BlackStar Advisory Pty Ltd (“BlackStar Advisory”) recognises the importance of privacy and we are committed to protecting your personal information. We are required to comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles which provides for the fair handling of personal information, and sets standards for the collection, access, storage and use of personal information. Our policy for dealing with any personal information that you disclose to us is explained below.
1.3 We collect personal information to provide you with the products and services you request as well as information on other products and services offered by or through us. The law may also require or authorise us to collect personal information.
Generally we do not collect sensitive information about you, such as health records, unless it is reasonably necessary for the purpose of providing you with our services or is otherwise permitted by law.
1.4 We disclose relevant personal information to external organisations that help us provide services. These organisations are bound by confidentiality arrangements. They may include overseas organisations.
1.5 You can seek access to the personal information we hold about you. If the information we hold about you is inaccurate, incomplete, or outdated, please inform us so that we can correct it. If we deny access to your personal information, we will let you know why. For example, we may give an explanation of a commercially sensitive decision, or give you access to the information through a mutually agreed intermediary, rather than direct access to evaluative information connected with it.
COLLECTION OF PERSONAL INFORMATION
2. Why we collect information
2.1 We collect personal information when it is reasonably necessary for one or more of our functions or activities.
2.2 These include:
(a) providing clients with the services they request and, unless they tell us otherwise, to provide information on the services offered by us and external service providers for whom we act as agent. (If you have provided us with your email or mobile phone details, we may provide information to you electronically with respect to those products and services);
(b) complying with our legal obligations;
(c) monitoring and evaluating products and services;
(d) gathering and aggregating information for statistical and research purpose;
(e) assisting clients with queries; and
(f) taking measures to detect and prevent frauds.
3. Information we may collect
3.1 The personal and sensitive information we collect generally consists of name, address, date of birth, gender, occupation, account details, contact details (including telephone, facsimile and e-mail) and financial information.
3.2 Where it is necessary to do so, we also collect information on individuals such as:
(c) company directors and officers;
(d) officers of co-operatives and associations;
(e) customer’s agents;
(f) beneficial owners of a client; and
(g) persons dealing with us on a“one-off” basis.
3.3 We may take steps to verify the information we collect.
4. How we collect the information
We only collect personal information about you directly from you (rather than someone else) unless it is unreasonable or impracticable to do so or you have instructed us to liaise with someone else.
5. Information collected from someone else
If it is impracticable or unreasonable for us to collect the personal information directly from you, we may collect such information from agents, or from your family members or colleagues. If you are not aware that we have collected the personal information, we will notify you of collection and the circumstances of collection, if we consider it is reasonable to do so.
6. Incomplete or inaccurate information
We may not be able to provide you with the products or services you are seeking if you provide incomplete or inaccurate information.
7.1 In some cases, before or at the time of collecting your personal information, we will obtain your consent to the purposes for which we intend to use and disclose your personal information.
7.2 If you don’t give us consent, we may not be able to provide you with the products or services you want. This is because we are required to collect this information to provide you advice.
8. Withdrawing consent
Having provided consent, you are able to withdraw it at any time. To withdraw consent, please contact our office. Please note that withdrawing your consent may lead to us no longer being able to provide you with the product or service you enjoy given that, as mentioned above, it is impracticable for us to treat some customers differently.
9. Sensitive information
In addition to the above conditions of collecting personal information, we will only collect sensitive information about you if we obtain prior consent to the collection of the information or if the collection is required or authorised by law.
10. Dealing with unsolicited personal information
10.1 If we receive personal information that is not solicited by us, we will only retain it, if we determine that it is reasonably necessary for one or more of our functions or activities and that you have consented to the information being collected or given the absence of your consent that it was impracticable or unreasonable for us to obtain it under the circumstances.
10.2 If these conditions are not met, we will destroy or de-identify the information.
10.3 If such unsolicited information is sensitive information we will obtain your consent to retain it regardless of what the circumstances are.
INTEGRITY OF YOUR PERSONAL INFORMATION
11. Quality of personal information
11.1 We ensure that the personal information we collect and use or disclose is accurate, up to date, complete and relevant.
11.2 Please contact us if any of the details you have provided to us change or if you believe that the information we have about you is not accurate or up to date.
11.3 We may also take steps to update personal information we hold, for example, an address, by collecting personal information from publicly available sources.
