Privacy Policy

Padua is committed to providing quality financial technology services to you and this policy outlines our ongoing obligations in respect of how we manage your Personal Information.

We have adopted the National Privacy Principles (NPPs) contained in the Privacy Act 1988 (Cth). The NPPs govern the way in which we collect, use, disclose, store, secure and dispose of your personal information.

A copy of the Australian Privacy Principles may be obtained from the Office of the Australian Information Commissioner at:
https://www.oaic.gov.au/

What is Personal Information and why do we collect it?

Personal information is information or an opinion that identifies an individual. Examples of personal information we collect include names, business addresses, email addresses, and business telephone and facsimile numbers.

This personal information is obtained in many ways including through our websites:

as well as by telephone, facsimile, email, your website, and from third parties (such as your Dealer Group/Licensee).

We collect your personal information for the primary purpose of providing our services to you. We may also use your personal information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure. You may unsubscribe from our mailing or marketing lists at any time by contacting us in writing.

When we collect personal information we will, where appropriate and where possible, explain why we are collecting the information and how we plan to use it.

Sensitive Information

Sensitive information is defined in the Privacy Act to include information or an opinion about such things as an individual’s:

  • racial or ethnic origin
  • political opinions
  • membership of a political association
  • religious or philosophical beliefs
  • membership of a trade union or professional body
  • criminal record
  • health information.

Sensitive information will be used by us only:

  • for the primary purpose for which it was obtained
  • for a secondary purpose directly related to the primary purpose
  • with your consent
  • where required or authorised by law.

Third Parties

Where reasonable and practicable, we will collect your personal information only from you. However, in some circumstances we may be provided with information by third parties. In such cases we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.

Disclosure of Personal Information

Personal information may be disclosed in a number of circumstances including:

  • where you consent to the use or disclosure
  • where required or authorised by law.

Security of Personal Information

Your personal information is stored in a manner that reasonably protects it from misuse, loss, unauthorised access, modification or disclosure.

When your personal information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify it. However, most personal information is or will be stored in client files, which will be kept by us for a minimum of 7 years.

Access to Your Personal Information

You may access the personal information we hold about you and update and/or correct it, subject to certain exceptions. If you wish to access your personal information, please contact us in writing.

Padua will not charge a fee for your access request but may charge an administrative fee for providing a copy of your personal information.

To protect your privacy, we may require identification before releasing the requested information.

Maintaining the Quality of Your Personal Information

It is important to us that your personal information is up to date. We will take reasonable steps to ensure it is accurate, complete and current.
If you find that the information we have is incorrect or outdated, please advise us as soon as practicable so we can update our records.

Collection of Usage Data

Padua utilises analytics software to collect and analyse application usage data. Our analytics software provider uses browser cookies to collect information about your use of Padua Home, including:

  • IP address
  • non-personal information
  • pages, features and functions used
  • request submission behaviour
  • duration of tasks and number of steps
  • types of advice you are providing
  • strategies, platforms and investments you recommend.

The analytics provider stores this information for the purpose of analysing usage and producing reports for Padua. This assists us in improving our services, understanding how they are used, and may also be provided to third parties for marketing purposes.

Padua will share a randomly generated identifier with our analytics provider for identifying you, however only Padua can correlate application usage and marketing information with your personal data.

Responding to Data Breaches

A data breach occurs when there is misuse, unauthorised access, or disclosure of personal information.
In the event of a data breach, Padua will analyse and assess the breach and take necessary steps to prevent future breaches.

While each incident will be assessed case-by-case, we generally follow the process below:

1. Contain the breach and perform a preliminary assessment

Contain the breach

We will take steps to immediately contain the breach. This may include disabling compromised accounts, shutting down or restricting system access, and implementing any other necessary controls.

Initiate a preliminary assessment

We will appoint someone to lead the assessment. The assessment includes identifying compromised personal information, the cause and extent of the breach, the harm to affected individuals, and further containment steps.

Consider who should be notified

We will determine who needs to be made aware of the breach internally and externally. The matter will be escalated to Padua’s Privacy Officer.

2. Evaluate the risks associated with the breach

We consider:

  • the type of personal information involved
  • the context of the information and breach
  • the cause and extent of the breach
  • the risk of serious harm to affected individuals.
3. Notification

Once circumstances are understood, we will determine whether affected individuals should be notified, how and when the notification should occur, and what information should be included.
We will also consider whether other parties should be notified.

4. Prevent Future Breaches

We will investigate the cause of the breach and determine whether a prevention plan is needed to reduce future risk.

Policy Updates

This Policy may change from time to time and is available on our website.

Privacy Policy Complaints and Enquiries

If you have any queries or complaints about our Privacy Policy, please contact us at:

2 Manning Street, Kiama NSW 2533
it@paduasolutions.com
1300 162 892