Privacy Policy - Australia

Last updated: 31-08-2023

This Privacy Policy is issued by Apex Fund Services (Australia) Pty Ltd (ABN 86 149 408 702), Apex Fund Services (Sydney) Pty Limited (ABN 32 131 370 931), Apex Corporate and Business Services Australia Pty Ltd (ABN 33 648 611 054), Apex Fund Services Pty Ltd (ABN 81118902891), Apex Superannuation (Australia) Pty Ltd (ABN 28 081 966 243) (“Apex Super”), Independent Professional Services Pty Ltd (ABN 67 126 760 638), Apex Compliance Solutions (Australia) Pty Ltd (ABN 43 110 507 858), its Related Bodies Corporate (together “Apex Australia”).

1. Who are Apex?

Apex Australia provides a single-source solution to deliver an extensive range of services across the full value chain, to asset managers, capital markets, corporates, private equity, and superannuation funds (collectively the “Services”).

Apex Australia are wholly owned subsidiaries of Apex Group Limited (Apex Australia and other subsidiaries of Apex Group Limited together “Apex Group”). For more information on Apex Group please visit www.apexgroup.com

2. What is this Privacy Policy?

During the normal course of business and to deliver the services, Apex Australia collects from various individuals (“Data Subjects”), Personal Information from which the relevant Data Subject(s) can be indirectly or directly identified (“Personal Information”).

Apex Australia is wholeheartedly committed to safeguarding the Personal Information, the privacy of Data Subjects and in satisfying certain obligations Apex Australia has under the relevant Data Protection legislation. This Policy is intended to provide notice to relevant Data Subjects of how Apex Australia use, collect and safeguard Personal Information and other information in connection with the services.

3. Availability of Privacy Policy

This Privacy Policy is publicly available on the Apex Group website at Privacy Policy (apexgroup.com). A copy of the Privacy Policy may also be requested, free of charge and will be issued within three days of the request.
To request a copy of the Privacy Policy:

• Apex Group employees should contact Apex Human Resources.
• Non-employees, including visitors to the website and customers of Apex clients, should refer to the contact details in section 13 below.

4 What personal information do we collect?

Depending on the Services being provided, Apex Australia may collect, hold, and otherwise process the following Personal Information in electronic and/or hard copy written form:

• Contact details (including names, relevant correspondence and postal addresses, email addresses and telephone numbers);
• Information to meet legal and regulatory requirements including in particular “know your client” due diligence information on individuals to meet anti-money laundering legislation, sources of wealth and source of funds;
• Copies of any individual’s legal and/or tax advice and/or personal tax classification details and unique identifiers as may be provided to us, to enable us to provide our Services;
• Bank account details or other payment or financial information provided to us;
• Information regarding an individual’s personal circumstances, including employment status and history, salary details, business interests, property or other assets, or other information about you which we require to provide you with aspects of our Services;
• In certain, limited circumstances (primarily where Apex Australia acts as trustee of a trust and has a legitimate interest in knowing such information) we may collect Personal Information concerning the health of individuals; and/or certain Personal Information relating to children (for example where such children may have a vested or beneficial interest in any company or trust arrangement within the Services); and
• Records of any correspondence received by us, or file notes of any telephone call you may have with us

5. How do we collect your Personal Information?

Personal Information collected may be received directly from the individual in question or be received from a third party. For example, Apex Australia may receive Personal Information from a client or their advisers regarding such client’s directors / beneficial owners. Certain information may from time to time also be received from other parts of Apex Group to the extent services are also being provided from Apex outside of Australia.

6. Why do we collect your Personal Information?

Principally, Apex Australia collects and otherwise processes Personal Information for Data Subjects in the fulfilment of and provision of the Services or to carry out marketing activities. Certain Personal Information is required to be collected because Apex Australia is required to do so by law and regulations (for example to meet anti-money laundering requirements, tax exchange information requirements and other statutory/ regulatory obligations).
Separately from the above, Apex Australia may also collect Personal Information as a result of general or specific instructions from clients (to whom we directly provide company, trustee, partnership, funds, custody and/ or other services), for example where the collection and holding of such Personal Information is necessary or otherwise consequential to the ongoing administration of its client entities or as a result of some transaction which requires it.

