The security of your personal information is of supreme importance to us. We value your trust, and aim to help you manage and plan your financial life. The protection of your personal information is a vital part of this relationship.
This policy explains the steps that Map My Plan takes to comply with the Privacy Act 1988 (Cth), Australian Privacy Principles and General Data Protection Regulation.
In this Policy:
- ‘Disclosing’ information means providing information to persons outside of Map My Plan
- ‘Personal information’ means information or an opinion relating to an individual, whether true or not and whether recorded in a material form or not, which can reasonably be used to identify that individual
- ‘Privacy Officer’ means the contact person for questions or complaints regarding Map My Plan’s handling of personal information
- ‘Sensitive information’ is personal information that includes information relating to a person’s racial or ethnic origin, political opinions, religion, trade union or other professional or trade association membership, sexual preferences and criminal record, and also includes health information
- ‘Use’ of personal information means Map My Plan’s handling of that information or undertaking an activity with the information
The terms in this Policy which are defined in the Terms and Conditions have the same definition as defined in the Terms and Conditions.
Map My Plan is committed to ensuring that your privacy is protected.
1. What we collect
We may collect and hold personal information relating to the following matters:
- Your full name
- Date of birth
- Relationship status
- Number of dependents
- Email address
- Savings and assets
- Credit such as credit providers, balances, interest rates and repayments
- Information about your superannuation or other investments such as the issuer and type of investment, value or balance and investment income and expenses
- Insurance information, such as the issuer, type of policy, premiums and amount of cover
- Employment information
- Information about your goals and aspirations
- Other information relevant to the Financial Road Map
- Information on your use of the Website such as:
- The date and time you visit the Website
- The number of pages of the Website viewed
- Your navigation patterns on the Website
- The country from which you accessed the Website
- The systems you used to access the Website
- When entering the Website from another site, the address of that site
- Trade union or other professional or trade association membership
We will not collect sensitive information about you except trade union or other professional or trade association membership information.
2. What we do with the information we gather
We use this information to understand your needs and provide you with our services, and in particular for:
- Making recommendations relevant to your financial situation and estimated projections as part of the services we provide to you
- Compliance with relevant laws, regulations and legal obligations
- Considering any concerns or complaints you may have
- Assisting you with queries you have
- Helping us improve and enhance our business and the services we offer to you
Certain laws, such as the Anti-Money Laundering, Counter-Terrorism Financing Act 2006 (Cth) and General Data Protection Regulation require us, where it is necessary, to establish your identity by collecting personal information and taking steps to verify some or all of this information. During the course of your dealings with us, we may also collect and verify further information about you to comply with this and other laws.
We may use and disclose your personal information for any of these purposes. We may also use and disclose your personal information for secondary purposes which are related to the primary purposes set out above, or in other circumstances authorised by the Privacy Act.
Sensitive information collected (trade union or other professional or trade association membership) will be used and disclosed only for the purpose for which it was provided (or a directly related secondary purpose), unless you agree otherwise or an exemption in the Privacy Act applies.
We will not sell, distribute or lease your personal information to third parties unless we have your permission or are required by law to do so. Unless the Map My Plan service you are using is provided in partnership with another company or organisation that has expressly requested that Map My Plan not sell, distribute or lease de-identified data to third parties, we may sell, distribute or lease de-identified data to third parties.
3. Who we disclose personal information to
We may disclose personal information to:
- The company or organisation who is providing you with the Map My Plan service (if any)
- Organisations involved in a transfer or sale of our assets or business
- Regulatory bodies, government agencies, law enforcement bodies and courts in order to comply with or enforce our obligations or rights
- Anyone to whom you authorise us to disclose it
We do not, and do not intend to disclose your personal information to any overseas recipient. We will take reasonable steps to notify you if this position changes.
Your personal information may be transferred overseas, if we transfer or sell our assets or business, to an actual or potential purchaser or investor who is located in or has offices overseas and if the overseas jurisdiction has privacy laws of like effect to those of Australia.
4. How we collect personal information
We collect your personal information via your use of the Website. Generally, the information that we collect is what you provide to us through your use of the Website, including updating your account details and details that relate to your goals on the Financial Roadmap Dashboard. We will also collect your personal information if you make an enquiry through our contact us link on the Website, email us, call us or send us correspondence.
