1. Objective
This Privacy Policy explains how Duxton Capital (Australia) Pty Ltd ACN 164 225 647 and/ or Duxton Capital Services Pty Ltd ACN 644 440 675 and other companies in the Duxton Group (“we”, “our” or “us”) collects, uses and manages your personal information and credit information, based on our obligations under the Australian Privacy Act 1988 (Cth) (“Act”) - including the Australian Privacy Principles (“APPs”) - and the European General Data Protection Regulation (“GDPR”).
2. Collection of personal and credit information
We will only collect personal information about an individual where the information is reasonably necessary for one or more of our functions, operations or activities or to comply with the law. The kinds of personal information collected and held, and how that information is collected and held and the purpose for which that information will be collected, held, used and disclosed will depend on the circumstances. For example, we collect and process your personal information as necessary in order to provide you with our services and/or products, as part of our general business operations, employees and contractors, emergency management, to assist with queries, to consider applications from prospective employees, contractors or service providers or to comply with the law.
Depending on the circumstances, below are the types of personal information we might collect from you and use in accordance with this Privacy Policy:
• contact information such as your name and address, telephone numbers and email address;
• financial information, including bank account details;
• business details, including Tax File Number and Australian Business Number (“ABN”);
• identification information such as name, date of birth, current or previous address, driver’s licence number;
• trade references – name of entity, ABN, contact name, telephone number, fax number, email, years trading with you;
• information about our services and/or products acquired or supplied;
• information from enquiries made;
• communications between us and an individual;
• third party information from our employees and contractors such as details of family members and next of kin.
3. Cookies
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. When you visit our websites, we may collect the following information from you automatically through cookies or similar technology:
• your server address;
• your top level domain name (for example, .com, .gov, .au);
• the date and time of your visit to the site;
• the pages you accessed;
• the previous site you have visited; and
• the type of browser you are using.
We use cookies in a range of ways to improve your experience on our website, including:
• for essential purposes for the basic function of our website;
• for performance and functionality to manage and improve our website;
• to improve our business functions.
You can set your browser to accept or decline cookies, however, some of our website features may not function or function fully as a result.
4. Means of collection of personal data and credit information
Your personal information and credit information may be collected in a number of ways, including:
• directly by our employees when you seek, or enquire about, our services;
• when you use our website or complete a form on our website or provided directly by our employees;
• from a third party such as a contracting company or through third party service providers (including recruitment service providers providing services to us).
In some circumstances, where it is unreasonable or impracticable to collect information from you or to supplement information provided, we may collect information about you from a third party source (including public records). In such a case we will take reasonable steps to ensure that you are made aware of the personal information provided to us by the third party.
You need not provide all the information requested by us, but this may prevent us from providing some or all of our goods or services to you.
5. Purposes of collection and use
We collect and use your personal and credit information for the following purposes:
• as a necessary part of providing our goods and services to you including providing general financial product advice, managing and administering products and services, establishing and managing investments and accounts, processing contributions, transferring funds and making payments and reporting on investment performance and conducting our anti money laundering /counter terrorism financing compliance program;
• facilitating product and service reviews;
• sales and billing;
• to promote and market our products and services to you or provide you with information that we believe may be of interest to you (unless as directed otherwise);
• to personalise and customise your experiences with our website;
• to help us research the needs of our customers and to market our goods and services with a better understanding of your needs and the needs of customers generally;
• to allow us to provide advertising material to you regarding us, our clients, and other business partners (unless as directed otherwise);
• internal management purposes;
• to consider applications from prospective employees, contractors or service providers;
• emergency management;
• training;
• to comply with the law;
• other purposes related to any of the above.
We will only use your information for the purposes for which it was collected (“primary purposes”) or a purpose related to the primary purpose, if this use would be reasonably expected by you, or otherwise, with your consent.
