Policy
At Northcape Capital Pty Ltd (Northcape), we take our clients’ privacy seriously. We recognise our clients’ right to privacy and understand that the protection and confidentiality of their personal information is important to them. We maintain all personal information in accordance with the Privacy Act 1988 and the Australian Privacy Principles (together the Privacy Act) and adhere to the Notifiable Data Breach (NDB) scheme, laws and requirements.
This Privacy Policy sets out the type of personal information we collect, how that information is collected, used, stored and protected, and to whom we may disclose personal information. We may also provide our clients with additional information about how Northcape will use their personal information at the time that it is collected.
How do we collect personal information?
“Personal Information” means information or an opinion about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion. Any information that identifies a client is deemed to be “personal information”. We primarily collect this information through our standard forms (for example, Northcape Trust Application Form) or when clients use certain products or services, or through telephone calls, emails, letters or other means the client uses to engage us.
When you access our website, we also automatically receive and record information on our server logs from clients’ browser including their Internet Protocol (IP) address, Northcape cookie information and the page they requested. Cookies enable us to analyse and improve our website functionalities. Clients, who prefer to not receive cookies, can configure their browser to reject them or to notify them when they are being used.
Clients can refer general enquiries to Northcape on an anonymous basis or use a pseudonym. However, in general, clients will not be able to invest in our products or use our services if they deal with us anonymously or by pseudonym.
What personal information do we collect and hold?
The type of personal information Northcape collects from clients includes – their name, contact details (such as address and telephone number), date of birth, identification documentation, individual investment details, bank account information and other information that is relevant to our services and products we provide. We may be required to collect government-related identifiers, such as a tax file number. Tax and anti-money laundering laws may also mandate us to collect additional personal information. Inter-governmental agreements regarding international tax information sharing also requires us to collect information about place of birth, residency and citizenship details.
If a client does not provide personal information to us, we may not be able to provide them with the services or information they require.
If we hold personal information about a client and that information is no longer needed by us, we will take reasonable steps to destroy or permanently de-identify the relevant information. This is subject to any legal or regulatory obligation that we have to keep personal information for a specific period of time.
How we use and disclose personal information
Northcape will only use personal information for the purpose it was collected. These purposes include to:
We may be required by law to disclose personal information. For instance, we may be required to provide details to:
Note that agreements between the Government of Australia and a foreign country may require relevant information we have provided to the ATO to be shared with the tax authorities of foreign countries.
In order to perform our services, such as administration of accounts and mailing of investor distribution statements, we may need to disclose personal information to Northcape’s external service providers. Disclosure may be made to the following persons for the purpose of account administration:
Northcape takes steps to ensure that these third parties (including contractors) are provided only the information necessary to perform their services and that they keep personal information confidential and use it only for the purposes for which they, and Northcape, are authorised.
In the event that our service providers have operations in a foreign jurisdiction and/or need to disclose personal information to overseas recipients, Northcape ensures that its service providers take reasonable steps to ensure that any overseas recipient complies with the Privacy Act or the recipient is subject to laws that protect the information in a way that is substantially similar to the way in which the Privacy Act protect the information. Countries where we may send personal information include France, Singapore, India and the United States.
Clients may also authorise us to disclose information that we hold about them to their financial adviser, administrator, custodian or other person nominated by them. The client’s express consent is required.
We will not sell or rent our clients’ personal information to anyone.
We take appropriate steps to protect the personal information we hold about our clients from misuse, loss, unauthorised access, modification or disclosure.
We cannot be held responsible for lapses in security caused by third-party access to information as a result of our clients’ failure to keep their personal information private.
We reserve the right to gather more extensive information about any attempted access to our website that raises security issues and, if appropriate, make disclosures to the relevant authorities.
How we manage a data breach
A data breach occurs when personal information held by Northcape is lost or subjected to unauthorised access, modification, use or disclosure or other misuse. Data breaches can affect different types of personal information and give rise to a range of actual or potential harms to individuals, agencies and organisations. Data breaches can be caused or exacerbated by a variety of factors, including human error or cyber-attack and Northcape has measures in place to prevent data breaches and a Data Breach Response Plan.
In circumstances of a data breach which is likely to result in serious harm to one or more individuals and Northcape has not been able to prevent the likely risk of serious harm with remedial action, we will follow the Office of the Australian Information Commissioner (OAIC) mandatory breach reporting guidelines and inform all relevant parties.
How to access personal information?
Clients can contact us to request access to personal information we hold about them. Sometimes it is not possible for us to give access in which case we will explain why.
We take all reasonable measures to ensure that the personal information we hold is accurate, complete and up to date. However, the accuracy of our clients’ information is largely dependent on what they provide us. If a client thinks their personal information may be inaccurate, incomplete or out of date, they can contact us to request it be updated.
How to make a complaint?
If a client has a question, concern or a complaint regarding the way in which Northcape handle their personal information, or if they would like further information about our privacy information handling practices, they can contact our Client Director using the contact details below.
A complaint should be made to our Client Director in writing. We will endeavour to respond to a complaint within 30 days.
If a client is not satisfied with our response to a complaint, they may lodge a complaint with the OAIC.
How to contact us.
To contact Northcape’s Client Director, Katie Orsini
Telephone: +61 2 8234 3629
Email: katie.orsini@northcape.com.au
Office Address: Level 24, 45 Clarence Street, Sydney NSW 2000
Changes to this Privacy Policy.
This Privacy Policy may change from time to time. The current version will be posted on our website, www.northcape.com.au, and a copy may be obtained free of charge from our Client Director. Clients should review this Privacy Policy regularly so that they are updated on any changes.