1. Privacy Commitment
Thank you for visiting our Website and for reviewing our Policy. We respect the importance of your privacy and the Personal Information in our care. We have created this Policy in order to demonstrate our firm commitment to your privacy.
We are subject to and seek to ensure that all Personal Information we collect is handled in compliance with the Australian Privacy Principles contained in the Act. This Policy sets out how we collect, hold, use and disclose information (including Personal Information) that we obtain from you. This Policy also includes our Credit Reporting Policy which sets out how we collect, hold, use and disclose Credit Information to comply with our credit reporting obligations under the Act and the Credit Reporting Code registered under section 26S(1) of the Act (Code).
2. Collection of personal information
2.1. We collect Personal Information as well as non-personally identifiable information that you voluntarily provide.
2.2. We will only collect Personal Information about you:
- from you (including via online enquiry forms you submit, our direct discussions with you, any emails, blogs, letters, faxes or other correspondence you send to us and when you subscribe to our online publications);
- if you have created an online account with us or Bentleys, from your use of that online account;
- from any entity within our Bentleys Group or any entity in any other Bentleys Group;
- from any person authorised by you to provide such Personal Information to us (such as your professional advisors or personal representatives);
- if you are part of a Group, from any other member of that Group for so long as you have provided consent to the same and have not revoked that consent by written notice to us;
- from third party contractors and suppliers we engage to help us provide services;
- from external sources where the information is publicly and readily available; and
- from third parties (for example, your spouse) where it is otherwise unreasonable or impractical to collect such Personal Information from you directly. In such cases, we will inform you before, or as soon as reasonably practicable after, we collect such Personal Information.
2.3. As an example, and without limiting the types of Personal Information we collect, we may collect the following Personal Information (a) name, address, and contact details such as telephone number and email address, (b) details of your interests in or ownership of entities or control of trusts, and (c) accounting information such as your tax file number, bank account details, credit card details and details of your investments.
2.4. We will only collect information relating to your tax file number for purposes authorised by law. You are not obliged to provide your tax file number to us but if you fail to do so, there may be financial consequences.
2.6. Where you provide us with Personal Information of third parties (for example, your spouse) you warrant to us that the relevant individuals have consented to you disclosing their Personal Information to us.
3. Use and disclosure of Personal Information
3.1. How we use your Personal Information varies based on the services we are providing. Generally, we may use your Personal Information:
- as necessary to provide services to you;
- to perform due diligence and conflict checks prior to agreeing to provide services to you;
- for customer relationship management purposes and to respond to your queries;
- for recruitment purposes;
- to analyse client needs and improve the services we provide;
- for audit, regulatory and compliance purposes;
- for industry accreditation purposes;
- for accounting and administrative purposes (including to process transactions, provide accounting services, facilitate our internal business operations and comply with our legal or regulatory obligations); and
- for other purposes related to our provision of business advisory services to you.
3.2. We will not use or disclose your Personal Information for a purpose other than for that which it was collected unless you have provided your consent or you would reasonably expect us to use or disclose the Personal Information for that other purpose. If you are part of a Group and have consented to our use of your Personal Information so we can perform the services in the Engagement Letter in respect of each and any Group member, we may use your Personal Information as part of performing those services for any Group member unless and until you provide us with a written notice revoking such consent.
3.3. We may disclose your Personal Information:
- to any other member of our Bentleys Group or other Bentleys Group to allow them to provide you with services or to provide information about the services they provide or so they can assist us in providing applicable services to you;
- to our contractors, agents and service providers (for example, information technology contractors, debt collection agencies, event managers and recruitment and human resources consultants) but only (a) for the purpose of providing services to you, (b) as necessary to facilitate the operation of our business, and/or (c) for the purpose of storing your Personal Information;
- to other entities in our Bentleys Group, other Bentleys Groups or Bentleys to facilitate our and their internal business operations;
- to the Australian Taxation Office, the Australian Securities and Investments Commission and other government bodies as required by law or as necessary to provide services to you;
- to third parties with whom we are affiliated for the purpose of those third parties providing you with information about their services and promotions;
- as required or authorised by law or to meet our professional standards;
- to any person with your consent;
- in connection with any sale of any member of our Bentleys Group; and
- to our professional advisers but only so they can advise us in respect of the same.
