WHAT IS PERSONAL AND SENSITIVE INFORMATION?
Personal information is any information or opinion about you which identifies you or that could reasonably identify you. This could include information such as your name, contact details or date of birth. Sensitive information is any information or opinion about you which is health information or which relates to your racial or ethnic origin, political opinion, religious and/or philosophical beliefs, sexual preferences or practices, or criminal record.
COLLECTION OF PERSONAL AND SENSITIVE INFORMATION
Our main purpose for collecting personal and sensitive information is to ensure we provide our clients with quality information and advice within our range of services including:
- accounting and taxation;
- business advisory;
- self-managed superannuation funds;
- audit and assurance;
- bookkeeping and management accounting;
- financial planning;
- insurance, and
- human resources support.
McConachie Stedman is subject to certain legislative and regulatory requirements that make it necessary for us to obtain and hold detailed information that personally identifies our clients and/or contains sensitive information about them. Our ability to provide our quality services is dependent on us obtaining certain personal and/or sensitive information, such as:
- Personal or company name;
- Address and contact details;
- Date of birth;
- Marital status;
- Employment details;
- Tax File Number, ABN and Registered Business Number;
- Bank account/credit card details;
- Current financial/accounting information including details of your assets and liabilities;
- Income, expenditure, etc;
- Information about your family structure;
- Commitments and Centrelink eligibility;
- Any other information including your medical history and reports required for the purposes of risk insurance.
Generally, we will collect personal and sensitive information from our clients directly, via face to face, phone, email and fax, although sometimes it may be necessary to request information from a third party. For example, we may collect information from their personal representative or a publicly available record, amongst other sources. We may also collect personal and sensitive information from the use of our websites and information provided to us through the registration process on our website.
USE OF PERSONAL AND SENSITIVE INFORMATION
The personal information which is provided to McConachie Stedman is used for a number of purposes including:
- to provide quality services in a professional and efficient manner;
- to respond to requests;
- to maintain contact with our clients and business associates;
- to keep our clients and other contacts informed of our range of services, current changes in the industry and to notify of upcoming events and seminars;
- for administrative purposes;
- for recruitment purposes;
- for the engagement of service providers, contractors or suppliers relating to the operation of our business;
- for other business related purposes.
McConachie Stedman may also use the personal information provided for the purpose of marketing their services. If clients do not wish to receive any marketing material from us, they can use the ‘Unsubscribe’ function on any of our electronic communications or contact our Privacy Officer using the details below.
Pursuant to the Corporations Act and Accounting Standards (AASB) we are required to collect sufficient information to ensure the services we provide and the advice we give is accurate and valuable. If clients elect not to provide us with the personal information needed, we will not be able to provide them with the quality of service they deserve.
DISCLOSURE OF PERSONAL AND SENSITIVE INFORMATION
- experts or third parties contracted as part of an engagement;
- our service providers;
- our professional advisors;
- your financial institution (if requested).
We will not disclose personal and/or sensitive information to third parties for the purpose of allowing them to distribute marketing material to clients.
RESPONDING TO NON-COMPLIANCE WITH LAWS AND REGULATIONS
As a member in Public Practice, McConachie Stedman is subject to the requirements of the Accounting Professional & Ethical Standards Board, including the Board’s Code of Ethics for Professional Accountants. As part of our responsibilities, we may take steps and actions as set out in Section 225 of the Code, “Responding to Non-Compliance with Laws and Regulations”. These include but are not limited to the following:
- During the course of our engagement, if we identify or suspect that non-compliance with laws or regulations has occurred or may occur, which may have direct effect on material amounts or disclosures in the financial statements or compliance with which may be fundamental to the operating aspects of your business, to the ability to continue business or to avoid material penalty, we will discuss the matter with the appropriate level of management, those charged with governance or the internal auditor, as appropriate, to enable you to rectify, remediate or mitigate the consequences of the identified or suspected non-compliance or deter the commission of the non-compliance where it has not yet occurred.
- We will consider whether to communicate the non-compliance or suspected non-compliance with an external auditor, unless prohibited by law or regulation.
- We will also consider, based on materiality and / or significance of the matter, whether further action is needed in the public interest. Further action may include disclosing the matter to an appropriate authority even when there is no legal or regulatory requirement to do so or withdrawing from the engagement and the professional relationship where permitted by law or regulation.
Where appropriate, we will inform you of our intention to disclose the matter to an appropriate authority before disclosing the matter. However, if we have reason to believe that the actual or intended conduct would constitute an imminent breach of a law or regulation that would cause substantial harm to investors, creditors, employees or the general public, we may immediately disclose the matter to an appropriate authority in order to prevent or mitigate the consequences of such imminent breach of law or regulation.
