Privacy.

Who we are.

 

“We”, “us” and “our” refer to Kearney Group, which consists of:

  • Kearney Group Business Advisory Pty Ltd (ABN 98 650 945 814); 
  • Kearney Group Private Wealth Pty Ltd (ABN 39 159 163 774);
  • Kearney Group Strategic Lending Pty Ltd (ABN 23 609 631 816); 
  • Kearney Group Pty Ltd (ABN 62 140 859 481);
  • Kearney Group Mycelia Pty Ltd (ABN 37 667 157 280); and
  • Imagineering FS Pty Ltd (ABN 41 627 350 636).

These entities are collectively referred to as “Kearney Group Financial Services” or “Kearney Group”.  Kearney Group operates from Suite 137, 425 Smith Street, Fitzroy, VIC 3065.

 

Purpose of this Policy.

 

We take client privacy, confidentiality and data security very seriously and have thereby developed a firm-wide Privacy Policy (“this Policy”) which applies to all of our employees, in every capacity.

This Policy sets out our commitment in respect of personal and credit information we hold about you and how that information is used. It aims to ensure that we comply with the Privacy Act (Cth) 1998 (“Privacy Act“), the Australian Privacy Principles (“APPs”) and all other relevant legislation which collectively outlines the rights and responsibilities of private sector organisations in the collection, holding, use, correction, disclosure and transfer of personal and credit information.

This Policy explains how we manage your personal and credit information, however, we may provide more detail on how we manage your personal and credit information at the time we collect it, at the outset of an engagement or from time to time, during the course of our service relationship.

 

Personal information.

 

Personal information includes any information or opinion about an identified individual or an individual who can be reasonably identified from their information. The information or opinion will still be personal information whether it is true or not and regardless of whether we have kept a record of it. 

The information that we seek to collect about you will depend on the products or services that we provide.  If you do not allow us to collect all of the information we request, we may not be able to deliver all of those services effectively.

What kinds of personal information do we collect and hold?

When you apply for our products or services we may ask for identification information. This could include your name, address, contact details and date of birth among other things. We may also collect your tax file number or other government identifiers if we are authorised to collect them and if you choose to supply them. If you apply for insurance, we may collect information about what is being insured, the beneficiaries, and your health and financial situation, depending on the type of insurance.

Throughout the life of your product or service, we may collect and hold additional personal information about you. This could include transaction information or making a record of queries or complaints you make and, if you make an insurance claim, collecting additional information to assist in assessment of the claim.

The collection of sensitive information is restricted by the Privacy Act. This includes information about your religion, racial or ethnic origin, political opinions, criminal record, and sexual orientation. It also includes health information and biometric information. 

Generally, we only collect this sort of information if it is necessary to provide you with a specific product or service and you have consented to that collection. For example, we may collect some health information about you to process an application for an insurance policy.

For what purposes do we collect, hold, use and disclose personal information?

The main reason we collect, use, hold and disclose personal information is to provide you with products and services. This includes:

  • establishing and operating profiles for our clients, conducting credit and identification checks;
  • checking whether you are eligible for a product or service;
  • providing the product or service; 
  • helping manage the product or service; and
  • obtaining credit reports and assessing the financial position of a borrower (including a representative, shareholder, beneficiary or guarantor of a borrowing entity).

We may also use your information to comply with legislative or regulatory requirements in any jurisdiction, prevent fraud, crime or other activity that may cause harm in relation to our products or services and to help us run our business. We may also use your information to tell you about products or services we think may interest you.

If we collect government identifiers we will never use them in order to identify you.

How do we collect your personal information?

We collect most personal information directly from you.  For example, we collect personal information from you when you apply for or use a product or service or talk to us in person or on the phone.

We also collect information from you electronically. For instance, when you visit our website or if you send us electronic correspondence (see “Electronic collection of personal information”).

While we will always endeavour to collect personal information directly from you where reasonable and practical, sometimes we collect personal information about you from other people or organisations. This may happen without your direct involvement. For instance, we may collect personal information about you from:

  • publicly available sources of information, such as public registers;
  • your representatives (including your legal adviser, mortgage broker, executor, administrator, guardian, trustee, or attorney);
  • your employer;
  • through our website;
  • other organisations, who jointly with us, provide products or services to you;
  • commercial information service providers, such as companies that provide fraud prevention reports; 
  • from third parties, including credit reporting bodies (“CRB”) and other credit providers, government departments or address validation software providers; and
  • insurers, re-insurers and health care providers.