6. Disclosure
We may disclose your information to certain third parties to assist us with the primary purpose for which your information was collected. Third parties we may disclose your information to for this purpose include:
• third parties that provide goods and services to us or through us;
• third parties, such as marketing and digital agencies, who may send to you our e-newsletters on our behalf, however you may request not to receive such information by opting-out or by contacting our Privacy Officer (details below);
• financial institutions, fund managers, financial advisers, stockbrokers, actuaries, custodians, share registries, insurers, investment managers, auditors, and external dispute resolution services;
• our related bodies corporate;
• where necessary to protect the rights or safety of any of its employees or a third party;
• our website host or software application providers.
We may also be required to disclose information to third parties to comply with laws and regulations. This may include disclosure to:
• government agencies as required by law;
• third parties who perform an audit of our business;
• third parties for a business acquisition, sale or restructure;
• third parties which we are required or authorised by law to make disclosures to; and
• other third parties as authorised by you from time to time.
Other than as set out in this Privacy Policy, we will not disclose your personal information to other parties without your express consent.
We do not disclose your personal information to overseas recipients unless required as a matter of law, for the storage or transfer of data to service providers located internationally or, if required to service your needs, or to our related companies in Singapore.
We do not disclose your credit information to any credit reporting bodies. Where personal information is disclosed to a third party, we will take all reasonable steps to satisfy ourselves that the information is held, used and disclosed in accordance with the APPs and the GDPR.
7. Quality, access to and correction of information
You are entitled to have access to and seek correction of any personal information that we may hold about you. We require that requests for access to or to update or correct your personal information to be in writing outlining the details of your request. Such requests should be addressed to the Privacy Officer via the details provided in this Privacy Policy.
We will take appropriate steps to verify your identity (or verify that you act as an authorised agent of the individual concerned) before granting a request to access your personal information.
We will respond to your request for access to your personal information within a reasonable time after you make the request and if access is granted, access will be provided within 30 days from your request. We will, on request, provide you with access to your personal information or update or correct your personal information, unless we are lawfully excluded from granting your request, including if:
• giving access would be unlawful;
• we are required or authorised by law or a court/tribunal order to deny access; or
• giving access is likely to prejudice one or more enforcement related activities conducted by an enforcement body.
Where your request for access is accepted, we will provide you with access to your personal information in a manner, as requested by you, providing it is reasonable to do so.
Your request for correction will be dealt with within 30 days, or such longer period as agreed by you. If we deny your request, we will provide you with a written notice detailing reasons for the refusal and the process for making a complaint about the refusal to grant your request.
We will accept your request for correction of your credit information where we are satisfied that it is inaccurate, out-of-date, incomplete, irrelevant or misleading.
Upon accepting a request for correction of your personal information, we will take all steps that are reasonable in the circumstances, having regard to the purpose for which your information is held, to correct your personal information.
If your request for correction of credit information is accepted, we will provide written notice of this correction to any entity to which we have disclosed this information previously, to the extent that this is practicable.
8. Storage and security
Your personal and credit information will be stored as physical files in a secured area in Australia, on our electronic data base system and on computers with appropriate back up and security systems. All our servers are located in Australia. Any personal or credit information which is collected via our website, or which is held on our computer systems, is protected by safeguards including physical, technical (including firewalls and SSL encryption) and procedural methods.
We take reasonable steps to hold information securely in electronic or physical form. We are committed to keeping secure the data you provide to us and we will take all reasonable precautions to protect your personally identifiable information from loss, misuse, interference, unauthorised access or alteration.
We aim to achieve this through:
• imposing confidentiality requirements on our employees;
• implementing policies in relation to document storage security;
• implementing security measures to govern access to our systems;
• only providing access to personal information once proper identification has been given;
• controlling access to our premises; and
• implementing website protection measures.
In the event of a data breach, we are committed to complying with our obligations at law, including our notification obligations.
9. Retention
We may retain your personal information for as long as is needed for the purposes outlined in this Privacy Policy, or as required by law. Where your personal information is not required to be retained by law and is no longer required for the purposes for which it was collected or used, we will take reasonable steps to irrevocably destroy or de-identify it.
