Privacy Policy
Firetrail Investments Pty Limited ABN 98 622 377 913 AFSL 516821 (Firetrail or We) collect, hold, use and disclose (collectively, process) and protect personal information.
References to “you” or “your” refers to individuals whose personal information is processed by Firetrail.
We understand and appreciate that you are concerned about the confidentiality and security of information that we collect about you. We recognise each individual’s right to privacy and are committed to the protection and confidentiality of your personal information.
What personal information do we collect?
Personal information is information relating to an individual, which can be used either alone or with other sources of information to identify that individual.
The types of personal information that we collect depends on our relationship with you, and may include:
- Identification data (full name, title, date of birth, passport number, driver’s licence number, tax identifiers, signature);
- Contact data (personal address, telephone number, email address);
- Electronic Monitoring data (to the extent permitted by law, we may record and monitor your electronic communications with us);
- Financial data (bank account number);
- Marketing and Communications data (marketing and communication preferences, tracking data relating to whether you have read marketing communications from us);
- Professional Information data (position/job title, work address, telephone number, email address);
- Profile data (username and password for our online services that you have access to, investments made by you, services requested, marketing communications responded to, survey responses);
- Services data (payment details to and from you, details of services you have provided to us or we have provided to you.
Sensitive information
Sensitive personal information includes information relating to race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions or associations, trade union membership or associations, information about health and genetic and biometric data.
In limited circumstances, and where allowed by law, we may collect information about:
- criminal convictions and offences, when legally required;
- sexual orientation if you provide details of your spouse or partner;
- political affiliations for us to determine whether you are a politically exposed person.
How do we collect personal information?
We collect personal information in a number of ways:
- when you or your authorised representatives provide (or update) personal information in connection with a product or service we offer (such as an investment application form or communications with our representatives);
- from organisations or entities that you represent, to whom we provide services;
- through your use of our website (including subscribing for news and insights); and
- from publicly available information.
Unsolicited information
As a general rule, personal information provided to Firetrail that is additional to the information that has been requested will be treated as unsolicited personal information.
Where the unsolicited personal information is permitted to be kept under applicable law, we will handle the unsolicited personal information as lawfully collected personal information. If not, we will examine all viable options for destroying or de-identifying the information as soon as practicable. If after examining all viable options, we consider it not viable to destroy or de-identify the unsolicited personal information, we will retain the unsolicited personal information.
Collecting through our website
Web analytics
We collect data about your interactions with our website. The main purpose of collecting your data is to improve your experience when using our site. We also use this data to understand and report on which content pages and downloads are accessed by visitors.
The types of data we collect with these tools include:
- your device’s IP address (collected and stored in an anonymized format);
- search terms and pages visited on our website;
- date and time when pages were accessed;
- downloads, time spent on page, and bounce rate;
- referring domain and out link if applicable;
- device type, operating system and browser information;
- device screen size;
- geographic location (city).
If your web browser has Do Not Track / Incognito enabled, we will not track your visit.
Cookies
Cookies are small data files transferred onto computers or devices by websites for record-keeping purposes and to enhance functionality on the website. Most browsers allow you to choose whether to accept cookies or not. If you do not wish to have cookies placed on your computer, please set your browser preferences to reject all cookies before accessing our website.
Email lists, registrations and feedback
We will collect information that you provide to us when signing up to mailing lists and registering for our events, or when submitting feedback on your experience with our website.
We use Salesforce Account Engagement to manage our mailing lists. When subscribing to one of our mailing lists, you will be asked to give your express consent that Firetrail may use your data for analytics purposes. Analytics are performed when you open an email and click on links in the email. They include which emails you open, which links you click, your mail client (e.g. ‘Outlook 2016’ or ‘iPhone’), if your action occurred on ‘mobile’ or ‘desktop’.
We use Cvent to manage event registrations. When registering for an event, you may be required to give Cvent personal information including your name, company telephone number and email address.