3.4. If you are part of a Group and have consented to our use of your Personal Information so we can perform the services in the Engagement Letter in respect of each and any Group member, we may disclose your Personal Information to any other Group member as part of performing those services (including disclosure in any document, financial reports or tax returns prepared by us) unless and until you provide us with a written notice revoking such consent.
3.5. Information other than Personal Information collected when you visit our Website may be used to monitor usage of and decide how to improve and promote our Website, products and services (including online advertising).
3.6. In addition, Bentleys may:
- where you have requested the provisions of services, disclose your Personal Information to a Bentleys Group so they can consider your request and contact you in respect of such services; and
- where you are an employee, contractor, consultant, director or partner of a Bentleys Group, disclose your Personal Information to our third party affiliates (including Allinial Global) so the same can provide you and the Bentleys Group you work with, with online and other resources.
4. Collection, use and disclosure of Sensitive Information
4.1. We will only collect Sensitive Information from you directly as reasonably necessary to provide services to you and with your consent.
4.2. As an example, and without limiting the types of Sensitive Information we collect, we may collect the following Sensitive Information (a) tax file number and (b) medical history.
4.3. We will not collect your tax file number unless you have completed a Client Tax File Number Consent Form. You may revoke your consent under that Client Tax File Number Consent Form at any time if you are no longer our client, in which case, we will only retain your tax file number for any purpose required by law or under any contract with its licensee.
4.4. We will only disclose Sensitive Information in accordance with the Act as follows: (a) for the primary purpose for which it was collected, (b) for a secondary purpose that is directly related to the primary purpose, or (c) as required by law.
4.5. We will not disclose Sensitive Information to other members in our Bentleys Group or other Bentleys Groups without your prior written consent.
4.6. Information regarding your tax file number will only be disclosed to you personally and according to relevant laws (including, where you are an individual, in compliance with the Privacy (Tax File Number) Rule 2015 made under section 17 of the Act).
5. Direct marketing
5.1. We may use or disclose your Personal Information for direct marketing purposes, being:
- to promote our services and provide you with information and marketing materials about other services that may be of interest to you including services provided by other members of our Bentleys Group;
- to provide information relevant to your type of business or other area of expertise or interest; and
- to provide you with the opportunity to attend seminars, conferences or other events that may be of interest to you.
5.2. If you do not wish to receive direct marketing communications from us, you can ‘opt out’ by clicking the ‘Unsubscribe’ link in our emails or other electronic communications, or sending an email to us at the contact details in paragraph 16 below with your contact details requesting that you no longer receive direct marketing materials from us. We will remove you from our direct marketing database as soon as reasonably practicable after receiving a request but in any event, within 30 days of receiving such a request.
5.3. You consent to us disclosing your Personal Information to Bentleys so they can use the same to carryout direct marketing to you on our behalf.
6. Requirement to provide information
In general, you are not required to provide personal information to us. However, if you wish to receive information about our services, events, industry updates or to apply for employment, you acknowledge that it may not be practical for you to use a pseudonym or otherwise not identify yourself and that we may require you to provide certain Personal Information or Credit Information. If you do not provide some or all of the Personal Information or Credit Information requested, we may not be able to provide you with some or all of the services you request.
7. Cross border disclosure
7.1. It is possible (but not likely) that some of the Personal Information and Credit Information we collect may be disclosed to our contractors, agents and service providers located outside of Australia for storage purposes or for the purpose of completing a portion of the services. For example, we may disclose your Personal Information and Credit Information to other Bentleys firms in China and New Zealand or to contractors outside of Australia for processing.
7.2. We take such steps as are reasonably necessary in the circumstances to ensure that any overseas third party service providers we engage do not breach the Australian Privacy Principles. You consent to your information being disclosed to a destination outside Australia for this purpose, including but not limited to the United States, Canada and the United Kingdom.
8. Collection of Credit Information
We may provide credit to you from time to time (for example, by giving you time to pay our account for services) and this may involve the collection of Credit Information. We may collect Credit Information about you (a) directly from you or from persons acting on your behalf (including via application forms submitted by you or on your behalf), and (b) from third parties, including credit reporting bodies and other credit providers, to assist us in determining whether we will provide credit to you.
