This policy is to ensure compliance with the terms of the Australian Privacy Principles (APP) as set out in the Privacy Act 1988 and Privacy Amendment (Enhancing Privacy Protection) Act 2012.
This policy is applicable to the entities listed in the following table:
- MSC Group Australia Pty Ltd
- Melbourne Securities Corporation Limited
- MSC Advisory Pty Ltd
2. Collection of Personal information
MSC collects personal information in the course of providing, managing and administering our products and services. The collection of personal information includes our responsibility to comply with legal obligations such as the requirements of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML). Under AML, MSC must collect personal information in order to verify identity prior to providing certain services.
2.1 The information that MSC may collect
The nature of personal information that MSC may collect and retain about you include:
- Name (current and any previous);
- Contact Details;
- Date of Birth;
- Tax File Number;
- Residency Status;
- Bank Account Details;
- Financial Information;
- Credit Information; and
- General Correspondence.
Generally, we will not collect sensitive information about you, such as your race, political beliefs, religious beliefs or sexual orientation. With your consent, we may collect information in respect to your health, financial hardship or criminal record to provide you with, or for applications for, MSC products or services.
2.2 How does MSC collect information?
MSC may collect information directly from you or from a third party (with your consent), for example from:
- Your financial adviser or authorised representative;
- Your solicitor or power of attorney;
- A credit reporting body or agency;
- Corporate clients for which you are associated; and
- Service providers engaged by MSC – such as investment managers, custodians, registry providers and fund administrators.
When you visit our website or websites associated with MSC products and services, we may record information in relation to your visit for statistical purposes. This information will be collected as aggregated data and the user will remain anonymous. We do not attempt to identify users of our websites except where we specifically ask for your personal information, which includes online banking and online services provided to our business partners.
- Server address;
- Top level domain name;
- Date and time of the visit to the site;
- The pages accessed;
- The previous site visited; and
- Type of browser being used.
Cookies are frequently used on websites and users may choose if and how a cookie will be accepted by configuring their preferences and options in their browser. All browsers allow you to be notified when you receive a cookie and you may elect to either accept it or not. If you wish not to accept a cookie, this may impact the effectiveness of the website.
3. Use of Personal Information
MSC may collect, hold, use or disclose your personal information in order to:
- Provide you with financial products and services;
- Assist you with your queries or concerns;
- Perform our necessary business functions (such as internal audit investigations, performance reporting, research, product development and planning); or
- Perform our contracted role in situations where MSC is an agent for another product issuer or service provider.
We may also collect, hold, use or disclose your personal information to:
- Consider any concern or complaint that you raise against MSC and/or to manage any legal action between you and MSC;
- Prevent or investigate any actual or suspected fraud, unlawful activity or misconduct;
- Identify you or establish your tax status under any Australian or foreign legislation; or
- Comply with any relevant laws, regulations, codes of practice and court orders.
Personal information collected about you may be used by companies associated with MSC, but only if this is necessary in order for us to provide you with our products or services.
4. Disclosure of Personal Information
In some circumstances your information may be disclosed to third-parties who assist MSC to provide, manage and administer our goods and services. Third parties that we may disclose information to include:
- Mailing houses and printing companies;
- Investment managers;
- Registry providers;
- Fund administrators;
- Auditors and solicitors;
- Insurance providers and brokers; and
- Other consultants.
Where we disclose your information to our service providers, we will take steps to ensure that they are authorised to only use personal information in order to perform the functions required or contracted by MSC.
Depending on the nature of the product or service that we are providing, we may disclose your personal information to your nominated representatives (e.g. your financial adviser) and their respective service providers.
In the event MSC is replaced as product or service provider we may disclose your personal information to the replacing entity.
We may also disclose your personal information to law enforcement agencies, courts or government agencies where required to comply with specific legal requirements.
MSC will never sell, rent or trade personal information to, or with, third parties. MSC does not and is not likely to store personal information with overseas recipients.
5. Protection of Personal Information
MSC has implemented systems to ensure personal information is protected. MSC processes and measures to protect against unauthorised use or disclosure of personal information includes:
- Secure computer storage facilities (both in-house and at our service providers), on paper-based files; as well as in other formats;
- Database access is controlled and third-party agreements reflect privacy law obligations; and
- Technical security measures such as secure authentication, password controls, encryption, firewalls and anti-virus technology.
6. Access or Correction of Personal Information
You may contact MSC to request access to the personal information we hold about you at any time. You may also ask us to correct information about you that you may believe is inaccurate, incomplete or out of date.
We will take all reasonable steps to first verify your identity or whether you act as an authorised agent of the respective individual. MSC will respond to the request within a reasonable time after the request is made. Where the request is accepted, MSC will provide access to or correct the personal information as requested if it is reasonable to do so.
6.1 European Union General Data Protection Regulation (GDPR)
If you reside in a country that is a member of the European Economic Area (the EU and Norway, Lichtenstein and Iceland), in addition to the protection you receive under the Privacy Act, you are entitled to other protections provided by the GDPR, including, in certain circumstances, the right to:
- have your personal information erased;
- access your personal information in an electronic and portable format; and
- restrict or object to the processing of your personal information.
If you believe that MSC has managed your personal information in a way not consistent with the APP, please contact the Privacy Officer using the contact information below.
We may ask you to place your concerns in writing in order for us to fully understand and investigate the issues you have raised. We will make every effort to resolve your issue within a reasonable time of us being notified.
If a complaint remains unresolved, you may access our external dispute resolution service:
Phone: 1800 931 678
Post: GPO Box 3, Melbourne VIC 3001
Or you may apply to the Office of the Australian Information Commissioner (OAIC) to have the complaint heard and determined.
Phone: 1300 363 992
Post: GPO Box 5218, Sydney NSW 2001
8. Further Information
Melbourne Securities Corporation Ltd
Level 2 professional chambers, 120 Collins Street
Melbourne VIC 3000
Ph. 1300 798 790