Minaret Capital and Investment Trust | firstname.lastname@example.org | +61 8 9200 4969
This policy describes how Minaret Capital (Minaret) manages the collection of personal information in an open and transparent way and protects the privacy of individuals regarding the personal information held.
This policy applies to the personal information of Minaret Staff and its External Contacts that is collected and held by Minaret.
Minaret acknowledges and adheres to the Australian Privacy Principles (APP) of the Privacy Act 1988 and is committed to protecting the personal information held in respect of any of Minaret Staff and External Contacts in accordance with the requirements of those Principles.
For the purpose of this policy:
External Contacts include stakeholders, competitors, visitors, clients, clients of clients, customers or partners of Minaret.
Personal information refers to information or an opinion, whether true or not and whether recorded in a material form or not, about an individual who is either identified or reasonably identifiable. Examples include an individual's name, address, contact number, email address and personal financial information.
This document allocates responsibilities for:
· Minaret Staff
· Minaret Privacy Officer
Minaret is committed to ensuring that:
· any personal information collected is professionally managed in accordance with the Privacy Act 1988, the APP and all relevant Australian state legislation
· Minaret Staff utilise documented quality processes and procedures in their day-to-day duties to protect the privacy of Minaret Staff and External Contacts.
The Privacy Statement can be found in the Minaret Privacy Brochure or by contacting Minaret (see Section 5.11).
Minaret will only collect and hold personal information about an individual that is necessary for business functions, activities and the provision of services and advice related to that individual.
The personal information collected and held will depend upon the nature of the services being provided by Minaret.
The types of personal information collected and held, having regard to the nature of the services provided by Minaret, include but is not limited to:
· name, gender, address, telephone number, date of birth
· details of personal representative, guardian, next of kin, power of attorney
· financial and banking details
· insurance details
· health fund and Medicare details.
Minaret will only collect personal information by lawful and fair means.
Personal information will usually be collected from the individual unless Minaret receives authority from that person to obtain information from another source.
Written consent is obtained when Minaret collects personal information about an individual.
Minaret will take all reasonable steps to ensure that personal information collected is secure, accurate, complete and up-to-date and that the individual is aware:
· that their information has been collected
· how it will be used
· that they may access information held about them
· of the likely consequences of failing to provide the information.
Where Minaret collects information, it is generally held electronically only but where it is held in hard copy, the hard copy is stored in secure storage when not in use.
Sensitive Information includes information or an opinion about matters like an individual's health, financial circumstances and family relationships. In limited circumstances, Minaret may need to collect this information from individuals in order to provide Minaret services or activities.
Minaret will not collect Sensitive Information about an individual unless:
· the individual has consented or
· such collection is required by law.
In the case of health information, specific requirements are complied with, as outlined in the APP.
Minaret will only use or disclose available information for the purpose that:
· it was originally collected and made known to the individual
· the individual would reasonably expect
· is required or permitted by any law
· is otherwise authorised by the individual.
The personal information collected is used to identify individuals within Minaret Information Technology systems and forms the basis for services provided by Minaret.
Minaret Staff may access personal information, when necessary, during the course of their duties.
Minaret will take all reasonable steps to ensure that personal information used or disclosed is accurate, up to date, complete and relevant, having regard to the purpose of its use and disclosure.
Minaret will not disclose personal information to third party unless required by law or with the prior consent of the individual.
An individual may request access to their personal information that is held by Minaret.
Individuals can request that their information is corrected if they are able to establish that the personal information held is not accurate, complete or up to date.
Individuals are only able to view and correct their own information. The privacy of others will not be compromised to facilitate this.
A request to view or receive a verified copy of the personal information held by Minaret can be obtained by submitting the request in writing to the Minaret Privacy Officer (refer Section 5.11).
Individuals will be required to provide appropriate identification before a Minaret will attend to a request for personal information. A reasonable charge may apply to gain access to information, which will be advised upon receipt of a request.
Minaret will respond to all requests within 10 working days. However, this is dependent on the nature of the request and the accessibility of the information. Individuals will be informed if there is a delay in providing the requested information and the reason for the delay.
In limited circumstances, Minaret may not allow an individual access to their personal information or may decline requests to correct some of their personal information held. If this occurs, Minaret will provide an explanation in writing.
Examples of when Minaret may decline access to personal information is if:
· access will pose a threat to the life or health of someone
· access would have an unreasonable impact on another person's privacy
· information relates to anticipated or existing legal proceedings
· the request is frivolous or vexatious
· giving access would be unlawful
· there is another requirement for denying access as specified in the APP.
Given the nature of its services, it is impractical for individuals to remain anonymous or use a pseudonym when dealing with Minaret.