9. Use and disclosure of Credit Information
9.1. With your express consent, as required by law or court order and otherwise in accordance with Part IIIA of the Act and the Code, we may use or disclose the Credit Information we have collected to:
- credit reporting bodies;
- any other member of our Bentleys Group;
- third parties that perform credit assessment and debt collection services on our behalf;
- our contractors, agents and service providers; and
- current or prospective guarantors in relation to credit we may provide to you.
9.2. We may use or disclose Credit Information we have collected about you to:
- decide whether or not to provide credit to you;
- assess your suitability to act as a guarantor for another credit facility;
- collect outstanding debts and enforce guarantees; and
- comply with our legal or regulatory obligations.
9.3. We may also use Credit Information we hold about you for internal management purposes and to respond to queries or complaints about our treatment of your Credit Information. We may disclose your Credit Information to credit reporting bodies if you fail to make payments to us or if you commit a serious credit infringement.
9.4. The credit reporting policies for such credit reporting bodies will be available on their websites. You have the right to contact any credit reporting bodies to whom we disclosure your Credit Information and request that they do not (a) use your Credit Information for pre-screening purposes to determine your eligibility to receive direct marketing from credit providers, and (b) use or disclose your credit information if you have been or are likely to be a victim of fraud.
10.1 We will not adopt a government related identifier (including a Tax File Number) of you as our own identifier of you.
11. Holding and security of your Personal Information and Credit Information
11.1. We may store your Personal Information and Credit Information in hard copy or electronic format, in storage facilities that we own and operate ourselves, or that are owned and operated by our service providers.
11.2. We take reasonable steps to:
- ensure that any Personal Information or Credit Information we hold or disclose about you is up to date, complete and correct; and
- protect your Personal Information and Credit Information from misuse, interference, loss, and unauthorised access, modification and disclosure using electronic and physical security measures such as:
(a) securing our premises by requiring security passes to enter our offices;
(b) placing passwords and varying access levels on databases to limit access and protect electronic information;
(c) the use of firewalls, encryption, passwords and digital certificates;
(d) providing locked cabinets and rooms for the storage of physical records; and
(e) requiring our staff to undertake privacy and data protection training.
11.3. We will destroy or delete any of your Personal Information or Credit Information which we no longer need to retain noting that we are required by law to retain certain information for a number of years after we have ceased providing the services. If you email us any information (including Personal Information or Credit Information), it is sent at your own risk as it may not necessarily be secure against interception.
12. Accessing and correcting Personal Information and Credit Information
12.1 Credit Information is still correct when you attend our office or otherwise interact with us in any way, and (b) contacting you if we become aware that your Personal Information or Credit Information is no longer correct.
12.2. On your request, except to the extent that we are lawfully able to refuse such a request, we will provide you with access to Personal Information and Credit Information that we hold about you. All requests about the Personal Information or Credit Information that we hold should be made by email or in writing to us (see clause 16 of this Policy for our contact details). We will try to respond to your request within a reasonable period.
12.3. If you satisfy us that Personal Information or Credit Information that we hold about you is misleading, inaccurate, out of date or incomplete, except to the extent that we are lawfully able to refuse such a request, we will correct the Personal Information and Credit Information that we hold about you. If it is reasonable and practicable to do so, we will give you access to your Personal Information and Credit Information in the manner that you request. We do not generally charge for providing such access but may do so in certain circumstances.
12.4. In the event that we deny access to or refuse to correct your Personal Information or Credit Information that we hold, we will provide you with written reasons and the mechanisms available to complain about such refusal.
13. Third party websites and other Bentleys firms
When you leave our Website, you will be going to websites that are beyond our control. Our Policy does not apply to third party websites. Our Policy only governs the handling of your personal information by each applicable Bentleys Group. We encourage you to read the privacy policies of other Bentleys firms and third party websites before disclosing any Personal Information.
14. Changes to policy and complaints
We may amend this Policy from time to time without notice to you. The revised Policy will take effect when it is uploaded on our Website. If you believe that we have breached our privacy or credit reporting obligations under the Act, you can make a complaint by emailing or writing to us (see clause 16 of this Policy for our contact details). We will attempt to complete our investigation and resolve your complaint within 14 days from the date you lodge your complaint. If we think it will take longer to resolve your complaint, we will inform you. If we do not resolve your complaint to your satisfaction or you are dissatisfied with the action we have taken, you can make a complaint to the Office of the Australian Information Commissioner. For further information about how to do this, please contact the Office of the Australian Information Commissioner on 1300 363 992 or visit www.oaic.gov.au.