SECURITY AND RETENTION OF PERSONAL AND SENSITIVE INFORMATION
McConachie Stedman will take reasonable steps to keep any personal information that we hold secure, and protect it from misuse, interference, loss and unauthorised access, modification or disclosure.
The security measures taken include:
- controlled access to the premises;
- restriction of access with computer passwords which are changed on a regular basis;
- firewalls to protect electronic information;
- virus protection software which is updated regularly;
- secure client portal;
- computer back-up at a datacentre in Australia;
- computer back-up tapes stored securely away from the premises;
- confidentiality contracts with all staff and contractors.
The personal and/or sensitive information provided to us will be retained only for as long as necessary to fulfil the purposes for which the information was collected, as required by law or in accordance with our documentation retention policies.
TRANSBORDER DATA FLOWS
Given the current global economy and the ability for information to be shared across borders, McConachie Stedman is taking the following reasonable steps to try and ensure data security;
- No financial statements or income tax returns will be sent as email attachments unless the individual has requested this in writing.
- All of these documents will be uploaded to the individual’s secure client portal and a login provided to the intended recipient. Please note that the client portal is stored at a data centre in Australia.
- If we transfer your personal and / or sensitive information outside of Australia, we will comply with requirements of the Act that relate to trans-border data flows. While we will not directly disclose your personal and/or sensitive information to overseas recipients, without your consent, the entities to which we may disclose personal and / or sensitive information may do so. We are unable to say what countries, if any, those recipients are likely to be located in.
ACCESS OR CORRECTION OF PERSONAL INFORMATION HELD
McConachie Stedman will allow access to a client’s own personal or sensitive information at any time by making contact with their accountant or by contacting our Privacy Officer. This is subject to some limited exceptions permitted or required by law. Our clients also have the right to request that we adhere to any corrections or updates to the information that is provided to us.
McConachie Stedman may charge the reasonable costs of providing our clients with access to their personal information if requested.
All personal and sensitive information we no longer require will be destroyed or permanently de-identified, however information will be retained for as long as the law requires.
PRIVACY ON OUR WEBSITE
In general, it is not a requirement to provide McConachie Stedman with any personal information when visiting our website. However, if clients apply to receive information, we may require them to provide certain personal information.
Cookies are pieces of data stored by a web browser on a computer’s hard disk. Cookies identify the computer only – they do not personally identify individuals.
When our website is visited, a record of the visit is automatically made which collects the following non-personal information:
- server address;
- top level domain name;
- date and time of the visit;
- web pages accessed;
- documents downloaded;
- documents uploaded;
- type of browser being used.
If clients or potential clients use the forms to send an email to someone at McConachie Stedman through the website, a record will also be made of their email address. We use the statistical information to make our website more useful and to enhance the online experience.
Cookies can be monitored and deleted from your browser. Since browsers create and store cookies, they are also the most direct way to access, manage, and delete cookies.
Please keep in mind that if you disable all cookies, certain portions of our website may not work properly since certain necessary cookies and functionality cookies will be disabled.
THIRD PARTY WEBSITES
McConachie Stedman’s website may contain links to third parties’ websites. Please note that these websites are not subject to our privacy policies and procedures. McConachie Stedman does not endorse, approve or recommend the services and products provided on those third party websites.
In accordance with GDPR, McConachie Stedman has:
- reviewed our data processing activities to determine which data processing activities are subjected to the GDPR;
- followed appropriate security measures and precautions in accordance with GDPR;
- ensured employees of McConachie Stedman are who are authorised to process personal data have committed to confidentiality;
- where appropriate, we have offered contractual language documenting our commitments to our customers to support their GDPR obligations;
- updated and expanded internal processes to accommodate data subject rights requests;
DELETION, RETENTION AND PORTABILITY OF PERSONAL INFORMATION
If, at any point in time, you wish for your Personal Information to:
- be destroyed; or
- be de-identified; or
- be accessed; or
- be provided to you;
unless we are legally allowed or required to maintain your (or part of) your Personal Information, you can submit a request to McConachie Stedman by contacting the Privacy Officer via firstname.lastname@example.org.
McConachie keeps your Personal Information only as long as necessary to provide our services to you (refer Collection of Personal and Sensitive Information section) and for legitimate and essential business purposes, such as complying with our legal obligations and / or settling disputes.
The Privacy Officer
619 Ruthven Street TOOWOOMBA QLD 4350
Telephone: (07) 46 321 966
Fax: (07) 46 385 787
The complaint will be considered within seven days and responded to accordingly. It is our intention to use our best endeavours to resolve any complaint to our client’s satisfaction.