7. How we use your Personal Information?

We will use the information we hold about you for the following purposes:

In connection with an Apex ACS contract for Services	Where Apex Australia intends or has entered into a contract with a client to enable it to supply the services So we can communicate with you in respect of our services For Apex Australia’s client management purposes including but not limited to the management of queries, complaints, or claims
Where necessary for Apex Australia to comply with a legal obligation	To verify your identity In connection with any legal obligation on us to report any fraud or other criminal activity (including money laundering or tax avoidance schemes)
Where Apex Australia has a legitimate interest in using such information	To meet all legal, regulatory, and ethical obligations applicable to Apex Australia To verify the accuracy of Personal Information that we hold about you and create a better understanding of you as a client To gather views directly to maintain and enhance Apex Australia’s products and services In connection with the support network and system security in order for us to take steps to protect your Personal Information against loss or damage, theft or unauthorized access To comply with a request from you in connection with the exercise of your rights (for example if you ask us not to contact you for marketing purposes, we will keep a record of this in order to be able to comply with your request) Where relevant to protect the legitimate interests of shareholders, directors, officers (or similar persons) of the client, and their respective beneficial owners or to establish or defend legal actions or claims brought by or against any such persons For marketing activities (other than where we rely on your consent) to contact you by email or text with information about our products and services
Where you have consented to holding such information	For example, if you have expressly requested / consented to marketing materials being provided to you; or you have provided us with sensitive Personal Information about you in connection with the provision of our services

8. Who we share Personal Information with?

We will only disclose your Personal Information in accordance with applicable laws and regulations. We will disclose your Personal Information to the following third parties:

• To a client entity in which you have a direct or indirect interest and/or such client’s subsidiaries, holding company and or other associated counterparties of such client entity where such disclosure is necessary for us to perform our services, or we are otherwise required to share such Personal Information with such persons;

• A financial services regulator, a privacy law regulator (such as the Office of the Australian Information Commissioner), the police or other related authority that may require disclosure on legal grounds, or other relevant government departments where reasonably necessary for financial crime and sanction compliance purposes;

• Service providers engaged by us to help us run our business and perform the services. Such service providers may include, for example, mail houses, recruitment agencies, cloud storage providers (engaged by us to provide electronic board packs, or other storage facilities for our business data and your Personal Information);

• Any member of Apex Australia, and where applicable any other member of Apex Group, who is involved in (or expected to be involved in) the provision of services to our clients;

• Your legal representative, your financial advisor, or an individual to whom you have authorised us to share your Personal Information;

• Identity and verification agencies; and

• Information may be shared with Insurers, medical practitioners, insurance claim assessors

Registered Training Organisation (RTO) services

For users and student of Apex Compliance Solutions (Australia) Pty Ltd training services the following information applies as a requirement of the National Vocational Education and Training Regulator Act 2011.

Why we collect your personal information

As a registered training organisation (RTO), we collect your personal information so we can process and manage your enrolment in a vocational education and training (VET) course with us.

How we use your personal information

We use your personal information to enable us to deliver VET courses to you, and otherwise, as needed, to comply with our obligations as an RTO.

How we disclose your personal information

We are required by law (under the National Vocational Education and Training Regulator Act 2011 (Cth) (NVETR Act)) to disclose the personal information we collect about you to the National VET Data Collection kept by the National Centre for Vocational Education Research Ltd (NCVER). The NCVER is responsible for collecting, managing, analysing and communicating research and statistics about the Australian VET sector.

We are also authorised by law (under the NVETR Act) to disclose your personal information to the relevant state or territory training authority.

How the NCVER and other bodies handle your personal information

The NCVER will collect, hold, use and disclose your personal information in accordance with the law, including the Privacy Act 1988 (Cth) (Privacy Act) and the NVETR Act. Your personal information may be used and disclosed by NCVER for purposes that include populating authenticated VET transcripts; administration of VET; facilitation of statistics and research relating to education, including surveys and data linkage; and understanding the VET market. The NCVER is authorised to disclose information to the Australian Government Department of Employment and Workplace Relations (DEWR), Commonwealth authorities, State and Territory authorities (other than registered training organisations) that deal with matters relating to VET and VET regulators for the purposes of those bodies, including to enable:

• administration of VET, including program administration, regulation, monitoring and evaluation
• facilitation of statistics and research relating to education, including surveys and data linkage
• understanding how the VET market operates, for policy, workforce planning and consumer information.

The NCVER may also disclose personal information to persons engaged by NCVER to conduct research on NCVER’s behalf.

The NCVER does not intend to disclose your personal information to any overseas recipients.

For more information about how the NCVER will handle your personal information please refer to the NCVER’s Privacy Policy at www.ncver.edu.au/privacy.

