APN Property Group Limited, APN Funds Management Pty Limited, APN Development and
Delivery Pty Limited ("the Group") understand the importance of protecting the privacy
of your personal information. In handling your personal information, the Group is
required to comply with the Privacy Act, 1998 (Cth) ("the Act") and the ten National
Privacy Principles ("the NPPs").
The Group has a privacy policy that sets out its obligations under the Act and the
NPPs. A copy of the privacy policy can be found below;
1.0 Introduction
APN and APNFM (“the Group”) is required to comply with the ten National
Privacy Principles (“NPPs”) set out in the Privacy Act, 1988 (Cth) (“the
Privacy Act”) and has developed a privacy policy, which details the Group’s
management of personal information that it collects from individuals.
The NPPs and the Group’s privacy policy are detailed below.
2.0 National Privacy Principles (“NPPs”)
The NPPs detailed in the Privacy Act regulate the handling of personal information.
The NPPs aim to ensure that organisations that hold information about people handle
that information responsibly. They also give people some control over the way information
about them is handled.
2.1 Data collection
An organisation must only collect personal information if the information is required
for one of its functions. Collection of personal information must be fair, lawful
and not intrusive and if reasonable and practicable, it must be collected from the
individual from whom it relates. If reasonable and practicable to do so, an organisation
must notify the individual at or before the time of collecting the personal information:
(a) the name and contact details of the organisation;
(b) the purpose of collecting the personal information;
(c) types of organisations to which the personal information may be disclosed;
(d) laws requiring collection of the personal information;
(e) that the individual can get access to their personal information; and
(f) what happens if the person does not give the personal information.
2.2 Use and disclosure
An organisation should only use or disclose personal information for the purpose
it was collected unless:
(a) the individual has consented for it to be used for a secondary purpose;
(b) the secondary purpose is related to the primary purpose and a person would reasonably
expect some use or disclosure;
(c) the use is for direct marketing; or
(d) such disclosure is necessary to protect the public interest or for law enforcement
or individual health and safety.
2.3 Data quality
An organisation must take reasonable steps to make sure that the personal information
it collects, uses or discloses is accurate, complete and up-to-date.
2.4 Data security
An organisation must take reasonable steps to protect the personal information it
holds from misuse and loss and from unauthorised access, modification or disclosure.
An organisation must take reasonable steps to destroy or permanently de-identify
personal information if it is no longer needed for any purpose for which the information
was collected.
2.5 Openness
An organisation must have a policy document clearly expressing its policies on its
management of personal information. The organisation must make the document available
to anyone who asks for it. On request by an individual, an organisation must take
reasonable steps to let the individual know, generally, what sort of personal information
it holds about the individual, for what purpose it needs the personal information,
and how it collects, holds, uses and discloses the personal information.
2.6 Access and correction
Except in particular circumstances, an organisation must provide the individual
with access to their personal information on request by the individual. An organisation
must take reasonable steps to correct personal information so that it is accurate,
complete and up-to-date. An organisation can not charge an individual for making
a request for access to their personal information and any charges for providing
access must not be excessive.
2.7 Adoption, use and disclosure of identifiers
An organisation must not adopt, use or disclose an identifier that has been assigned
by a Commonwealth Government Agency. This NPP seeks to ensure that increasing use
of Commonwealth government identification (TFN, Medicare No.) does not lead to a
de facto system of universal identity numbers, and to prevent any loss of privacy
from the combination and re-combination of the data.
2.8 Anonymity
Wherever it is lawful and practicable, individuals must have the option of remaining
anonymous when entering into transactions with an organisation.
2.9 Trans-border data flows
An organisation (which is an Australian entity) can only transfer personal information
about an individual to someone else in a foreign country in the following specified
circumstances:
(a) the individual consents to the transfer;
(b) the organisation reasonably believes that the recipient is subject to law, binding
scheme or contract which effectively upholds principles similar to the NPPs;
(c) the transfer is necessary for the performance of a contract between the individual
and the organisation, or the implementation of pre-contractual measures taken in
response to the individual’s request;
(d) the transfer is necessary for the conclusion or performance of a contract with
a third party, concluded in the interests of the individual;
(e) the transfer is for the individual’s benefit, it is impracticable to obtain
the individual’s consent to the transfer and the individual would be likely
to give such consent; or
(f) the organisation has taken reasonable steps to ensure that the information will
not be held, used or disclosed by the recipient inconsistently with the NPPs.
