1.1 What is Personal Information?
1.2 What is Sensitive Information?
1.3 What do the APPs cover?
1.4 Our commitment
1.5 Our business
2.1 What Personal Information do we collect?
2.2 How will we collect Personal Information?
2.3 How will we use Personal Information?
2.4 Storage of Personal Information
2.5 Access to Personal Information
2.6 Disclosure of Personal Information
2.7 Disclosure of Personal Information to related bodies
2.8 Disclosure to other countries
2.9 Our website
3.1 Sensitive Information
3.2 Government related identifiers
3.3 Our employees' obligations
3.4 Exemptions
3.5 Changes to this Statement
3.6 Contact details for privacy officer
At Crestone Wealth Management Limited (Crestone Wealth Management), we are committed to safeguarding the Personal Information that we collect and use in the course of our business operations.
In this regard, we will meet the requirements of the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), which regulate the way which an organisation can collect and deal with an individual’s Personal Information (including Sensitive Information), and the measures it must take to safeguard that information.
During the normal course of our business activities, we will collect Personal Information and Sensitive Information from our clients. We may collect this type of information, for instance, in order to comply with antimoney laundering obligations.
Capitalised terms in this Privacy Statement (Statement) are defined in section 4. References to Crestone, we, us and our are to Crestone Wealth Management and its affiliates. References to you and your are to you as a recipient of the financial products and services we provide.
Personal Information is information or an opinion about an identified individual or an individual who is reasonably identifiable. It includes an individual’s name, signature, address, telephone number, date of birth or bank account details.
Sensitive Information includes information about the individual’s health, political affiliations, union associations, race and ethnic obligations, criminal record and religious or philosophical beliefs.
The APPs cover:
There are also separate APPs that deal with the use and disclosure of Personal Information for the purpose of direct marketing, cross-border disclosure of Personal Information and the adoption, use and disclosure of government related identifiers (GRIs)—these include passports and drivers’ licences.
We are committed to safeguarding the Personal Information that we collect and use in the course of our business operations. In particular, we recognise the needs of our clients to understand that any information they provide to us will be handled in a way that keeps it secure. We have emphasised the importance of this to our directors, officers and employees, as well as our strategic partners and service providers.
We operate in the Australian wealth management sector and provide financial advice, dealing and custodial services predominantly to wholesale clients. The range of financial products and services which we offer to clients is broad and covers both domestic and international products. Our service model is to build personal relationships in order to provide financial advice and holistic portfolio management services, and requires us to spend time with our clients, getting to know them and understanding their needs.
We have engaged a number of market-leading strategic partners to assist us in providing a broad range of products and services. In addition, we have implemented a new integrated wealth management platform and are looking to move towards a fully automated operating model over time.
Our key operational regulators are the Australian Securities and Investments Commission (ASIC) (licence to provide financial services), the Australian Stock Exchange (approval to operate a settlement account), the Australian Transaction Reports and Analysis Centre (reporting entity for money-laundering and terrorism financing activities), and the Office of the Australian Information Commissioner (OAIC) (privacy requirements for client information).
The key area where we collect Personal Information to hold as a record is in relation to the provision of products and services to our clients and this Statement deals with that situation.
The types of Personal Information that we may collect and hold will include information used to identify you, your financial position and any other related information necessary or incidental to the advice, financial products and services which we provide or propose to provide to you. This may include but is not limited to your:
In addition, we are required to collect and hold Personal Information under the Anti-Money Laundering and Counter Terrorism Financing Act 2006 (Cth), the Foreign Account Tax Compliance Act 2010 (USA) and the Tax Laws Amendment (Implementation of the Common Reporting Standard) Act 2016 (Cth), which in certain circumstances may include Sensitive Information.
The Personal Information that you provide will be information which enables us and our strategic partners and other service providers to perform our functions or activities. If you do not provide any of the Personal Information we request or do not consent to the use, holding or disclosure of your Personal Information in accordance with this Statement, we may not be able to provide you with the products or services you require.
We will collect, use, hold and disclose Personal Information that you provide to us. This may include recording telephone calls that we have with you. We may also gather Personal Information from your use of our website and systems. You consent to such collection, holding, use and disclosure of your Personal Information in accordance with the terms of this Statement.
In some circumstances, we may gather Personal Information about you from a third party or from publicly available information. The third parties from whom we may acquire Personal Information include, but are not limited to, information service providers, credit agencies, financial advisers, fund managers or intermediaries and spouses.
Should a third party provide us with your Personal Information, we will assume that you have provided your consent for that third party to do so, unless you tell us otherwise. If you have any problems or queries with us obtaining Personal Information about you from a third party, you should contact us and the relevant third party to address your problems or queries—see section 3.
We are committed to protecting your Personal Information and will take all reasonable measures to protect the confidentiality and security of Personal Information.
The purposes for which we will use Personal Information will depend upon the relationship we will have with you and the nature of the products and services that you require from us. For example, Personal Information may be used to:
We may share your Personal Information with:
We are entitled to use Personal Information for any purpose which is related to the purpose for which it was originally provided.
