Financial Advisers: Essential Guide to Privacy Policies in Australia
Understanding Your Obligations
Recently, we were asked by an advisor about meeting their obligations under the Australian Privacy Principles (APPs). As a financial adviser in Australia, ensuring the privacy of your clients' personal information is paramount. The Privacy Act 1988 and the APPs require you to provide your clients with a clear and accessible privacy policy. This policy outlines how you collect, use, disclose, and safeguard their personal information.
Key Elements of a Privacy Policy
What information is collected: Specify the types of personal information you gather, such as names, contact details, financial information, and preferences.
How information is used and disclosed: Explain the purposes for which you use the information and the circumstances under which you may disclose it to third parties.
Access and correction: Outline how clients can access and request corrections to their personal information.
Complaints: Describe the process for lodging a complaint about a privacy breach and how you will handle such complaints.
Providing Your Privacy Policy
Initial engagement: It's best practice to provide your privacy policy at the start of your relationship with a client, typically when providing the Financial Services Guide (FSG) or Statement of Advice (SOA).
Website availability: While having your privacy policy available on your website is essential, you should also actively inform clients of its existence.
Direct notification: Inform clients during initial engagement that your privacy policy is available on your website and provide a direct link. Offer to provide a hard copy if requested.
Email signature: Including a link to your privacy policy in your email signature can enhance accessibility, but it should complement more direct notification methods.
Wrap Up
By adhering to these guidelines, you can ensure that your financial advisory practice complies with privacy laws and maintains the trust of your clients. Providing a clear and accessible privacy policy is a fundamental aspect of responsible business conduct.