2.10 Sensitive information
The organisation must not collect sensitive information unless (amongst other things)
the individual has consented to the collection, or the law requires such collection.
3.0 Privacy policy
The following statement explains the Group’s policy relating to the collection,
storage and use of personal information.
3.1 Rights to privacy
The Group understands the importance of protecting individuals’ rights to
privacy. We have prepared this statement to help you understand how we aim to protect
the privacy of your personal information. In handling personal information, the
Group is subject to the Privacy Act and complies with the ten National Privacy Principles
in the Privacy Act. This policy describes the way the Group collects, uses and discloses
your personal information and your rights in relation to our management of your
personal information. This policy may be updated from time to time.
3.2 What kinds of personal information does the Group collect?
Generally, the Group will collect personal information, such as your name and contact
details including home address and e-mail address and any other information, which
is necessary to provide services to you.
3.3 Collection of personal information
Generally, the Group collects your personal information directly from you by requesting
that you complete an application form. There may be occasions when the Group will
collect your personal information from other sources, such as from a publicly maintained
record. In the event that the Group collects your personal information from a third
party, we will take reasonable steps to inform you from whom, how and why the information
was collected.
3.4 Why does the Group need personal information?
The Group collects this information for the purposes of:
• Processing your application for investments;
• Establishing your investment in a fund; and
• Administering your investment.
A failure to provide your personal information may affect our ability to provide
our range of products and services to you.
3.5 Sharing information with other organisations
The types of organisations to which the Group may disclose the personal information
you provide include:
• your adviser and dealer group;
• any third party service provider the Group may engage to provide custody,
administration, technology, auditing, mailing, printing or other services;
• Government authorities when and to the extent required by law; and
• the Group’s professional advisers (including legal and accounting firms,
auditors, consultants and other advisers). Such disclosure will only be done with
your consent and on a confidential basis.
3.6 Security of your personal information
The Group will take all reasonable steps to ensure that the personal information
it holds is protected against misuse, loss, unauthorised access, modification or
disclosure. Investor information is held on secure servers or in storage located
in controlled environments. The Group’s employees are required to maintain
the confidentiality of any personal information held.
3.7 Can you access the personal information the Group holds about you?
You have the right to access the personal information the Group collects and holds
about you. If at any time you would like to access your details or you would you
like more information on our approach to privacy, please tell us.
3.8 Changing information
If you want to change your personal details held by the Group, please let us know
in writing.
3.9 Changes to the privacy policy
The Group reserves the right to change this privacy policy at any time. The Group
will notify any changes by posting an updated version of the policy on the Group
website at
http://www.apngroup.com.au
4.0 How to contact us
We have appointed a Privacy Compliance Officer to assist you with any inquiries,
complaints or feedback you may have. Please contact our Privacy Compliance Officer
at:
Privacy Compliance Officer
APN Property Group Limited
Level 30, 101 Collins Street
MELBOURNE 3000
Phone: +61 3 9654 7655
Fax: +61 3 9654 7685
E-mail: apnpg@apngroup.com.au
5.0 Privacy Complaints
Please direct all privacy complaints to our Privacy Compliance Officer. A privacy
complaint relates to any concern or dispute that you have with our privacy practices
as it relates to your personal information. This could include matters such as:
(a) How your personal information is collected.
(b) How your personal information is stored.
(c) How your personal information is used or disclosed.
(d) How access to your personal information is provided.
At all times, privacy complaints will:
(a) be treated seriously;
(b) be dealt with promptly;
(c) be dealt with in a confidential manner; and
(d) not effect your existing obligations to the commercial arrangements that exist
between the Group and you.
The Privacy Compliance Officer will commence an investigation into your complaint.
You will be informed of the outcome of your complaint following the completion of
the investigation. In the event you are dissatisfied with the outcome of your complaint,
you may refer the complaint to the Federal office of the Privacy Commissioner.