What is Personal Information?
Personal Information is information or an opinion that identifies an individual.
Examples of Personal Information we collect include names, addresses, email addresses, phone and facsimile numbers. This Personal Information is obtained in many ways including correspondence, by telephone and facsimile, by email, via our website and from third parties.
Why does Yieldbroker collect Personal Information?
As a market operator, Yieldbroker has certain statutory obligations imposed on it under the Corporations Act. We collect your Personal Information for the primary purpose of providing our services to you and for providing information to our clients. We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure.
What is Sensitive Information?
Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual's racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.
Sensitive information will be used by us only:
- for the primary purpose for which it was obtained;
- for a secondary purpose that is directly related to the primary purpose;
- with your consent; or where required or authorised by law.
How does Yieldbroker collect Personal Information?
The type of Personal Information Yieldbroker collects may include names, addresses, contact details, occupations and any other information required to meet contractual obligations and statutory obligations as a market operator.
Personal Information is collected in a variety of ways, including by way of personal contact such as business activities and events, as well as mail, telephone, email and internet.
We may collect Personal Information about:
- Candidates for employment;
- Potential new Participants;
- Third parties seeking services; and
- Other people who come into contact in the ordinary course of business.
How does Yieldbroker use and disclose Personal Information?
Yieldbroker may use or disclose Personal Information for the following purposes:
- To enable it to discharge its statutory obligations;
- To enable it to discharge its contractual obligations when providing services to third parties;
- To enable the resolution of a concern or complaint; and
- To provide services.
Yieldbroker will use your Personal Information for the purpose for which you have provided it. We will not disclose your Personal Information to third parties, unless you consent or in other circumstances where such disclosure is required or authorised by law.
Does Yieldbroker transfer Personal Information overseas?
How does Yieldbroker secure your Personal Information?
Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification or disclosure.
How to access your Personal Information?
APP 6 provides you with the right to access the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions. If you wish to access your Personal Information, please make out your request to us in writing.
Eligible Data Breaches
Commencing February 2018, the Privacy Act includes a new Notifiable Data Breaches (“NDB”) scheme which requires entities to notify individuals and the OAIC about ‘eligible data breaches’. An eligible data breach occurs when the following criteria are met:
- There is unauthorised access to or disclosure of personal information held by an entity (or information is lost in circumstances where unauthorised access or disclosure is likely to occur).
- This is likely to result in serious harm to any of the individuals to whom the information relates.
- The entity has been unable to prevent the likely risk of serious harm with remedial action.
A data breach occurs when personal information that Yieldbroker holds is subject to unauthorised access or disclosure or is lost.
Examples of data breaches include:
- Loss or theft of physical devices (such as laptops and storage devices) or paper records that contain personal information
- Unauthorised access to personal information by an employee
- Inadvertent disclosure of personal information due to ‘human error’, for example an email sent to the wrong person
- Disclosure of an individual’s personal information to a scammer, as a result of inadequate identity verification procedures.
Examples of harm include:
- Identity theft causing financial loss or emotional and psychological harm
- Physical harm or intimidation
If Yieldbroker believes there has been a data breach that impacts your personal information and creates a likely risk of serious harm, Yieldbroker will notify you and the OAIC as soon as practicable and keep in close contact with you about the nature of the breach, the steps we are taking and what you can do to reduce the impacts to your privacy.
Under the Privacy Act you may complain to the Office of the Australian Information Commissioner (OAIC) about the way we handle your personal information. Please note the OAIC requires any complaint must first be made to the respondent organisation. The law also allows 30 days for the respondent organisation to deal with the complaint before a person may make a complaint to the OAIC.
The Commissioner can be contacted at:
Level 6, 14 Martin Place
Sydney NSW 2000
Tel: +61 2 9994 2890
Fax: +61 2 9994 2895
E-mail : firstname.lastname@example.org