For clients

Privacy Policy

McConachie Stedman Pty Ltd ACN 600 130 845 and all other entities carrying on the business under McConachie Stedman Pty Ltd ACN 600 130 845 including McConachie Stedman Brisbane Pty Ltd ACN 624 938 709, McConachie Stedman Audit and Assurance Pty Ltd ACN 600 384 512 and McConachie Stedman Financial Planning Pty Ltd as trustee for Duggan Street Management Trust ABN: 27 334 897 940 and any other subsidiaries, affiliates and related entities in Australia (together referred as “McConachie Stedman” “we” “our” or “us”) are committed to protecting and managing personal information in accordance with the Australian Privacy Principles (APPs) established under the Privacy Act 1988 (Cth) (Privacy Act) and in accordance with other applicable privacy laws.

The APPs provide a privacy protection framework that supports the rights and obligations of collecting, holding, using, accessing and correcting personal information. The APPs consist of 13 principle-based laws and apply equally to paper-based and digital environments.

This document is referred to as our Privacy Policy. It sets out our policies for managing your personal information including how we collect, use, hold, store and disclose the information.

In this Privacy Policy, “you”, “your” or “client” refers to any individual about whom we collect personal information.

Broadly speaking, when we are referring to personal information, we are referring to information or an opinion about you, or information that is reasonably recognisable as you. It includes information or an opinion that may or may not be accurate and recorded in a hardcopy or electronic form.

When we refer to sensitive information, we are referring to certain personal information that is more sensitive and may include health information or details of memberships of professional associations. Under the APPs, sensitive information is afforded a higher level of privacy protection and requires us to obtain your consent before collecting this type of information.

This Privacy Policy applies to your personal information regardless of how we collect it from you. When you submit information to us, access or use our website, or social media platforms, you are providing your consent to us collecting and managing your personal information according to this Privacy Policy.

 

About McConachie Stedman
McConachie Stedman is an Australian based business and offers a range of services in the accounting and financial planning industry. McConachie Stedman offers quality information and advice within a range of services including:  

  • accounting and taxation;
  • business advisory;
  • self managed superannuation funds;
  • audit and assurance;
  • bookkeeping and management accounting;
  • financial planning;
  • insurance; and
  • human resource support.

McConachie Stedman offers its services through face to face consultations, virtual meetings, its website (Website), a newsletter subscription service (Newsletter) and related social media channels. McConachie Stedman may also conduct research and development initiatives and provide access to other service providers and applications.

The information provided or displayed on our Website, Newsletter or related social media channels does not consider your unique situation and needs and as such should not be relied upon as financial, accounting or legal advice. Please refer to our disclaimer for further information, which is accessible at McConachie Stedman | Toowoomba Accountants and Financial Planners - Privacy Policy (mcs.au).

This policy is effective as of 12 April 2024. From time to time, we may need to change this Privacy Policy, and will post the updated version on our website at McConachie Stedman | Toowoomba Accountants and Financial Planners - Privacy Policy (mcs.au). Any such amendments will take effect immediately after such posting. Please check this Privacy Policy regularly for any updates.

 

What information do we collect about you?
When you enquire about our services or become a client of McConachie Stedman, a record is made that includes your personal information.

The types of information that we collect will vary depending on the circumstances of collection and the kind of services that you request from us, and may likely include:

