Privacy Policy

 

Pinnacle Investment Management Group Limited (Pinnacle or We) understands and appreciates that you are concerned about the confidentiality and security of information that Pinnacle collects about you. Pinnacle recognises each individual’s right to privacy and is committed to the protection and confidentiality of your personal information.

 

Pinnacle is bound by the Privacy Act 1988 (Cth) and must protect your personal information in accordance with that Act and other applicable laws, such as the Spam Act 2007 (Cth).

 

In addition to the Privacy Act, individuals located in the European Union (EU) also have rights under EU based rules known as the General Data Protection Regulation (GDPR). The GDPR has harmonised the data privacy laws of each individual EU country, giving more rights to individuals located in the EU and imposing more obligations on organisations holding personal information.

 

Details of additional rights of individuals located in the EU and how we meet them are outlined in this policy below.

 

HOW DO WE COLLECT PERSONAL INFORMATION?

 

We collect personal information so that we can provide you with our products and services and comply with our legal and regulatory obligations.

 

We will not collect any information that identifies you as an individual unless you knowingly provide it to us.  We primarily collect this information when you complete an application form or subscribe for information or notifications from us or our affiliates. In addition, when you browse our website, read or download information, our system will record the date and time of your visit and the pages viewed and information downloaded.

 

In most cases, we will collect your personal information directly from you. However, we can also collect your personal information from other sources, such as our affiliates or from third parties such as your authorised representatives and advisers.

 

WHAT PERSONAL INFORMATION DO WE COLLECT?

 

Any information that identifies you is deemed to be personal information. The personal information we collect about you will depend on the circumstances of collection.

 

We collect information that is reasonably necessary to be able to provide you with our products or services. For instance, we can ask for identification information such as your name, date of birth, residential address, email address, telephone number, financial and investment information, bank account details, citizenship, social security number and/or tax file/identification number.

 

Sensitive information

 

The Privacy Act protects your sensitive information — such as information about your religion, ethnicity, health or biometrics. We will not collect your sensitive information.

 

HOW DO WE USE YOUR PERSONAL INFORMATION?

 

Any information we collect from you, can be used by any entity carrying out functions on behalf of Pinnacle and its related entities for:

  • the purpose of enabling Pinnacle to provide services or information to you in accordance with your requests or reasonable expectations;
  • the purpose of enabling Pinnacle to undertake research, planning, product development, risk assessment, risk modelling and marketing; and
  • any other purpose required by or to the extent permitted by law.

 

DIRECT MARKETING

 

We may use the information we gather to provide you with targeted communications about products and services we think will be of interest to you. We may also send you details of offers or services provided by Pinnacle’s related entities.

 

You may at any time choose not to receive these communications. Doing so will not cost you anything, and we commit to ensuring that you stop receiving any unwanted communications as soon as possible. If you do not want to receive such communications, please contact us.

 

WHO DO WE SHARE YOUR PERSONAL INFORMATION WITH?

 

We will only disclose personal information to third party entities carrying out functions on behalf of Pinnacle and its related entities on a confidential basis. You should note that information we collect from you can also be disclosed to third parties if that disclosure is required, or to the extent permitted, by law.

 

OVERSEAS RECIPIENTS

 

We may disclose your personal information to external service providers in the following offshore locations: Canada, Malaysia, Luxembourg, Hong Kong and the United Kingdom.

We take steps to ensure that our external service providers keep your personal information confidential and use it only for the purposes for which they are authorised.

 

HOW DO WE PROTECT YOUR PERSONAL INFORMATION?

 

Pinnacle regards the security of your personal information as a priority and takes all reasonable steps to protect your information from loss and unauthorised access, destruction, use, modification or disclosure.

Pinnacle stores personal information in a combination of computer storage facilities, paper-based files and other records. These are held on our secure premises and systems as well as offsite using trusted third parties. We will take reasonable steps to protect personal information from loss, interference or misuse, and unauthorised access, modification or disclosure.

Where personal information is no longer required to be retained, we will take such steps as are reasonable in the circumstances to de-identify the information or put it beyond use.