Personal Information will be held in a secure environment—either in writing, electronically or both. We have security measures in place which are intended to protect Personal Information that we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure.
You are entitled to request details on the exact nature of where and how your Personal Information is held by contacting your investment adviser (if you are a client) or our privacy officer—see section 3.
Personal Information will only be available to our employees on a need-to-know basis in order to perform their duties.
The key methods of securing the storage of Personal Information will include but are not limited to:
Should you wish to know what Personal Information we hold about you, you may request to view this Personal Information by contacting your investment adviser or our privacy officer. We have included contact details for our privacy officer at section 3.
We will promptly investigate your privacy enquiry and provide appropriate answers where required or permitted. We may charge a reasonable fee for access to Personal Information. If you discover your Personal Information is outdated, incorrect or incomplete, you may request to have the Personal Information corrected. We will promptly update our records accordingly.
You may also contact your investment adviser or the privacy officer if you have any questions regarding our compliance with the Privacy Act or if you wish to make a complaint about our handling of your Personal Information.
Such complaints should first be made in writing to us, as required by the Privacy Act. We will endeavour to respond to a complaint within the relevant timelines required under our regulatory obligations. If you are not satisfied with our response to a complaint, you may have the right to complain to:
Australian Financial Complaints Authority
GPO Box 3
Melbourne VIC 3001
E info@afa.org.au
W afca.org.au
T 1800 931 678
If you remain dissatisfied with the outcome of the complaint following its determination by the Australian Financial Complaints Authority or are not eligible to complain to the Australian Financial Complaints Authority, you may lodge a complaint with OAIC using its privacy complaint form on its website oaic.gov.au.
By providing your Personal Information to us, you acknowledge and agree that your Personal Information may be disclosed to any of the following third parties:
By providing your Personal Information to us, you acknowledge and agree that this Personal Information may be transferred between related bodies corporate or to third parties who supply products and services to us. These related bodies corporate and third parties to whom Personal Information may be transferred may be located throughout the world and may be registered and governed by laws outside the Australian jurisdiction. As such, the laws regulating a related body corporate or third party may differ to Australian laws and may apply a greater or lesser standard of protection for Personal Information.
Should your Personal Information be transferred to a jurisdiction with inadequate privacy protection, we will take reasonable steps to ensure that the relevant overseas recipient does not breach the Privacy Act or APPs in relation to such Personal Information. Alternatively, we may seek your consent to the transfer.
Your Personal Information may be disclosed to third parties in jurisdictions including Austria, Brazil, Canada, China, Denmark, France, Germany, Hong Kong, India, Indonesia, Ireland, Japan, Luxembourg, Malaysia, Mexico, Netherlands, New Zealand, Philippines, Russia, Singapore, South Africa, South Korea, Spain, Switzerland, Taiwan, Thailand, United Arab Emirates, United Kingdom and United States of America.
Our website, which you may have access to, uses ‘cookies’. A cookie is an electronic mechanism which can trace, access and use Personal Information contained within our website. By using our website, you are consenting to our use of cookies. Any Personal Information obtained through the use of cookies may be used to enhance the products and services that we provide.
We may be required to collect Sensitive Information about you in order to provide advice, products or services. We will only collect your Sensitive Information with your consent or as otherwise permitted by law.
We may be required to collect GRIs of yours in order to provide a product or service. In particular, we may collect GRIs to verify your identity in accordance with the Anti-Money Laundering and Counter Terrorism Financing Act.
As part of employee induction, all our employees are provided with a copy of our Technology and social media policy and are required to sign and date their compliance with our Code of conduct. Both documents have clauses relating to confidentiality and proper handling of Personal Information. Failure to comply with those policies may result in employees being subject to disciplinary action, including a reprimand, warning, suspension or dismissal.
This Statement does not apply in respect of any of our acts and practices that are directly related to an employee record of a current or former employee. These are captured in the Crestone human resources policies and procedures.
We reserve the right at our discretion to modify or remove any part of this Statement at any time. You should review this Statement from time to time so that you are updated on any changes.
You can contact our privacy officer by post or email, using the following contact details:
Crestone Wealth Management Privacy Officer
Level 32, Chifley Tower 2 Chifley Square
Sydney NSW 2000
Term | Definition |
AFS Licence | Australian Financial Services Licence |
APPs | Australian Privacy Principles |
ASIC | Australian Securities and Investments Commission |
Crestone | Crestone Wealth Management and its affiliates |
Crestone Wealth Management | Crestone Wealth Management Limited |
GRI | Government related identifier. Has the meaning given in the Privacy Act and includes an identifier of an individual that has been assigned by a government agency or authority, including their agents. |
OAIC | Office of the Australian Information Commissioner |
Personal Information | Information or an opinion about an identified individual, or an individual who is reasonably identifiable:
Common examples of Personal Information are an individual’s name, signature, address, telephone number, date of birth, bank account details and commentary or opinion about a person. |
Sensitive Information | Has the meaning given in the Privacy Act and includes information about an individual’s racial or ethnic origin, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, criminal record, or health information. |