1. Introduction

Morrison Securities Pty Limited (“Morrison”) ABN 50 001 430 342 AFSL 241737 respects the privacy of the people we deal with and we uphold high standards of privacy practice and security. We recognise the importance of protecting your personal and sensitive information collected and used by us.

This Privacy Policy sets out why we need to collect personal information, how we collect it, what we do with it, how it is stored and who we might share it with. The Policy also describes how you can access or correct information we hold about you, how you can ask further questions or make a complaint, and information about our websites and online activities.

We are committed to protecting and maintaining the privacy, accuracy, and security of your personal and financial information in accordance with the requirements of the Australian Privacy Principles (APPs) of The Privacy Act 1988. We collect information about you for the purpose of reporting to AUSTRAC under the Anti Money Laundering and Counter-Terrorism Financing Act 2006.

In general, we will not use or disclose such personal information collected about you otherwise than for the purposes set out in this policy, for a purpose you would reasonably expect, a purpose required or permitted by law, or a purpose otherwise disclosed to, or authorised by you.

We may, in connection with particular services we offer or provide to you, make other privacy disclosures to you or seek your authority to use your personal information in ways which are different from or more specific than those stated in this Privacy Policy. In the event of any inconsistency between the provisions of this privacy policy and those additional materials, the provisions of the additional materials will prevail. This Privacy Policy is intended to provide a summary of our current approach to handling personal information.

 

2. Why we collect Personal Information

For most products and services, it is necessary for us to collect ‘personal information’ such as your name, identity details, photos, contact details and transaction information. We may also need to collect other personal details (such as gender, marital status and financial information) and other information from which you can be identified by.

Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:

• Whether the information or opinion is true or not; and
• Whether the information or opinion is recorded in a material form or not.

While an organisation may provide individuals with the option of dealing with it using a pseudonym or anonymously, Morrison deals primarily with clients in financial services, it is unlikely that it would be practical for services to be provided to those clients without them having identified themselves. Further, in most situations companies within Morrison will be required under the terms of the Anti-Money Laundering and Counter-terrorism Financing Act 2006 (Cth) (AML/CTF Act) to appropriately identify clients.

We collect personal information from you if you apply for a job with Morrison.

 

3. Sensitive Information

Sensitive information will only be collected with an individual’s consent if the collection is also reasonably necessary for one or more of the organisation’s functions or activities. To meet legislative requirements, it is envisaged that Morrison may be required to collect the information needed to comply and store that information including Tax File Numbers (TFN) and personal medical information.

The way we use TFNs and information received from a credit reporting agency if relevant about an individual is also restricted by law. Sensitive information is usually needed for applications for death, sickness and disability insurance and to manage claims on those products. It may also be relevant to credit and other applications.  Sensitive information will be used and disclosed only for the purposes for which it was provided, unless the customer agrees otherwise, or the use or disclosure of this information is allowed by law. Documents asking for sensitive information will explain this.

It is prohibited for an organisation to adopt, use or disclose a government related identifier unless an exception applies. We will not use for example a TFN as a client reference for filing purposes.

 

4. How we collect your information

We generally collect personal information directly from you.  For example, personal information will be collected through our application processes, forms and other interactions with you in the course of providing you with our products and services, including when you visit our website, use a mobile app from us, call us or send us correspondence.

We may also collect personal information about you from a third party, such as electronic verification services, referrers, marketing agencies, credit providers.  If so, we will take reasonable steps to ensure that you are made aware of this Privacy Policy.  We may also use third parties to analyse traffic at our website, which may involve the use of cookies.  Information collected through such analysis is anonymous.

We will not collect sensitive information about you without your consent, unless an exemption in the APPs applies.  These exceptions include if the collection is required or authorised by law, or necessary to take appropriate action in relation to suspected unlawful activity or serious misconduct.

If the personal information we request is not provided by you, we may not be able to provide you with the benefit of our services or meet your needs appropriately.

We do not give you the option of dealing with them anonymously, or under a pseudonym.  This is because it is impractical, and, in some circumstances, illegal for Morrison to deal with individuals who are not identified.

 

5. Unsolicited personal information

We may receive unsolicited personal information about you.  We destroy or de-identify unsolicited personal information we receive, unless it is relevant to our purposes for collecting personal information. We may retain additional information we receive about you if it is combined with other information we are required or entitled to collect.  If we do this, we will retain the information in the same way we hold your other personal information.