Pinnacle cannot ensure or warrant the security of any information you transmit to us or receive from our products or services and you do so at your own risk. Once we receive your information, we take reasonable steps to preserve the security of information on our own system. From time to time the website contains links to other websites. Pinnacle is not responsible for the privacy practices or the content of these websites.

 

COOKIES

 

A cookie is a small data file placed on your computer by Pinnacle’s server. A cookie contains information about your visit to the website. When you visit the website again, our server will look for the cookie and structure itself based on the information provided. A cookie identifies your computer to our web server when you visit the website. We do not use the cookie to store personal information about you. Pinnacle uses browser cookies to improve the speed and reliability of our security system. It is recommended that you turn off any cookie warnings in your browser before using this website, otherwise you may not be able to use the full functionality of this website.

 

ACCEPTANCE AND CHANGES TO THE PRIVACY POLICY

 

You acknowledge and accept that your use of the website indicates your acceptance of the website’s terms and conditions of use and this Privacy Policy. This Privacy Policy may change from time to time. Any information collected after an amended Privacy Policy has been posted on the website will be subject to that amended Privacy Policy.

 

ACCESS AND UPDATING OF INFORMATION

 

You are able to access and update the personal information that we hold about you at any time. To amend personal information that Pinnacle holds, please contact us.

 

IF YOU HAVE A PRIVACY COMPLAINT

 

At Pinnacle, we value our customers. We will always aim to be fair and responsive. If you have a privacy complaint, you have the right to expect that we will handle it in a friendly and professional way. When we receive a complaint, we receive this as valuable feedback that may help us improve our services and to ensure your needs are met in a satisfactory and appropriate manner.

 

If you wish to complain, at any time, about the handling, use or disclosure of your personal information, you can provide your written complaint by email, letter or by personal delivery to any one of our contact details noted below or verbally by telephone.

 

We will make all efforts possible to investigate your complaint, and advise you of the outcome as soon as possible. Your complaint can also be taken to the Office of the Australian Information Commissioner, who can be contacted at:

 

Office of the Australian Information Commissioner (OAIC)

Level 3

175 Pitt Street

Sydney NSW 2000

Visit oaic.gov.au

 

If the matter is not resolved to your satisfaction, you can then refer your complaint to the Australian Financial Complaints Authority (AFCA), who can be contacted at:

 

Australian Financial Complaints Authority

GPO Box 3

Melbourne VIC 3001

Phone 1800 931 678 (free call)

Visit afca.org.au

 

HOW TO CONTACT US

 

You can contact us about this Privacy Policy or about your personal information by:

By mail:               PO Box R1313

Royal Exchange NSW 1225

By email:             Risk.Compliance@pinnacleinvestment.com

By phone:           1300 360 306

 

EU individuals

 

The European Union (EU) General Data Protection Regulation (GDPR) has harmonised the data privacy laws of each individual EU country, giving more rights to individuals located in the EU and more obligations to organisations holding their personal information. In this Appendix, “personal information” means any information relating to an identified or identifiable natural person (the meaning given to the term “personal data” in the GDPR).

 

Personal information must be processed in a lawful, fair and transparent manner. As such, if you are located in the EU, GDPR requires us to provide you with more information about how we collect, use, share and store your personal information as well as advising you of your rights as a ‘data subject’.

 

Pinnacle is a controller and processer of personal information. Information regarding such controlling and processing is set out herein. Any person seeking information with respect to controlling or processing of personal information by Pinnacle or seeking to exercise any rights afforded to them under GDPR should contact our Data Protection Officer (please refer to Contact Us section of this Policy)

 

What personal information do we collect?

 

Please refer to section titled “WHAT PERSONAL INFORMATION DO WE COLLECT?” in the Privacy Policy for details of the personal information we collect.

 

Special Categories of Personal Information:

 

The GDPR provides additional protection for personal information about your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, biometric data (for example your fingerprints), or data concerning your health, sex life or sexual orientation. We will not collect this type of personal information.

 

How long we keep your personal information:

 

We will keep your personal information while you are our customer. We aim to keep your personal information for only as long as we need it.

