First Super must comply with the Privacy Act 1988 (the Act), which regulates the way we collect, use and disclose your Personal Information.
This document sets out how we comply with the law when we collect, use and disclose your Personal Information. It describes:
- Personal Information
- Why we collect and use Personal Information
- Whether you must give us your Personal Information
- How we collect your Personal Information
- The people with whom we may share your Personal Information
- The foreign jurisdictions where we may store your Personal Information
- How you can access your Personal Information or update your Personal Information
- How we address issues with the use of Personal Information on the internet
- How we keep your Personal Information secure
- Whether we use and share your Personal Information for the purposes of marketing
- How you can make a complaint
- How we can change and update this document
2. What is Personal Information?
Personal Information is information that can be used to identify you and can include:
- your name
- your date of birth
- your contact details including your phone number, email address and residential address
- your employment details
- your employment history and salary information
- your Tax File Number
- your superannuation contributions history
- your nominated beneficiaries
- your claims history
- health information if you hold insurance cover with us and or when you make a claim for some types of benefits. This may include medical reports directly from your medical practitioners
We may collect, use and disclose Personal Information about our members, beneficiaries, employees and service providers.
We may also collect, use and disclose Personal Information about anyone authorised to deal with a member’s superannuation account in the Fund.
Personal Information also includes information that is called ‘Sensitive Information’. Sensitive Information includes information about your:
- racial or ethnic origins
- political opinions
- political association membership
- religious beliefs or affiliations
- philosophical beliefs
- professional or trade association membership
- trade union membership
- sexual orientation or practices
- criminal record
- health, genetic or biometric information.
We only collect and share Sensitive Information:
- with your consent, where it is necessary, or
- without your consent where required or permitted by law. For example, we will need to collect and share your “sensitive” health information when we assess an insurance claim.
3. Why do we collect and use Personal Information?
The Primary Purpose we collect and use your Personal Information is to provide you with superannuation products and related services. This includes:
- Accepting a person as a member of our Fund
- Administering your superannuation or pension account including your contributions, investment choices, and insurance
- Verifying your identity or the identity of any other person you have authorised to deal with your account
- Providing you with personal advice
- Providing you with insurance and managing your insurance claims. This includes dealing with your health information
- Communicating with you about your superannuation account and superannuation matters and letting you know about other products and services that may be of interest to you
- Providing you with tools, and education about superannuation and retirement
- Helping you find your superannuation accounts and helping you to combine your superannuation accounts
- Undertaking market research including using membership data analysis and direct marketing activities including by First Super and third parties
- Managing and resolving complaints made
- Reporting information required by law or regulation
- Employing our people and appointing our Directors
- Engaging our suppliers
We may also collect and use your Personal Information for purposes related to these activities.
Some laws also require us to collect and use your Personal Information. These laws include the Superannuation Industry (Supervision) Act 1993 (Cth), the Corporations Act 2001 (Cth) and the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth). In some instances, this information is necessary to enable us to provide you with products and services, and we may be prevented from providing you with the products and services you have requested if you refuse to provide this information to us.
4. Do you have to provide us with your Personal Information?
No. You do not have to provide us with your Personal Information. But if you refuse to give us your Personal Information we may not be able to provide you with the products and services you have requested from us.
Where we do not have enough information to administer your superannuation account, we may have to transfer your account balance to the Australian Taxation Office. If you do not provide us with your Tax File Number we may be unable to accept some contributions and you may pay more tax than you need to.
Your employer may have a legal obligation to provide us with information necessary to establish and manage an account for you, this includes providing a Tax File Number.
Should you not want to identify yourself when dealing with us, for example to anonymously report fraudulent or criminal activity relating to First Super, in this circumstance you may be able to deal with us using a pseudonym or an anonymous reporting method.
5. How do we collect your Personal Information?
We usually collect Personal Information directly from you. In some instances, we may also collect Personal Information from third parties like employers, other superannuation funds, financial advisers, insurers, doctors, a parent or guardian, regulatory bodies, enforcement agencies, market research organisations, service providers, and financial institutions.
We collect Personal Information through:
|Forms||Access and use of First Super websites and social media|
|Access and use of the First Super mobile App||Telephone conversations|
|Documents provided by you||Letters and emails|
|Third parties such as banks, financial advisers, insurers, other superannuation funds||Surveys, competitions, or promotions|
If we receive Personal Information about you that we have not requested and/or require for the purposes of administering your account or relating to services provided by First Super, and may not lawfully collect, we will destroy or de-identify the information if it is lawful and reasonable to do so.
