At SuperEd we value your privacy. We know that how we collect, use, exchange and protect your information is important to you, and we value your trust. That’s why protecting your information and being clear about what we do with it is a vital part of our relationship with you.
What information do we collect and hold?
In order for us to assist you with a financial service, a financial forecast or financial advice, then, with your consent, we ask you to provide us with relevant information about you and if applicable your partner and other people that are important to you. Depending on the services you require this can include information ranging from your contact details and age to other information including gender, marital status, expected retirement age, superannuation fund balances and contributions, income sources, goals, assets and liabilities, expenses and your government age pension Centrelink entitlement eligibility, payments and related entitlements, and government identifiers (e.g Centrelink number).
We may collect sensitive information about you, with your consent, to enable us to assist you with the completion of government forms, including the relevant Centrelink entitlement application form. Sensitive information includes information about your race or ethnicity, political opinions, religious beliefs, criminal record, sexual information or health. We will not otherwise collect sensitive information.
We will communicate with you electronically unless you tell us that you do not wish to receive electronic communications.
How do we collect your information?
Generally, we collect your personal information directly from you. We could do this in a number of ways including when you apply for our products and services or when you contact us. We may do this through our website or mobile apps, in telephone calls, from documents you give us, or in emails.
We may collect personal information about you from other people or your superannuation fund or any other organisation we may use to gather your personal information. The information we collect from third parties includes but is not limited to your name, date of birth, account balance and investment options. Examples of how we may do this include collecting your personal information from:
- Government agencies (for example Centrelink, where we are authorised by you to liaise with Centrelink on your behalf);
- Organisations that have entered into arrangements with us provide services to their members or customers where you are a member or customer of that organisation.
We also collect other content about how you use our website. This can include, without limitation, information such as the types of content you view or engage with or the frequency and duration of your activities, your server address, the date and time of your visit, the pages and links accessed and the type of browser used. We do this so that we are able to deliver our services to you in a personalised manner and make suggestions for you by using this information.
What if you don’t provide some information to us?
If you do not provide us with some or all of the information that we ask for or require to assist you, we may not be able to provide you with financial services or financial advice that are suitable to your circumstances.
For what purposes do we collect, use and disclose your information?
The main purpose for which we collect, hold, use and disclose your personal information is to provide you with our Services (for example financial advice that can assist you in your journey to a better and more sustainable retirement income, provide advice and assist you to manage your financial affairs including but not limited to your superannuation, insurance and budgeting arrangements on an ongoing basis, assist you in applying for your Centrelink entitlements). Other purposes we do this include:
- to assess how to provide you with our Services (for example, to assess whether you are eligible for the Centrelink entitlement or to assess how much money you can sustainably spend in retirement);
- to provide you with services, such as financial advice, to help optimise your pension, or to help manage your retirement and your investments;
- to liaise with government agencies where you want to receive government benefits;
- to verify your identity in accordance with the Anti-Money Laundering and Counter Terrorism Financing Act and any other relevant laws;
- to comply with legal and regulatory requirements, prevent fraud or crime; and
- to help us improve our Services, resolve any problems, manage and develop our products and conduct research.
From time to time we will use your contact details to send you offers, updates, events, articles, newsletters or other information about products and services that we believe will be of interest to you. We may also send you regular updates by email or by post. We will always give you the option of electing not to receive these communications and you can notify us if you wish to unsubscribe at any time.
We will communicate with you electronically unless you tell us that you do not wish to receive electronic communications.
Will we disclose the information we collect to anyone?
We may disclose your personal information to:
- government agencies (e.g Centrelink) depending on the services you require;
- your superannuation fund and/or our referral partners, for the purpose of keeping your fund and/or our referral partners informed of how we are assisting you and identifying further ways to assist you;
- to other service providers, including but not limited to third party financial advisers, who act on your behalf or where we may refer you to for services that we are not in a position to offer you;
- regulatory bodies, law enforcement bodies and dispute resolution bodies (such as the Australian Financial Complaints Authority (AFCA));
- to third parties who help us to provide our services, (e.g. mailings, external data storage providers, software developers or to other companies if we sell, merge, or restructure the company) that we are not in a position to offer you;
- our agents, service providers, business partners and contractors who provide you with services along with us or who supply services to us (for example to technology providers, financial planning software providers, data storage providers or marketing companies);
- other third parties if we are required to do so by law or under some unusual other circumstances which the Privacy Act permits;
We do not sell, trade, or rent your personal information to others.
Will we disclose your information overseas?
