Privacy Policy

PRIVACY POLICY

MYPROSPERITY UK PTY LTD

Last updated: 9 November 2018

1 Introduction

1.1 Who we are

The website located at www.myprosperityuk.com (the "Website") is provided by Myprosperity UK Pty Ltd, a company incorporated and registered in Australia under Australian Business Number 46 629 340 834 with its registered office at Level 1, 1 Oxley Road, Hawthorn, 3122, Australia ("MP", "us", "our" or "we").

1.2 Purpose of this Privacy Policy

We take your privacy very seriously. As such, we ask that you read this Privacy Policy carefully as it contains important information about:

(a) what personal data we may collect from you;

(b) how we will use, store and protect your personal data;

(c) with whom we may share your personal data; and

(d) your rights under relevant data protection laws.

It is important that you read this Privacy Policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your personal data. This Privacy Policy supplements the other notices and is not intended to override them.

2 What personal data we may collect

We may collect and process the following personal data about you:

Identity and contact data: name, date of birth, email address, organisation, postal address, phone number, Website account username(s) and password(s), credit or debit card number and expiry date, driver’s licence details, passport details, bank account details, personal, legal, financial or other documents, information required for payment for products, and information required for a third party to supply you with information, products and services you wish to receive.

Technical data: internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access the Website.

Usage data: information about how you use the Website.

3 How we collect personal data from you

We collect your personal data in the following ways:

Directly: contact and identity data is provided by you when you fill in online forms or correspond with us in any way, for example when:

  • setting up your Website account;
  • you pay for a service provided through the Website; or
  • you submit a query to us using the enquiry form on the Website.

Indirectly: If you are an End User (as defined in our End User Terms), we may also receive contact and identity data through your Adviser where you have entered into an arrangement with your Adviser which allows your Adviser to send us such data.

Automatically: as you browse the Website certain information relating to your browsing patterns and technical data about the equipment you are using to access the Website is automatically collected using cookies and other similar technologies. Please see our Cookies Policy for further information.

4 How we use your personal data

We will use your personal data for the following purposes:

  • to receive email notifications from us - where you have given the necessary consent to do so, we will send these to the most recent email address you have provided to us;
  • to provide you with information you request about us or the products or services we offer through the Website;
  • to provide information to persons expressly authorised to receive this information by you (for example, Advisers);
  • to manage the Website (including your Website account);
  • to provide you with products or services you request from time to time;
  • to retain records of our interactions with you and the services we provide to you;
  • to enable the services to link to any Third Party Website or Third Party Provider identified by you where you have given the necessary consent to do so;
  • to process and obtain payment for any products or services you order from us through the Website;
  • to understand your needs and Website usage to help us improve the Website, our marketing, or the way we do business;
  • to verify your identity or age;
  • to contact you for direct marketing and promotional purposes including providing you with information about new products or services, events and special offers, where you have given the necessary consent to do so; and
  • to protect our legitimate rights, privacy, property or safety, and/or those of a third party if your rights do not override those interests.

We may disclose your personal data to third parties from which you wish to receive information, products or services where you have given the necessary consent to do so for the following purposes:

  • to facilitate communications between you and those third parties; and
  • to provide those third parties with the information necessary for them to supply you with the information, products or services you wish to receive.

5 Lawful basis for processing

We are relying on consent as the lawful basis for our processing of your personal data for the following uses: responding to queries from you, linking to third party websites, providing guests with access to your Website account, providing you with products or services you have requested, providing third parties with information. You can withdraw your consent to us for these processing activities at any time. If you would like to withdraw your consent, please let us know by contacting us using the contact information in section 14.

We are relying on legitimate interests as the lawful basis for our processing of your personal data for the following uses: sending you notifications, verifying your identity or age, understanding and optimising your use of the Website, processing payments from you, providing Advisers with access to your Website account, to manage the Website (including your Website account), to contact you for direct marketing and promotional purposes.

We are relying on compliance with a legal obligation as the lawful basis for our processing of your personal data for the following uses: where the processing is necessary for us to comply with the law; and to enforce or apply this Privacy Policy.

6 Retention of your personal data

We will not retain your personal data for longer than is necessary for the purposes for which the personal data is processed. This means that your personal data will only be retained for as long as it is still required to provide you with services or is necessary for other legal reasons. When calculating the appropriate retention period for your personal data, we consider the nature and sensitivity of the personal data, the purposes for which we are processing the personal data, and any applicable statutory retention periods. Using these criteria, we regularly review the personal data which we hold and the purposes for which it is held and processed.