Social networking services
We use social networking services such as LinkedIn to communicate with the public. When you communicate with us using these services, we may collect your personal information, but we only use it to help us to communicate with you. The social networking service will also handle your personal information for its own purposes. These services have their own privacy policies.
Can you refuse to provide your personal information?
You do not have to provide us with your personal information. However, if you don’t provide us with (or withdraw consent to the processing of, or request the erasure of) the personal information requested, the following may occur:
- information you ask us to provide to you may not be received;
- we may not be able to offer you our products or services; or
- administration of any investment you hold with us may be affected (e.g. correct payment of distribution or dividend payments, or application of withholding taxes).
How do we use your personal information?
Firetrail processes personal information for the following purposes and basis.
Processing purpose | Type of personal information | Basis of processing |
Process an investment application in a fund operated by Firetrail (including performing anti-money laundering, counter-terrorism, sanction screening, fraud and other due diligence checks | • Identification data
• Contact data • Financial data • Professional Information data |
• Performance of a contract
• Legal or regulatory obligation • Legitimate interests: ensuring we do not accept the proceeds of criminal activities or assist in fraudulent or any unlawful activities, such as terrorism |
Deliver the services you have requested or are entitled to, and manage our relationship with you | • Identification data
• Contact data • Profile data • Marketing and Communications data • Professional Information data |
• Performance of a contract
• Legal or regulatory obligation • Legitimate interests: ensuring that you are provided with our services, and ensuring we can notify you about changes to our products or services |
Communicate with you to:
• promote products and services offered by us invite you to events and manage your participation |
• Identification data
• Contact data • Profile data • Marketing and Communications data • Professional Information data |
• Consent
• Legitimate interests: ensuring our client records are up-to-date; promoting our products and services; receiving feedback; improving our services; reviewing how clients use, and what they think of, our products and services; identifying ways to improve and expand our business |
Interact with governmental or regulatory bodies, or authorities | • Identification data
• Contact data • Financial data • Services data • Professional Information data |
• Legal or regulatory obligation
• Public interest |
Detect or prevent fraud and/or other criminal activity | • Identification data
• Contact data • Financial data • Professional Information data • Profile data • Services data |
• Legal or regulatory obligation
• Public interest • Legitimate interests: protecting our and client assets; detecting, and protecting against breaches of our policies and applicable laws; protecting our employees |
Manage and protect our business | • Identification data
• Contact data • Profile data • Marketing and Communications data • Professional Information data |
• Legal or regulatory obligation
• Legitimate interests: ensuring the efficient and secure running of our business, including through office and facilities administration, maintaining information technology services, network and data security and fraud prevention |
Direct marketing
We may use your personal information to communicate with you to promote products and services offered by us.
You may at any time choose not to receive these communications by using the opt-out facilities provided in our communications, or by contacting us directly using the contact details below (in the section ‘How to contact us’). Doing so will not cost you anything, and we commit to ensuring that you stop receiving any unwanted communications as soon as possible.
Who do we share your personal information with?
We may disclose your personal information to third parties outside Firetrail on a confidential basis. These parties include, but are not limited to:
- external service providers (such as registries, administrators, auditors, and providers that host our website servers, manage our IT and our manage human resources information);
- persons authorised by you (such as an adviser or person with power of attorney);
- competent authorities (including any national and/or international regulatory or enforcement body, agency, court or other form of tribunal or tax authority) or their agents where we are required or allowed to do so under applicable law or regulation;
- any person to whom disclosure is allowed or required by applicable law or regulation.
Overseas recipients
We may disclose your personal information to our related bodies corporate and external services providers located in countries outside of where you reside or where services are provided to you. We will not disclose your personal information to an overseas recipient unless we have taken reasonable steps to ensure that the recipient protects your privacy in accordance with our criteria for processing and protecting personal information.