15. General Data Protection Regulation (European Union)
15.1. This clause applies if the GDPR applies to our dealings with you including because we provide services to you and you reside in the European Union.
15.2. Where the GDPR applies (a) we confirm that we will comply with our obligations under the same, (b) you have all of the additional rights set out in in the GDPR as well as the rights set out in the rest of this Policy. Where the GDPR applies to our dealing with you any provision in this Policy which is contrary to the GDPR will be deemed not to apply.
15.3. We will store your Personal Information for (a) the period we require it to provide services to you and generally for a period of 7 years after the end of our engagement in respect of such services, and (b) any longer period which the law or good business practice requires.
15.4. Where you have consented to the processing and use of your Personal Information under Article 6.1(a) or 9(2)(a), you may withdraw such consent at any time.
15.5. You have a right to require us to erase your Personal Information as allowed under Article 17 including where (a) the Personal Information is no longer necessary for the purposes for which it was collected, or (b) you withdraw your consent and there is no legal grounds for the continued use or processing of the Personal Information by us.
15.6. You have a right to obtain from us a restriction on the use and processing of your Personal Information as set out in Article 18 where (a) the accuracy of your Personal Information is contested by you, (b) the use or processing is unlawful, you oppose the erasure of the Personal Information and request we restrict the use of the same instead, or (c) we no longer need the Personal Information but you require the same for the exercise or defence of a legal claim.
15.7. Where you have consented to the processing and use of your Personal Information under Articles 6.1(a) or 9(2)(a) and the processing of your Personal Information is carried out by automatic means you have a right (a) to receive your Personal Information in a structured, commonly used and machine-readable format, and (b) to transmit that Personal Information to another person or entity without hindrance from us.
15.8. You have a right to obtain from us without undue delay the rectification of inaccurate Personal Date concerning you.
15.9. Subject to the restrictions in Article 14(5), where we do not collect the Personal Information from you we will provide you with the information required under Article 14(1) and 14(2) within the time required by Article 14(3).
15.10. Where we are providing services to you the provision of Personal Information will be a contractual obligation so we can provide the services and, where applicable, so we can meet any statutory obligations. Failure to provide such Personal Information may mean we are unable to provide the services to you in whole or in part.
15.11. If at any time the GDPR requires us to have a data protection officer, then the person specified in Annexure A for our Bentleys Group will be our data protection officer.
15.12. We will transfer your Personal Information outside of the European Union where you have expressly consented in writing or it is necessary for the performance of a contract with you (e.g. so we can provide services to you). We note New Zealand and Canada are recognised by the European Union as being countries outside of the European Union which offer an adequate level of data protection for the purposes of the GDPR. However, currently Australia is not recognised by the European Union as being a country outside the European Union which offers an adequate level of data protection for the purposes of the GDPR.
15.13. You have a right to receive and obtain from us confirmation as to whether or not Personal Information concerning you is held or being used or processed by us, and if so, (a) the purposes of the use and processing, (b) the categories of Personal Information concerned, (c) the recipients or categories of recipients to whom your Personal Data has been disclosed including recipients in third countries, (d) where possible, the envisaged period we will store your Personal Information, or if this is not possible, the criteria we use to determine that period, (e) your right to request we rectify or erase your Personal Information or restrict the use and processing of your Personal Information (see other paragraphs of this clause as to details of your rights in respect of these matters), (f) information as to your rights to lodge a complaint with the independent public authority in the country in the European Union in which you reside, (g) where we do not collect your Personal Information from you, any available information as to the source of the same, and (h) the existence of automated decision making (including profiling) and meaningful information as to the logic involved, as well as the significance and envisaged consequences of such processing and use for you.
15.14. In this clause: (a) Article means an article in the GDPR, and (b) GDPR the General Data Protection Regulation being Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016.
16.1. a reference to us, our or we is to the applicable member in a specific Bentleys Group.
16.2. Act means Privacy Act 1988.
16.3. Bentleys means Bentleys Australia Pty Ltd (ACN 097 734 462) and any related firm operating under the Bentleys brand.