10. Data subject rights under the GDPR
In addition to the rights in our Privacy Policy, if you are an individual based in the EU, you have rights with respect to your personal data under the GDPR, which include:
• right of access – you have the right to ask us for copies of your personal data;
• right to rectification – you have the right to ask us to rectify your personal data you think it is inaccurate. You also have the right to ask us to complete your personal data if you think it is incomplete;
• right to erasure – you have the right to ask us to erase your personal data;
• right to restriction of processing – you have the right to ask us to restrict the processing of your personal data;
• right to object to processing – you have the right to object to the processing of your personal data.
• right to data portability – you have the right to ask that we transfer the personal data you gave us to another organisation, or to you.
These rights are not absolute, and some only apply in certain circumstances.
You are not required to pay any charge for exercising your rights over your personal data.
If you make a request in relation to any of these rights, we have one month to respond to you. Please contact our Privacy Officer (details below) if you wish to make a request.
11. Links
Our website, and documents produced in the course of providing the services such as reports, may contain links to websites operated by third parties. Those links are provided for convenience and may not remain current or be maintained. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites, and have no control over or rights in those linked websites. The privacy policies and other terms that apply to those other websites may differ substantially from our Privacy Policy, and we encourage you to read these privacy policies and other terms of use before accessing those websites.
12. Changes to this Privacy Policy
We may change our Privacy Policy from time to time by publishing changes to it on our website at www.duxtonam.com. We encourage you to check our website periodically to ensure that you are aware of our current Privacy Policy. You may also request a copy of our most up-to-date Privacy Policy by contacting our Privacy Officer (details below).
13. Complaints
If you believe that we have breached a term of this Privacy Policy or the Act, you may submit a written complaint. The written complaint can be emailed or posted to us using the contact details set out below. You must include contact details for us to contact you regarding your complaint.
Our Privacy Officer will consider your complaint and respond as soon as reasonably possible, but no later than 30 days from receiving the complaint.
If you are unsatisfied with the outcome of your complaint you may refer your complaint to the Office of the Australian Information Commissioner.
If you are an individual residing in the EU, you may submit your complaint to your local data protection authority.
Contact us
If you wish to:
• gain access to your personal information;
• exercise any of the rights described in this Privacy Policy;
• make a complaint about a breach of this Privacy Policy or our obligations at law;
• contact us with a query about how your information is collected or used;
• contact us regarding any other matter concerning this Privacy Policy,
contact our Privacy Officer:
Privacy Officer contact: Privacy Officer
Email: privacy@duxtonam.com
Postal address: Duxton Capital (Australia) Pty Ltd, PO Box 785, Stirling South Australia 5152
Phone: +61 8 8130 9500
For more information on privacy, see the Office of the Australian Information Commissioner's website at: http://www.oaic.gov.au.
Privacy Policy (Singapore)
Data Protection Policy Statement.
PRIVACY POLICY RELATING TO THE COLLECTION, USE AND DISCLOSURE OF PERSONAL DATA AND CUSTOMER INFORMATION.
Safeguarding personal data and customer information and using it in a lawful manner, consistent with data subjects’ expectations, is a cornerstone of Duxton Asset Management’s relationships, whether with customers, vendors, partners, employees or otherwise.
To do so, Duxton Asset Management (“Duxton”) has put in place this Statement that sets forth principles and requirements governing the collection, use and disclosure of personal data and customer information.
This Statement is based on current laws and regulations in Singapore. This Statement applies to all personal data (as defined in the Singapore Personal Data Protection Act, Cap 26 of 2012 (“PDPA”)) and customer information collected, used and disclosed by Duxton, its affiliates, subsidiaries and associated entities (“Duxton Group”). The PDPA contains 2 main sets of provisions, covering data protection (effective 2 July 2014) and a Do Not Call (“DNC”) Registry (effective 2 January 2014). The DNC provisions generally prohibits organisations from sending certain marketing messages (in the form of voice calls, text or fax messages) to individuals with Singapore telephone numbers, registered with the DNC Registry. As Duxton currently does not send marketing messages to individuals, the DNC provisions are not applicable to the Company.
