The Ivany Investment Group (“Ivany”) is comprised of several companies, which have diversified business management and investment interests.
At Ivany we respect the right to privacy of all who deal with us. We adhere to the provisions of the Privacy Act 1988 and the privacy legislation in regard to the private sector, which came into effect on 21 December 2001.
1. The National Privacy Principles
The Act has ten rules governing the collection, use and disclosure, and securing of personal information. These are the National Privacy Principles and are summarised as follows:
1 – Collection
Collection of personal information must be fair, lawful and not intrusive. A person must be told the name of the organisation collecting the information, the purpose of collection, that the person can get access to their personal information and what happens if the person does not provide the information.
2 – Use & Disclosure
An organisation should only use or disclose information for the purpose it was collected unless the person has consented to disclosure for another purpose. If the secondary purpose of disclosure is related to the primary purpose and a person would reasonably expect such use or disclosure, or the use is for direct marketing in specified circumstances, or in circumstances related to public interest such as law enforcement and public or individual health and safety, such disclosure can occur without the person’s consent.
3 – Data Quality
An organisation must take reasonable steps to make sure that the personal information it collects, uses or discloses is accurate, complete and up-to-date.
4 – Data Security
An organisation must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure.
5 – Openness
An organisation must have a policy document outlining its information handling practices and make this available to anyone who asks.
6 – Access & Correction
Generally speaking, an organisation must give an individual access to personal information it holds about that individual on request.
7 – Identifiers
Generally speaking, an organisation must not adopt, use or disclose, an identifier that has been assigned by a Commonwealth government agency.
8 – Anonymity
Organisations must give people the option to interact anonymously whenever it is lawful and practicable to do so.
9 – Trans-border Data Flows
An organisation can only transfer personal information to a recipient in a foreign country in circumstances where the information will have appropriate protection.
10 – Sensitive Information
An organisation must not collect sensitive information unless the individual has consented, or it is required by law – or in other special specified circumstances, for example, relating to health services provision and individual or public health or safety.
2. What is Personal Information?
If you are associated with Ivany (either as an investor, contractor, staff or otherwise), we will have collected personal information from you. Your personal information is treated strictly in accordance with the National Privacy Principles.
“Personal information” relates to a living human being and is generally defined as information or an opinion about an individual whose identity is apparent, or can reasonably be ascertained, from that information or opinion regardless of its source. Examples of personal information commonly collected and used by Ivany depends on your relationship with Ivany. The following information may be collected from you:
(b) Current and previous addresses (site and/or mail);
(c) Current and previous contact numbers (phone, fax, email);
(d) Date of birth;
(e) Current and previous driver’s licence numbers;
(f) Current and previous occupation;
(g) Bank accounts details;
(h) your financial information, which include:
(i) any assets you may have, either with Ivany or otherwise;
(ii) any liabilities you may have;
(iii) what your income is; and
(iv) what expenses you may have;
(i) the transaction details regarding investments, loans, or other financial assets;
(j) insurance details (e.g. public liability or workcover);
(k) business registration documents;
(l) any licences you might possess;
(m) contracts you may have with Ivany;
(n) any occupational health & safety documents;
(o) employee training records; and
(p) your salary, tax file number, ABN or superannuation details.
We only collect Personal Information that is necessary to fulfil the arrangement we have with you. At the time of collection, or as soon as practicable after collecting Personal Information from you, Ivany will take reasonable steps to ensure that you are aware of:
(a) Ivany’s identity as the collector of that Personal Information and how it can be contacted;
(b) your right to gain access to your Personal Information as recorded by Ivany;
(c) the purposes for which the Personal Information is collected;
(d) the types of organisations to which Ivany may disclose the Personal Information;
(e) any legal obligation that requires you to provide, or Ivany to collect, Personal Information; and
(f) the main consequences, if any, if all or part of the Personal Information is not provided.
We collect your Personal Information in order to process your application for interests in the projects under the appropriate Ivany offer documents.
As applications are received, they are checked for completeness and data is entered into our database.
If you do not provide us with the information requested on the application forms, we will not be able to process your application and issue you with interests in the appropriate project.
We collect your Personal Information in order to pay you for your services either by cheque or into your bank account and to otherwise administer the contractual arrangement entered into.
We collect your Personal Information in order to pay your salary into your nominated bank account, pay tax on your behalf to the Australian Tax Office and to process your superannuation, and to contact your next-of-kin in case of an emergency.
The nature of the Personal Information we hold or collect will depend on the nature of our arrangement.
3. Use of Personal Information
The Personal Information we collect from you will be used in various ways. Regardless of your relationship with Ivany, we aim to provide you with a smooth, efficient, safer and customised experience. The use of your Personal Information allows us to provide you with services and features that will most likely meet your needs and customise our services to make your experience with the Ivany Group safer and easier.
