Our Commitment

Elston Group is committed to providing you with the highest levels of client service. We recognise the significant importance of your privacy. The Privacy Amendment (Enhancing Privacy Protection) Act 2012 established a number of Australian Privacy Principles (APPs). Our aim is to both support and ensure that we comply with these principles. Further information on privacy in Australia can be obtained by visiting the website of the Office of the Australian Information Commissioner at http://www.oaic.gov.au.

This Privacy Policy discloses the purposes for which, and the ways in which, the personal information you provide to us and our representatives is collected, used, held, disclosed, and disseminated.
We recommend that you regularly check our website regularly for any updates to our Privacy Policy.


Your Personal Information

The personal information we collect includes but is not limited to:

  • your name, contact details, date of birth, and tax file number;
  • additional information as mandated by taxation laws and other relevant regulations;
  • information regarding your dependents and family commitments;
  • your occupation, and employment history;
  • government identifiers on identity documents, such as Medicare numbers, Centrelink reference numbers, driver’s licence number, and Australian passport number;
  • information about your health that you provide to us (such as details about health conditions which are relevant to our financial advice and services), where you consent to our collection and handling of that information.
  • your financial needs and objectives; and
  • your assets, liabilities, income, expenses insurances, and social security entitlements.

We collect the above information for the purposes outlined in this Privacy Policy. We may also be required to collect this personal information to comply with our obligations under the Corporations Act 2001 and the Anti-Money Laundering and Counter-Terrorism Financing Act 2006.


How We Collect Personal Information

Elston Group collects personal information directly from you or from third parties once authorisation has been provided by you. You have the right to refuse us authorisation to collect such information from a third party.


How We Use Your Personal Information

Primarily, your personal information is used in order to provide financial advice and services to you. We may also use the information that is related to the primary purpose and it is reasonable for you to expect the information to be disclosed.

From time to time, we may provide you with direct marketing material. If, at any time, you do not wish to receive this information any further, you may contact us with this request. We will endeavour to meet your request within 2 weeks. We maintain a Register for those individuals not wanting direct marketing material.


When We May Disclose Your Personal Information*

In line with modern business practices common to many financial institutions and to meet your specific needs, we may disclose your personal information to the following entities including but not limited to:

  • superannuation fund trustees, insurance providers, fund managers and other product providers in order to manage or administer your product or service;
  • compliance consultants and other professional services advisers;
  • paraplanning contractors or temporary staff to handle workloads during peak periods;
  • mailing houses;
  • insurance reference bureaus and loss adjusters;
  • your professional advisers, including your solicitor or accountant as authorised by you;
  • third party information technology service providers engaged by us to facilitate the provision of our services to you, including service providers that provide automated AI file noting services (such as BLV Solutions which may temporarily process your data in the US and EU);
  • our IT service providers who provide or support the systems where personal information is stored;
  • another authorised representative of Elston Group if necessary;
  • a potential purchaser/organisation involved in the proposed sale of our business for the purpose of due diligence, corporate re-organisation and transfer or all or part of the assets of our business. Disclosure will be made in confidence and it will be a condition of that disclosure that no personal information will be used or disclosed by them;
  • a new owner of our business that will require the transfer of your personal information; and
  • government and regulatory authorities, as required or authorised by law.

Our employees and the outsourcing companies/contractors are obliged to respect the confidentiality of any personal information held by Elston Group.

The Corporations Act has provided the Australian Securities and Investments Commission with the authority to inspect certain personal information that is kept on our files about you.

We collect information about you for the purpose of reporting to AUSTRAC under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006.

Elston Group takes its obligations to protect your personal information seriously, this includes when we operate throughout Australia or overseas.

We may disclose personal information (including your health information) to our third-party service providers, agents and intermediaries located overseas so that they can provide us with services in connection with the operation of our business. This may mean that your personal information may be temporarily stored and processed in the following Countries: United States and Europe.

If we are required to provide specific personal information to an overseas intermediary we will notify you prior to providing that information.


How We Store and Secure Your Personal Information

We keep your personal information in your client files or electronically. These files are accessible to authorised personnel only and are appropriately secured and subject to confidentiality requirements.

Personal information is treated as confidential information and sensitive information is treated as highly confidential.

It is a legislative requirement that we keep all personal information and records for a period of 7 years. Should you cease to be a client of ours, we will maintain your personal information on or off site in a secure manner for 7 years. After this period, the information may be destroyed.

We have an obligation to report data breaches to the Office of the Australian Information Commissioner (OAIC) in certain circumstances. In the unlikely event that we have to notify the OAIC, we will also notify the individuals affected.


Ensure Your Personal Information Is Correct

Elston Group takes all reasonable precautions to ensure that the personal information we collect, use and disclose is accurate, complete and up to date. To ensure we can maintain this level of accuracy and completeness, we recommend that you:

  • inform us of any errors in your personal information; and
  • update us with any changes to your personal information as soon as possible.

If you provide inaccurate or incomplete information, we may be unable to provide you with the products or services you are seeking.