Minaret will take all reasonable steps to ensure that any personal information collected is held securely and protected from misuse, interference and loss, unauthorised access, modification or disclosure, by ensuring the following are in place:
· controls for the physical access to information
· passwords and other electronic protection for computer and network security
· secure storage and disaster recovery practices
· Minaret Staff respect the confidentiality of all information that is collected and held
· Minaret Staff are trained on information handling processes.
Minaret will only retain information that is necessary and relevant to its business operations.
As a general rule, personal information will be destroyed in a secure manner on a quarterly basis.
Unsolicited Personal Information is when Minaret receives personal information without taking any active steps to collect it.
Minaret may retain unsolicited personal information and manage it in accordance with this policy if it can be determined that the unsolicited personal information could have been collected in accordance with Section 5.1.
If the above cannot be determined, Minaret will destroy or de-identify the unsolicited personal information as soon as practicable, if it is lawful and reasonable to do so.
Minaret will not pass on unsolicited personal information received without the prior consent of the sender.
Minaret may transfer personal information between countries, if required, for a relevant purpose in circumstances where Minaret Staff are based overseas, or otherwise use cloud storage facilities overseas where personal information will be stored. As we are based in the Philippines, information will be transferred to the Philippines.
In all cases, Minaret will take reasonable steps to ensure compliance with the Privacy Act 1988, including ensuring appropriate security measures are taken by those entities to protect all personal information from unauthorised access and use.
Minaret will not use personal information collected for market research.
Minaret will not market Minaret products and services to individuals, as opposed to financial advisers, and will not use any sensitive personal information for marketing purposes.
Minaret will not:
· sell, trade, lease or rent any personally identifiable information obtained from an individual
· undertake any marketing activities that would amount to a breach of any legislation including the Do Not Call Register Act 2006 and the Spam Act 2003.
Minaret will not use any personal identifiers issued by a state or Commonwealth agency (e.g. Medicare number or tax file number) as a means of identification within the Minaret records systems. Where necessary, a unique code will be used to identify External Contacts of Minaret.
An individual may make a complaint if they believe that there has been a breach of privacy or if they do not agree with a decision made by Minaret regarding access to their personal information.
Complaints can be made in writing and Minaret will endeavour to resolve the complaint.
If an individual is not satisfied with Minaret’s decision regarding a complaint, a formal written complaint can be directed to the Australian Information Commissioner at:
Office of the Australian
GPO Box 5218
Sydney NSW 2001
Phone toll free: 1300 363
TTY: 133 677 then ask for 1300 363 992
Minaret Staff must abide by this policy and understand that breaches may result in disciplinary action in accordance with their employment agreements, which may result in dismissal if required.
Minaret will review this document and may amend this policy from time to time. In such cases, Minaret will communicate all relevant changes to Minaret Staff and External Contacts as soon as practicable.
Minaret Capital Privacy
Minaret Capital Pty Ltd
Phone: (08) 9200 4969
Minaret, so far as is reasonably practicable, will endeavour to:
· ensure Minaret Staff have access to relevant documentation and are kept up to date with regards to their obligations under the Privacy Act 1988
· take reasonable steps to implement practices, procedures and systems that will ensure compliance with the requirements of the Privacy Act 1988
· address any instances of non-compliance with the Policy
· implement training and awareness raising strategies regarding the Privacy Act when required.
Minaret Privacy Officer is responsible for ensuring:
· Minaret Staff are informed of relevant policy, procedure and legislative any changes and receive up to date information
· that all enquiries to the Minaret Privacy Officer are dealt with within the agreed timeframe.
Minaret Staff are responsible to ensure that they have read and understood this policy and adhere to it at all times
Privacy Act, 1988
Privacy Amendment Act 1990
Privacy Amendment (Office of the Privacy Commissioner) Act 2000
Privacy Amendment Act 2004
(Enhancing Privacy Protection) Act 2012
Minaret Capital or Minaret
Minaret Capital Pty Ltd
Includes Minaret Staff, consultants, trainees involved with the activities of Minaret. It also includes Minaret Board Members, Directors and any person serving Minaret on a committee or advisory capacity.
Stakeholders, competitors, visitors, clients, clients of clients, customers or partners of Minaret
Sensitive information refers to additional personal information that includes details about an individual's health, financial circumstances and family relationships or .
A person, group or organisation that has an interest or concern in an organisation.
Unsolicited Personal Information
Personal information that Minaret receives but has taken no active steps to collect. Examples include:
· misdirected mail received by Minaret
· correspondence to Ministers and Government departments from members of the community
· a petition sent to Minaret that contains names and addresses
· an employment application sent to Minaret on an individual’s own initiative and not in response to an advertised vacancy
· a promotional flyer containing personal information sent to Minaret by an individual promoting the individual’s business or services