 

6. How we store your information

Safeguarding the privacy of your information is important to us, whether you interact with us personally, by phone, mail, over the internet or other electronic medium. We hold personal information in a combination of secure computer storage facilities and paper-based files and other records and take steps to protect the personal information we hold from misuse, loss, unauthorised access, modification or disclosure. We may need to maintain records for 7 years. However, when we consider information is no longer needed, we will remove any details that will identify you or we will securely destroy the records.

 

7. How we use your information

While we may send you marketing material from time to time that we think will be useful to you, we are conscious of the need to respect your privacy. Unless you are informed otherwise, the personal information we hold is used for establishing and managing your financial products or services, enhancing customer service and product options and giving you ongoing information or opportunities that we believe may be relevant to you.

Generally, we require that other organisations who handle or obtain personal information as service providers to Morrison acknowledge the confidentiality of this information, undertake to respect any individual’s right to privacy and comply with the APPs and this policy.

We may disclose personal information in order to comply with our obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (AML/CTF obligations).

Where we use personal information under the Product Design and Distribution Obligations regime, where Morrison acts as issuer we will use your information for the purposes of a Target Market Determination, so that the financial products are consistent with your likely objectives, financial situation and needs if you are the intended target market.

 

8. When your information is disclosed

Subject in all cases to local law, we may share personal information within Morrison and may disclose personal information outside Morrison:

• to our service providers, who provide services in connection with our products and services including archival, auditing, accounting, customer contact, legal, business consulting, banking, payment, delivery, data processing, data analysis, information broking, mailing, marketing, research, investigation, insurance, identity verification, brokerage, maintenance, trustee, securitisation, website and technology services.
• to comply with any legal or regulatory obligation, such as those imposed by regulators, arising under anti-money laundering or anti-terrorism financing laws, or reasonably arising in connection with legal proceedings.
• to our affiliates.
• to your nominated financial adviser with your permission.
• for the prevention and mitigation of fraud and other financial crimes.
• as contained in the terms and conditions of any specific product or service.

We may also disclose your personal information (on a confidential basis) in connection with the undertaking of our principal investment activities including, but not limited to, acquisitions, mergers, and the management of any parts of our business or assets (including divestments), and the provision of any debt to another party.

In some circumstances the parties to whom we disclose personal information may operate outside of Australia such as the United Kingdom or the United States of America. Where this occurs, we take steps to protect personal information against misuse or loss and to comply with local law in respect of the transfer of your data from one jurisdiction to another. Those parties, in turn, may make such information available to the governments of such other countries in accordance with local law requirements.

 

9. Your rights if you are in the EU or UK

As provided for in the General Data Protection Regulation (GDPR), you have the right to access your data; to correct or rectify your data; to delete your data subject to applicable law; to have your data processed only in accordance with applicable law; to have copies of your data to be moved to another controller; to object to our processing your data otherwise than in accordance with the law; and to withdraw any consent to our processing your data at any time. Please email [email protected] to exercise any of those rights.

 

10. Cookies

A ‘cookie’ is a packet of information that allows the server to identify and interact more effectively with your computer or mobile device, by providing you with a unique identification number. This identification number is either sent or confirmed each time you use our website.

The purpose of this information is to provide you with a more relevant and effective experience on our website, including presenting web pages according to your needs or preferences. Our website may use cookies to enhance your experience when you visit.

We may also use independent external service providers to track the traffic and usage on the website. Cookies are frequently used on many websites on the internet and you can choose if and how a cookie will be accepted by changing your preferences and options in your browser. You may not be able to access some parts of our website if you choose to disable the cookie acceptance in your browser. We therefore recommend you enable cookie acceptance to benefit from all the services on the website.

 

11. Technology improvements

We are constantly striving to improve functionality on our website through technology changes. This may mean a change to the way in which personal information is collected or used. The impact of any technology changes where it may significantly affect your privacy will be notified via an update at the time of the change.

 

12. Keeping information accurate and up to date

We take reasonable steps to ensure that all information we hold is as accurate as possible. You are able to contact us at any time and ask for its correction if you feel the information we have about you is inaccurate or incomplete.