Access to Your Personal Information

You have a right to access your personal information, subject to certain exceptions allowed by law. We ask that you provide your request for access in writing (for security reasons) and we will provide you with access to that personal information. Access to the requested personal information may include:

  • providing you with copies;
  • providing you with the opportunity for inspection; and/or
  • providing you with a summary.

If charges are applicable in providing access to you, we will disclose these charges to you prior to providing you with the information.

Some exceptions exist where we will not provide you with access to your personal information such as if:

  • providing access would pose a serious threat to the life or health of a person;
  • providing access would have an unreasonable impact on the privacy of others;
  • the request for access is frivolous or vexatious;
  • the information is related to existing or anticipated legal proceedings between us and would not be discoverable in those proceedings;
  • providing access would reveal our intentions in relation to negotiations with you in such a way as to prejudice those negotiations;
  • providing access would be unlawful; and
  • providing access would be likely to prejudice certain operations by or on behalf of an enforcement body or an enforcement body requests that access not be provided on the grounds of national security.

Should we refuse you access to your personal information, we will provide you with a written explanation for that refusal.


Using Government Identifiers

Although in certain circumstances we are required to collect government identifiers such as your tax file number, Medicare number or pension card number, we do not use or disclose this information other than when required or authorised by law or unless you have voluntarily consented to disclose this information to any third party.


Dealing with us anonymously

In most instances we will require personal information before we can provide services to you. Where it is lawful and practicable to do so, you can deal with us anonymously; for example, if you telephone requesting our postal address.


Your sensitive information

Without your consent, we will not collect information about you that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs or affiliations, membership of professional or trade association, membership of a trade union, details of health, disability, sexual orientation, criminal record, genetic information, biometric information or biometric templates.

This is subject to some exceptions including when:

  • collection is required by law; and
  • the information is necessary for the establishment, exercise or defence of a legal claim.

Third Party Websites

Elston Group’s websites may provide links to third party websites. The use of your information by these third-party sites is not within our control and we cannot accept responsibility for the conduct of these organisations. Other websites are not subject to our privacy standards. You will need to contact or review those websites directly to ascertain their privacy policies.

You may register with us to receive newsletters and other information. By doing so, your name and email address will be collected and stored on our database. We take care to ensure that the personal information you give us on our websites is protected. For example, our websites have electronic security systems in place, including the use of firewalls and data encryption.

If you do not wish to receive any further information from us, or you wish to update your registration details, please email your request to us. We will endeavour to meet your request within 5 working days.

Our websites utilise cookies to provide you with a better user experience. Cookies also allow us to identify your browser while you are using our site – they do not identify you. If you do not wish to receive cookies, you can instruct your web browser to refuse them.


Spam Policy

Spam is a generic term used to describe electronic ‘junk mail’- unwanted messages sent to a person’s email account or mobile phone. In Australia, spam is defined as ‘unsolicited commercial electronic messages’.

The Australian Communications and Media Authority (ACMA) is responsible for enforcing the provisions of the Spam Act 2003. Additional information about the Spam Act and the ACA’s role is available from: www.acma.gov.au.

‘Electronic messaging’ covers emails, instant messaging, SMS, MMS and other mobile phone messaging, but does not cover normal voice-to-voice communication by telephone.

Elston Group complies with the provisions of the Spam Act when sending commercial electronic messages.

Equally importantly, Elston Group makes sure that our practices are in accordance with the Australian Privacy Principles in all activities where they deal with personal information.


Internal Procedure for dealing with complaints

The three key steps Elston Group follows:

  • Consent – Only commercial electronic messages are sent with the addressee’s consent – either express or inferred consent.
  • Identify – Electronic messages will include clear and accurate information about the person and the Elston Group that is responsible for sending the commercial electronic message.
  • Unsubscribe – We ensure that all our commercial electronic messages include a functional unsubscribe facility, and that we handle unsubscribe requests promptly.

Comply with the law regarding viral messages

Elston Group ensures that Commercial Communications that include a Forwarding Facility contain a clear recommendation that the Recipient should only forward the Commercial Communication to persons with whom they have a relationship, where that relationship means that person could be said to have consented to receiving Commercial Communications.


Comply with the age sensitive content of commercial communication

Where the content of a commercial communication seeks to promote or encourage interaction with an age-sensitive product, service, or event, Elston Group takes reasonable steps to ensure that such content is sent only to recipients who are legally entitled to use or participate in it.


Complaints Resolutions

The Spam Act specifies that the person’s consent must be withdrawn within 5 working days from the date that an unsubscribe request was sent (in the case of electronic unsubscribe messages) or delivered (in the case of unsubscribe messages sent by post or other means).

Please contact our Privacy Officer if you wish to file a complaint regarding any actual or suspected breach of your privacy rights. Your complaint will be responded to within 7 days. If you are not satisfied with the outcome of your complaint, you are entitled to direct your complaint to the Office of the Australian Information Commissioner (OAIC).


Contact Details

If you have a question regarding this policy, a complaint about how we handle your information, or wish to make an access request, you can contact us by writing to us at:

Privacy Officer
Address: Elston Group, GPO Box 2220, Brisbane, QLD, 4001
E-mail: epfs@elston.com.au