If you would like to seek access to or correct your information, in the first instance, please contact Apex Compliance Solutions (Australia) Pty Ltd, see below for details.

DEWR is authorised by law, including the Privacy Act and the NVETR Act, to collect, use and disclose your personal information to fulfil specified functions and activities. For more information about how the DEWR will handle your personal information, please refer to the DEWR VET Privacy Notice at https://www.dewr.gov.au/national-vet-data/vet-privacy-notice.

Surveys

You may receive a student survey which may be run by a government department or an NCVER employee, agent, third-party contractor or another authorised agency. Please note you may opt out of the survey at the time of being contacted.

9. How we share Personal Information outside Australia

Some of these third parties (including certain Apex Group subsidiaries and service providers) may be located outside of Australia.
Below is a list of countries outside Australia where in the course of providing our services, we may disclose Personal Information:

1. Hong Kong
2. India
3. Ireland
4. Isle of Man
5. Malta
6. the Netherlands
7. Singapore
8. The Cayman Islands
9. United States of America

If we transfer your Personal Information in this way, we will take steps to ensure that appropriate security measures are taken with the aim of ensuring that your privacy rights continue to be protected as outlined in this privacy policy. Such steps include imposing contractual obligations on the recipient of your Personal Information or ensuring that the recipients are subscribed to ‘international frameworks’ that aim to ensure adequate protection.

10. How do we keep your Personal Information secure?

Apex Australia takes information security very seriously and therefore takes appropriate measures to protect such information from unauthorised theft, damage, or access. Apex Group has an information and cyber security policy which outlines the measures which will be taken to safeguard the availability, integrity and security of data which is aligned to ISO27001.

11. How long will we store your Personal Information for?

We generally expect to hold Personal Information on our systems for as long is necessary to provide the services and ordinarily for 7 years after the termination thereof, in order to allow us to refer to your Personal information in correspondence with you, or in connection with any ongoing or subsequent relevant matters (e.g. legal or regulatory proceedings).
When it is no longer required, we will take steps to delete, destroy, or anonymise your Personal Information. Where we are able to anonymise your Personal Information so that it can no longer be associated with you, we may retain that Personal information indefinitely without notice to you.

12. Your rights

You have the following rights in relation to how we use your Personal Information. If you’d like to exercise these rights, please contact us using the contact details listed at section 14.

Right to lodge a complaint – You have a right to lodge a complaint to us at any time if you object to the way in which we have used or managed your Personal Information. Where you are dissatisfied with our response, you also have the right to escalate your complaint to the Office of the Australian Information Commissioner (the “OAIC”) if you object to the way in which we use your Personal Information. More information can be found on the OAIC’s website: https://www.oaic.gov.au/privacy/privacy-complaints

See also section 14 below.

Right of access – You have the right to know if we are using your Personal Information and, if so, the right to access it and information about how we are using it. There will not usually be a charge for dealing with these requests. Your Personal Information will usually be provided to you in writing, unless otherwise requested. Where you have made the request by electronic means the information will be provided to you by electronic means where possible.
Right of rectification – We take reasonable steps to ensure that the Personal Information we hold about you is accurate and complete. However, if you do not believe this is the case you have the right to require us to rectify any errors in the Personal Information we hold about you.

Right to erasure – you have the right to require us to delete your Personal Information if our continued use is not justified. However, this will need to be balanced against other factors, depending upon the type of Personal Information we hold about you and why we have collected it, there may be some legal and regulatory obligations which mean we cannot comply with your request.

Right to restrict processing - in some circumstances, although you may not be entitled to require us to erase your Personal Information but may be entitled to limit the purposes for which we can use your Personal Information.

Right of data portability – you have the right to require us to provide you with a copy of the Personal Information that you have supplied to us in a commonly used machine-readable format or to transfer your Personal Information directly to another controller (e.g. a third party offering services competing with ours). Once transferred, the other party will be responsible for looking after your Personal Information.

Right to object to direct marketing - You can ask us to stop sending you marketing messages at any time. Please see below instructions on how you can do this.

Right not to be subject to automated-decision making - We do not make decisions about you using automated decision making or profiling of your Personal Information.

Right to withdraw consent - For certain limited uses of your Personal Information, we may ask for your consent. Where we do this, you have the right to withdraw your consent to further use of your Personal Information. If you withdraw your consent, we may not be able to provide certain products and services to you. If this is the case, we’ll tell you at the time you ask to withdraw your consent.