16.4. Bentleys Group means each of the entities forming a specific Bentleys group as specified in Annexure A and in addition Bentleys;
16.5. Credit Information includes identification information (for example, name, date of birth, driver’s licence number, current and recent addresses and employment details), historical details of credit (including type and amount of credit sought or obtained) and repayment history, information about applications for credit, information about defaults and payment arrangements, details of insolvency proceedings, bankruptcy agreements, judgements and arrangements with creditors, information relating to activities and credit worthiness in Australia and external Territories, information recorded on the National Personal Insolvency Index and opinions of credit providers regarding serious credit infringements;
16.6. Engagement Letter means the letter of engagement issued by us outlining the services to be provided by us to members of a Group which is accepted by a member of the Group.
16.7. Group means the individuals, entities and/or companies defined as “the Group” in an Engagement Letter.
16.8. Personal Information means information (including an opinion) about an individual whose identity is apparent or can reasonably be ascertained from the information whether true or not and whether or not recorded in a material form;
16.9. Sensitive Information has the meaning given by the Act and includes Personal Information which relates to an individual’s racial or ethnic origins, religious beliefs or affiliations, trade association, trade union membership, sexual orientation, criminal record and information as to an individual’s health or biometric information.
16.10. Website means all of the pages located on the website you are currently viewing, being www.bentleys.com.au which is operated and maintained by Bentleys on behalf and for the benefit of the entities in all of the Bentleys Groups.
17. Contact us
If you have any queries in respect of our Policy or to request access to your information or make a complaint, please contact us by email or in writing the applicable privacy officer for an applicable Bentleys Groups as detailed in Annexure A.
Version C: 25 August 2020
Annexure A – Bentleys Groups
Bentleys Australia Pty Ltd (ABN 13 097 734 462)
Bentleys Network – Privacy Officer:
Attention: Tony Sacre, Chief Executive Officer
Level 14, 60 Margaret Street, Sydney NSW 2000 Australia
T: +61 2 9220 7900
E: [email protected]
Bentleys Newcastle Group:
Bentleys Newcastle Pty Limited (ABN 16 116 184 617)
Bentleys Newcastle Wealth Pty Limited (ABN 76 608 832 195)
Bentleys Newcastle Group – Privacy Officer:
Attention: Richard McArtney, Partner
Level 1, Denison Street, Broadmeadow NSW 2291 Australia
T: +61 2 4940 6100
E: [email protected]
Bentleys NSW Group:
Bentleys NSW Pty Ltd (ABN 73 140 282 346)
Bentleys Sydney Audit Pty Ltd (ABN 11 644 751 753)
Bentleys Legal NSW (ABN 72 648 082 795)
PRPIA Pty Ltd as agent for Bentleys Wealth Advisors (ABN 49 141 611 896)
Bentleys NSW Group – Privacy Officer:
Attention: Kevin Cranfield, Managing Director, Chairman of Risk Committee
Level 14, 60 Margaret Street, Sydney NSW 2000 Australia
T: +61 2 9220 0700
E: [email protected]
Bentleys Qld Group:
Bentleys (Qld) Pty Ltd (ABN 23 009 965 379)
Bentleys Corporate Recovery Pty Ltd (ABN 44 129 017 189)
Bentleys as agent for Bentleys Brisbane Partnership (ABN 36 892 525 331)
Bentleys (Qld) Advisory Pty Ltd (ABN 19 057 135 636)
Bentleys (Qld) Investment Management Pty Ltd (96 630 028 705)
Bentleys (Qld) Super Consulting Pty Ltd (ABN 64 608 303 573)
Bentleys (Qld) Super Pty Ltd (ABN 78 604 814 593)
Bentleys (Qld) Transaction Services Pty Ltd as agent for Bentleys International Advisory (ABN 23 085 108 194)
Bentleys (Qld) Wealth & Financial Services Pty Ltd (ABN 23 618 240 421)
Bentleys Brisbane (Audit) Pty Ltd (ABN 42 129 356 592)
Bentleys Finance (Qld) Pty Ltd (ABN 20 166 541 920)
Bentleys Sunshine Coast Pty Ltd (ABN 28 010 527 876)
Bentleys (Sunshine Coast) Unit Trust (ABN 43 659 242 106)
RJB Capital Partners Pty Ltd (ABN 86 627 424 159)
Bentleys Finance (CQ) Pty Ltd (ABN 61 632 268 289)
Bentleys Insure (Qld) Pty Ltd (ABN 13 630 523 205)
Bentleys Qld Group – Privacy Officer:
Attention: Lukas Linecker, Risk and Compliance Manager
Level 9, 123 Albert Street, Brisbane Qld 4000 Australia
T: +61 7 3222 9777
E: [email protected]
Bentleys SA/NT Group:
Bentleys (SA) Pty Ltd (ACN 100 241 389) as agent for Bentleys BAS Partnership (ABN 74 852 475 418).
