Information we collect and hold
The type of personal information we will typically collect includes:
· Names, addresses, telephone numbers and email addresses;
· Date of birth and gender;
· Marital status;
· Employment details;
· Information in identification documents (e.g. passport, driver's licence);
· Tax file numbers and other government issued identification numbers;
· Bank account details;
· Shareholdings and investment details;
· Details of your liabilities;
· Superannuation Details;
· Insurance Details;
· Information about your personal circumstances, family commitments and social security eligibility; and
· Personal information about your spouse and dependents.
We will not collect any information from you that is not essential to the provision of our professional services and/or the maintenance of a client relationship. We will not usually seek to collect sensitive information (e.g. data relating to professional memberships, race or ethnic origin, religious beliefs, criminal record, physical or mental health, or sexual orientation) from you. If it is necessary for us to collect sensitive information, we will obtain your explicit consent to collect and use such information.
If you do not wish to provide certain information you can refuse to do so. Please be aware, failure to provide information may inhibit the provision of professional services. In this instance we will advise you, and you can then decide whether you wish to continue with our services.
Why we collect personal information
The main purposes for which we collect personal information are:
· where it is necessary for us to provide our services (e.g. Financial Statement preparation, Income Tax Return preparation and lodgement, Business Activity
Statement preparation and lodgement or Tax and Business Advice)
· to maintain contact with clients;
· to keep clients and contacts informed of the services we offer and of current developments;
· to notify clients and contacts of events, services and service offers;
· for administration and management purposes; and
· to provide you with information about other services we offer that may be relevant to you.
How we collect personal information
Generally we will collect personal information directly from you. The information is collected when we deal with you in person, over the phone, when you send us correspondence (including email or through our website).
Sometimes it may be necessary for us to collect your personal information from a third party, or from a publicly available source. We will only collect personal information in that way where you have consented, you would reasonably expect us to collect personal information in that way, or if it is necessary for a specific purpose in the performance of our services.
You should only provide us with someone else's personal information when you have their authority or consent to provide it.
How we use the information
We do not routinely disclose personal information to other organisations unless you give your consent. Please note Thomas GLC must co-operate fully if at any time we are required by law to release information about you or your organisation.
In order to fulfill the purposes set out above, it may be necessary to provide access to your personal information to third parties with whom we have a business relationship.
The types of third parties to whom we may disclose your personal information include:
· experts or other third parties contracted as part of an engagement;
· our service providers, including but not limited to mail houses, debt collecting agencies, web site hosts, electronic database managers, benchmarking service
providers, insurers, auditors or event managers;
· professional bodies of which we are members such as Chartered Accountants Australia & New Zealand;
· as part of an engagement, if you are a customer, an employee, a contractor or supplier to one of our clients, then we may disclose your information as part of
providing our service to our client; and
· government or regulatory bodies or agencies, as part of an engagement or otherwise.
We require these organisations protect your information in the same way we do. We will never sell your personal information.
Your personal information may be sent overseas in order to provide a service you have requested. The countries to which such disclosures are made and types of personal information disclosed are dependent on the specific circumstances of the engagement.
We may also store, process or back-up your personal information on computer servers or networks which are located overseas or in 'the cloud', including where services are performed by service providers who are located overseas. Where your personal information is provided to overseas entities, such transfer does not change our commitment to safeguard your privacy, and the information remains subject to existing confidentiality obligations. We will take all necessary steps to ensure the security of the information is maintained and it is used consistent with this policy and our obligations under the Privacy Act.
Thomas GLC may also use personal information for other purposes such as client information mail-outs, personalised marketing, or to make an individual aware of our other products and services or offerings provided by Thomas GLC in conjunction with business partners or associates. You have the opportunity to elect not to receive marketing information from us by emailing firstname.lastname@example.org. We will endeavour to process your request within 21 days. Alternatively, if we have contacted you by email, you may notify us that you do not want to receive further marketing information from us by email.
We will hold your personal information for only as long as is required to fulfil the purposes for which it was collected or as required by law.
You do not have to provide us with any personal information if you are a visitor to our website and you may choose to remain anonymous or provide us with a pseudonym if you do not wish to reveal your identity. You should be aware that by remaining anonymous, or in providing a pseudonym, we may be unable to properly provide services and advice to you; or the nature and extent of that advice may be limited. We may also be unable to properly respond to any request, particularly in the event that we may have a conflict of interest or concern in relation to the dissemination of information to an unknown party.
How we store your personal information
We will take reasonable steps to protect personal information from misuse and loss, and destroy or permanently de–identify personal information we no longer need. The information may be stored electronically or in hard copy form, on site or backed up offsite. The security measures we employ to protect your personal information include physical (only personnel with keys are allowed unsupervised access to the premises, a confidentiality policy in our quality assurance manual, a requirement employees sign confidentiality agreements) and technological measures (access passwords on each computer and for individual programs/services where data is stored, encryption, fire wall protection). However, as the internet is not secure, we cannot guarantee the security of any information sent to us via the internet.
In the event you cease to be a client of this organisation, any personal information which we hold about you will be maintained for such period as required to comply with legislative and professional requirements, following which time the information will be destroyed.
How you can access your personal information
In most cases you can access the personal information we hold about you by contacting the Office Manager in writing. Requests will be dealt with as quickly as possible and we will endeavour to respond within 21 days. In some circumstances we may refuse to give you access to personal information (e.g. where a request is frivolous, or where to provide access would pose a threat to health or public safety, unreasonably interfere with another person's privacy, or be a breach of the law). If we refuse access we will advise you of our reasons for doing so.
We will facilitate access to you by allowing an inspection of your personal information in person, or by providing copies or a summary of relevant documents, depending on what is most appropriate in the circumstances, following receipt of your request. Any charge we make for providing access will be reasonable.
If you believe any personal information which Thomas GLC has collected about you is inaccurate, incomplete or not up-to-date, please contact us and we will take reasonable steps to correct it in accordance with the requirements of the Privacy Act.
We are committed to providing clients whose personal information we hold, a fair and reasonable system for the handling of their complaints.
If at any time you have any complaints in relation to privacy, please contact the Office Manager in writing. We will address any concerns you have through our complaints handling process. We will endeavour to respond to your complaint within 30 days.
You may request further information about the way Thomas GLC manages your personal information by contacting the Office Manager by emailing email@example.com.