Privacy Policy

Scope of Policy

The Privacy Policy (the “Policy”) relates to the collection of personal information for the operation and administration of Gardior Pty Ltd (“Gardior”), entities within the Gardior group structure (the “Gardior Group”) and investment funds for which Gardior acts as Trustee (“Gardior Funds”).

This Policy has been formulated to ensure that Gardior complies with its legal requirements in relation to privacy. Gardior is required to comply with the requirements of the Privacy Act 1988 (the “Privacy Act”). The Privacy Act provides for a legislative framework governing the management of personal information held by Gardior in conducting its business operations. Specifically, Gardior is required to comply with the Australian Privacy Principles (APPs).

This Policy has been reviewed taking into account the Office of the Australian Information Commissioner (OAIC) guidelines released in late 2013 so far as they apply to Gardior and the Gardior Group.

Responsibility for this policy

The Gardior Board (the “Board”) has ultimate responsibility for this Policy.

The Board delegates to the Company Secretary the formulation of processes and procedures to ensure Gardior’s operations accord with this Policy.

Gardior has engaged an external Compliance Consultant that monitors ongoing compliance with this Policy and reports directly to the Gardior Risk, Audit and Compliance Committee when a breach of this Policy has occurred.

Purpose of this policy

This Policy sets out the Board of Gardior’s policy on the management of personal information about individuals, including the collection, use, disclosure and security of personal information.

The Policy also describes the process to access and correct information that Gardior holds and how to make enquiries or complaints about how Gardior manages the personal information it has collected.

Personal information that we hold and how and why we collect it

Personal information

Personal information includes information about an individual such as:

  • name or address;
  • bank account details and credit card information;
  • photos; and
  • information about the individual’s opinions and what they do and don’t like.

Gardior collects minimal personal information as Gardior’s investors are incorporated organisations, rather than natural persons.  The information collected about such entities may not be subject to the same privacy requirements as personal information. 

Gardior collects personal information about representatives of investors or service providers of its investors as required in the normal course of business. In addition, we may collect personal information regarding Gardior Directors and other individuals employed within the Gardior Group.

Collection of personal information by service providers

Gardior has outsourced the performance of the Company Secretarial and Administration functions for the Gardior Funds to Independent Fund Administrators & Advisers Pty Ltd (IFAA) (ABN 28 081 966 243) and its associated entities.  This includes investment administration and accounting services contracted to Independent Professional Services Pty Ltd (ABN 67 126 760 638). Gardior also outsources the Investment Management services for the Gardior Funds to various external investment managers. 

All outsourced providers to Gardior undertake to keep personal information confidential and not to use it for any purposes other than those outlined in this Policy.

Personal information is collected by IFAA in performing Company Secretarial and Administration services on behalf of Gardior.  IFAA collects, uses, discloses and holds onto this information on behalf of Gardior.  IFAA staff involved in the collection of information on behalf of Gardior do so in accordance with the Privacy Policies of IFAA and Gardior as well as privacy procedures in place at IFAA to ensure compliance with the Privacy Act.

Process of collection

Information may be collected directly from the investor entity, from application forms or directly from an individual. The types of personal information that Gardior collects about an individual may include, but not be limited to:

  • name;
  • date of birth;
  • name of employer and employer’s address;
  • telephone and fax number; and
  • email address.

Gardior will only collect personal information if it is fair and lawful to do so. When we collect information from a person or organisation it is usually done because we are required to under Corporations Law.

We will not collect information in an unreasonably intrusive manner.

Unsolicited information

From time to time we may receive unsolicited information from investor representatives. If this occurs we will:

  • consider if we can collect it;
  • destroy or de-identify the information if we cannot collect it; and
  • if we can collect it, ensure we manage the information in the same way we managed solicited personal information in accordance with this Policy.

Right to anonymity

Providers of information have the right to anonymity or the use of a pseudonym when dealing with us. However, when this occurs, it means we may not be able to disclose any information to that person regarding Gardior that is of a confidential nature i.e. not publically available.

Access to personal information

Access to personal information is limited to authorised employees of the Gardior Group and its services providers who require access to this information for the administration of investments.  The information may be disclosed to regulatory agencies to ensure compliance with legal and other regulatory requirements.

Personal information and how we disclose it

Disclosure of personal information

Gardior will only use and disclose the personal information we hold for the following purposes (primary purposes):

  • Performing any function in relation to the administration of Gardior Funds or the Gardior Group, or any other service or function required to manage and operate the Gardior Funds on behalf of our investors, by Gardior or its service providers.
  • Providing advice to the Gardior Board.
  • Considering an application made to Gardior.
  • Managing Gardior’s rights and obligation in relation to external parties.
  • Developing and identifying products the entity may be interested in.
  • Arranging for the provision of products and services to the entity.

We may also use or disclose your information for the following purposes (secondary purposes):

  • Regulator reporting e.g. ATO, ASIC where required by legislation.
  • Provide information to the courts in relation to a complaint.
  • To assist Gardior in complying with legal and regulatory requirements.
  • To assist with administering Gardior, information may be passed on to third parties, who assist Gardior in complying with legal and regulatory requirements.

All of the organisations to which the personal information may be disclosed require appropriate Privacy Policies and systems that adhere to Australian privacy law.

Gardior does not disclose information about you to other organisations for marketing purposes.

If Gardior use or disclose your personal information for enforcement related activities, we will make a written record of this.

Disclosure to overseas recipients

Gardior may disclose your personal information to an overseas recipient, where doing so is required to perform any function in relation to the administration of Gardior Funds or the Gardior Group, or any other service or function required to manage and operate the Gardior Funds on behalf of our investors, by Gardior or its service providers.  Such functions could include opening or maintaining bank accounts with banks based overseas or creating or administering foreign domiciled entities within the Gardior Group.