Depending upon your relationship with Ivany, the Personal Information we collect from you may be used to:
(a) process your application;
(b) administer and manage your investments;
(c) keep you updated on the progress of your investments and other activities of the Ivany Group;
(d) facilitate Ivany’s legal and compliance operations;
(e) report on the progress of your investment;
(f) issue invoices and tax advices and payments to you; or
(g) maintain our Registers of investors.
Another possible purpose for the use of your Personal Information may be for marketing Ivany Group products and services to you and to develop an understanding of the products and services you may be interested in obtaining from the Ivany Group.
In addition, all Personal Information about you collected, recorded or gathered by us may be accessed and used by members of the Ivany Group to provide you with information about investment or products you have requested.
If you do not wish to receive this marketing information, you may advise us and we will no longer send marketing information to you.
4. Disclosure of Personal Information
4.1 Disclosure to your Financial Advisor or Accountant
If you are a Client of Ivany and you provide us with the details of your financial advisor or accountant, we will (and you authorise us to) disclose all your Personal Information held by Ivany to that financial advisor or accountant. This may include viewing the number and value of your investments you have with Ivany.
As a Client, it is not our policy to maintain a record of what information or data your financial advisor accessed and when. If you authorise a financial advisor or accountant to access your Personal Information you acknowledge and agree to this policy.
You must provide Ivany with written notice should you wish to revoke or cancel the authority of an accountant or Financial Adviser to access your account or personal details.
4.2 Third Party Disclosures
To assist in managing your investment, Ivany enlists the services of third party providers. We may, on a confidential basis, share your Personal Information with the following:
(a) System Developers;
(b) Mailhouses (which perform mailouts of reports, invoices, and statements); and
(c) any other company or person to the extent that they are engaged to assist us to provide a service to you or to comply with the law.
This above list is not exhaustive and we have in place arrangements which provide for the proper implementation of the privacy provisions with each of these parties. Furthermore, as a matter of policy, we NEVER sell or rent any Personal Information about you to any third party.
4.3 Compulsory Disclosure
In addition, we may lawfully disclose and share your Personal Information for law enforcement or regulatory purposes. While the Privacy Act restricts us from generally disclosing your Personal Information, there are a range of Federal, State and Territory laws which may require us to disclose your Personal Information in certain circumstances. These include, but are not limited to:
(a) Child Support (Registration and Collection) Act 1988 (Cth);
(b) Social Security (Administration) Act 1991 (Cth);
(c) Income Tax Assessment Act 1936 (Cth);
(d) Guardianship and Administration (Amendment) Act 1999 (Vic);
(e) Proceeds of Crime Act 1987 (Cth);
(f) Financial Transaction Reports Act 1988 (Cth);
(g) Family Law Legislation Amendment (Superannuation) Act 2001 (Cth);
(h) any other regulatory bodies to the extent that we are required to do so;
(i) the public to the extent that the law requires us to do so; and
(j) appropriate authorities in connection with an investigation of fraud, intellectual property infringements, piracy or other activity that is illegal or may expose us to legal liability.
Generally, the disclosure laws under these Acts override the privacy laws. We will review each request or requirement for disclosure on its merit.
We will ensure that any statutory notice received is valid and compliant before providing the Personal Information requested.
Before deciding to invest with us, we will advise you of our privacy practices in our offer documents. By signing, completing and returning an application form attached or accompanying an offer document, you will be authorising us to use your Personal Information as necessary to manage your investment.
You do have the opportunity to ‘opt-out’ of receiving marketing materials from us not directly related to your investment. If you do not opt out of receiving marketing materials at the time of your investment, you will have the opportunity to decline to receive them at a later date.
5. Data Quality
Every effort is made to ensure that the data we hold on you is complete accurate and up-to-date. In this regard, we ask that you assist us by informing us of any changes to your personal details especially address and communication numbers.
If you disagree with Ivany about whether the Personal Information we hold about you is accurate, complete or up-to-date, the matter will be referred to [our Complaints Officer] for investigation and then, if necessary, mediation. In cases where Ivany elects not to correct the information, [the Complaints Officer] will provide you with reasons for not correcting the information.
If you are dissatisfied with the decision of [our Complaints Officer] you may lodge a complaint with the Federal Privacy Commissioner.
6. Data Security
Ivany will use its best efforts to protect the Personal Information it holds from misuse, loss and unauthorised access, modification or disclosure. Accordingly, Ivany will ensure that:
(a) privacy and confidentiality training is provided to all staff, volunteers and consultants;
(b) where appropriate, certain staff, volunteers, consultants and board members sign confidentiality agreements;
(c) access to Personal Information and information systems by all staff, volunteers and consultants is limited to that required by their current position or role;
(d) electronic information systems are protected by adequate security measures and protocols; and
(e) physical information and storage facilities are protected by adequate security measures and protocols.
Personal Information about Clients is locked out of business hours.
Access to databases is on a needs basis. Varying levels of access are available within these databases.
Files for contractors and staff are maintained under lock and key in an appropriate location. Access is only provided to those who require it in the performance of their job.
