Privacy Statement

Contents

1. Privacy Statement

1.1 What is Personal Information?
1.2 What is Sensitive Information?
1.3 What do the APPs cover?
1.4 Our commitment
1.5 Our business

2. Personal Information

2.1 What Personal Information do we collect?
2.2 How will we collect Personal Information?
2.3 How will we use Personal Information?
2.4 Storage of Personal Information
2.5 Access to Personal Information
2.6 Disclosure of Personal Information
2.7 Disclosure of Personal Information to related bodies
2.8 Disclosure to other countries
2.9 Our website

3. Other Information

3.1 Sensitive Information
3.2 Government related identifiers
3.3 Our employees' obligations
3.4 Exemptions
3.5 Changes to this Statement
3.6 Contact details for privacy officer

4. Definitions

Section 1

Privacy Statement

At Crestone Wealth Management Limited (Crestone Wealth Management), we are committed to safeguarding the Personal Information that we collect and use in the course of our business operations.

In this regard, we will meet the requirements of the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), which regulate the way which an organisation can collect and deal with an individual’s Personal Information (including Sensitive Information), and the measures it must take to safeguard that information.

During the normal course of our business activities, we will collect Personal Information and Sensitive Information from our clients. We may collect this type of information, for instance, in order to comply with antimoney laundering obligations.

Capitalised terms in this Privacy Statement (Statement) are defined in section 4. References to Crestone, we, us and our are to Crestone Wealth Management and its affiliates. References to you and your are to you as a recipient of the financial products and services we provide.

1.1 What is Personal Information?

Personal Information is information or an opinion about an identified individual or an individual who is reasonably identifiable. It includes an individual’s name, signature, address, telephone number, date of birth or bank account details.

1.2 What is Sensitive Information?

Sensitive Information includes information about the individual’s health, political affiliations, union associations, race and ethnic obligations, criminal record and religious or philosophical beliefs.

1.3 What do the APPs cover?

The APPs cover:

• the open and transparent management of Personal Information including having a privacy policy
• an individual having the option of transacting anonymously or using a pseudonym where practicable;
• the collection of solicited Personal Information and receipt of unsolicited Personal Information; 
• how Personal Information can be used and disclosed (including overseas);
• maintaining the quality of Personal Information;
• keeping Personal Information secure; and
• the right for individuals to access and correct their Personal Information.

There are also separate APPs that deal with the use and disclosure of Personal Information for the purpose of direct marketing, cross-border disclosure of Personal Information and the adoption, use and disclosure of government related identifiers (GRIs)—these include passports and drivers’ licences.

1.4 Our commitment

We are committed to safeguarding the Personal Information that we collect and use in the course of our business operations. In particular, we recognise the needs of our clients to understand that any information they provide to us will be handled in a way that keeps it secure. We have emphasised the importance of this to our directors, officers and employees, as well as our strategic partners and service providers.

1.5 Our business

We operate in the Australian wealth management sector and provide financial advice, dealing and custodial services predominantly to wholesale clients. The range of financial products and services which we offer to clients is broad and covers both domestic and international products. Our service model is to build personal relationships in order to provide financial advice and holistic portfolio management services, and requires us to spend time with our clients, getting to know them and understanding their needs.

We have engaged a number of market-leading strategic partners to assist us in providing a broad range of products and services. In addition, we have implemented a new integrated wealth management platform and are looking to move towards a fully automated operating model over time.

Our key operational regulators are the Australian Securities and Investments Commission (ASIC) (licence to provide financial services), the Australian Stock Exchange (approval to operate a settlement account), the Australian Transaction Reports and Analysis Centre (reporting entity for money-laundering and terrorism financing activities), and the Office of the Australian Information Commissioner (OAIC) (privacy requirements for client information).

The key area where we collect Personal Information to hold as a record is in relation to the provision of products and services to our clients and this Statement deals with that situation.

Section 2

Personal Information

2.1 What Personal Information do we collect?

The types of Personal Information that we may collect and hold will include information used to identify you, your financial position and any other related information necessary or incidental to the advice, financial products and services which we provide or propose to provide to you. This may include but is not limited to your:

• name;
• contact details;
• bank account information;
• tax file number;
• passport or driver’s licence;
• nationality;
• business structures;
• employment information;
• source of wealth; and
• investment information.

In addition, we are required to collect and hold Personal Information under the Anti-Money Laundering and Counter Terrorism Financing Act 2006 (Cth), the Foreign Account Tax Compliance Act 2010 (USA) and the Tax Laws Amendment (Implementation of the Common Reporting Standard) Act 2016 (Cth), which in certain circumstances may include Sensitive Information.