On Data Protection.
A. Collection of Personal Data. Duxton only collects personal data as may be required by laws, regulations and/or authorities (in and outside of Singapore) or that is reasonably necessary to conduct Duxton’s business. Personal data may be collected by Duxton or through a third party engaged by Duxton (such as distributors appointed by Duxton) and may be collected from the individual or through a third party.
B. Purposes for Collection, Use and Disclosure of Personal Data and Customer Information. The purposes for which personal data relating to an individual and customer information may be collected, used and disclosed are as follows:
(i) the daily operation of the services provided to customers and other individuals, including to carry out customers’ instructions or responding to queries from customers or individuals;
(ii) conducting customer due diligence checks at the time of application and at the time of regular or special reviews which normally will take place one or more times each year;
(iii) designing of financial services or related products for customer’s use;
(iv) providing of information and updates about Duxton’s products and services and related data;
(v) determining amounts owed to or by customers and collecting amounts outstanding from customers;
(vi) complying with the obligations, requirements or arrangements for disclosing and using personal data that apply to Duxton or any of its affiliates or that it is expected to comply as required by: (1) any law binding or applying to it or its affiliates within or outside Singapore existing currently and in the future; (2) any notifications, directives or guidelines issued by any legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers within or outside Singapore existing currently and in the future; (3) any present or future contractual or other commitment with local or foreign legal, regulatory, supervisory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial service providers that is assumed by or imposed on Duxton or any of its affiliates by reason of its financial, commercial, business or other interests or activities in or related to the jurisdiction of the relevant local or foreign legal, regulatory, governmental, tax, law enforcement or other authority, or self-regulatory or industry bodies or associations;
(vii) complying with any obligations, requirements, policies, procedures, measures or arrangements for sharing personal data and information within Duxton and its affiliates and/or any other use of personal data and information in accordance with any group-wide programs for compliance with know-your-customer (“KYC”) obligations, sanctions or prevention or detection of money laundering, terrorist financing or other unlawful activities;
(viii) facilitating consolidated management/supervision within the Duxton Group entities including but not limited to the conduct of internal audit and the performance of risk management;
(ix) enabling an actual or proposed assignee of Duxton, or participant or sub-participant of Duxton’s rights in respect of the individual to evaluate the transaction intended to be the subject of the assignment, participation or sub-participation;
(x) processing, confirming and fulfilling customers’ and other individuals’ requests regarding Duxton’s products and services or transactions, including processing of applications for shares/units in the funds managed by Duxton;
(xi) providing or obtaining references and identification, verification and background screening purposes, including for the purposes of completing the information on the register of shareholders/unitholders of the funds managed by Duxton;
(xii) protecting and defending Duxton’s or its affiliates’ rights, interests or property;
(xiii) complying with or enforcing the terms and conditions of any contract or agreement entered into by or on behalf of Duxton or its affiliate or to which Duxton or its affiliate is otherwise bound or is obliged to observe;
(xiv) obtaining of professional advice, conducting of audit and investigations and managing of risks;
(xv) for security, business continuity, emergency contact and travel purposes;
(xvi) internal and external reporting;
(xvii) data archival and warehousing;
(xviii) in connection with grant of probate or letters of administration in respect of a deceased individual’s estate; and
(xix) all other incidental purposes relating thereto and other purposes to which the individuals or organizations may from time to time agree.