We may also collect your personal information from a third party, should you authorise us to do so, such as your financial institution or the company or organisation through which you receive your access to the Website.
If you do not provide us with the personal information we request, or if you have not provided us with full and accurate information, the advice you receive may not be appropriate to meet your needs.
5. Links to other websites
6. Direct marketing
We may only use personal information we collect from you for the purposes of direct marketing without your consent if:
- The personal information does not include sensitive information
- You would reasonably expect us to use or disclose the information for the purpose of direct marketing
- We provide a simple way of opting out of direct marketing, and
- You have not requested to opt out of receiving direct marketing from us.
If you wish to opt out of receiving direct marketing, contact us.
If we collect personal information about you from a third party, we will only use that information for the purposes of direct marketing if you have consented (or it is impracticable to obtain your consent). You can easily request not to receive direct marketing communications from us by contacting us. We will draw your attention to the fact you may make such a request in our direct marketing communications.
You have the right to request us not to use or disclose your personal information for the purposes of direct marketing, or for the purposes of facilitating direct marketing by other organisations. We will give effect to the request within a reasonable time. You may also request that we provide you with the source of their information. If such a request is made, we must notify you of the source of the information free of charge within a reasonable period of time.
7. Unsolicited information
If we receive unsolicited personal information about you, we will destroy or de-identify this information unless it is relevant to the purposes for which we collect personal information.
8. Management of personal information
We recognise the importance of securing the personal information of our customers. We will take steps to ensure your personal information is protected from misuse, interference or loss and unauthorised access, modification or disclosure.
Your personal information is stored encrypted in our database on webservers located in Australia. We do not have any hard copy files. In relation to information that is stored electronically, we apply the following measures:
- Master and secondary passwords are required to access the system;
- Data ownership is clearly defined;
- The system automatically logs and reviews all unauthorised access attempts;
- Employees are prohibited from updating and editing personal information except if you have made a request under Section 9 of this Policy;
- Print reporting of data containing personal information is prohibited.
9. Keeping your personal information accurate and up-to-date
You can log into your Financial Roadmap Dashboard at any time where you can update your personal information. If you believe that any information we are holding on you is incorrect or incomplete and you cannot update it on the Website, please contact us as soon as possible. Where the information is inaccurate, we will take reasonable steps to correct the information within 30 days, unless you agree otherwise. We will not charge you for correcting your personal information.
10. Accessing your personal information
Subject to exceptions in the Privacy Act, you can access the personal information that we hold about you by contacting the Privacy Officer. We will generally provide access within 30 days of your request. If we refuse to provide you with access to the information, we will provide reasons for the refusal.
We will require identity verification and specific particulars of what information is required and may charge an administrative fee for searching and photocopying our records.
11. Updates to this Policy
This Policy will be reviewed from time to time to take account of new laws and technology and changes to our operations and the business environment. Hence, Map My Plan may change this Policy from time to time.
To evaluate the effectiveness of our Website advertising, we may use third parties to collect statistical data. No personal data is collected on these occasions.
For statistical purposes we collect information on your activity on the Website through the use of ‘cookies’. This information on its own does not identify any individual but it does provide us with statistics that can be used to analyse and improve the Website. Cookies also allow the Website to tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve the Website to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer, however this may prevent you from taking full advantage of the Website.
14. Record Retention
We will retain the information we collect from you for a period of 7 years, as required by law, even if you cancel your membership with us.
15. Our responsibilities
Map My Plan management informs employees and relevant third parties about this Policy. Employees and relevant third parties are advised of changes to this Policy. All new employees are provided with timely and appropriate access to this Policy and training in relation to appropriate handling of personal information. Employees and relevant third parties that don’t comply with this Policy may be subject to disciplinary action.
16. Making a complaint
If you have any questions about this Policy, or wish to make a complaint about how we have handled your personal information or if you believe we may have breached the Australian Privacy Principles or any applicable APP code, you can lodge a complaint with us by contacting us.
If you are not satisfied with our response to your complaint, you can also refer your complaint to the Officer of the Australian Information Commissioner by:
- Telephoning: 1300 363 992
- Writing: Director of Complaints, Office of the Australian Information Commissioner, GPO Box 5218, SYDNEY NSW 2001
- Emailing: [email protected]
Version: 25 May 2018