6. Who has access to your Personal Information?
First Super takes precautions to ensure that your personal information is secure.
Access to personal information is restricted to staff and third parties who require the information to administer your account and provide information and services to you. A system of passwords and different levels of access is used to protect the information held on the system.
7. Do we share your personal information with other people?
Yes. We will share your personal information with another person for a purpose:
- mentioned in this document
- you would reasonably expect in relation to the Fund
- required or permitted by law or
- otherwise disclosed to you and to which you have consented.
The people we may share your personal information with includes:
|Our Administrator so that it can manage and administer your account in the Fund.
The Administrator may not disclose your personal information to any other party, except as is reasonable and necessary for administration of the Fund.
|Our Insurer to facilitate the provision of insurance benefits and manage your insurance claims|
|Your legal representatives and beneficiaries||Organisations that provide underlying investments or financial products that you choose as a part of your First Super product|
|Employers||Financial advisers engaged by you for the provision of advice|
|External service providers such as insurers, accountants, auditors, lawyers, mailing houses, consultants||Financial institutions like banks to process transfers of money|
|Other superannuation trustees to facilitate rollovers and transfers||Identity verification services to confirm your ID (subject to your consent)|
|Regulators like the ATO, ASIC, APRA, AUSTRAC and AFCA||Courts and enforcement bodies|
|persons authorised under the Family Law Act 1975 (Cth) to request information about an interest in a superannuation fund||IT service providers, digital data back up and data storage companies that are contracted by First Super to provide IT and IT security services and to back up and securely store off-site data held electronically for the Fund|
Where you directly authorise a third-party like an accountant, legal adviser or financial adviser to access your account and Personal Information, this information will be provided in accordance with that authorisation.
We take steps to ensure that these people are bound by confidentiality and privacy obligations. Where your Personal Information is disclosed to others we will ensure that it is handled in accordance with the Australian Privacy Principles and that they have the appropriate systems in place to comply with the requirements of the privacy laws with respect to the protection of your Personal Information.
8. Do we share your Personal Information outside Australia?
Yes. We may disclose your personal information to entities located outside of Australia, including the following:
(a) our insurer (including reinsurer), data hosting and Cloud-based IT service providers, who may be located in the European Union; New Zealand; Malaysia; Singapore, Hong Kong; South Korea; Japan and Singapore; USA, Canada, Ireland, United Kingdom, Germany, France, South Africa and Bermuda
(b) other third parties and/or external service providers located in New Zealand
We make sure that each service provider we use has a contractual obligation to ensure that the information we share is used, accessed and managed in a way that, overall, is at least substantially similar to the way in which the Australian Privacy Principles (APPs) protect the information.
We will take all reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.
9. Can you access your Personal Information?
Yes, in most cases.
You can request access to the Personal Information we hold about you by contacting us in writing. We will tell you the Personal Information we hold about you providing if it is lawful to do so and you provide acceptable proof of your identity.
In some circumstances the law may require us to refuse access to your Personal Information. If this happens, we will provide you with a written notice setting out reasons for the refusal and specifying the section of the Privacy Act under which refusal is permitted.
We will not charge you for assessing the Personal Information we hold about you unless requests of a vexatious nature are made. You will be advised in advance of any charge that may apply before it is incurred.
10. How can you correct your Personal Information if it’s wrong?
If the Personal Information we hold is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will take reasonable steps to correct the information.
You can request that we correct the Personal Information we hold about you by contacting us. We will deal with your request within a reasonable time and, if we do not agree with the corrections requested, we will explain why to the extent permitted by law.
11. What happens to old Information?
We are under a number of legal obligations to maintain Personal Information, including personal and financial information after you leave the Fund.
We may keep information longer than required by law to enable us to refer to your information when corresponding with you or in connection with legal or regulatory proceedings. Once we are satisfied that your Personal Information no longer has to be maintained for either legal or contractual reasons, we will ensure it is destroyed or de-identified.
12. What about privacy on the internet and in email?
We will use your email address to communicate with you if you:
- contact us via email, or
- provide us with your email address and consent to us contacting you or sending you information in this way.
Consent to using your email address may be express or implied based on your interaction with us.
