its Australian related bodies corporate (together “E&P”, “we”, “us” and “our”).
If you require any further information concerning privacy and the ways in which we handle your personal information, please contact us using the contact details set out at the end of this Policy.
1. What personal information do we collect and hold?
We may ask for a range of personal information about you because of the nature of our products and services and the laws and regulations that govern us. We will collect personal information that is reasonably necessary to allow us to provide you with our products and services, send you news and insights, comply with laws and regulations and to assist and support you with your needs. Depending on the requested products or services, the nature of your relationship with E&P (e.g. if you are acting on behalf of a corporation or institutional client), and your interactions with employees of E&P, we may collect the following types of personal information (including but not limited to):
|Types of Personal Information||Example|
|Government issued identifications||
Sometimes we need to collect sensitive information about you in order to be able to provide you with a product or service. In the unlikely event that we need to collect sensitive information from you, we will only do so with your consent, unless an exemption under the Privacy Act 1988 (Cth) applies.
2. How do we collect your personal information?
We normally obtain personal information directly from you, for example we collect personal information through application forms and other documents or though correspondence with you in person, over the phone or electronically. We collect personal information from you during our application process and throughout the course of providing you with products and services. When we collect personal information from you directly, we’ll take reasonable steps to notify you how and why we collected your personal information, who we may disclose it to and outline how you can access it, seek correction of it or make a complaint.
We may also collect personal information from you in the course of your use of our website if you input any personal information. In addition, we may also collect cookies from your computer, which enables us to tell when you use the website and also to help customise and improve your website experience (see Internet Privacy below). From time to time, we may also ask for additional personal information (for example, through market research, surveys or special offers) to enable us to improve our service or consider the wider needs of our clients or potential clients.
There may be occasions when we need to source personal information about you from a third party. For example, we may collect personal information from third parties such as product providers, brokers, agents, accountants and other intermediaries, family members or government agencies in order to provide you with the services that you request from us. Where we collect personal information from a third party, we will take reasonable steps to let you know that we have your personal information, unless it is obvious from the circumstances that you know or would expect us to have the personal information.
In the event that we receive unsolicited personal information about you that is not relevant to our purposes for collecting personal information, we will destroy the information.
If you have a general enquiry, you can choose to submit these anonymously or use a pseudonym. However, we may not always be able to interact with you this way because we are governed by strict regulations that require us to know who we’re dealing with. In general, we won’t be able to deal with you anonymously or where you are using a pseudonym when:
- it is impracticable; or
- we are required or authorised by or under law, such as the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) or a court/tribunal order to deal with you personally.
The regulations governing the services we provide require your identity to be made known to and verified by us. Without that personal information, we cannot provide our services. You don’t have the option of providing ‘anonymous’ personal information or using a pseudonym.
3. How we use your personal information
The purpose for collecting personal information is to provide you with the products and services you’ve asked for, to understand and meet your needs and provide you with a wide range of financial and other products and services.
The personal information collected will be used and disclosed (non-exhaustive list):
- to give you information about a product or service and/or consider whether you are eligible for a product or service;
- to process your application for a product or service and/or administer the product or service we provide you;
- to manage our relationship and/or services provided to you and exercise our rights described in application/service agreement terms and conditions between you and us;
- to allow us to run our business and perform administrative and operational tasks such as training staff, developing and marketing products and services, risk management, systems development and testing (including our websites and other online channels), undertaking planning, research and statistical analysis;
- to identify you and prevent or investigate any fraud or crime, or any suspected fraud or crime;
- if it will prevent or lessen a serious and imminent threat to somebody’s life or health;
- as required by laws, regulations, court orders or codes binding us, for example to verify your identity as required by the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth);
- for purposes related to the above; and
- for any purpose for which you have provided express (verbal or written) or implied consent.
Disclosure to third parties
To make sure we can meet your specific needs, and for the purposes described above, we sometimes need to share your personal information with our related bodies corporate and others including, but not limited to:
- those involved in providing, managing or administering your product or service for example, superannuation funds, insurance companies, other lead managers, responsible entities, investment managers, platform providers, share registries, and banking or financial institutions.
- external third party service providers who help us operate our business and who have been contracted to provide E&P with administrative, audit, brokerage, and settlement, banking, financial, insurance, research, tax, marketing, legal or other services.
- those who assist us in providing products and services to you and in managing your personal information.
- government or regulatory bodies (including ASIC and the Australian Taxation Office) as required or authorised by law or regulations.
- any other individuals, bodies or agencies that you have granted express permission to, would reasonably expect, or you have been told, that information of that kind is usually passed to.
We will take reasonable steps to ensure third parties have the necessary controls and practices to comply with the relevant privacy legislation and to only use personal information for the prescribed purposes.
Disclosure of personal information overseas
We may disclose your personal information to recipients (e.g. individuals or entities) outside of Australia for the purposes listed above. We may disclose to overseas recipients within the following countries (including but not limited to):
- United States
- United Kingdom
Where personal information is disclosed overseas to a third party recipient, we take reasonable steps to ensure:
- that the recipient does not breach the Privacy Act and the Australian Privacy Principles,
- that the recipient is subject to an information privacy scheme similar to the Privacy Act; or
- that you have consented to the disclosure.