Laws requiring or authorising us to collect personal information

We are required or authorised to collect:

  • certain identification information about you by the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) and Anti-Money Laundering and Counter-Terrorism Financing Rules Instrument 2007 (No. 1);
  • your Tax File Number, if you choose to provide it, by the Income Tax Assessment Act 1936 (Cth); and
  • certain information in relation to your application if you have applied for insurance as required by the Insurance Contracts Act 1984 (Cth).

How do we hold personal information?

Much of the information we hold about you will be stored electronically in secure data centres which are located in Australia and the United States of America (“U.S.”) and owned by either us or external service providers. Some information we hold about you will be stored in paper files. We use a range of physical and electronic security measures to protect the security of the personal information we hold. For example:

  • access to information systems is controlled through identity and access management;
  • employees are bound by internal information security policies and are required to keep information secure;
  • all employees are required to complete training about information security; and
  • we regularly monitor and review our compliance with internal policies and industry best practice.

We take reasonable steps to destroy or permanently de-identify any personal information after it can no longer be used.

Who do we disclose your personal information to, and why?

We may provide personal information about our clients to organisations outside Kearney Group. Prior to disclosing any of your personal information to another person or organisation, we take all reasonable steps to ensure that the third party has a commitment to protecting your personal information at least equal to our commitment, or that you have expressly consented to us making the disclosure.

Additionally, to protect personal information, we enter into contracts with our service providers that require them to comply with the Privacy Act. These contracts oblige them to only use the personal information we disclose to them for the specific role we ask them to perform. 

Generally, we disclose personal information to organisations that help us with our business. These may include:

  • our agents, contractors and external service providers (for example, mailing houses and technology service providers);
  • insurers, re-insurers and health care providers;
  • payment systems operators (for example, merchants receiving card payments);
  • other organisations, who jointly with us, provide products or services to you;
  • financial services organisations, including banks, superannuation funds, stockbrokers, custodians, fund managers and portfolio service providers;
  • credit reporting bodies and other credit providers;
  • debt collectors;
  • our legal advisers or auditors;
  • your representatives (including your legal adviser, accountant, mortgage broker, executor, administrator, guardian, trustee, or attorney);
  • fraud bureaus or other organisations to identify, investigate or prevent fraud or other misconduct;
  • IT service providers;
  • external dispute resolution schemes; and
  • regulatory bodies, government agencies and law enforcement bodies in any jurisdiction.

We may also disclose your personal information to others outside of Kearney Group where:

  • we are required or authorised by law or where we have a public duty to do so;
  • you may have expressly consented to the disclosure or the consent may be reasonably inferred from the circumstances; or
  • we are otherwise permitted to disclose the information under the Privacy Act.

Transborder disclosure of personal information

We may disclose your personal information to a recipient which is located outside Australia. Often times this occurs as a result of using cloud software where servers are located outside Australia. This includes our service providers which are likely to be located in the U.S., New Zealand or other countries and any financial institution which you hold an account with overseas where you have given us permission to make enquiries on your behalf.

What if you don’t provide us with your personal information?

We will provide individuals with the option of not identifying themselves, or of using a pseudonym, when dealing with us if it is lawful and practicable to do so.  A pseudonym is a name or other descriptor that is different to an individual’s actual name.   

For example, you can access our website and make general phone queries without having to identify yourself. 

In some cases, however, if you don’t provide us with your personal information when requested, we may not be able to provide you with the product or service that you are seeking.  

 

Credit-related information.

 

Why we collect credit-related personal information

We collect, hold, use and disclose credit-related personal information for the purposes permitted by the Privacy Act and the Privacy (Credit Reporting) Code 2014 (“CR Code”) and so as to provide our services to you including, but not limited to:

  • financial planning and strategy review services; 
  • investment advice; 
  • insurance and protection advice; 
  • debt finance and mortgage broking; 
  • retirement and estate planning; and
  • other purposes required or authorised by law. 

What information do we collect for credit purposes?

The credit-related personal information that we may collect and hold includes:

  • your current and prior names, date of birth, address, gender, and driver’s licence number;
  • financial information for example, your income, expenses, assets and liabilities;
  • information about credit that has been provided to you;
  • credit payments of $100 or more owed to another credit provider that are overdue for more than 60 days that you have been notified of (and whether you have subsequently repaid the overdue amount);
  • whether you have committed a serious credit infringement;
  • credit-related court proceedings and personal insolvency information;
  • publicly available credit-related information; and
  • a credit rating or score that is calculated by a CRB and that has a bearing on your credit-worthiness.

How do we use personal information collected for credit purposes?