  • Contact Information & Personal Data: your name, date of birth, age, gender, address, email address, and telephone details.
  • Government Related Identifiers: your tax file number, Medicare number, Individual Healthcare identifier, Australian Business Number, director identification numbers and others.
  • Sensitive Information: In some circumstances, McConachie Stedman may collect information that is considered sensitive information. For example, current financial and accounting information, legal information, information about family and entity structures, Centrelink eligibility and commitments.
  • Payment Details: your credit card, bank account details, and billing information to complete purchases.
  • Financial Details: your financial details and occupation, which may include budget information, wages/salary information, and general expenditure.
  • Employer & Profession: your professional details and information about your employer or an organisation you represent.
  • Identification Documents: your driver's licence, passport or other photographic identification documents.
  • Photographs & Videos: any pictures, videos, sound recordings and other audio-visual recordings that you provide to us, or authorise us to take of you.
  • Social Media Accounts & Handles: your social media accounts, handles, and other personal websites and profiles.
  • Geo-Location & Locality Information: when you interact with us, we may collect your current or last known location used to determine your locality from other individuals. We may achieve this through various methods, including collecting your Wi-fi, Guidance Positioning System (GPS), Cellular or other technology in your electronic device or web browser.
  • Cookies & Other Browser or Device Information: your session cookies and persistent cookies when you visit our website, your device type, browser type, Internet Protocol (IP) address, your URL information, the date and time (including time zone) of your visit, the pages you have accessed on our websites and third party websites, your software and hardware information concerning your mobile device or computer. Cookies that we place may be removed by following instructions that are provided by your browser.
  • Interaction & Behavioural Information: your interactions, use, habits, behaviours when dealing with us, our website and other applications.
  • Employment Information: We collect personal information when recruiting personnel, such as your name, contact details, qualifications and work history. Generally, we will collect this information directly from you. We may also collect personal information from third parties in ways which you would expect (for example, from recruitment agencies or referees you have nominated). Before offering you a position, we may collect additional details such as your tax file number and superannuation information and other information necessary to conduct background checks to determine your suitability for certain positions (for example, positions which involve working with children).
  • Other Information: any other administrative and additional information that you provide to us, or authorise us to collect, as a part of your interaction with McConachie Stedman.

 McConachie Stedman may collect personal information about other individuals who are not clients of McConachie Stedman. This includes customers and members of the public who participate in events we are involved with, individual service providers and contractors to McConachie Stedman, and other individuals who interact with us on a commercial basis. The kinds of personal information we collect will depend on the capacity in which you are dealing with McConachie Stedman. Generally, it would include your name, contact details, and information regarding our interactions and transactions with you.

If you are participating in an event we are managing or delivering, we may take images or audio-visual recordings which identify you.

We may collect personal information about children and other individuals below the legal age of majority (Minors) (for example, when children participate in events we are involved with). Where those Minors do not have sufficient maturity and understanding to make decisions about their personal information, we will require their parents or guardians to make decisions on their behalf. However, we are unable to distinguish the age or identity of the people accessing and using our Website or social media platforms or Newsletter,  or who attend events or activities run by us. This may result in the accidental collection of personal information from Minors without the consent of a parent or guardian. If this does occur, then we recommend that you contact us and ask for the personal information to be de-identified or destroyed.

You can always decline to give McConachie Stedman any personal information we request, but that may mean we cannot provide you with some or all of the services you have requested. If you have any concerns about the personal information we have requested, please let us know.

 

How and why do we collect and use your personal information?
McConachie Stedman collects personal information reasonably necessary to carry out our business, assess and manage our clients’ needs, and provide our services. We may also collect information to fulfil administrative functions associated with these services, for example billing, entering into contracts with you or third parties and managing client relationships.

McConachie Stedman generally collects personal information directly from you. We may collect your personal information over the phone, by email, by fax, through our website or mobile sites, over the internet or when you visit one of our social media sites (such as Facebook, LinkedIn or Instagram), or when you visit our office in person.

We may also collect personal information about you from other sources, for example:

  • an authorised person acting on your behalf;
  • our affiliated and related entities;
  • third-party agents, suppliers and contractors who assist us in operating our business;
  • recruitment service providers and any referees provided on employment applications;
  • payment and debit service providers processing and managing the transaction on our behalf; and
  • your family and friends through any marketing or promotional activity that we conduct.

We may receive information about you that we have taken no active step to collect. If this does occur, we recommend contacting us and asking for the personal information to be de-identified or destroyed.

The purposes for which McConachie Stedman usually collects and uses personal information depends on the nature of your interaction with us, but may include:

  • communicating with you confirming your identity;
  • responding to requests for information, complaints and enquiries;
  • administrative, management and operational purposes;
  • informing you about our business offerings, news, updates, direct marketing material, activities, facilities, services and events;
  • managing, planning, advertising and administering programs, events, competitions and performances;
  • researching, developing and expanding our facilities and services;
  • recruitment processes (including for volunteers, internships and work experience);
  • taking photographs, videos or other audio-visual recordings of you for testimonial, marketing or other promotional purposes;
  • market research purposes and to improve our business offerings;
  • via mobile device applications, widgets and other interactive features used, operated or owned by us;
  • through surveillance and security cameras that capture your image;
  • processing your purchases, orders, transactions or sales, including the processing of payments, arranging shipping and providing you with tax invoices or order confirmations;
  •  for any other purposes (including secondary purposes) that you would reasonably expect; and
  •  to enable us to comply with our obligations under the law.