12. Security of personal information
12.1 We are committed to ensure that we protect any personal information we hold from misuse, interference, loss, unauthorised access, modification and disclosure.
12.2 For this purpose, we have a range of practices and policies in place to provide a robust security environment. We ensure the on-going adequacy of these measures by regularly reviewing them.
12.3 Where information we hold is identified as no longer needed for any purpose we ensure it is effectively and securely destroyed.
SECTION E – USE OR DISCLOSURE OF PERSONAL INFORMATION
13. Use or Disclosure
13.1 If we hold personal information about you that was collected for a particular purpose (“the primary purpose”), we will not use or disclose the information for another purpose (“the secondary purpose”) unless:
(a) We have obtained your consent to use or disclose the information; or
(b) you would reasonably expect us to use or disclose the information for the secondary purpose and the secondary purpose is:
(i) if the information is sensitive – directly related to the primary purpose; or
(ii) if the information is not sensitive – related to the primary purpose;
(c) the use or disclosure of the information is required or authorised by or under an Australian law or a court/tribunal order; or
(d) a permitted general situation exists in relation to the use or disclosure of the information by us; or
(e) a permitted health situation exists in relation to the use or disclosure of the information by us, in which case we will de-identify the information before disclosing it; or
(f) we reasonably believe that the use or disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.
13.2 Where we use or disclose personal information in accordance with section 13(1)(e) we will keep a copy of this disclosure (e.g.: the email or letter used to do so).
14. Who we may communicate with
14.1 Depending on the services we provide to you, the entities we exchange your information with include but are not limited to:
(a) brokers and agents who refer your business to us;
(b) any person acting on your behalf, including your lawyer(s), accountant(s), financial or business advisor, executor, administrator, trustee, guardian or attorney;
(c) if required or authorised to do so, regulatory bodies and government agencies;
(d) investors or advisers;
(e) other organisations who in conjunction with us provide services.
14.2 Our use or disclosure of personal information may not be limited to the examples above.
15.1 We may disclose personal information when we outsource certain functions, including bulk mailing, market research, direct marketing, bookkeeping and invoicing functions, statement production, debt recovery and information technology support. We also seek expert help from time to time to help us improve our systems, products and services.
15.2 In all circumstances where personal information may become known to our contractors, agents and outsourced service providers, there are confidentiality arrangements in place. Contractors, agents and outsourced service providers are not able to use or disclose personal information for any purposes other than our own.
15.3 We take our obligations to protect customer information very seriously we make every effort to deal only with parties who share and demonstrate the same attitude.
16. Disclosure required by law
We may be required to disclose customer information by law e.g. under Court Orders or Statutory Notices pursuant to taxation, superannuation, social security, competition or corporate regulatory laws or under laws relating to sanctions, anti-money laundering or counter terrorism financing.
SECTION F – DIRECT MARKETING
17. Direct marketing
17.1 We will only use or disclose the personal information we hold about you for the purpose of direct marketing if we have received the information from you and you have not requested not to receive such information.
17.2 Direct marketing means that we should use your personal information to provide you with information on our services that may interest you.
17.3 If you wish to opt-out of receiving marketing information altogether, you can:
(a) email us at: [email protected]
(b) write to us at:
Level 1, 1 Sussex Street
Sydney New South Wales 2000
SECTION G – CROSS BORDER DISCLOSURE OF PERSONAL INFORMATION
18. Disclosing personal information to cross border recipients
We will only disclose your personal information to a recipient who is not in Australia and who is not our entity after we ensure that:
(a) the overseas recipient does not breach the Australian Privacy Principles; or
(b) you will be able to access to take action to enforce the protection of a law or binding scheme that has the effect of protecting the information in a way that is at least substantially similar to the way in which the Australian Privacy Principles protect the information; or
(c) you have consented to the disclosure after we expressly you that there is no guarantee that the overseas recipient will not breach the Australian Privacy Principles; or
(d) the disclosure of the information is required or authorised by or under an Australian law or a court/tribunal order; or
(e) a permitted general situation (other than the situation referred to in item 4 or 5 of the table in subsection 16A(1) Privacy Act) exists in relation to the disclosure of the information.
19. General Data Protection Regulation (GDPR)
We are committed to ensuring that the collection and processing of your data, carried out from our website or other means, complies with the GDPR. Each collection of personal data is limited to what is strictly necessary (minimization of data) and specifies:
• what are the objectives of the data collection;
• if this data is mandatory or optional for the management of your request;
• who will have access to it (only BlackStar Advisory unless specified in the form when transmission to a third party is necessary to manage your request).