C. Disclosure of Personal Data and Customer Information. Personal data and customer information held by Duxton will be kept confidential but Duxton may provide and/or disclose such data and information to the following parties for the above purposes (whether within or outside Singapore):
(i) any agent, contractor or third party service provider who provides administrative, telecommunications, information technology, transaction and data processing, payment or other services to Duxton in connection with the operations of its business;
(ii) any other person under a duty of confidentiality to Duxton;
(iii) the drawee bank providing a copy of a paid cheque (which may contain information about the payee) to the drawer;
(iv) any person, body or authority to whom Duxton or any of its affiliates is under an obligation or otherwise required, advised, recommended or expected to make disclosure under the requirements of any laws, rules or regulations binding on or applying to Duxton or any of its affiliates, or any disclosure under and for the purposes of any notifications, directives, guidelines or guidance given or issued by or agreement with any legal, regulatory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial service providers with which Duxton or any of its affiliates are obliged, required, advised, recommended or expected to comply, or any disclosure pursuant to any contractual or other commitment of Duxton or any of its affiliates with local or foreign legal, regulatory, supervisory, governmental, tax, law enforcement or other authorities, or self-regulatory or industry bodies or associations of financial services providers, all of which may be within or outside Singapore and may be existing currently or in the future;
(v) any party giving or proposing to give a guarantee or third party security to guarantee or secure a customer’s obligations and liabilities;
(vi) any actual or proposed assignee of Duxton or participant or sub-participant or transferee of Duxton’s rights in respect of an individual or organization;
(vii) (1) Duxton Group entities; (2) third party financial institutions, custodians, clearing houses, securities and investment services providers; and (3) external service providers that Duxton engages; (viii) Duxton’s professional advisers including lawyers, auditors and accountants; and (ix) any party in respect of which such disclosure is requested and/or consented to by the individual or customer.
D. Transfer of Personal Data and Customer Information Outside of Singapore. Duxton may from time to time transfer the personal data and customer information outside Singapore for the above purposes. Such data and information may be disclosed, processed, stored or maintained in accordance with the local data protection laws, rules and regulations applicable in the relevant jurisdictions.
E. Disclosure of Personal Data of Third Parties to Duxton. Before disclosing any personal data relating to its employees, contractors and other individuals to Duxton, organizations shall ensure that those individuals are duly notified of and aware of this Statement and shall undertake and represent they have procured the consent of such individual to the collection, use and disclosure of their personal data as described in this Statement.
F. Update of Personal Data and Customer Information. Customers, and other organizations or individuals who provide, or authorize the provision of, information to Duxton undertake that such information is true, accurate and complete and shall notify Duxton in writing immediately upon any changes in personal data and customer information previously provided to Duxton.
G. Access and Correction of Personal Data. Individuals may request access or make corrections to their personal data. Duxton may charge a reasonable fee for processing of any access request. Any access and/or correction request must include sufficient details to enable Duxton to identify the individual and the personal data or correction to which the request relates and may be required to be made on Duxton’s prescribed forms.
H. Withdrawal of Consent. Customers or other individuals may withdraw consent to the collection, use and disclosure of their personal data and/or customer information. However if a customer or individual does not provide or withdraw such consent or fails to provide requisite personal data and/or customer information, Duxton may be unable to initiate or continue a relationship with the individual or organization concerned. In the case of a customer, Duxton may not be able to open or continue to maintain accounts or establish or continue providing its services or facilities, as a result of which the accounts may be terminated. Under these circumstances, Duxton reserves all rights and remedies ensuing from such termination.
I. Personal Data Retention. Duxton retains personal data and/or customer information for as long as necessary to fulfil the purposes for which such data was collected, Duxton’s business purpose or as is otherwise required under any law for the time being in force. However, this is subject to Duxton’s rights and obligations under applicable laws to ensure retention of records which may contain personal data as well as to Duxton’s archiving and record retention policies.