You can always decline to give us your personal information, but that may mean that we cannot provide you with some or all of the services you have requested.

 
Access or correction of personal information held
McConachie Stedman will allow access to a client’s own personal or sensitive information at any time by making contact with their accountant or by contacting our Privacy Officer. This is subject to some limited exceptions permitted or required by law. Our clients also have the right to request that we adhere to any corrections or updates to the information that is provided to us.

McConachie Stedman may charge the reasonable costs of providing our clients with access to their personal information if requested.

All personal and sensitive information we no longer require will be destroyed or permanently de-identified, however information will be retained for as long as the law requires.

 
Data quality
Pursuant to the Corporations Act and Accounting Standards (AASB) we are required to collect sufficient information to ensure the services we provide and the advice we give is accurate and valuable. If clients elect not to provide us with the personal information needed, we will not be able to provide them with the quality of service they deserve.

 
Who do we disclose your personal information to?
During the conduct of our business, we may use and disclose your personal information to the following parties:

  • our affiliated and related entities;
  • our engaged contractors, agents, suppliers who assist us in operating our business;
  • commercial partners under an agreed information sharing arrangement;
  • payment and debit service providers and processors;
  • our professional advisors, such as our lawyers, accountants and financial advisors;
  • relevant courts, tribunals or regulatory authorities and law enforcement bodies;
  • anyone else to whom you authorise us to disclose your information or that would be reasonably expected; and
  • our professionals advisors and service providers as necessary to enable us to provide you with our services.

McConachie Stedman takes reasonable steps to ensure that the third parties we engage take reasonable steps to protect your personal information following the APPs and in a similar manner with this Privacy Policy. Our third-party service providers are required only to use the personal information disclosed to them by us for the purpose that it was provided to them.

McConachie Stedman may also use Google Analytics to help us understand how our customers and clients use our platforms, services. You can read more about how Google uses your personal information via https://www.google.com/intl/en/policies/privacy/. You may also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.

 

Do we disclose personal information to overseas recipients?
Your personal information may be transferred to recipients located in countries that have data protection laws which protect personal information in a way which is at least substantially similar to the APPs. Accordingly, there may be mechanisms available to you to enforce the protection of your personal information under that overseas law. In the circumstances, we do not require the overseas recipients to comply with the APPs, and we will not be liable for a breach of the APPs if your personal information is mishandled. We also disclaim responsibility to the extent permitted by law and note that you may not have a remedy under Australian law.

 

Transborder data flows
Given the current global economy and the ability for information to be shared across borders, McConachie Stedman is taking the following reasonable steps to try and ensure data security:

  • No financial statements or income tax returns will be sent as email attachments unless the individual has requested this in writing.
  • All of these documents will be uploaded to the individual’s secure client portal and a login provided to the intended recipient. Please note that the client portal is stored at a data centre in Australia.
  • If we transfer your personal and / or sensitive information outside of Australia, we will comply with requirements of the Act that relate to trans-border data flows. While we will not directly disclose your personal and / or sensitive information to overseas recipients, without your consent, the entities to which we may disclose personal and / or sensitive information may do so. We are unable to say what countries, if any, those recipients are likely to be located in.


Do we use or disclose your personal information for direct marketing?
McConachie Stedman may use or disclose your personal information to inform you about our services, upcoming promotions and events, or other opportunities that may interest you. If you do not want to receive direct marketing communications, you can opt-out at any time by contacting us using the contact details below.

If you opt-out of receiving marketing material from us, we may still contact you concerning any ongoing relationship with you.

