Introduction
This privacy policy (Policy) applies to personal information collected by MA Financial Group Limited (ACN 142 008 428) and all of its Australian wholly-owned subsidiaries, excluding those of its subsidiaries which have adopted separate privacy policies, and which are published on their respective websites, together referred to in this Policy as MA Financial Group, us, our or we. It outlines how each member of the MA Financial Group collects and uses your personal information in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles.
Each member of the MA Financial Group collects and handles your personal information in accordance with its legal obligations, including those under the Privacy Act and the Australian Privacy Principles contained in the Privacy Act. In addition, where a MA Financial Group member handles credit information, it will be bound by Division 3 of Part IIIA of the Privacy Act and the Privacy (Credit Reporting) Code 2014.
This Policy also applies to personal information:
- as defined in the Singapore Personal Data Protection Act 2012 (PDPA), collected by MA Financial Pte. Ltd. (MA Singapore), a Singapore company, subject to PDPA; and
- as defined in Gramm-Leach-Bliley Act (GLBA), collected by all entities registered in the United States of America and controlled by MA Financial Group Limited (U.S Entities).
Except where indicated, in the paragraphs below, all references to MA Financial Group, us, our or we also refer to MA Singapore and the U.S Entities.
This Policy describes how your personal information and, where applicable, credit information is collected, used, disclosed and held by members of the MA Financial Group.
You consent to us collecting, holding, using and disclosing your personal information in accordance with this Policy.
Why we collect personal information
MA Financial Group will collect and hold your personal information for the purposes of:
- providing products and services to you;
- managing and administering the products and services;
- letting you know about our other products and services; and
to comply with any associated legal or regulatory obligations imposed by regulators including those under anti-money laundering and counter-terrorism financing laws or laws relating to comprehensive consumer credit reporting.
Information we collect from you
We collect information about you and your interactions with us. The type of information collected from you includes information necessary for us to offer you products and provide financial services to you. We may ask you to provide personal information to us including but not limited to:
- personal and contact details such as your name, phone number, residential or postal address, email address and date of birth;
- documentary evidence to verify your identity such as a certified copy of your driver's licence, passport, birth certificate, citizenship and marriage certificates;
- Government related identifiers and identity documents such as your Tax File Number and country of tax residency;
- financial details such as details of your employment, income, assets, financial liabilities;
- information we need to provide our services to you such as your bank account details;
- transaction information about transactions you have made using our products and services;
- digital information from you electronically when you use our website or online services; and
- if you apply for credit related services or products, we will also collect credit information such as a credit check. See 'Credit Checks and Credit Reporting' below for more information.
Sensitive Information
Sensitive information will only be collected if it is relevant to the product or service we are providing or will provide to you. If applicable, this will be communicated to you. For example, some forms of biometric data are collected, stored and used to support access and verification procedures as well as fraud prevention.
Information we collect from others
MA Financial Group may collect information about you in addition to what you voluntarily provide to us in order to comply with relevant laws and regulations.
We also collect information about you from other entities within the MA Financial Group. If you apply for credit, we may obtain a credit report from a credit reporting body. We may also collect information about you that has been made available by third parties who are permitted to provide your data We may also collect credit information about you from credit reporting bodies and any other third party who associated with your application (e.g. landlords, next of kin, solicitor or accountant).
How personal information is collected?
The personal information we collect about you comes primarily from your account application forms, engagement letters or other product forms and through our ongoing communications with you. MA Financial Group may collect information about you in addition to what you voluntarily provide to us from you or other sources such as government and law enforcement agencies, our contracted service providers or other third parties, in order to comply with relevant laws and regulations.
Wherever there is a legal requirement for us to ask for information about you, we will inform you of the obligation and the consequences of not giving us the requested information. For example, in addition to obtaining personal information from you when you acquire a new product or service from us, we will need to obtain certain documentary evidence from you as to your identity. Such evidence may include items such as a certified copy of your driver’s licence, passport or birth certificate. We may also collect your personal information by using electronic verification services or searching publicly available sources of information such as public registers.