If any of your personal details change or you discover any errors in your personal information we hold, please contact us by email at [email protected] as soon as possible to help us keep our records accurate, complete and up to date.

We may, if permitted by law, refuse to change our records of your personal information. If we do so, we will provide reasons.

 

13. How you can access or correct your information

You can contact us to request access to or correction of your personal information. In normal circumstances we will give you full access or make the requested corrections to your information. However, there may be some legal or administrative reasons to deny these requests. If your request is denied, we will provide you with the reason why (if we can). Where we decide not to make a requested correction to your personal information and you disagree, you may ask us to make a note of your requested correction with the information.

 

14. Internet security, email and spam

Internet Security

We respect your privacy and we have taken the reasonable steps to protect our website and are committed to providing a safe and secure online environment. To that end, we maintain physical, electronic and procedural safeguards to protect information, which comply with all applicable laws. However, no data transmission over the internet can be guaranteed as fully secure and we cannot guarantee or warrant the security of any information you send to us over the internet. You submit information over the internet at your own risk. We will review our security procedures and practices from time to time.

Email

By communicating with us via email, you authorise us to act on any instructions or apparent instructions without enquiring as to the identity of the sender. If your instructions are ambiguous, incomplete or unclear we are under no obligation to act on such instructions. We will not be liable for any cost, expenses, loss or damage which you may suffer or incur in connection with any action taken or omitted by us in following any email instructions from you. You are responsible for and must take all responsibility to ensure that the information you supply to us is accurate.

When we correspond with you by email, our messages are not encrypted and may potentially be accessed by unauthorised persons or organisations.

Spam

Spam is a generic term used to describe electronic ‘junk mail’, unwanted messages sent to a person’s email account or mobile phone. In Australia, spam is defined as ‘unsolicited commercial electronic messages’. ‘Electronic messaging’ covers emails, instant messaging, SMS and other mobile phone messaging, but does not cover normal voice to-voice communication by telephone.

We comply with the provisions of the Spam Act when sending commercial electronic messages.

 

15. Direct marketing

We may only use personal information we collect from you for the purposes of direct marketing without your consent if:

• the personal information does not include sensitive information; and
• you would reasonably expect us to use or disclose the information for the purpose of direct marketing; and
• we provide a simple way of opting out of direct marketing; and
• you have not requested to opt out of receiving direct marketing from us.

If we collect personal information about you from a third party, we will only use that information for the purposes of direct marketing if you have consented (or it is impracticable to obtain your consent), and we will provide a simple means by which you can easily request not to receive direct marketing communications from us.  We will draw your attention to the fact you may make such a request in our direct marketing communications.

You have the right to request us not to use or disclose your personal information for the purposes of direct marketing, or for the purposes of facilitating direct marketing by other organisations. We must give effect to the request within a reasonable period of time.  You may also request that we provide you with the source of their information. If such a request is made, we must notify you of the source of the information free of charge within a reasonable period of time.

If we send you direct marketing material, where you are a Retail client, we will follow the hawking prohibitions and the Product Design and Distribution Obligations regime, whereby as an issuer we will use your information for the purposes of a Target Market Determination, or whereas as distributors for the purposes of assessing your suitability for the intended target market.

 

16. Interactive Tools

Our website provides you with many interactive tools designed to help you make an informed choice with certain financial and other decisions. We may collect personal information you enter when using the interactive tools on our website.

 

17. Third parties and cross-border disclosure

Our website may have links to external third-party websites that may benefit the user. External websites should contain their own privacy statements and we recommend you review them when using their websites. Please note, however, that third party websites are not covered by this Privacy Policy and these sites are not subject to our privacy standards and procedures.

In the event that Morrison utilises third parties including those in offshore locations to collect and process personal information then the offshore entities have been required to sign agreements agreeing to operate under the APP’s and this Privacy Policy.

 

18. How to contact us

If you have any questions or complaints regarding privacy or information handling, please contact us by email at [email protected]

Please mark communications to the attention of our Privacy Officer. We will respond to let you know who will be handling your matter and when you can expect a further response.

If you are not satisfied with our response to your complaint, you can also refer your complaint to the Office of the Australian Information Commissioner by:

telephoning – 1300 363 992

writing – Director of Complaints, Office of the Australian Information Commissioner, GPO Box 5218, SYDNEY NSW 2001

emailing – [email protected]