Where you have consented to it, we will use your personal information to better inform ourselves as to your credit position and, in undertaking our services to you, we may provide personal information about you that we have collected to:

  1. service providers and specialist advisers to Kearney Group who have been contracted to provide us with support, administrative, financial, insurance, research or other services;
  2. insurers, credit providers, courts, tribunals and regulatory authorities as agreed or authorised by law;
  3. credit reporting or reference agencies or insurance investigators; and
  4. anyone authorised by you, or specified by you or by a contract to which you are a party.

Which credit reporting bodies do we deal with?

We may deal with the following credit reporting bodies:

Equifax
Equifax organises, assimilates and analyses data on more than 820 million consumers and more than 91 million businesses worldwide.
www.equifax.com.au

Illion
illion is the leading independent provider of trusted data and analytics products and services in Australasia, with the company’s consumer and commercial credit bureaus.
www.illion.com.au

Experian Australia Pty Ltd
Level 6, 549 St Kilda Road,
Melbourne, Victoria 3004
Phone: +61 3 8699 0100
www.experian.com.au

You can ask these credit reporting bodies not to use the information disclosed for the purpose of pre-screening of direct marketing by a credit provider.

 

What if you are a victim of fraud?

 

If you think you have been a victim of fraud, you can request the above credit reporting bodies not to disclose credit reporting information about you.

 

Direct Marketing.

 

We will use your personal information to offer you products and services we believe may interest you, but we will not do so if you tell us not to. We may offer you products and services by various means, including by mail, telephone, email, SMS or other electronic means, such as through social media or targeted advertising through our websites.

We may also disclose your personal information to companies outside Kearney Group who assist us to market our products and services to you.

Where you have consented to receiving marketing communications from us, your consent will remain current until you advise us otherwise.  However, you can opt out at any time, by:

  • contacting us (details at the end of this Policy); or
  • using the unsubscribe facility that we include in our electronic messages. If we have collected the personal information that we use to send you marketing communications from a third party (for example a direct mail database provider), you can ask us to notify you of our source of information, and we will do so, unless this would be unreasonable or impracticable.

 

Electronic collection of personal information.

 

We will collect information from you electronically, for instance through internet browsing, mobile or tablet applications.

Each time you visit our website, we collect information about your use of the website, which may include the following:

  • the date and time of visits;
  • which pages are viewed;
  • how users navigate through the site and interact with pages (including fields completed in forms and applications completed);
  • location information about users;
  • information about the device used to visit our website; and
  • IP addresses.

We use technology called cookies when you visit our site. Cookies are small pieces of information stored on your hard drive or in memory. They can record information about your visit to the site, allowing it to remember you the next time you visit and provide a more meaningful experience.

One of the reasons for using cookies is to offer you increased security. The cookies we send to your computer cannot read your hard drive, obtain any information from your browser or command your computer to perform any action. They are designed so that they cannot be sent to another site, or be retrieved by any non-Kearney Group site.

We won’t ask you to supply personal information publicly over Facebook, Twitter, or any other social media platform that we use. Sometimes we may invite you to send your details to us via private messaging, for example, to answer a question. You may also be invited to share your personal information through secure channels to participate in other activities, such as competitions.

 

Access to and correction of personal information.

 

At any time you can request access to the personal information we hold about you. You can also ask for corrections to be made. To do so, please contact us (details at the end of this Policy).

You can also apply to access personal information about you that a CRB holds by contacting the relevant CRB using the contact information set out above.

There is no fee for requesting that your personal information is corrected or for us to make corrections. In processing your request for access to your personal information, a reasonable cost may be charged. This charge covers such things as locating the information and supplying it to you.

There are some circumstances in which we are not required to give you access to your personal information.

If we refuse to give you access to or to correct your personal information we will give you a notice explaining our reasons except where it would be unreasonable to do so.

If we refuse your request to correct your personal information, you also have the right to request that a statement be associated with your personal information noting that you disagree with its accuracy.

If we refuse your request to access or correct your personal information, we will also provide you with information on how you can complain about the refusal.

 

Data quality and security.

 

General

Kearney Group is committed to keeping your personal information secure and confidential. All reasonable precautions will be taken to protect personal information from loss, misuse, unauthorised access or alteration. We take reasonable steps to:

  • make sure that the personal information that we collect, use and disclose is accurate, up to date and complete and (in the case of use and disclosure) relevant;
  • protect the personal information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure; and
  • destroy or permanently de-identify personal information that is no longer needed for any purpose that is permitted by the APPs.

You can help us keep your information up to date by letting us know about any changes to your details, such as your address, email address or phone number.