We will not collect any personal information about you except where you have knowingly provided that information to us or where we believe that you have authorised a third party to provide that information to us. Any information collected from publicly available sources will be protected in the same way as the information you voluntarily disclose.
If you provide personal information to us about someone else, you must ensure that you are entitled to disclose that information to us, that the other person has consented to you providing us with the information, and that we can collect, use and disclose that information as set out in this Policy without having to take any further steps required under law (such as obtaining consent directly from that person). This means that if you provide us with personal information about someone else, you must make sure that the individual concerned understands the matters set out in this Policy and has provided their prior consent to be bound by this Policy.
Can you deal with us anonymously?
In general, you can visit our website without telling us who you are or revealing any personal information about yourself. Our web servers collect the domain names, not the email addresses, of visitors. However, there are parts of our website where we may need to collect personal information from you for a specific purpose, such as to provide you with certain information you request. We do this through the use of online forms, emails, or other communication methods (e.g. over the telephone or by mail).
How do we use and disclose your personal information?
We only use and hold your personal information:
- for the purpose of providing you with the financial service or products you have sought from us and reasonably related secondary purpose;
- if you are applying for employment with us through our website or otherwise, to assess, process and manage your application for employment;
- to handle any complaints that you may have;
- to notify you about new features, services and products we offer;
- to develop new features, products and services;
- to improve and personalise our website for you, or improve our products or services;
- to conduct research for our own internal purposes;
- any other purpose permitted under applicable laws and regulations;
- any other purpose you have consented to; and
- any other permitted purpose set out in this Policy such as direct marketing.
We may also aggregate the personal information that we collect for reporting and statistical purposes and to help us improve our website. If we disclose any aggregated information to a third party, the information will be de-identified and will not contain any personally identifiable information.
The types of external organisations which we often disclose your personal information include:
- any organisations involved in providing, managing or administering our products or services such as settlement agents, custodians or external dispute resolution services;
- your nominated financial adviser;
- any fund administrator and custodian where you have invested in one of our managed funds;
- any financial institution who holds an account for you;
- any professional advisers appointed by us;
- to us for the purposes of due diligence that we may perform before providing products and services to you such as used or marketed by us, including, businesses that may have referred you to us; and
- other MA Financial Group associated entities located globally.
If you are applying for credit, we will also exchange your personal information with:
- any suppliers or dealers of items that are the subject of a credit application;
- introducers, credit representatives, referrers and any other person associated with the lodgement of any credit application. This includes funders and related service providers that assist in the processing of your application and the management of your credit;
- any law firm representing you, service providers and associate rewards program providers;
- your referrers, past and present employers and credit reporting bodies in order to satisfy our obligations under the Anti-Money Laundering and Counter Terrorism Financing Act 2006 (Cth) and other applicable laws and regulations to identify you.
We may also disclose your personal information where it is:
- necessary to provide our products or services to you or undertake operations relating to these products and services (such as to our employees, business partners, suppliers and service providers, professional advisers);
- to carry out promotions or other activities you have requested or for direct marketing purposes (unless you have opted-out of direct marketing communications);
- debt collectors;
- required by law (such as to the Australian Securities and Investments Commission or AUSTRAC or any other government entity or regulator);
- required by the relevant operating exchange such as ASX or Chi-X under the respective market operating rules and that information may be used by the market for its purposes (for example, in the course of compliance activities);
- authorised by law (such as where we are obliged to disclose information in the public interest or to protect our interests);
- necessary in discharging obligations (such as to foreign governments for the purposes of foreign taxation);
- required to assist in law enforcement (such as to a police force);
- any successors in title to our business (including new business partners or owners; and
- with your consent (express or implied), other entities.
The above entities may in turn disclose your personal information to other entities as described in their respective privacy policies or notices.
Direct marketing
From time to time, we may also use your personal information to tell you about products and services we think may be of interest and value to you, but we will stop if you tell us to. MA Singapore will only conduct direct marketing in accordance with the PDPA.