6.2 Inadvertent Disclosures
Due to technical limitations, Ivany cannot guarantee and ensure that all your private communications and other Personal Information you disclose to Iany will never be disclosed in other ways not contemplated by this policy. Therefore, we cannot and do not guarantee, and you should not expect, that your Personal Information or private communication will always remain private.
6.3 IT Security
The Ivany Network is secured by:
(a) user Passwords (Windows Login);
(b) passwords are known only to the individual;
(c) all staff are required to reset their windows password every two months and are automatically prompted to do so by the system;
(d) application passwords;
(e) second layer of security – passwords set autonomously of windows password;
(f) file security;
(g) permissions to file areas of the Ivany network are assigned by position and functionality of staff, to ensure that Personal Information is available to only staff that require access; and
(h) firewall to the Internet.
Ivany also uses two layers of anti-virus protection:
(a) all incoming and outgoing email is scanned and checked for viruses; and
(b) any suspected virus is quarantined and not forwarded to the intended receiver.
We also use desktop software to scan all documents as they are opened at a desktop or server level.
All critical business data is backed up daily, a full system backup is undertaken periodically.
6.5 Web Site
Ivany’s web site is hosted externally. Our host may record information about your visit to the site such as:
(a) your server address;
(b) your top level domain name (eg .com, .gov, .au etc);
(c) date and time of visit to site;
(d) the pages accessed and documents retrieved;
(e) the previous site visited; and
(f) the type of browser used.
In addition, our server may attach a small data file known as a “cookie” to your hard drive. This enables us to analyse usage patterns on our Web Site in order to tailor it to our users’ needs. Cookies are safe. They cannot be used to deliver a virus. Cookies only identify your computer to our servers when you visit our Web Site. Most web browsers are set to accept cookies. If you do not wish to accept cookies, you can refuse the transfer of cookies to your computer’s hard drive by adjusting your internet browser. Cookies do not personally identify users, only a user’s browser. They operate as a unique identifier, which helps us to know what our users find interesting and useful on our Web Site. We do not link this information back to other information that you have provided to us. We do not store information inside cookies.
We receive no other Personal Information from our web host in regard to visitors to the site. They record the information for statistical purposes only.
This document is a testament to our disclosure of our policy on the management of Personal Information.
If you require more detailed information, please contact us. Contact details are at the end of this document
8. Access to Information
You may request to access to your Personal Information that we hold. Before providing you with such information, we will need to:
(a) validate your identity by requesting some identifying information about you;
(b) ask that your request be put in writing and that you identify as clearly as possible what information you require to access; and
(c) ask you whether you want access to all the information we hold on you or just part of it. If you want part of it only, we will ask you what particular information you require.
We will then determine the best method of providing you with this information which may be by:
(d) allowing you to view your file and/or database record;
(e) providing a photocopy of information requested;
(f) faxing the requested information; or
(g) providing an accurate summary of the information held.
The requested information will be provided to you within 14 to 30 days, which is the time period prescribed by the Privacy Commissioner.
If there are any costs associated with making this information available, Ivany may pass these on to you.
9. Destruction of Data
Unless there are specific legal requirements to the contrary, all obsolete Personal Information will be destroyed on a periodic basis.
Such information may include information collected in the course of managing a project or investment once the project or investment has closed and all monies and other obligations owing to you have been paid or discharged.
10. Others Policies
All identifiers (that is, information that is able to identify you personally) may be in our possession because of your Personal Information. We will only use identifiers for its intended purpose. For example, Tax File Numbers and Australian Business Numbers will only be used by the Ivany Group for staff or employee payment purposes.
We will use our best efforts to give people the option to interact anonymously whenever it is lawful and appropriate to do so. However, because of the nature of the Ivany Group, this is not always practicable. For example, we must collect your Personal Information if you are Client as we are managing your investment for you. Therefore, we need to maintain your personal details such as name, address and communication details so that we can communicate with you.
10.3 Trans-border Data Flows
This is not relevant to the extent that your investment and Personal Information remain in Australia.
10.4 Sensitive Information
Sensitive information is Personal Information that includes information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, professional memberships or trade association or trade union, sexual preferences or practices, criminal record or health information.
It is our policy at Ivany to not collect any sensitive information from you. However, in the event that we need to collect sensitive information about you, we will only do so with your consent (explicit or implicit).
Any complaints regarding deemed misuse of personal information should be addressed to [our Complaints Officer] who can be contacted at Level 6 Terrace Tower, 80 William Street, Sydney NSW 2010 or at firstname.lastname@example.org or on (02) 9358 6366.
If we are unable to resolve your complaint with you, you may complain to the Privacy Commissioner, who may conciliate the complaint. As a last resort, the Commissioner may make a formal determination enforceable by the Federal Court. The Commissioner may also investigate an act or practice of Ivany that may be a breach of privacy even if there is no complaint.
This policy document represents our policy as at November 2007 and is based on the requirements of the Privacy Act 1988 and the National Privacy Principles therein.