We may use personal information that we have obtained about you to directly market our insights, or other products or services that may be of interest to you where you have provided us with consent to do so, or where:
- the personal information does not include sensitive information;
- you would reasonably expect us to use or disclose the personal information for that purpose; and
- you have not opted out of receiving direct marketing communications from us.
We will provide a simple means for you to opt-out of receiving direct marketing offers from us. Alternatively, you may also contact our Privacy Officer to request for your removal from any direct marketing communications, free of charge. We will process your request as soon as practicable.
We may also use personal information collected from third parties for the purposes of direct marketing if you have consented, or it is impracticable to obtain your consent. In such cases, we will provide you with the ability to opt-out of these communications.
TFNs and other government identifiers
We will not use your TFN, pension number or any other government agency identifier as our internal identifier. We will only use and disclose these numbers for the purposes required by law or with consent from you, such as disclosing your TFN to the Australian Taxation Office or investment bodies.
4. How do we take care of your personal information?
We take appropriate steps to protect the personal information we hold about you from interference, misuse, loss, unauthorised access, modification, or disclosure. Specifically, our security measures include, but are not limited to:
- educating our staff about their obligations with regards to your personal information and taking appropriate rectification measures and disciplinary action where there is a breach.
- restricting access to your personal information on a ‘need-to-know’ basis.
- only giving access to personal information to a person who is authorised to be able to receive that information.
- transfer of significant or sensitive personal information via an approved, secure channel.
- electronic security systems, such as firewalls and data encryption on our servers and websites.
- appropriate security systems to monitor and limit access to our office premises.
- providing secure storage for physical records.
- the use of passwords to access database information.
- the use of secure bins for the disposal of written personal information.
Upon the cessation of your service or so long as we no longer need to use your personal information for its primary purpose, to the extent permissible by law and regulations and in accordance with our internal policies we will take reasonable steps to destroy or de-identify your personal information.
5. Access to and correction of personal information
We aim to make sure that the personal information we collect, use or disclose is accurate, complete and up to date. If you believe your personal information is not relevant, accurate, complete or up to date, please contact us. We can update some client personal information over the telephone or via email but in certain instances we require signed instructions for security reasons. We may also take steps to update personal information by collecting personal information from publicly available sources.
You may request access to your personal information; however, access is subject to some exceptions allowed by law. Factors affecting a right to access include:
- access would pose a serious threat to the life or health of any individual;
- access would have an unreasonable impact on the privacy of others;
- the request is frivolous or vexatious;
- the information relates to commercially sensitive material or decision-making processes;
- access would prejudice enforcement activities relating to criminal activities and other breaches of law, public revenue, a security function or negotiations with you;
- legal dispute resolution proceedings where a third party has given us health information about you in confidence;
- denying access is required or authorised by or under law.
In the event we refuse to give access or do not provide access to your personal information in the manner requested by you, we will let you know and where reasonable, provide reasons as well as information about the complaint mechanisms available to you,
Requests for access to limited amounts of personal information, such as checking to see what address or telephone number we have recorded, can generally be handled over the telephone. Requests for access to more substantial amounts of personal information, such as details of what is recorded in your file should be made by contacting the Privacy Officer at the contact address below. Subject to the verification of your identity, we will endeavour to respond to the request for access within 30 calendar days.
We may charge an administrative fee for giving you access, which will vary but will be based on our costs (internal and external) in locating the personal information and arranging access to the personal information. If we propose to charge a fee for giving access, we will give you an estimate of the fee and an opportunity to confirm you still want access to the information. Our fee (if any) will not be excessive. We do not impose any charge for requesting access.
6. Internet privacy
With the help of our service partners, we may collect information from you when you use any of our online services (such as our website and other online communications).
You have control over any personal information we collect from you through online forms, “contact us” messages, including chat transcripts, emails to us or email newsletter subscription information, and any information collected will be used:
- for the purposes for which the information was requested and other related purposes; or
- when required or authorised by or under law to disclose the information or with your consent.
You may be able to access external websites by clicking on links we have provided. Those other websites are not subject to our privacy standards, policies and procedures. You will need to contact or review those websites directly to ascertain their privacy standards, policies and procedures.
If you have a complaint about the handling, use or disclosure of your personal information, we will investigate your complaint and advise you of the outcome as soon as possible in accordance with our Dispute Resolution Process.
If the matter is not resolved to your satisfaction and where the relevant E&P entity that your complaint relates to, is a member of the Australian Financial Complaints Authority (AFCA), you may then refer your complaint to AFCA. Our complaints process and AFCA contact details are outlined on the Feedback and Complaints page of our website.
Otherwise, you can refer your complaint to the Office of the Australian Information Commissioner, who can be contacted at:
Office of the Australian Information Commissioner
GPO Box 5288
Sydney NSW 2001
Phone: 1300 363 992
8. Privacy Officer contact details
If you have any questions, or would like further information on these privacy and information handling practices, please use the following contact details:
Level 32, 1 O’ Connell Street
Sydney NSW 2000
Policy updated: 14 August 2023