We may contact you by various means, including by mail, telephone, email, SMS or other electronic means such as through social media or targeted advertising through our website or online services.
No mobile information will be shared with third parties/affiliates for marketing/promotional purposes. All other categories exclude text messaging originator opt-in data and consent; this information will not be shared with any third parties.
If you do not want to receive direct marketing from us, you can opt-out by contacting us using the contact details at the end of this Policy.
Credit Checks and Credit Reporting
When you apply for credit, we collect credit information and credit eligibility information to assess and process your application for credit or similar products or services. We also need to know if you will be able to meet repayments under your proposed agreement with us. To help us make that assessment, we collect credit eligibility information such as credit reports from credit reporting bodies and we also collect the following credit information about you:
- identification information;
- consumer credit liability information;
- repayment history information;
- a statement that an information request has been made about you by a credit provider, mortgage insurer or trade insurer; or
- the type of consumer credit or commercial credit, and the amount of credit, sought in the application and an application made by you to a credit provider;
- default information;
- payment information;
- new arrangement information;
- court proceedings information;
- personal insolvency information;
- publicly available information about your activities in Australia or the external Territories and your credit worthiness;
- publicly available information about any court proceedings you may be involved in; or
- the opinion of a credit provider in relation to serious credit infringements by you.
We use information that we have obtained to derive information that is used to determine your eligibility for consumer credit. Information that we derive includes credit scores, credit risk ratings, credit summaries or evaluations that are based on credit reporting information.
Security of collected information
We will take reasonable steps to protect your personal information from misuse, interference, loss and unauthorised access, modification or disclosure. We may store your personal information in different forms including in hardcopy and electronic form.
We have implemented policies, procedures and systems to keep your personal information secure. In addition, we limit access to the personal information we hold to employees with a legitimate need to use it consistent with the purpose for which the information was collected, for any other matters related to that purpose that you would reasonably expect and other permitted purposes set out in this Policy such as direct marketing.
When your personal information is no longer required, we will take reasonable steps to destroy, delete or de-identify your personal information in a secure manner. However, we may sometimes be required by law to retain certain information, for example, under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) or the Archives Act 1983 (Cth).
Website
This Policy applies to your use of our website https://mafinancial.com/ and mobile or tablet applications and any personal information that you may provide to us via our website.
When you visit our website, we and/or our contractors may collect information about you which may include personal information (which will be or is de-identified) such as:
- the date and time you visited our website;
- the pages you viewed, how long you viewed those pages and your browsing behaviour;
- how you navigated and interacted with our website (including whether you completed any application forms);
- general location information;
- information about the device you used to visit our website; and
- the IP address automatically assigned by your Internet Service Provider to the device you used to visit our website.
We use this information (i) to personalise the content of the website for you (e.g. make it easier to log in, maintain a shopping basket for your orders and access information about your account) and (ii) for system administration, preparation of statistics on the use of our website and to improve our website’s content. This information may also be used for the purposes of targeted advertising based on your online behavioural profile.
We collect this information by using cookies (and other similar technology) which are small amounts of information which we may store on your computer which collect information about your web browser. Cookies in themselves do not identify the individual user, just the computer used. Allowing us to create a cookie does not give us access to the rest of your computer and we will not use cookies to track your online activity once you leave our site. Cookies are read only by the server that placed them and are unable to execute any code or virus. You are able to configure your security settings to accept or reject requests to place a cookie on your computer.
Our website may contain links to other websites which are outside our control and are not covered by this Policy. If you access other websites using the links provided, the operators of these websites may collect information from you which will be used by them in accordance with their privacy policy which may differ from ours.
Social Media
We compile and categorise a list of our followers on social media platforms. We also receive reports on what our followers have posted publicly on their social media platforms.
In addition to the above, we also receive aggregate, non-personalised statistics on our coverage in social media.
Cross-border disclosure
Depending on the type of service or product we provide to you, your personal information may be disclosed to our associated entities, contractors and unaffiliated service providers located in other overseas jurisdictions such as the United States, Europe and the Asia Pacific region (including, but not limited to, China, Hong Kong, the Philippines and Singapore). The overseas jurisdictions that your personal information is subject to cross border disclosure may change from time to time.
