Yieldbroker Pty Limited (“Yieldbroker”) is bound by the Australian Privacy Principles as set out in the Privacy Act 1988 (Commonwealth). The following provides a clear and concise outline of Yieldbroker’s Privacy Policy: how and when Personal Information is collected, stored and distributed by Yieldbroker.

What is Personal Information?

Personal Information is information or an opinion that identifies an individual.

Examples of Personal Information we collect include names, addresses, email addresses, phone and facsimile numbers. This Personal Information is obtained in many ways including correspondence, by telephone and facsimile, by email, via our website and from third parties.

Why does Yieldbroker collect Personal Information?

As a market operator, Yieldbroker has certain statutory obligations imposed on it under the Corporations Act. We collect your Personal Information for the primary purpose of providing our services to you and for providing information to our clients. We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure.

What is Sensitive Information?

Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual's racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.

Sensitive information will be used by us only:

  • For the primary purpose for which it was obtained;
  • For a secondary purpose that is directly related to the primary purpose;
  • With your consent; or where required or authorised by law.

How does Yieldbroker collect Personal Information?

The type of Personal Information Yieldbroker collects may include names, addresses, contact details, occupations and any other information required to meet contractual obligations and statutory obligations as a market operator.

Personal Information is collected in a variety of ways, including by way of personal contact such as business activities and events, as well as mail, telephone, email and internet.

We may collect Personal Information about:

  • Individuals;
  • Shareholders;
  • Suppliers;
  • Employees;
  • Candidates for employment;
  • Participants;
  • Potential new Participants;
  • Third parties seeking services; and
  • Other people who come into contact in the ordinary course of business.

How does Yieldbroker use and disclose Personal Information?

Yieldbroker may use or disclose Personal Information for the following purposes:

  • To enable it to discharge its statutory obligations;
  • To enable it to discharge its contractual obligations when providing services to third parties;
  • To enable the resolution of a concern or complaint; and
  • To provide services.

Yieldbroker will use your Personal Information for the purpose for which you have provided it. We will not disclose your Personal Information to third parties, unless you consent or in other circumstances where such disclosure is required or authorised by law.

We may anonymise your data and share with companies we do business with to use (for related purposes) without your express permission. In which case this Privacy Policy will generally not apply to our use of de-identified information. However, we will continue to safeguard this de-identified information.

Does Yieldbroker transfer Personal Information overseas?

Yieldbroker does not generally transfer personal information to overseas parties unless required by law or enforcement activity or unless working with international service providers.

Yieldbroker may exchange or store personal information with vendors who have been contracted to provide customer relationship systems and technological solutions. These third party service providers may be located in Australia, USA, Japan and other countries. This list of countries may change from time to time. While these parties will be subject to confidentiality, they are not required to comply with the Australian Privacy Act and may have different disclosure requirements under their local laws. Although information is encrypted where possible and efforts are made to protect your information, when you agree to this Privacy Policy you acknowledge that Yieldbroker will not be responsible for the overseas third party.

How does Yieldbroker secure your Personal Information?

Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification or disclosure.

Yieldbroker has implemented a number of security measures to protect Personal Information, which includes:

  • The protection of IT systems according to criticality and requirements for confidentiality, integrity and availability;
  • The establishment of security controls of IT systems, including system access to information and resources necessary for its legitimate purpose;
  • Regular monitoring and testing programs established to ensure ongoing effectiveness of IT security measures.

When your Personal Information is no longer needed to be held or used for any purpose under this Privacy Policy, we will take reasonable steps to destroy or permanently de-identify your Personal Information. Most of the Personal Information is or will be stored in client files which will be kept by us for a minimum of 7 years.

How to access your Personal Information?

Australian Privacy Principle 12 and 13 provides you with the right to access the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions.

Where a request for access is made, Yieldbroker will review the request and respond within a reasonable period after the request is made. Where Yieldbroker cannot give access to Personal Information, including in the manner requested by you, Yieldbroker will provide you with a written notice that sets out:

  • The reasons for the refusal except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so; and
  • The mechanisms available to complain about the refusal; and
  • Any other matter prescribed by the regulations.

Where a request for a correction is made, Yieldbroker will take reasonable steps to correct the Personal Information to ensure that the information is accurate, up to date, complete and relevant.

If you wish to access or seek a correction to your Personal Information, please make out your request to us in writing at the contact details provided below.

Eligible Data Breaches

Commencing February 2018, the Privacy Act includes a Notifiable Data Breaches (“NDB”) scheme which requires entities to notify individuals and the OAIC about ‘eligible data breaches’. An eligible data breach occurs when the following criteria are met:

  • There is unauthorised access to or disclosure of personal information held by an entity (or information is lost in circumstances where unauthorised access or disclosure is likely to occur).
  • This is likely to result in serious harm to any of the individuals to whom the information relates.
  • The entity has been unable to prevent the likely risk of serious harm with remedial action.

A data breach occurs when personal information that Yieldbroker holds is subject to unauthorised access or disclosure or is lost.

Examples of data breaches include:

  • Loss or theft of physical devices (such as laptops and storage devices) or paper records that contain personal information
  • Unauthorised access to personal information by an employee
  • Inadvertent disclosure of personal information due to ‘human error’, for example an email sent to the wrong person
  • Disclosure of an individual’s personal information to a scammer, as a result of inadequate identity verification procedures.

Examples of harm include:

  • Identity theft causing financial loss or emotional and psychological harm
  • Physical harm or intimidation

If Yieldbroker believes there has been a data breach that impacts your personal information and creates a likely risk of serious harm, Yieldbroker will notify you and the OAIC as soon as practicable and keep in close contact with you about the nature of the breach, the steps we are taking and what you can do to reduce the impacts to your privacy.

Policy Updates

This Policy may change from time to time. The Yieldbroker Privacy Policy is available at our office or on our website to anyone who requests it.

Complaints

You can lodge a complaint with us about any breach of our Privacy Policy and our privacy obligations to you by contacting the Yieldbroker Help Desk team at the contact details provided below.

All complaints are recorded and investigated by Yieldbroker, and will be handled fairly, consistently and promptly. This includes prompt action to rectify system or control weaknesses that are highlighted by the complaint.

Staff responsible for dealing with complaints will also be independent of the subjects of the complaints.

Under the Privacy Act you may complain to the Office of the Australian Information Commissioner (OAIC) about the way we handle your personal information. Please note the OAIC requires any complaint must first be made to the respondent organisation. The law also allows 30 days for the respondent organisation to deal with the complaint before a person may make a complaint to the OAIC.

The Commissioner can be contacted at:

Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992
Email: enquiries@oaic.gov.au
oaic.gov.au


Privacy Policy - Enquiries, requests or complaints

If you have any queries about our Privacy Policy, including requests to access or correct Personal Information or to make a complaint, please contact the Yieldbroker Help Desk team. They can be contacted by phone, post or email at:

Address:
Yieldbroker Help Desk
Yieldbroker Pty Limited
Level 6, 14 Martin Place
Sydney, NSW 2000

Telephone and fax:
Tel: +61 2 9994 2890
Fax: +61 2 9994 2895

Email: helpdesk@yieldbroker.com