 

How do we hold, store and secure your personal information?
McConachie Stedman takes reasonable steps to protect your personal information from misuse, interference and loss and from unauthorised access, modification or disclosure. The security measures taken include:

  • controlled access to the premises;
  • restriction of access with computer passwords which are changed on a regular basis;
  • multi-factor authentication for access to software;
  • firewalls to protect electronic information;
  • virus protection software which is updated regularly;
  • secure client portal;
  • computer back-up at a datacentre in Australia;
  • computer back-up tapes stored securely away from the premises;
  • confidentiality contracts with all staff and contractors.

Please be aware that there is no transmission method over the internet or through electronic storage that is fully secure and safe. We cannot guarantee the security of the personal information that we hold, but we do take reasonable steps to protect your information. If we are required by law to inform you of any misuse, interference, loss or unauthorised of your personal information, then we will notify you electronically, in writing or by telephone.

Our websites, applications or email systems may not use encryption or other technologies to ensure the secure transmission and receipt of information via the internet. Anyone using our website or receiving an email from us is encouraged to exercise care in sending personal information or depositing money via the internet. We recommend that you refrain from clicking any unsecured links or opening unknown attachments.

If you hold any concerns or become suspicious of any misuse, interference, loss or unauthorised access to our website, our email systems or to our business more generally, we ask that you contact us immediately to verify your concern or suspicion.

McConachie Stedman hold and store your personal information in paper-based files, other electronic record keeping methods in secure databases (including trusted third party storage providers based in Australia and overseas), which may include cloud-based storage providers.

Paper-based Storage
Personal information may be collected in paper-based documents and converted to electronic form for use or storage (with the original paper-based documents either archived or securely destroyed).

Electronic Storage
Your personal information is usually collected in electronic form.

Third-Party Storage
Your personal information may be collected in electronic form for use or storage with a third-party storage provider that we engage.

Where possible, we ask our third-party software providers to store data in Australian data centres, however, storage in Australian data centres is not always possible and some third party providers use international data centres as backup data centres.

We cannot ensure that your personal information is or will remain secure. This is due to us not having control over the third-party provider’s policies and procedures concerning the handling and storing of your personal information.

What are the choices that you can make about your personal information?
At any time, you can request us to:

  • delete or destroy your personal information;
  • de-identify your personal information;
  • access or correct your personal information;
  • provide you with a copy of your personal information.

Please understand that we may not be able to entertain your request if it is unlawful to do so or is otherwise impractical or unreasonable to do so in our discretion.

Delete or destroy your personal information
Until you request for it to be deleted or destroyed, your personal information is kept by us for as long as necessary to provide our services to you and for legitimate and essential business purposes, such as complying with our legal obligations or settling disputes. This means that your personal information can be held for some time.

Remaining Anonymous & De-Identification
McConachie Stedman may require you to provide specific details and information to enable us to provide our services to you. We try to allow you to stay anonymous or use a pseudonym in your dealings with us where it is lawful and practicable to do so. For example, when making a general and nonspecific enquiry. Typically, it is not possible for us to deal with you anonymously or pseudonymously on an ongoing basis. If we do not collect your personal information, you may not be able to utilise our services, deal with us or participate in our events, programs or activities we manage or deliver.

Accessing or correcting your personal information
You are entitled to access or request a copy of your personal information held by us by sending us a request. You will not be charged for requests to access or copy your personal information, but you may be charged for the reasonable time and expense incurred in compiling the information.

You are responsible for ensuring that your personal information with us is accurate and up to date. We take steps to ensure that the personal information we collect, use or disclose is accurate and up to date. You can help us do this by letting us know if you notice errors, inaccuracies or discrepancies in the information we hold about you and letting us know if your details change.

We may decline your request to access or correct your personal information in accordance with the APPs. If we refuse your request, we will provide you with a reason for our decision and, in the case of a request for correction, we will include a statement with your personal information about the requested correction.

 

Cookies
Cookies are pieces of data stored by a web browser on a computer’s hard disk. Cookies identify the computer only – they do not personally identify individuals.

We may use cookies to track the use of our website, and to compile statistics on visits to the site. When the website is visited a cookie may be placed on the computer.