Gardior will only do this if we reasonably believe the receiving entity will not breach the privacy requirements contained in Australian privacy law.

Government related identifiers

Where Gardior has requested provision of government related identifiers such as tax file numbers in the process of business operations, we will only disclose a government related identifier to a third party in the following circumstances:

  • when required by legislation.
  • when required by a court order.
  • for enforcement related activities.
  • in order to facilitate an investment transaction for which the government related identifier was obtained.
  • in circumstances where provision of such information is necessary for the day to day administration of Gardior, Gardior Funds or the Gardior Group, and the provider of the government related identifier would reasonably expect such information to be disclosed in the circumstances.

 

Data Integrity (Quality)

Quality of information

Gardior will take reasonable steps to ensure that the information that we hold about you is accurate, complete and up to date. We will do this by:

  • sending to investors a request to update personal information we have collected as regularly as required based on business needs;
  • promptly responding to any requests received from properly authorised investor representatives to update the information we hold; and
  • updating our information based on documentation or correspondence received from investor representatives in the normal course of business.

Data security

Gardior will take reasonable steps to ensure that the information that we hold about you is secure and is protected from misuse, interference and loss, or from unauthorised access, modification or disclosure.

We will do this by ensuring that:

  • our IT systems have adequate restrictions to ensure that only staff involved in the provision of services to Gardior, Gardior Funds and the Gardior Group are able to access the personal information we collect;
  • our IT systems have proper processes for the storage and back up of data; and
  • staff involved in the provision of services to Gardior have received appropriate training on the management of sensitive information.

If Gardior have determined that we no longer need the personal information we have collected about individuals, we will take appropriate steps to destroy the information or ensure it is de-identified.

Access to and Correction of information

Access to information

Individuals are entitled to access information Gardior holds about them. If an individual wishes to know what information Gardior holds about them, they can contact Gardior in writing, or by phone.

Requests for information can sometimes be answered over the telephone, or a copy of the information can be sent by post.

Individuals cannot access information about any other individual for whom we have collected personal information unless that individual has given written approval to do so.

 Under certain circumstances Gardior may not be able to fully disclose what information is held about an individual to that individual.  These circumstances could include when:

  • provision of the information would have an unreasonable impact on the privacy of other individuals;
  • the information relates to legal proceedings with the individual;
  • the information would reveal commercially sensitive information; or
  • Gardior is prevented by law from disclosing the information.

If you request access, we must respond to your request within a reasonable period after you make the request. We must give you access in the manner you requested, except where it is unreasonable or impracticable to do so.

If we refuse access we must give you written reasons that set out:

  • the reasons for the refusal except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so; and
  • the mechanisms available to complain about the refusal; and
  • any other matters prescribed by the regulations.

We will not charge a fee for making a request or accessing information held.

Correction of information

Gardior seeks to ensure that personal information collected remains accurate, complete and up-to-date.

We may correct the information we have collected if we believe it is inaccurate, out of date, incomplete, irrelevant or misleading. We will do so by ensuring internal processes are adequate to maintain data quality and contact is made with the individual concerned where practical.

If we correct information that we hold that we have also given to a third party (under approved means) we will also request that entity to correct the information.

In certain circumstances, we may refuse to correct the information we hold. Were this to occur we would provide written reasons that set out:

  • The reasons for the refusal except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so; and
  • The mechanisms available to complain about the refusal; and
  • Any other matters prescribed by the regulations.

If we refuse to correct the information, the party from whom the information was collected has the right to ask us to associate with the information a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading. Gardior must take such steps as are reasonable in the circumstances to associate the statement in such a way that will make the statement apparent to users of the information.

We must respond to the request to correct the information within a reasonable period and we will not charge a fee for the making of the request, correcting the personal information or for associating the statement with the personal information.

Direct Marketing

Gardior is prohibited from using or disclosing personal information for the purposes of direct marketing.

However, we are allowed to use or disclose personal information for direct marketing where the person providing the information:

  • has given their consent;  
  • would reasonably expect us to use or disclose the information for that purpose and we provide a means of opting out and the person has not requested to opt out; or
  • would reasonably expect us to use or disclose the information for that purpose and either consented or it is impracticable to obtain consent and we provide opt out and prominently advise that the person can make such a request.

We will not use sensitive information that we hold about individuals for the purposes of direct marketing. If we do, we will only do this if you have consented to the use or disclosure of the information.

Individuals may request at any time to not receive direct marketing communications from us using any means.  If such a request is made, we will not charge a fee for the making of or given effect to your request.

Complaints handling process

Complaints about a breach of privacy

Privacy breaches are taken seriously by Gardior. If any individual has a complaint about a possible breach of their privacy, the individual should first contact the Gardior Company Secretary.

 Contact details for the Company Secretary are:

Address:  Level 1 / 410 Ann St, Brisbane.

Telephone: 07 3238 1207

Fax: 07 3238 1277

Contact email:  Charmaine@gardior.com.au

 If the complaint is not resolved, individuals can complain to the Australian Privacy Commissioner, telephone 1300 363 992 or visit www.privacy.gov.au

Complaints about handling of personal information

If an individual wants to make a complaint about the handling of their personal information they may write to the Company Secretary using the above contact details.

A response will be provided within 30 days. 

If the individual is not satisfied with how we have handled the complaint or if we have not provided a response within 30 days of receiving your written correspondence, the individual may write to the Australian Privacy Commissioner. A complaint to the Australian Privacy Commissioner can be made by:

Access to the Privacy Policy

Individuals may request a copy of this Privacy Policy to be sent free of charge by contacting us at fundingyourfuture@gardior.com.au. A copy of the Privacy Policy will be sent within 14 days of request.

Version Control: 2017-01