J. Use of “Cookies”. This website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses “cookies”, which are text files placed on your computer to help the website analyse how visitors use the site. The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States . Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of this website. By using our website, you accept the use of cookies by Google for the purposes set out above. More information can be found at: https://support.google.com/analytics/answer/6004245?hl=en
K. Miscellaneous.
(i) This Statement supplements but does not supersede nor replace any other consents which may have been previously provided to us, and shall be deemed an integral part of all contracts, agreements, facility offer letters, account mandates and other binding arrangements which customers or other individuals or organizations have entered into or intend to enter into with Duxton.
(ii) Duxton reserves the right to change, modify, add, or remove portions of this Privacy Policy at any time for any reason This Statement may be updated from time to time to reflect changes and/or developments in data protection and other relevant laws, regulations, guidelines, codes and industry practices in Singapore. Revisions to this Statement will be published on Duxton’s website. You acknowledge that by accessing our Website after we have posted changes to this Privacy Policy, you are agreeing to the terms of this Privacy Policy as modified.
L. Data Protection Officer.
The person to whom requests for access to or correction of personal data or withdrawal of consent for the processing of personal data or for information regarding Duxton’s policies and practices and kinds of personal data held by Duxton are to be addressed is as follows:
1. Objective
This Privacy Policy explains how Duxton Capital (Australia) Pty Ltd ACN 164 225 647 and/ or Duxton Capital Services Pty Ltd ACN 644 440 675 and other companies in the Duxton Group (“we”, “our” or “us”) collects, uses and manages your personal information and credit information, based on our obligations under the Australian Privacy Act 1988 (Cth) (“Act”) - including the Australian Privacy Principles (“APPs”) - and the European General Data Protection Regulation (“GDPR”).
2. Collection of personal and credit information
We will only collect personal information about an individual where the information is reasonably necessary for one or more of our functions, operations or activities or to comply with the law. The kinds of personal information collected and held, and how that information is collected and held and the purpose for which that information will be collected, held, used and disclosed will depend on the circumstances. For example, we collect and process your personal information as necessary in order to provide you with our services and/or products, as part of our general business operations, employees and contractors, emergency management, to assist with queries, to consider applications from prospective employees, contractors or service providers or to comply with the law.
Depending on the circumstances, below are the types of personal information we might collect from you and use in accordance with this Privacy Policy:
• contact information such as your name and address, telephone numbers and email address;
• financial information, including bank account details;
• business details, including Tax File Number and Australian Business Number (“ABN”);
• identification information such as name, date of birth, current or previous address, driver’s licence number;
• trade references – name of entity, ABN, contact name, telephone number, fax number, email, years trading with you;
• information about our services and/or products acquired or supplied;
• information from enquiries made;
• communications between us and an individual;
• third party information from our employees and contractors such as details of family members and next of kin.
3. Cookies
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. When you visit our websites, we may collect the following information from you automatically through cookies or similar technology:
• your server address;
• your top level domain name (for example, .com, .gov, .au);
• the date and time of your visit to the site;
• the pages you accessed;
• the previous site you have visited; and
• the type of browser you are using.
We use cookies in a range of ways to improve your experience on our website, including:
• for essential purposes for the basic function of our website;
• for performance and functionality to manage and improve our website;
• to improve our business functions.
You can set your browser to accept or decline cookies, however, some of our website features may not function or function fully as a result.
4. Means of collection of personal data and credit information
Your personal information and credit information may be collected in a number of ways, including:
• directly by our employees when you seek, or enquire about, our services;
• when you use our website or complete a form on our website or provided directly by our employees;
• from a third party such as a contracting company or through third party service providers (including recruitment service providers providing services to us).
In some circumstances, where it is unreasonable or impracticable to collect information from you or to supplement information provided, we may collect information about you from a third party source (including public records). In such a case we will take reasonable steps to ensure that you are made aware of the personal information provided to us by the third party.
You need not provide all the information requested by us, but this may prevent us from providing some or all of our goods or services to you.