You can make any of the requests set out above using the contact details in paragraph 14. Please note that in some cases we may not be able to comply with your request for reasons such as our own obligations to comply with other legal or regulatory requirements. We will always respond to any request you make and if we can't comply with your request, we will tell you why.

Marketing - We respect your privacy and to the extent we carry out any direct marketing activities we will carry these out in accordance with applicable laws and guidance.

We may contact you with marketing information by post or by telephone or with targeted advertising delivered online through social media and platforms operated by other companies, unless and until you object.

If you are a corporate entity and have engaged us for Services, we may also contact you with marketing information by email or other electronic means unless and until you object. If you are an individual or a member of an unincorporated entity (and except where the following paragraph applies) we will only contact you by email or electronic means with marketing information where you have given us your consent.

Where we have obtained your email address in connection with our contract with you for any Services, or where you have made a positive enquiry about any of our services, we may also contact you with marketing information about similar services by email or other electronic means unless and until you object.

From time to time, we may ask you to refresh your marketing preferences by asking you to confirm that you consent to continue receiving marketing information from us.

You have the right to opt-out of our use of your Personal Information to provide marketing to you by informing us (if we call you by telephone), or by clicking the “unsubscribe link” on any marketing email that we send to you, or by contacting us as set out in Section 14below. Alternatively, you can make a direct request to unsubscribe by emailing the following address: enquiries@apex.bm.

13. Changes to this privacy policy

We will update this Privacy Policy when necessary to reflect changes in the law, our used practices and in our services, as well as to ensure it is accurate and up to date. When we make an update we will amend the date at the top of this Policy, you are therefore advised to check this Privacy Policy periodically.  We may also notify you in other ways from time to time about the processing of your Personal Information.

14. Who can you speak to at Apex Australia about this Privacy Policy and/or protecting my Personal Information?

We take complaints about privacy breaches seriously, if you are not happy with a privacy issue and wish to make a complaint or wish to exercise any of the rights set out in section 12 of this policy, you can do so in writing, over the phone or in person at our office using the contact details below. We will address your concerns and try to resolve them quickly. We aim to resolve any complaints as soon as possible but no longer than 30 days from the time of receipt. The internal complaints process is free to access.

If you have a complaint about a possible breach of privacy, then you should contact the relevant complaints officer using the contact details below.

For services provided by Apex Superannuation (Australia) Pty Ltd contact

In Writing	GPO Box 137 Brisbane Qld 4001
In Person	Level 1 East Tower, 410 Ann Street Brisbane Qld 4000
By Phone	(07) 3238 1200
By Email	info@apexgroup.au

For services provided by Apex Fund Services Pty Ltd or Mainstream Superannuation Services Pty Ltd contact

In Writing	GPO Box 4968 Sydney NSW 2001 Australia
In Person	Level 10, 12 Shelley Street, Sydney NSW 2000
By Phone	Phone: 1300 133451 International: +61 28259 8888
By Email	complaints@apexgroup.com

For services provided by Apex Fund Services (Sydney) Pty Ltd contact

In Writing	PO BOX 189 Flinders Lane VIC 8009
In Person	Level 10, 12 Shelley Street, Sydney 2000 NSW
By Phone	Phone: 02 7201 9015
By Email	Registry: SSG.AUS@apexfs.com FA: FUS.SYD@apexfs.com

For services provided by Apex Fund Services (Australia) Pty Ltd or Apex Corporate and Business Services Australia Pty Ltd contact

In Writing	PO BOX 189 Flinders Lane VIC 8009
In Person	Level 13, 459 Little Collins Street, Melbourne, VIC 3000
By Phone	+61 3 9020 3000
By Email	info@apexfunds.com.au

For services provided by Apex Compliance Solutions (Australia) Pty Ltd contact

In Writing	GPO Box 2404 Brisbane QLD 4001
In Person	Level 1 East Tower, 410 Ann Street Brisbane Qld 4000
By Phone	07 3238 1272
By Email	acs@apexcompliancesolutions.com.au

If you are not satisfied with how we have handled your complaint, you may complain directly to the Office of the Australian Information Commissioner (“OAIC”). The OAIC has the power to investigate and resolve privacy complaints and may make a determination in respect of complaints.

You will not be charged a fee to make a complaint to the OAIC. Go to https://www.oaic.gov.au/privacy/privacy-complaints for more information. Contact details of the OAIC are:

In writing	GPO Box 5218 Sydney NSW 2001
In person	Level 3, 175 Pitt Street, Sydney NSW 2000
By phone	1300 363 992
By fax	+61 2 9284 9666
By email	enquiries@oaic.gov.au