Use of identifiers
We do not use or disclose any government related identifiers unless it is reasonably necessary for us to verify the identify of an individual or where it is required or permitted by law to do so.
Quality of personal information
To ensure that the personal information we collect is accurate, up-to-date and complete we:
- record information in a consistent format;
- where necessary, confirm the accuracy of information we collect from a third party or a public source;
- promptly add updated or new personal information to existing records.
How do we protect your personal information?
We regard the security of your personal information as a priority and take all reasonable steps to protect your information from loss and unauthorised access, destruction, use, modification or disclosure.
Firetrail has implemented various safeguards to keep your personal information secure, including information and communication technology security, access security, internal training programs and managed detection and response service.
While we take reasonable steps to preserve the security of your personal information, there are inherent risks in transmitting and storing information and we cannot ensure or warrant the security of any information we hold.
From time to time our website and communications to you may contain links to other websites. We are not responsible for the privacy practices or the content of these websites.
All personal information collected is held on our cloud storage, on servers located in Australia. We retain effective control over any personal information held on our cloud, and the information is handled in accordance with the Australian Privacy Principles.
We take steps to protect the security of the personal information we hold from both internal and external threats by:
- regularly assessing the risk of misuse, interference, loss, and unauthorised access, modification or disclosure of that information;
- taking measures to address those risks, for example, we keep a record (audit trail) of all user activity within our internal systems and limit user permissions and access only to information necessary to perform their duties.
How long do we keep your personal information?
We will keep your personal information subject to business need and any legal or regulatory requirements. We aim to keep your personal information for only as long as we need it, following which we will take such steps as are reasonable in the circumstances to de-identify or destroy the information.
Your rights
You have the following rights in relation to the processing of your personal information:
- Access: the right to obtain access to the personal data held;
- Object: the right to object to our processing of your personal information on grounds of legitimate interests or in the public interest, or for direct marketing purposes;
- Correction: the right to request to update your personal information that you think is incorrect or incomplete;
- Erasure: the right to request your personal information be erased where we do not have a legal or regulatory obligation or other valid reason to continue to process it;
- Restriction: the right to restrict the way we process your personal information their personal data and, where processing is based on their consent, withdraw that consent, without affecting the lawfulness of Firetrail’s processing based on consent before its withdrawal;
- Portability: the right to have personal information produced in a commonly used electronic format;
- Automated decision making: the right to request manual intervention if you are subject to automated decisions where the decision results in a legal or similar effect to you.
To the extent permitted by applicable law or regulation we reserve the right to refuse requests (in which case we will write to you to explain the reasons for our decision) or charge an appropriate fee in connection with you exercising your rights.
In certain cases, we may continue to process personal data after you have withdrawn consent and/or requested that we erase your personal information, if we have a legal basis to do so.
Exercising your rights
You may contact us at any time to exercise your rights by using the contact details provided below and we will generally respond within 30 days.
Before giving effect to your rights, we will need to verify your identity (or the identity of the person who is authorised to make the request on your behalf) to ensure that personal information is not disclosed to any person who does not have authority to receive it.
If you have a privacy complaint
If you wish to make a complaint about the processing of your personal information, you can provide your written complaint by mail or email using the contact details noted below or verbally by telephone. We will make all efforts possible to investigate your complaint and advise you of the outcome as soon as possible.
You also have a right to complain to a data protection or other competent authority with jurisdiction over privacy and data protection law in the country you live or work, or in the country where you believe an issue in relation to the processing of your personal information has arisen. Please contact us for further details.
How to contact us
You can contact us about this Policy or about your personal information as follows:
Privacy Officer
By mail: PO Box R1313, Royal Exchange NSW 1225 Australia
By email: Risk.Compliance@pinnacleinvestment.com
By phone: 1300 010 311
Acceptance and changes to this Policy
This Policy may change from time to time. Any information collected after an amended Policy has been posted on the website will be subject to that amended Policy.