5. Purposes of collection and use
We collect and use your personal and credit information for the following purposes:
• as a necessary part of providing our goods and services to you including providing general financial product advice, managing and administering products and services, establishing and managing investments and accounts, processing contributions, transferring funds and making payments and reporting on investment performance and conducting our anti money laundering /counter terrorism financing compliance program;
• facilitating product and service reviews;
• sales and billing;
• to promote and market our products and services to you or provide you with information that we believe may be of interest to you (unless as directed otherwise);
• to personalise and customise your experiences with our website;
• to help us research the needs of our customers and to market our goods and services with a better understanding of your needs and the needs of customers generally;
• to allow us to provide advertising material to you regarding us, our clients, and other business partners (unless as directed otherwise);
• internal management purposes;
• to consider applications from prospective employees, contractors or service providers;
• emergency management;
• training;
• to comply with the law;
• other purposes related to any of the above.
We will only use your information for the purposes for which it was collected (“primary purposes”) or a purpose related to the primary purpose, if this use would be reasonably expected by you, or otherwise, with your consent.
6. Disclosure
We may disclose your information to certain third parties to assist us with the primary purpose for which your information was collected. Third parties we may disclose your information to for this purpose include:
• third parties that provide goods and services to us or through us;
• third parties, such as marketing and digital agencies, who may send to you our e-newsletters on our behalf, however you may request not to receive such information by opting-out or by contacting our Privacy Officer (details below);
• financial institutions, fund managers, financial advisers, stockbrokers, actuaries, custodians, share registries, insurers, investment managers, auditors, and external dispute resolution services;
• our related bodies corporate;
• where necessary to protect the rights or safety of any of its employees or a third party;
• our website host or software application providers.
We may also be required to disclose information to third parties to comply with laws and regulations. This may include disclosure to:
• government agencies as required by law;
• third parties who perform an audit of our business;
• third parties for a business acquisition, sale or restructure;
• third parties which we are required or authorised by law to make disclosures to; and
• other third parties as authorised by you from time to time.
Other than as set out in this Privacy Policy, we will not disclose your personal information to other parties without your express consent.
We do not disclose your personal information to overseas recipients unless required as a matter of law, for the storage or transfer of data to service providers located internationally or, if required to service your needs, or to our related companies in Singapore.
We do not disclose your credit information to any credit reporting bodies. Where personal information is disclosed to a third party, we will take all reasonable steps to satisfy ourselves that the information is held, used and disclosed in accordance with the APPs and the GDPR.
7. Quality, access to and correction of information
You are entitled to have access to and seek correction of any personal information that we may hold about you. We require that requests for access to or to update or correct your personal information to be in writing outlining the details of your request. Such requests should be addressed to the Privacy Officer via the details provided in this Privacy Policy.
We will take appropriate steps to verify your identity (or verify that you act as an authorised agent of the individual concerned) before granting a request to access your personal information.
We will respond to your request for access to your personal information within a reasonable time after you make the request and if access is granted, access will be provided within 30 days from your request. We will, on request, provide you with access to your personal information or update or correct your personal information, unless we are lawfully excluded from granting your request, including if:
• giving access would be unlawful;
• we are required or authorised by law or a court/tribunal order to deny access; or
• giving access is likely to prejudice one or more enforcement related activities conducted by an enforcement body.
Where your request for access is accepted, we will provide you with access to your personal information in a manner, as requested by you, providing it is reasonable to do so.
Your request for correction will be dealt with within 30 days, or such longer period as agreed by you. If we deny your request, we will provide you with a written notice detailing reasons for the refusal and the process for making a complaint about the refusal to grant your request.
We will accept your request for correction of your credit information where we are satisfied that it is inaccurate, out-of-date, incomplete, irrelevant or misleading.
Upon accepting a request for correction of your personal information, we will take all steps that are reasonable in the circumstances, having regard to the purpose for which your information is held, to correct your personal information.
If your request for correction of credit information is accepted, we will provide written notice of this correction to any entity to which we have disclosed this information previously, to the extent that this is practicable.
