Privacy Policy

We're committed to protecting your personal information and being transparent about how we collect, use, and safeguard your data when you use our financial services.

Effective Date
15 January 2025

1 Information We Collect

As a family-run financial services business, we collect various types of information to provide you with personalised advice and comprehensive financial solutions. Understanding what we collect helps you make informed decisions about sharing your information with us.

Personal Identification
  • Full name and contact details
  • Date of birth and identification numbers
  • Employment information and income details
  • Banking and financial account information
Financial Information
  • Assets, liabilities, and investment portfolio
  • Credit history and financial goals
  • Insurance policies and superannuation details
  • Transaction history and spending patterns
Technical Data
  • Website usage statistics and preferences
  • Device information and browser type
  • Location data when using our services
  • Communication preferences and history

Collection Methods

We gather this information through direct interactions during consultations, online forms, third-party financial institutions with your consent, and automated technologies when you visit our website. All collection activities comply with Australian Privacy Principles and relevant financial services regulations.

2 How We Use Your Information

Your information serves multiple purposes in delivering quality financial services. We use your data primarily to provide personalised financial advice, process transactions, and maintain ongoing client relationships that help you achieve your financial objectives.

Primary Uses

We analyse your financial situation to create tailored investment strategies, insurance recommendations, and retirement planning solutions. Your information helps us understand market trends, assess risk tolerance, and provide timely advice that aligns with your changing circumstances.

Administrative Functions

We process your data for account management, regulatory compliance reporting, and internal record-keeping. This includes preparing annual statements, tax documentation, and maintaining accurate client files as required by Australian financial services legislation.

Service Improvement

Aggregated and anonymised data helps us enhance our service offerings, develop new financial products, and improve our website functionality. We never use individual client information for marketing without explicit consent.

3 Information Sharing and Disclosure

We maintain strict controls over information sharing and only disclose your data when necessary for service delivery, legal compliance, or with your explicit permission. Our approach prioritises your privacy while meeting regulatory obligations.

Authorised Third Parties

We share information with licensed financial institutions, insurance providers, and fund managers when processing your transactions or implementing investment strategies. These parties are bound by confidentiality agreements and must comply with Australian privacy laws.

Professional Service Providers

Your accountant, solicitor, or other professional advisers may receive relevant information when you've provided consent for coordinated financial planning. We also work with technology providers who maintain our systems under strict data protection agreements.

Legal Requirements

Australian law requires us to report certain transactions to AUSTRAC, provide information during regulatory investigations, and comply with court orders or subpoenas. We'll notify you of such disclosures where legally permitted.

Important Note
We never sell your personal information to marketing companies or unrelated third parties. All information sharing serves legitimate business purposes or legal requirements directly related to your financial services.

4 Your Privacy Rights

Under Australian privacy legislation, you have significant rights regarding your personal information. We've established clear processes to help you exercise these rights and maintain control over your data.

Your Rights Under Australian Law

Access Your Information
Request copies of all personal information we hold about you. We'll provide this within 30 days, subject to identity verification and any applicable fees.
Correct Inaccuracies
Ask us to update incorrect or outdated information. We'll make corrections promptly and notify relevant third parties where appropriate.
Restrict Processing
Limit how we use your information for specific purposes, though this may affect our ability to provide certain services.
Data Portability
Receive your information in a structured format for transfer to another service provider, where technically feasible.

How to Exercise Your Rights

Contact our privacy officer using the details provided below. We'll verify your identity and respond within the timeframes required by Australian law. Some requests may incur reasonable administrative fees, which we'll discuss beforehand.

Complaints Process

If you're concerned about our privacy practices, first contact us directly. We'll investigate your complaint and respond within 30 days. You can also lodge complaints with the Office of the Australian Information Commissioner if you're unsatisfied with our response.

5 Data Security and Protection

Protecting your financial information requires comprehensive security measures across all aspects of our operations. We've implemented multiple layers of protection to safeguard your data from unauthorised access, theft, or misuse.

Our Security Framework

Technical Safeguards

We use bank-grade encryption for data transmission and storage, maintain regular security updates, and conduct penetration testing to identify vulnerabilities in our systems.

Physical Security

Our offices feature controlled access systems, secure document storage, and surveillance monitoring. Paper records are locked away and destroyed securely when no longer needed.

Personnel Controls

All staff undergo background checks, privacy training, and sign confidentiality agreements. Access to client information is restricted based on job responsibilities and regularly reviewed.

Incident Response

We maintain detailed procedures for responding to potential security breaches, including immediate containment, client notification, and regulatory reporting as required by law.

Data Breach Notifications

Should a data breach occur that's likely to result in serious harm, we'll notify affected clients and the Office of the Australian Information Commissioner within 72 hours. Our notification will include details about the breach, potential impact, and steps we're taking to address the situation.

6 Data Retention and Deletion

We retain your information only as long as necessary to provide services, meet legal obligations, or resolve disputes. Our retention periods align with Australian financial services regulations and best practices for data management.

Client Records
7 Years
Transaction Data
7 Years
Communication Logs
5 Years
Marketing Preferences
Until Withdrawn

Secure Deletion Process

When retention periods expire, we permanently delete digital records using industry-standard data wiping techniques and destroy physical documents through certified shredding services. Some information may be retained longer if required for ongoing legal proceedings or regulatory investigations.

Account Closure

When you close your account, we'll retain essential records for the minimum period required by law, then securely delete all remaining personal information. You can request confirmation of deletion once retention periods expire.

7 International Data Transfers

While we primarily store and process your information within Australia, some data may be transferred overseas for specific business purposes. These transfers are conducted with appropriate safeguards to maintain your privacy protection.

Approved Destinations

We may transfer data to countries with adequate privacy protections recognised by Australian law, including New Zealand, European Union member states, and the United Kingdom. All transfers comply with Australian Privacy Principle 8 requirements.

Transfer Safeguards

When transferring data to other countries, we ensure recipients are bound by contracts requiring equivalent privacy protection, use certified providers who meet international standards, and maintain oversight of overseas data processing activities.

Your Control

You can object to international transfers of your personal information, though this may limit our ability to provide certain services that rely on overseas systems or partnerships.

8 Cookies and Website Technology

Our website uses various technologies to enhance your browsing experience and help us understand how visitors interact with our services. These tools collect limited information and can be controlled through your browser settings.

Types of Cookies

We use essential cookies for website functionality, analytics cookies to understand visitor behaviour, and preference cookies to remember your settings. We don't use advertising cookies or sell cookie data to third parties.

Third-Party Tools

Our website includes Google Analytics for visitor statistics and social media plugins for content sharing. These services have their own privacy policies and may collect information directly from your browser.

Managing Cookies

You can disable cookies through your browser settings, though this may affect website functionality. Most browsers allow you to block specific types of cookies while permitting others.

9 Updates to This Policy

We review and update this privacy policy regularly to reflect changes in our practices, technology, or applicable laws. Significant changes will be communicated to clients through multiple channels to ensure you're always informed about how we handle your information.

Notification Process

We'll email registered clients about major policy changes, post updates prominently on our website, and provide reasonable notice before implementing changes that materially affect your rights or our data handling practices.

Version Control

Each policy version includes an effective date and summary of changes. Previous versions are archived and available upon request for your reference.

Privacy Questions or Concerns?

Our privacy officer is available to address your questions, handle access requests, or discuss any concerns about our privacy practices. We're committed to responding promptly and resolving privacy matters to your satisfaction.

Postal Address
1 Araba St, Aranda ACT 2614, Australia
Phone
+61 2 6255 0763
Email
help@romexalvia.com