When we determine that personal data can no longer be retained (or where you request us to delete your data in accordance with your right to do so (please see section 10 below for more information)), we ensure that this personal data is securely deleted or destroyed.

For more details about our retention periods, please contact us using the detail provided in section 14.

7 Accuracy of your personal data

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

8 Security of your personal data

In order to protect your personal data, we have implemented appropriate organisational and technical security measures. These measures include restricting access to your personal data to certain MP employees only, ensuring our internal IT systems are suitably secure, and implementing procedures to deal with any suspected data breach.

In the unlikely event of a data breach, we will take steps to mitigate any loss or destruction of your personal data and, if required, will notify you and any applicable authority of such a breach.

9 Transfer or access to your personal data by third parties

Transfers to third parties

We will transfer your Personal Data (in the form of user names and passwords) to any Third Party Websites and Third Party Providers identified by you.

There will be circumstances in which we need to share your personal data with certain third parties who act as data processors on our behalf, including third parties located outside of the European Economic Area ("EEA").

The third parties to which we may transfer your personal data include:

  • Yodlee;
  • MailChimp;
  • Stripe
  • OneSpan; and
  • Zoho.

Yodlee provides an account aggregation service which may result in your personal data being accessed or processed outside the EEA.

MailChimp provides email marketing services which may result in your personal data being accessed or processed outside of the EEA.

Stripe provides payment services which may result in your personal data being accessed or processed outside of the EEA.

OneSpan facilitates the use of electronic signatures within the Website and services provided by the Website which may result in your personal data being accessed or processed outside the EEA.

Zoho provides CRM functionality for MP which may result in your personal data being accessed or processed outside the EEA.

For more information on the safeguards used by MP when transferring personal data to third parties, please contact us using the information in section 14.

10 Your rights

You have certain rights in relation to the personal data we process and hold about you. These include:

  • Right to rectification: you have the right to require us to correct any inaccuracies in your personal data.
  • Right to erasure: you have the right to require us to delete your personal data, subject to certain legal requirements.
  • Right to restriction of processing: you have the right to require us to restrict the way in which we process your personal data. You may wish to restrict processing if, for example:
    • you contest the accuracy of the personal data and wish to have it corrected;
    • you object to our processing but we are required to retain the personal data for reasons of public interest; or
    • if you would prefer restriction to erasure.
  • Right to data portability: you have the right to obtain from us easily and securely the personal data we hold on you.
  • Right to object to processing: you have the right to require us to stop processing your personal data (other than storing it) should you wish the data to be retained but no longer processed.
  • Right of access: you have the right to request access to personal data that we may process about you.
  • Right to withdraw consent: where our lawful basis for processing your personal data is consent, you have the right at any time to withdraw your consent allowing us to process your personal data.

If you would like to exercise any of the above rights, please:

  • put your request to us in writing using the email address below;
  • include proof of your identity (such as a copy of your driving licence or passport) and address (such as a recent utility or credit card bill); and
  • specify the right you wish to exercise.

Response time

We will respond to requests made by you within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

Charge

We will not charge a fee for you to exercise any of the rights listed above. However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.

11 Cookies

You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or refuse cookies, please note that some parts of the Website may become inaccessible or not function properly. For more information about the cookies we use, please see our Cookies Policy.

12 Third party links

The Website may contain links to and from other applications, plug-ins and websites of other networks, advertisers, and affiliates. If you follow a link to any of these websites, please note that they (and any services that may be accessible through them) have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these apps, websites or services. Please check these policies before you submit any personal data to these websites or use such services.

13 Amendments to this Privacy Policy

No changes to this Privacy Policy are valid or have any effect unless agreed by us in writing. We reserve the right to vary this Privacy Policy from time to time. If we decide to do so, our updated Privacy Policy will be displayed on the Website. It is your responsibility to check the Website from time to time so that you are aware of any such variations.

14 Questions in relation to this Privacy Policy

You should also be aware that you have the right to raise any concerns in relation to how we process your personal data to the Information Commissioner's Office (ICO).

Our full details are:

Full name of legal entity: Myprosperity UK Pty Ltd

Contact name: Peter McCarthy

Email address: info@myprosperityuk.com

Postal address: Level 1, 1 Oxley Road, Hawthorn, 3122, Australia

Telephone number: +61 3 9818 2095