8. Storage and security
Your personal and credit information will be stored as physical files in a secured area in Australia, on our electronic data base system and on computers with appropriate back up and security systems. All our servers are located in Australia. Any personal or credit information which is collected via our website, or which is held on our computer systems, is protected by safeguards including physical, technical (including firewalls and SSL encryption) and procedural methods.
We take reasonable steps to hold information securely in electronic or physical form. We are committed to keeping secure the data you provide to us and we will take all reasonable precautions to protect your personally identifiable information from loss, misuse, interference, unauthorised access or alteration.
We aim to achieve this through:
• imposing confidentiality requirements on our employees;
• implementing policies in relation to document storage security;
• implementing security measures to govern access to our systems;
• only providing access to personal information once proper identification has been given;
• controlling access to our premises; and
• implementing website protection measures.
In the event of a data breach, we are committed to complying with our obligations at law, including our notification obligations.
9. Retention
We may retain your personal information for as long as is needed for the purposes outlined in this Privacy Policy, or as required by law. Where your personal information is not required to be retained by law and is no longer required for the purposes for which it was collected or used, we will take reasonable steps to irrevocably destroy or de-identify it.
10. Data subject rights under the GDPR
In addition to the rights in our Privacy Policy, if you are an individual based in the EU, you have rights with respect to your personal data under the GDPR, which include:
• right of access – you have the right to ask us for copies of your personal data;
• right to rectification – you have the right to ask us to rectify your personal data you think it is inaccurate. You also have the right to ask us to complete your personal data if you think it is incomplete;
• right to erasure – you have the right to ask us to erase your personal data;
• right to restriction of processing – you have the right to ask us to restrict the processing of your personal data;
• right to object to processing – you have the right to object to the processing of your personal data.
• right to data portability – you have the right to ask that we transfer the personal data you gave us to another organisation, or to you.
These rights are not absolute, and some only apply in certain circumstances.
You are not required to pay any charge for exercising your rights over your personal data.
If you make a request in relation to any of these rights, we have one month to respond to you. Please contact our Privacy Officer (details below) if you wish to make a request.
11. Links
Our website, and documents produced in the course of providing the services such as reports, may contain links to websites operated by third parties. Those links are provided for convenience and may not remain current or be maintained. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites, and have no control over or rights in those linked websites. The privacy policies and other terms that apply to those other websites may differ substantially from our Privacy Policy, and we encourage you to read these privacy policies and other terms of use before accessing those websites.
12. Changes to this Privacy Policy
We may change our Privacy Policy from time to time by publishing changes to it on our website at www.duxtonam.com. We encourage you to check our website periodically to ensure that you are aware of our current Privacy Policy. You may also request a copy of our most up-to-date Privacy Policy by contacting our Privacy Officer (details below).
13. Complaints
If you believe that we have breached a term of this Privacy Policy or the Act, you may submit a written complaint. The written complaint can be emailed or posted to us using the contact details set out below. You must include contact details for us to contact you regarding your complaint.
Our Privacy Officer will consider your complaint and respond as soon as reasonably possible, but no later than 30 days from receiving the complaint.
If you are unsatisfied with the outcome of your complaint you may refer your complaint to the Office of the Australian Information Commissioner.
If you are an individual residing in the EU, you may submit your complaint to your local data protection authority.
Contact us
If you wish to:
• gain access to your personal information;
• exercise any of the rights described in this Privacy Policy;
• make a complaint about a breach of this Privacy Policy or our obligations at law;
• contact us with a query about how your information is collected or used;
• contact us regarding any other matter concerning this Privacy Policy,
contact our Privacy Officer:
Privacy Officer contact: Privacy Officer
Email: privacy@duxtonam.com
Postal address: Duxton Capital (Australia) Pty Ltd, PO Box 785, Stirling South Australia 5152
Phone: +61 8 8130 9500
For more information on privacy, see the Office of the Australian Information Commissioner's website at: http://www.oaic.gov.au.