Your email address will also be used or disclosed by us for purposes relating to the management of your superannuation account and the Fund. This may include, among other things, enabling us to provide targeted messaging and advertising to you about your superannuation benefits and related information. We may share your email address with social media sites like Facebook or Instagram to support the provision by us of targeted messaging and advertising.
We will not, however, share your email address, sell your email address to a third party to become part of any other mailing list or used for any other purpose unless with your consent.
You can also provide us with some personal information through our website and through our mobile App. To minimise the risk of fraud we limit the types of Personal Information that can be provided to us over the internet and through the Mobile App.
If you have concerns about transmitting your Personal Information over the internet, you can provide that information in paper format.
We may also use technologies provided by third parties like electronic identity verification services, cookies, web beacon, Google analytics, Google Publisher Advertising Identity Reconciliation (PAIR) or other similar technologies. These technologies may be used by the Trustee for security purposes, identification purposes or education and marketing purposes. These technologies will use Personal Information that you have shared with us and other parties.
When you access any part of our website, our service provider logs the following information, which we may collect, store, use and share: your server address, top level domain name (e.g. gov, .au, etc.), the date and time of your web-site visit, the pages you looked at, the documents you down-loaded, the previous site you visited and the type of browser you used.
Cookies: When you visit any part of our website we may use “cookies” for security and identification purposes. A “cookie” is a small computer file placed on an internet browser which we read each time you visit our website. It is not our intention to identify users personally or their individual browsing activities by using “cookies” but may do so if required by a law enforcement agency or court.
We can only attach cookies to your internet browser if you allow us to. You can set your internet browser to reject cookies but doing so may prevent you from accessing some higher security pages of our website.
PAIR: PAIR is a technology provided by Google that allows publishers on the internet (the websites you visit) and advertisers on the internet (like First Super) to identify, share and match your email address. This means that if you visit a website that has your email address and that email address is the same address you have provided to First Super, this information is shared and matched by the PAIR technology. This technology is then used to support websites and First Super to target the messaging and advertising we make available on those third-party websites. The data used and shared by Google PAIR is encrypted.
13. How do we keep your Personal Information secure?
Your personal information is held in paper-based and electronic files.
We make reasonable efforts to ensure that we and our service providers use modern security measures to protect your Personal Information. This includes password protecting and encrypting data as required.
We take reasonable steps to ensure your personal information is protected from misuse, interference, loss, unauthorised access, modification or disclosure. This includes by limiting access to Personal information through physical barriers (such as security doors) and by limiting electronic access rights.
We cannot guarantee that any information transmitted via the internet is entirely secure. You should only transmit Personal Information over the internet if you are confident the data link and the computer (hardware and software) you are using are secure. If you send us Personal Information over the Internet you do so at your own risk.
14. Do we use your Personal Information to market and advertise products and services to you?
Yes, we do.
We market and advertise the products and services we provide to members and beneficiaries of the Fund. This marketing may be:
- marketing provided by us to you (direct marketing)
- marketing provided by a third party to you (direct marketing), or
- marketing through a third party (indirect).
Our goal is to work with and for our members to help them achieve the best possible outcome in retirement. This help includes the provision of information and marketing material about superannuation benefits, Centrelink benefits, tax laws, retirement, insurance, and changes to the law that may impact you. First Super will use and disclose your personal information to help it achieve this outcome. This includes sharing your email address to help us target our messaging and advertising.
We may share your Personal Information with third parties for the purposes of direct marketing or information about products and services which we consider may be of interest to you. This is in accordance with the APPs which require any organisation marketing directly to you, to provide a means by which you can opt out of receiving marketing material.
You may opt out of receiving direct advertising material. If you do not wish to receive marketing information, please let us know. You cannot opt out of receiving information required by law.
You may opt out of receiving information from third parties through us at any time by contacting us.
We may also ask you to participate in surveys so that we can improve our product offering.
15. Questions and Complaints
The Complaints Officer
PO Box 666 Carlton South Victoria 3053
Phone: 1300 360 988
If you make a complaint we will write to you within 7 days of receiving the complaint to acknowledge the complaint and explain how we will deal with the issues raised.
You may also lodge a complaint with the Office of the Australian Information Commissioner by:
telephone: 1300 363 992
16. Can we change this Policy?
Yes, we can.
We review this Policy as circumstances and laws change. However, we undertake a scheduled review every three years.
This Policy was approved by the Board of First Super Pty Ltd.