Privacy Policy

Privacy Commitment

Platypus Asset Management (Platypus) respects the privacy rights of clients and other organisations with whom we deal (“you”). Platypus is committed to complying with all applicable privacy laws including the Privacy Act 1988 (Cth) and Australian Privacy Principles. 

What is personal information?

Personal information is any information about you, that identifies you or by which your identity can reasonably be ascertained. 

What personal information do we collect?

We only collect personal information necessary to manage our relationship with you, administer our products, and to comply with applicable Laws. Information collected is only used and disclosed in a manner consistent with applicable Laws and this privacy policy. 

Examples of personal information we may collect include, but are not limited to: 

    • Personal identification and contact details 
    • Banking details 
    • Tax file number 
    • Employment details and history 

We will only collect, maintain and use personal information about you if it is necessary for us to adequately provide you our products or to meet our obligations under applicable Laws (e.g. the Anti-Money Laundering and Counter Terrorist Financing Act (2006) (AML Act). 

We will at all times seek to ensure that the personal information collected and held by us is protected from misuse, loss, unauthorised access and disclosure. Additional privacy measures are employed to protect sensitive information. 

You have the right not to disclose your personal information to us. However, this may limit our ability to provide you with our products. 

Where you provide us with unsolicited personal or sensitive information which we do not require to deliver our products, such information will be subject to our normal security arrangements for client information. Where reasonable to do so, we will not hold unsolicited personal or sensitive information we do not require, however often we are unable to delete such information, particularly where it forms part of correspondence that we do need to retain. Deletion in such circumstances is generally not reasonable or practicable. 

Personal information records are held for a period considered appropriate to provide you with our products and consistent with applicable Laws and the Privacy Act. Should you cease to be a client of Platypus, any personal information which we hold about you will be maintained for the relevant periods required by Law. 

How do we collect your personal information?

Most information we hold about clients is collected from the Application Form and other client establishment documentation. We also collect personal information from face to face interviews, Investment Management Agreements, and by correspondence (written and verbal). Sometimes, information about an individual is collected from other people or organisations. For example, information about a director of a corporate client may be obtained from a public record relating to the company. Regardless of how it is collected, all Personal Information is handled in accordance with this Privacy Policy.

How do we use your information?

We use your information to primarily manage, deliver and administer our products. We also use and analyse your information to meet our obligations under applicable Laws, for example the Know Your Client requirements as specified in the AML Act.

Who do we disclose information to?

Platypus will only disclose personal information to third parties for the purposes of managing, delivering and administering our product and in accordance with this policy and applicable Laws. 

For example, we may disclose relevant personal information to: 

    • Stock Brokers to enable them to efficiently answer enquiries and process transactions, including equity trades, banking transactions and applications for account opening. 
    • A person acting on your behalf including a financial advisor, trustee, attorney or person to whom you have granted a delegated authority. 
    • Your financial advisor (if applicable) who in turn may disclose information to superannuation funds, trustees, insurance providers and product issuers for the purpose of giving effect to your financial plan and recommendations made by them. 
    • For legal reasons, disclosure may need to be made to law enforcement agencies, regulators, government agencies, courts or external advisors (e.g. to meet our obligations under the AML Act). 
    • Relevant personal information may be provided to Platypus’s parent company, Australian Unity Investments in appropriate circumstances. 
    • Service providers engaged to carry out functions on our behalf (e.g. outsourced administration services, credit reporting agencies, other financial institutions as required, software or IT service vendors). Although unlikely, some of these service providers may be located overseas. Your personal information will only be stored overseas by one of our service providers in accordance with this policy and applicable laws. 

Credit Reporting Agencies

There may be occasions when Platypus seeks your consent to provide information to a credit reporting agency (CRA) for the purpose of verifying your identity under our AML Act obligations.

By law, Platypus must obtain express consent from you before proceeding with providing information to a CRA. To ensure your consent is informed we will include the following information, most likely via email:

    • The reason for making the request for verification.
    • The personal information to be provided to the CRA. At a maximum this will be your full name, date of birth and residential address.
    • The fact that Platypus is seeking, and the CRA may provide an assessment of whether the personal information matches (in whole or in part), information on your credit information file. The CRA is not permitted to disclose any other information to Platypus other than to verify your full name, date of birth and residential address.

If the assessment from the CRA does not enable Platypus to verify your identity, you will be notified in writing. You may contact the CRA directly to enquire about the accuracy of information contained on their credit information file. You will be provided with other means in which to verify your identity should this occur.

It is important to note you are under no obligation to consent to Platypus using a CRA to verify your identity. Should you not consent, you will be given other options, not reliant on credit reporting information, to verify your identity such as providing Platypus with certified, paper-based verification. This ensures that those who choose not to use their credit information file, or those who do not have a credit information file, are not disadvantaged when seeking to obtain services provided by Platypus.

Information Security

We take cyber security and your privacy very seriously, and have controls in place to protect your information and accounts as detailed below. 

A Data Security & Protection Policy is in place providing the foundation for the protection of all data we hold. Sitting underneath the Policy is a Cyber Security Management Plan detailing how we protect data from cyber threats. 

Annually, an outside third party is engaged to perform a penetration test of Platypus IT systems for weaknesses in regard to unauthorised access. This testing is undertaken annually. 

You will receive occasional emails from us, but if you are ever unsure or suspicious about an email relating to your investments, please contact our Manager of Compliance as per contact details on the following page. 

Processes are in place designed to identify you when you deal with us by phone, online or face to face. These processes are designed to ensure we only disclose your information to you, or someone properly authorised by you. If your details change, we ask that you advise us of the change as soon as possible in order that we may maintain accurate records. 

Finally, there a number of steps you can take to help safeguard your personal information against cyber threats. Update your devices and software promptly, be vigilant about clicking any hyperlinks, use strong passwords and (where possible) multifactor authentication, and regularly back up your files. For more information, visit the Australian Cyber Security Centre. 

Access and Correction

You have the right to correct your personal information held by us if you believe it to be inaccurate or out of date. We will then amend your records accordingly. If we disagree with the correction, we will advise you of the reasons for doing so and will make a note on your record of this. 

You have the right to access your personal information. This can be arranged by calling us or writing. Your request should include a detailed description of the information required. To ensure information is only disclosed to those entitled to it you may be asked for identification. 

If we are unable to provide you with access to your information, we will inform you of the reasons why.

Privacy Enquiries & Complaints

If you have an enquiry or complaint about our information handling practices, please contact us by calling 612 8270 8222 or alternatively write to: 

Manager of Compliance 
Platypus Asset Management Pty Limited 
Governor Phillip Tower 
Level 24, 1 Farrer Place 
Sydney NSW 2000 

It is our intention to resolve any complaint as quickly as possible and to your satisfaction. If you are unhappy with the response provided by us, you may refer your complaint to the Office of the Privacy Commissioner for further consideration.

Office of the Australian Information Commissioner
Phone: 1300 363 992