You acknowledge that the security of online transactions you conduct using the website cannot be guaranteed.  To the fullest extent permitted at law, Kearney Group does not accept responsibility for misuse of, loss of, or unauthorised access to, your personal information where the security of that information is not within Kearney Group’s control.

Within Kearney Group, access to personal information is restricted to personnel on a need to know basis. Kearney Group has directed its staff that personal information must be dealt with in accordance with this Policy and kept secure from unauthorised access or disclosure. We educate our staff about their duty to protect your privacy and provide training regarding this Policy.

Security

The steps we take to secure the personal information we hold include website protection measures (such as firewalls and anti-virus software), security restrictions on access to our computer systems (such as login and password protection), controlled access to our corporate premises, policies on document storage and security, personnel security (including restricting access to personal information on our systems to staff who need that access to carry out their duties), staff training and workplace policies.

Website security

While we strive to protect the personal information and privacy of users of our website, we cannot guarantee the security of any information that you disclose online and you disclose that information at your own risk. If you are concerned about sending your information over the internet, you can contact us by telephone or post (details at this end of this Policy).

If you are a registered user of our website and/or our client portal, you can also help to protect the privacy of your personal information by maintaining the confidentiality of your username and password and by ensuring that you log out of the website when you have finished using it.  In addition, if you become aware of any security breach, please let us know as soon as possible.

IP Address

An IP (internet protocol) address is a number that is automatically assigned to your computer by your internet service provider when you log on. Your IP address is not linked to your personal information but we do preserve the right to use IP addresses to identify individuals who may threaten our site, services or clients.  IP addresses may also be used to help diagnose problems with our website and to gather broad demographic information.

Third party websites

Links to third party websites that are not operated or controlled by us are provided for your convenience.  We are not responsible for the privacy or security practices of those websites, which are not covered by this Policy. Third party websites should have their own privacy and security policies, which we encourage you to read before supplying any personal information to them.

Data breaches

If there is any breach of your personal information, Kearney Group will deal with such breach and notify you in accordance with its obligations under the Privacy Act.

 

Exemptions.

 

There is an exemption in the Privacy Act regarding information relating to current or former employees. The Privacy Act does not apply to an act done or practice engaged in by Kearney Group in relation to:

  • a current or former employment relationship between Kearney Group and the individual; and
  • an employee record held by Kearney Group relating to the individual (includes personal information relating to the employment relationship and may include information such as recruitment/termination information, terms and conditions of employment, health and banking details).

This exemption does not apply to applicants who are unsuccessful in securing a role with us. In those cases, we will take all the necessary steps to ensure proper collection, use, storage, disclosure of and access to information in accordance with the Privacy Act and other applicable laws.

 

Resolving privacy concerns and complaints.

 

If you are concerned about how your personal information is being handled or if you have a complaint about a potential breach of the Privacy Act or the APPs, please first contact Kearney Group’s Privacy Compliance Officer.

Complaints should be directed to our Privacy Compliance Officer in writing (details below).

We will acknowledge your complaint within 24 hours or 1 business day.

If we are unable to resolve your complaint at the first point of contact, we will work with you to better understand your concerns and investigate your complaint.

If we complete our investigation within 5 business days, we will contact you and advise you of our findings. If you are satisfied with our response we will consider the complaint resolved.

If your concerns require us to undertake complex investigations, we will attempt to resolve the complaint within 30 days and will provide you with a written response of the outcome of our investigations.

If we are likely not to complete our investigations within 30 days, we will provide you with a written notification of the delay.

If you are not satisfied with our response or the manner in which we dealt with the complaint, there are other bodies with which you can escalate your concerns.

The Australian Financial Complaints Authority (AFCA) can consider most privacy complaints involving providers of financial services.

AFCA can be contacted at:

Australian Financial Complaints Authority Limited
GPO Box 3
Melbourne VIC 3001
Phone: 1800 931 678
www.afca.org.au

Under the Privacy Act you may complain to the Office of the Australian Information Commissioner about the way we handle your personal information.

The Commissioner can be contacted at:

The Commissioner
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992
Email: [email protected]
www.oaic.gov.au

 

Contact Us.

 

Please send feedback, comments, complaints or requests for further clarification of this Policy to:

Privacy Compliance Officer

PO Box 3347
Burnley North VIC 3121

Phone: +61 3 9428 8822

General Information

For general information or queries about Kearney Group:

Suite 137, 425 Smith Street
Fitzroy VIC 3065

Phone: +61 3 9428 8822

 

Changes to this Policy.

 

We may amend this Policy from time to time. The current version will be posted on our website and a copy may be obtained by contacting our Privacy Compliance Officer (details above).

Speak to the team.