The Personal Information that you provide will be information which enables us and our strategic partners and other service providers to perform our functions or activities. If you do not provide any of the Personal Information we request or do not consent to the use, holding or disclosure of your Personal Information in accordance with this Statement, we may not be able to provide you with the products or services you require.

2.2 How will we collect Personal Information?

We will collect, use, hold and disclose Personal Information that you provide to us. This may include recording telephone calls that we have with you. We may also gather Personal Information from your use of our website and systems. You consent to such collection, holding, use and disclosure of your Personal Information in accordance with the terms of this Statement.

In some circumstances, we may gather Personal Information about you from a third party or from publicly available information. The third parties from whom we may acquire Personal Information include, but are not limited to, information service providers, credit agencies, financial advisers, fund managers or intermediaries and spouses.

Should a third party provide us with your Personal Information, we will assume that you have provided your consent for that third party to do so, unless you tell us otherwise. If you have any problems or queries with us obtaining Personal Information about you from a third party, you should contact us and the relevant third party to address your problems or queries—see section 3.

2.3 How will we use Personal Information?

We are committed to protecting your Personal Information and will take all reasonable measures to protect the confidentiality and security of Personal Information.

The purposes for which we will use Personal Information will depend upon the relationship we will have with you and the nature of the products and services that you require from us. For example, Personal Information may be used to:

• provide you with products and services in accordance with the terms of our Australian Financial Services Licence (AFS Licence) and the Crestone Wealth Management Account Terms and Conditions;
• monitor the quality of the products and services that we give you;
• administer and improve the products and services we provide to you or our other clients;
• offer you further products and services (which may include using your information for marketing purposes)—unless you ask us not to market products and services to you; and
• comply with our legal and regulatory obligations including under the Corporations Act 2001 (Cth), the Proceeds of Crime Act 2002 (Cth), the Anti-Money Laundering and Counter Terrorism Financing Act, the Foreign Account Tax Compliance Act, the Tax Laws Amendments (Implementation of the Common Reporting Standard) Act 2016 (Cth), and the rules of relevant stock exchanges and ASIC.

We may share your Personal Information with:

• our strategic partners to enable sub-custody, cash management, dealing and margin lending products and services to be provided to you, and for the purposes of meeting their obligations under anti-money laundering and counter terrorism financing laws; and
• other service providers, including archival, auditing, accounting, customer contact, legal, business consulting, banking, payment, delivery, data processing, data analysis, information broking, mailing, marketing, research, investigation, insurance, identity verification, brokerage, maintenance, trustee, securitisation, website and technology services.

We are entitled to use Personal Information for any purpose which is related to the purpose for which it was originally provided.

2.4 Storage of Personal Information

Personal Information will be held in a secure environment—either in writing, electronically or both. We have security measures in place which are intended to protect Personal Information that we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure.

You are entitled to request details on the exact nature of where and how your Personal Information is held by contacting your investment adviser (if you are a client) or our privacy officer—see section 3.

Personal Information will only be available to our employees on a need-to-know basis in order to perform their duties.

The key methods of securing the storage of Personal Information will include but are not limited to:

• secure access to electronic and physical records containing Personal Information, via password protected access permissions to systems and security pass-protected access to filing cabinets and storage;
• access only to authorised Crestone staff who need to access the Personal Information to perform their regular duties;
• varying access levels depending on the level of authority and the type of Personal Information required to be accessed; and
• controls relating to how Personal Information is extracted from the secure environment and how it is used and distributed.

2.5 Access to Personal Information

Should you wish to know what Personal Information we hold about you, you may request to view this Personal Information by contacting your investment adviser or our privacy officer. We have included contact details for our privacy officer at section 3.

We will promptly investigate your privacy enquiry and provide appropriate answers where required or permitted. We may charge a reasonable fee for access to Personal Information. If you discover your Personal Information is outdated, incorrect or incomplete, you may request to have the Personal Information corrected. We will promptly update our records accordingly.

You may also contact your investment adviser or the privacy officer if you have any questions regarding our compliance with the Privacy Act or if you wish to make a complaint about our handling of your Personal Information.

Such complaints should first be made in writing to us, as required by the Privacy Act. We will endeavour to respond to a complaint within the relevant timelines required under our regulatory obligations. If you are not satisfied with our response to a complaint, you may have the right to complain to:

Australian Financial Complaints Authority
GPO Box 3
Melbourne VIC 3001

E info@afa.org.au
W afca.org.au
T 1800 931 678

If you remain dissatisfied with the outcome of the complaint following its determination by the Australian Financial Complaints Authority or are not eligible to complain to the Australian Financial Complaints Authority, you may lodge a complaint with OAIC using its privacy complaint form on its website oaic.gov.au.