The personal data collected as part of the services offered by us are processed according to secure protocols and enable us to handle requests received.
For any information or to exercise your rights concerning the processing of personal data managed by us, you can contact us.
SECTION H – ADOPTION, USE OR DISCLOSURE OF GOVERNMENT IDENTIFIERS
20. Adoption of government related identifiers
We will not adopt a government related identifier of an individual as our own identifier unless required or authorised to do so by or under an Australian law, regulation or court/tribunal order.
21. Use or disclosure of government related identifiers
Before using or disclosing a government related identifier of an individual, we will ensure that such use or disclosure is:
(a) reasonably necessary for us to verify your identity for the purposes of our activities or functions; or
(b) reasonably necessary for us to fulfil its obligations to a government agency or a State or Territory authority; or
(c) required or authorised by or under an Australian law, regulation or a court/tribunal order; or
(d) within a permitted general situation (other than the situation referred to in item 4 or 5 of the table in subsection 16A(1) Privacy Act); or
(e) reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.
SECTION I – ACCESS TO, AND CORRECTION OF, PERSONAL INFORMATION
22.1 You can request us to provide you with access to the personal information we hold about you.
22.2 Requests for access to limited amounts of personal information, such as checking to see what address or telephone number we have recorded, can generally be handled over the telephone.
22.3 If you would like to request access to more substantial amounts of personal information we hold about you, we will require you to make your request to us in writing.
22.4 Following receipt of your request, we will provide you with an estimate of the access charge (if applicable) and confirm that you want to proceed.
22.5 We will not charge you for making the request for access, however access charges may apply to cover our costs in locating, collating and explaining the information you request.
22.6 We will respond to your request as soon as possible and in the manner requested by you. We will endeavour to comply with your request within 14 days of its receipt but, if that deadline cannot be met owing to exceptional circumstances, your request will be dealt with within 30 days. It will help us provide access if you can tell us what you are looking for.
22.7 Your identity will be confirmed before access is provided.
In particular circumstances, we are permitted by law to deny your request for access, or limit the access we provide. We will let you know why your request is denied or limited if this is the case. For example, we may give an explanation of a commercially sensitive decision rather than direct access to evaluative information connected with it.
24. Refusal to give access and other means of access
24.1 If we refuse to give access to the personal information or to give access in the manner requested by you, we will give you a written notice setting out the reasons for the refusal, the mechanisms available to complain and any other relevant matter.
24.2 Additionally, we will endeavour to give access in a way that meets both yours and our needs.
SECTION J – CORRECTION OF PERSONAL INFORMATION
25.1 We will correct all personal information that we believe to be inaccurate, out of date, incomplete, irrelevant or misleading given the purpose for which that information is held or if you request us to correct the information.
25.2 If we correct your personal information that we previously disclosed to another APP entity you can request us to notify the other APP entity of the correction. Following such a request, we will give that notification unless it is impracticable or unlawful to do so.
26. Refusal to correct information
If we refuse to correct the personal information as requested by you, we will give you a written notice setting out the reasons for the refusal, the mechanisms available to complain and any other relevant matter.
27. Request to associate a statement
If we refuse to correct the personal information as requested by you, you can request us to associate with the information a statement that the information is inaccurate, out of date, incomplete, irrelevant or misleading. We will then associate the statement in such a way that will make the statement apparent to users of the information.
SECTION K – CONTACT US AND COMPLAINTS
28. Contact or make a complaint
28.1 If you have any questions, would like further information about our privacy and information handling practices or have a privacy complaint, please contact us by:
(a) Email: [email protected]
BlackStar Advisory – Level 1, 1 Sussex Street, Sydney New South Wales 2000 Australia.
28.2 In the event you have a complaint, to assist us in helping you, we ask you to follow the below process:
(a) gather all supporting documents relating to the complaint;
(b) contact us and we will review your situation and if possible resolve your complaint immediately.
28.3 If you are still not satisfied and the matter has not been resolved to your satisfaction, you can telephone the Australian Information Commissioner's hotline on 1300 363 992 or, if calling from outside Australia, + 61 2 9284 9749.
Further Information on Privacy
Further information may be obtained on privacy issues in Australia by visiting the Australian Information Commissioner’s website at: http://www.privacy.gov.au.
Date last revised: October 2023