Bentleys SA Audit Partnership (ABN 43 877 091 903).
Bentleys R & D Incentives Pty Ltd (ACN 602 744 123) as trustee for the Bentleys R & D (SA) Unit Trust (ABN 44 369 970 536).
Bentleys Wealth Partners Pty Ltd (ABN 63 165 732 598).
Bentleys SA Group – Privacy Officer:
Attention: Marc Sodomka, COO SA/NT
Level 5, 63 Pirie St, Adelaide SA 5000 Australia
T: +61 8 8372 7900
E: [email protected]
Bentleys Tamworth Group:
Stephen Maher & Associates (ABN 55 836 956 732)
Bentleys Tamworth Group – Privacy Officer:
Attention: Stephen Maher, Director
11/459 Peel Street, Tamworth NSW 2340 Australia
T: +61 2 6766 6020
E: [email protected]
Bentleys Tasmania Group:
Bentleys Tasmania Pty Ltd (ABN 18 082 835 765)
Bentleys Tasmania Audit Pty Ltd (ABN 80 130 770 553)
Bentleys Tasmania Holdings Pty Ltd (ABN 11 136 941 234)
Bentleys Tasmania Insights Pty Ltd (ABN 60 094 237 055)
Bentleys Tasmania Resources Pty Ltd (ABN 41 094 328 953)
Bentleys Tasmania Secretarial Pty Ltd (ABN 82 076 319 581)
Bentleys Corporate Recovery (Tas) Pty Ltd (ABN 15 109 115 737)
Wealth Managers Tasmania Pty Ltd (ABN 22 613 018 330)
Zenith Business Services Pty Ltd (ABN 52 610 399 874)
Bentleys Tasmania Group – Privacy Officer:
Attention: Sue Green, IT, Operations and Resources Manager
Level 2, 39 Sandy Bay Road, Battery Point TAS 7004 Australia
T: +61 3 6242 7000
E: [email protected]
Bentleys Victoria Group:
McLean Delmo Bentleys Pty Ltd (ABN 78 174 410 763)
McLean Delmo Bentleys Audit Pty Ltd (ABN 54 113 655 584)
McLean Delmo Bentleys Financial Services Pty Ltd (ABN 39 073 019 815)
Bentleys Victoria Group – Privacy Officer:
Attention: Privacy Officer
Level 3, 302 Burwood Road, Hawthorn VIC 3122 Australia
T: +61 3 9018 4666
E: [email protected]
Tribe Strategic Accountants Pty Ltd (ABN 11 082 393 468)
Tribe Group – Privacy Officer:
Attention: Rebecca Wall, Practice Manager
2/69 Tennant Street, Fyshwick ACT 2609
T: +61 2 6274 0400
E: [email protected]
Bentleys Western Australia:
Bentleys (WA) Pty Ltd (ABN 19 128 984 201)
Bentleys Audit & Corporate (WA) Pty Ltd (ABN 33 121 222 802)
Australian Superannuation & Compliance Pty Ltd (ABN 67 607 577 097)
Bentleys Advisory (WA) Pty Ltd (ABN 36 627 924 547)
Bentleys Corporate Finance (WA) Pty Ltd (ABN 58 627 504 350)
Attention: Privacy Officer
T: +61 8 9226 4500
E: [email protected]
Bentleys New Zealand Group:
Bentleys Chartered Accountants Ltd (NZBN 942 904 127 00597, NZCN 528 4021)
Bentleys New Zealand – Privacy Officer:
Attention: Privacy Officer
Level 8, AIG Building, 41 Shortland Street, Auckland New Zealand 1010
T: +64 9 600 3900