2.6 Disclosure of Personal Information

By providing your Personal Information to us, you acknowledge and agree that your Personal Information may be disclosed to any of the following third parties:

• any person for the purposes described in any of our agreements with you, including our strategic partners.
• the issuer or seller of a financial product or its registry provider (or to both), if you have instructed us to acquire the financial product, and its terms require us to provide your Personal Information; 
• any regulatory, governmental organisation or industry or legal body which governs the conduct of any part of our business in any jurisdiction or as required by law or regulation. Whilst not exhaustive, we may need to disclose Personal Information to regulatory bodies such as ASIC and relevant stock exchanges;
• any financial market, clearing house, settlement facility, lender, credit provider, custodian, share registry or software provider;
• our related bodies corporate whether in Australia or any overseas jurisdiction, including to their officers, employees and professional advisers;
• a third party who is supplying a service to us whether in Australia or any overseas jurisdiction. We may provide Personal Information to third parties including identity verification providers, information technology maintenance companies, software providers and share registries;
• any person who acts on your behalf, as applicable, including your financial intermediary, authorised persons, solicitor, settlement agent, accountant, executor, administrator, trustee, guardian or attorney;
• a prospective purchaser of or investor in Crestone, or a business operated by the same, on a confidential basis;
• any person as necessary to enable us or our related bodies corporate, to enforce our, or its rights in or in relation to any defence from an actual or potential claim;
• any other person to whom you have authorised us or our related bodies corporate to release Personal Information; any other third party provided that we obtain your prior written consent; and
• as otherwise permitted by law.

2.7 Disclosure of Personal Information to related bodies

By providing your Personal Information to us, you acknowledge and agree that this Personal Information may be transferred between related bodies corporate or to third parties who supply products and services to us. These related bodies corporate and third parties to whom Personal Information may be transferred may be located throughout the world and may be registered and governed by laws outside the Australian jurisdiction. As such, the laws regulating a related body corporate or third party may differ to Australian laws and may apply a greater or lesser standard of protection for Personal Information.

Should your Personal Information be transferred to a jurisdiction with inadequate privacy protection, we will take reasonable steps to ensure that the relevant overseas recipient does not breach the Privacy Act or APPs in relation to such Personal Information. Alternatively, we may seek your consent to the transfer.

2.8 Disclosure to other countries

Your Personal Information may be disclosed to third parties in jurisdictions including Austria, Brazil, Canada, China, Denmark, France, Germany, Hong Kong, India, Indonesia, Ireland, Japan, Luxembourg, Malaysia, Mexico, Netherlands, New Zealand, Philippines, Russia, Singapore, South Africa, South Korea, Spain, Switzerland, Taiwan, Thailand, United Arab Emirates, United Kingdom and United States of America.

2.9 Our website

Our website, which you may have access to, uses ‘cookies’. A cookie is an electronic mechanism which can trace, access and use Personal Information contained within our website. By using our website, you are consenting to our use of cookies. Any Personal Information obtained through the use of cookies may be used to enhance the products and services that we provide.

Section 3

Other Information

3.1 Sensitive information

We may be required to collect Sensitive Information about you in order to provide advice, products or services. We will only collect your Sensitive Information with your consent or as otherwise permitted by law.

3.2 Government related identifiers

We may be required to collect GRIs of yours in order to provide a product or service. In particular, we may collect GRIs to verify your identity in accordance with the Anti-Money Laundering and Counter Terrorism Financing Act.

3.3 Our employees’ obligations

As part of employee induction, all our employees are provided with a copy of our Technology and social media policy and are required to sign and date their compliance with our Code of conduct. Both documents have clauses relating to confidentiality and proper handling of Personal Information. Failure to comply with those policies may result in employees being subject to disciplinary action, including a reprimand, warning, suspension or dismissal.

3.4 Exemptions

This Statement does not apply in respect of any of our acts and practices that are directly related to an employee record of a current or former employee. These are captured in the Crestone human resources policies and procedures.

3.5 Changes to this Statement

We reserve the right at our discretion to modify or remove any part of this Statement at any time. You should review this Statement from time to time so that you are updated on any changes.

3.6 Contact details for privacy officer

You can contact our privacy officer by post or email, using the following contact details:

Crestone Wealth Management Privacy Officer
Level 32, Chifley Tower 2 Chifley Square
Sydney NSW 2000

E privacy@crestone.com.au

Section 4

Definitions