When our website is visited, a record of the visit is automatically made which collects the following non-personal information:

  • server address;
  • top level domain name;
  • date and time of the visit;
  • web pages accessed;
  • documents downloaded;
  • documents uploaded;
  • type of browser being used.

If clients or potential clients use the forms to send an email to someone at McConachie Stedman through the website, a record will also be made of their email address. We use the statistical information to make our website more useful and to enhance the online experience.

McConachie Stedman’s website will not use cookies until such time as you indicate your acceptance. You can accept us using cookies by clicking the accept button on the relevant prompt on our webpage (which is generally located on the [top/bottom] of your webpage).

Cookies can be monitored and deleted from your browser. Since browsers create and store cookies, they are also the most direct way to access, manage, and delete cookies.

Please keep in mind that if you disable all cookies, certain portions of our website may not work properly since certain necessary cookies and functionality cookies will be disabled.

If you require more information about the use of cookies and how to block them, visit allaboutcookies.org.

 

THIRD PARTY WEBSITES
McConachie Stedman’s website may contain links to third parties’ websites. Please note that these websites are not subject to our privacy policies and procedures. McConachie Stedman does not endorse, approve or recommend the services and products provided on those third party websites.

 

Does the European Union General Data Protection Regulation apply to us?
The European Union (EU) General Data Protection Regulation (GDPR) contains new data protection requirements and is effective as of 25 May 2018. GDPR replaces national privacy and security laws that previously existed within the EU with a single, comprehensive EU-wide law that governs the use, sharing, transferring and processing of any personal data that originates from the EU. The GDPR applies to the data processing activities of businesses, regardless of size, that are data processors or controllers with an establishment in the EU. 

Consequently, Australian businesses of any shape and size may need to comply if they have an establishment in the EU, if they offer goods and services in the EU, or if they monitor the behaviour of individuals in the EU. There are also some notable differences, including certain rights of individuals (such as the ‘right to be forgotten’) which do not have an equivalent right under the APPs and the Privacy Act.

As part of McConachie Stedman’s commitment to GDPR compliance, we have updated our Privacy Policy and will ensure our compliance with the GDPR where our clients are citizens of the EU. In accordance with the GDPR, we have:

  • reviewed our data processing activities to determine which data processing activities are subjected to the GDPR.
  • followed appropriate security measures and precautions in accordance with the GDPR.
  • ensured our employees and contractors who are authorised to process personal data have committed to confidentiality.
  • where applicable, we can offer contractual language documenting our commitments to our customers to support their GDPR obligations.
  • updated and expanded internal processes to accommodate data subject rights requests.
  • updated our Privacy Policy to reflect our commitment to complying with the GDPR guidelines where required.


What should you do if you have a complaint about the handling of your personal information?
You may contact us at any time if you have any questions or concerns about this Privacy Policy or about how your personal information has been handled. You may make a complaint to our privacy officer using the contact details set out below.

Complaint handling process
Our Privacy Officer will first consider your complaint to determine whether there are simple or immediate steps that can be taken to resolve the complaint. We will contact you within thirty (30) days of the date we receive the written details of your complaint to acknowledge that we have received it. We may ask you to provide further information about your complaint and the outcome you are seeking.

Our privacy officer will review the way we dealt with your personal information, conduct an internal investigation (if necessary) into the complaint and will likely respond to you within thirty (30) days of the date we acknowledged receipt of your complaint. We will then typically gather relevant facts, locate and review relevant documents and speak with individuals involved.

In most cases, we will investigate and respond to a complaint within sixty (60) days of receipt of the complaint. If the matter is more complex or our investigation takes longer than anticipated, we will let you know.

If you are not satisfied with our response to your complaint, or you consider that McConachie Stedman may have breached the APPs or the Privacy Act, a complaint may be made to the Office of the Australian Information Commissioner (OAIC). The OAIC can be contacted by telephone on 1300 363 992 or by using the contact details on the website www.oaic.gov.au.

 

Our contact information
We welcome any comments or questions about our Privacy Policy. All enquiries should be directed to McConachie Stedman’s Privacy Officer at the following contact details:

Attention: Privacy Officer

Telephone: 1300 363 866

Email: privacy.officer@mcs.au

This Privacy Policy was last updated on 12 April 2024.