Where MA Financial Group discloses your personal information to an overseas recipient, MA Financial Group will take reasonable steps to ensure the overseas recipients are carefully chosen and comply with this Policy.
Overseas recipients may not be subject to privacy obligations equivalent to those under the Privacy Act and could be compelled by foreign law to make disclosure of the information.
Access to and correction of personal information
You have the right to request access to your personal information and to request its correction.
You can seek access to your information or request a correction by contacting us on the details provided at the end of this Policy.
We will give you access to your personal information within a reasonable time period in a manner requested by you. We may charge a reasonable fee to cover our costs. We may decline the access in the exceptional circumstances that are permitted under applicable data protection laws. If this is the case we will inform you and explain the reasons why.
We will take reasonable steps to ensure that the personal information we collect, hold, use or disclose is accurate, complete, up to date, relevant and not misleading. Reasonable steps that we may take include updating your personal information from public sources such as a telephone directory or we may ask you to confirm the personal information we hold is complete, accurate and current.
We ask that you notify us of any incorrect personal information we may hold as promptly as possible and advise of changes to your contact details in accordance with our terms and conditions. Alternatively, if you believe that any of the personal information we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading and needs to be corrected or updated, please contact us using our details provided at the end of this Policy.
We will respond to your request to correct your personal information we hold within 30 calendar days after the request is made. There will be no charge for the making of any request. We may refuse to correct your personal information we hold about you if we do not agree with the corrections you have supplied. When we refuse your request, we will give you a written notice to that effect and an information statement if requested.
Lodging a question or complaint
If you have a question or a complaint about how we have handled your personal information, please contact us using the contact details provided at the end of this Policy. Certain members of MA Financial Group are bound by the Privacy (Credit Reporting) Code 2014 (Version 2.1) and if you believe MA Financial Group has breached a provision of that code, you may also lodge a complaint in writing, by mail to the address set out at the end of this Policy.
The Privacy Officer will acknowledge the receipt of your complaint as promptly as possible after we receive your complaint. We will endeavour to investigate and resolve your complaint within 30 calendar days. If you are unsatisfied with our response, you can lodge a complaint with the relevant data protection authority, such as the Office of the Australian Information Commissioner.
Notifiable Data Breaches
MA Financial Group (excluding MA Singapore and the US Entities) are required to notify you and the Office of the Australian Information Commissioner where there is a data breach that will likely result in serious harm to you.
MA Singapore and the US Entities shall notify the relevant regulator and you of data breaches as required under applicable data protection laws.
If at any time you believe your personal information which we hold has been the subject of a data breach please contact us immediately using the contact details set out in this Policy.
Changes to this Policy
This Policy is subject to change from time to time as MA Financial Group considers necessary. This Policy was last updated in December 2023. We will publish material changes by making them available on our website.
If you would like a copy of this Policy in another form (such as a paper copy), we will take such steps as are reasonable in the circumstances to provide you with a copy in the requested form.
Contacting us
Access, Correction or Complaints
If you need more information, want to access or update your personal information or you have a privacy concern, or if you wish to contact us regarding our handling of your personal information or any of the matters covered in this Policy, please contact the us by email, phone or mail using the following details:
Email: all_compliance@mafinancial.com
Please contact MA Singapore and the U.S Entities through this e-mail address
Phone: +61 2 8288 5555 (Australia)
Phone: +65 9821 3591 (Singapore)
Mail: Compliance
MA Financial Group Limited
Level 27, Brookfield Place
10 Carrington Street
Sydney NSW 2000
You can also contact the Office of the Australian Information Commissioner if your complaint is about your privacy.
Office of the Australian Information Commissioner
Phone: 1300 363 992
Mail: Office of the Australian Information
Commissioner
GPO Box 5218,
Sydney NSW 2001
For other concerns visit https://mafinancial.com/complaints/