 

We generally keep your personal information for up to 7 years after you stop being a customer, but we may keep your personal information for longer:

  • to fulfil legal or regulatory obligations;
  • for internal research and analytics; or
  • to respond to a question or complaint.

 

How we use your personal information:

 

We can only collect and use your personal information if we have a valid lawful reason to do so.

 

How we use your personal information Our reasons Our legitimate interests
 

To confirm your identity

 

To fulfil our obligations

To meet our legal duty

We have legitimate interests

 

Preventing fraud

Complying with guidance of regulators

Managing risk

 

To assess your application for a

product or service

 

We have your application/consent

To fulfil our obligations

To meet our legal duty

We have legitimate interests

 

Complying with guidance of regulators

Managing risk

 

To manage our relationship with you

 

 

We have your application/consent

To fulfil our obligations

To meet our legal duty

We have legitimate interests

 

Preventing and investigating potential criminal activity

Complying with guidance of regulators

Managing risk

 

To minimise risks and identify or

investigate fraud and other illegal activities

 

 

To fulfil our obligations

To meet our legal duty

We have legitimate interests

 

Preventing fraud

Ensuring information security

Reporting possible criminal acts or threats to public security

Preventing and investigating potential criminal activity

Complying with guidance of regulators

Managing risk

 

To contact you, for example, when we need

to tell you something important

 

 

We have your consent

To fulfil our obligations

To meet our legal duty

We have legitimate interests

 

Preventing fraud

Complying with guidance of regulators

Managing risk

 

To improve our service to you and your

experience with us

 

 

We have your consent

To fulfil our obligations

To meet our legal duty

We have legitimate interests

 

Preventing and investigating potential criminal activity

Complying with guidance of regulators

Managing risk

 

To comply with laws, and assist government

or law enforcement agencies

 

 

To fulfil our obligations

To meet our legal duty

We have legitimate interests

 

Preventing fraud

Ensuring information security

Reporting possible criminal acts or threats to public security

Preventing and investigating potential criminal activity

Complying with guidance of regulators

Managing risk

 

To manage our business

 

We have your consent

To fulfil our obligations

To meet our legal duty

We have legitimate interests

 

Complying with guidance of regulators

Preventing and investigating potential criminal activity

Managing risk

 

 

 

Your rights as a data subject:

 

Under GDPR, persons whose data is controlled and processed by Pinnacle have certain rights, in particular:

 

  • The right to be informed how personal information is processed. You have the right to be informed how your personal information is being collected and used. If we require your consent to process your personal information you can withdraw consent at any time. If you withdraw consent, we may not be able to provide certain products or services to you. The right to withdraw only applies when the lawful basis of processing is consent.
  • The right of access to personal information. You can access your personal information that we hold by contacting us.
  • The right to rectification. You have the right to question any personal information we have about you that is inaccurate or incomplete. If you do, we will take reasonable steps to check the accuracy and correct it.
  • The right to erase. You have the right to ask us to delete your personal information if there is no need for us to keep it. You can make the request verbally or in writing. There may be legal or other reasons why we need to keep your personal information and if so, we will tell you what these are.
  • The right to restrict controlling and processing. You have the right to ask us to restrict our use of your personal information in some circumstances. In this situation we would not use or share your personal information while it is restricted. This is not an absolute right and only applies in certain circumstances.
  • The right to data portability. In some circumstances you have the right to request we provide you with a copy of the personal information you have provided to us in a format that can be easily reused.
  • The right to object. In some circumstances you have the right to object to us processing your personal information.
  • The right to lodge a complaint with a supervisory authority. You have the right to complain to the regulator if you are not happy with the outcome of a complaint. See the ‘Regulator Contact Details’ section for more information. The individual regulator websites will tell you how to report a concern.

 

 

You may decline to share certain personal information with us, in which case we may not be able to provide to you some of the features and functionality of our products and services.

 

Overseas Recipients

 

Please refer to the section titled “OVERSEAS RECIPIENTS” in the Privacy Policy. Regulator Contact Details

 

The UK data protection authority is:

 

Information Commissioner’s Office
Wycliffe House
Wilmslow
Cheshire SK9 5AF
UK
Visit: ico.org.uk