We will not disclose your personal information overseas.
How do we hold and protect your information?
We strive to maintain the relevance, reliability, accuracy, completeness and currency of the personal information we hold and to protect its privacy and security. We keep personal information only for as long as is reasonably necessary for the purpose for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements.
We hold the information we collect from you on servers located in Australia. In some cases, your file is archived and sent to an external data storage provider for a period. We only use storage providers in Australia who are also regulated by the Privacy Act.
We endeavour to ensure that your information remains safe and secure. For example:
- Access to information systems is controlled through identity and access management.
- Employees are bound by internal information security policies and are required to keep information secure.
- We maintain physical security over our paper and electronic data and premises, by using locks and security systems.
Please be aware that the transmission of data over the Internet is never guaranteed to be completely secure. It is possible that third parties outside of our control may be able to access or intercept transmissions or private communications without our permission or knowledge. Therefore, we cannot ensure or warrant the security of any information transmitted between us.
We take reasonable steps to de-identify your personal information when it is no longer needed for any purpose permitted under the Privacy Act. This requirement does not apply if we are required or authorised by law to keep it.
SuperEd can aggregate data about you
We may aggregate data that you and other individuals provide in a way that will not identify you or them in order to:
- provide data to other organisations (including but not limited to your superannuation fund) about the use of our services
- enable us to assess our service offering
- determine whether any improvements or changes are required to our services, and
- provide you with more information about our services.
We may use, sell, licence, redistribute and disclose aggregate data.
Anonymous data – We use technology to collect anonymous information about the use of our website, for example when you browse our website our service provider logs your server address, the date and time of your visit, the pages and links accessed and the type of browser used. It does not identify you personally and we only use this information for statistical purposes and to improve the content and functionality of our website, to better understand our clients and markets and to improve our services.
Cookies – In order to collect this anonymous data we may use “cookies”. Cookies are small pieces of information which are sent to your browser and stored on your computer’s hard drive. Sometimes they identify users where the website requires information to be retained from one page to the next. This is purely to increase the functionality of the site. Cookies by themselves cannot be used to discover the identity of the user. Cookies do not damage your computer and you can set your browser to notify you when you receive a cookie so that you can decide if you want to accept it. They allow the website to recognise your computer when you return in the future.
How can you check, update or change the information we are holding?
You have a right to ask for access to your personal information and to request that we correct it. If you wish to access or correct your personal information please write to email@example.com and provide us with enough information to allow us to identify you. We will provide you with details of the personal information we hold about you. We will also correct, amend or de-identify any personal information that we agree is inaccurate, irrelevant, out of date or incomplete. These requests will be actioned within 30 calendar days.
We do not charge for receiving a request for access to personal information or for complying with a correction request. We do not charge for providing access to personal information.
In some limited cases, we may need to refuse access to your information or refuse a request for correction. We will advise you as soon as possible after your request if this is the case and the reasons for our refusal.
What happens if you want to complain?
email: firstname.lastname@example.org, or
by letter: PO Box 527, North Sydney NSW 2059
Your complaint will be considered by us through our internal complaints resolution process and we will aim to resolve complaints within 30 days of you making the complaint.
If you are not satisfied with our handling of your privacy complaint, or your complaint is not resolved within 30 days, you can refer your complaint to the Office of the Australian Information Commissioner.
The Commissioner can be contacted at:
Office of the Australian Information Commissioner
GPO Box 5218 Sydney NSW 2001
Phone: 1300 363 992
There are other bodies you can go to including the Australian Financial Complaints Authority. If an issue has not been resolved to your satisfaction you can lodge a complaint with the Australian Financial Complaints Authority, or AFCA. AFCA provides fair and independent financial services complaint resolution that is free to consumers.
Australian Financial Complaints Authority
GPO Box 3, Melbourne VIC 3001
Phone: 1800 931 678 (free call)
What happens if there is a Data Breach?
Should a data breach occur, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) of the data breaches that are likely to result in serious harm within 30 days of the breach event.The factors which might contribute to a reasonable person thinking “serious harm” might have occurred include:
- The sensitivity of the information;
- Whether the information was encrypted;
- Whether the information was in a secure file;
- How likely it is that the security could be breached; or
- The identity of the person who obtained the information, whether they intend to cause harm to the affected person and the nature of the harm.
Links to other sites
By asking us to assist with your financial affairs, you consent to the collection and use of the information you have provided to us for the purposes described above.
Tell us what you think
We welcome your questions and comments about privacy. If you have any concerns or complaints, please contact us on: