Privacy Policy

This document outlines Avestix’s policy on handling the personal information that we collect about individuals including customers, potential customers, business partners, and unitholders.

‘Avestix’, ‘we’, ‘us’ or ‘our’ refers to the Avestix Group and other companies that are associates of Avestix and operating in Australia (“Avestix”). We provide a range of products and services.

We are committed to protecting your privacy. When we request personal information, we will normally explain why we need it, how it will be used and who we may share it with. At all times we will comply with the terms of this policy when handling your personal information. This policy answers the following questions about privacy at Avestix.

By visiting our website, using any of our services or otherwise providing us with your personal information (or authorising it to be provided to us by someone else), you agree to your personal information being handled as set out in this Privacy Policy and Cookie Policy, and, where appropriate, as set out in our client agreement with you.

Revisions to this Privacy Policy

Avestix may update this Privacy Policy from time to time so please review it periodically for changes.

Your continued use of our website or services, requesting our assistance or the provision of further personal information to us (directly or via an authorised person) after this Privacy Policy has been revised, constitutes your acceptance of the revised Privacy Policy.

Why do we need your personal information?

Protecting your personal information is important to us and we will only collect the information necessary to enable us to provide our products and/or services to you.  We understand some information is more sensitive so we will be clear about why we are collecting it, what we intend to use it for and how we will protect it.

In this policy, personal information is any information that could identify you or be used to establish your identity.

You may be able to deal with us without identifying yourself (i.e. anonymously or by using a pseudonym) in certain circumstances, such as when you use our website.  You do not have to provide us with your personal information however if you do not provide us with the personal information that we need, we may not be able to provide our services or assistance to you.

We collect, hold, use, and disclose personal information so we can establish, manage, and administer the products and services provided by us, and comply with legal and regulatory obligations.

We may also use and disclose your information for purposes related to those mentioned above, such as:

• Assisting with your questions and complaints
• Arranging for services to be provided by third parties
• Enhancing our customer service and product options
• Personnel management including recruitment of personnel
• Internal operations, such as reporting
• Complying with our legal and professional obligations including checking for conflicts of interest, undertaking anti-money laundering checks and other client on-boarding procedures.

In certain circumstances we may be required or permitted by law to collect certain personal information about you.

For example, we may need to collect your name, residential address, date of birth, business name (if any), directorship appointments (if any) and to comply with the Australian Anti-Money Laundering and Counter Terrorism Financing Act 2006 (Cth).

Will my personal information be used for direct marketing?

We use and disclose your personal information to keep you informed about the products and services we offer.

You can opt out of receiving direct marketing information from us at any time (see the section ‘How can you contact us about privacy?’).

What happens if I do not provide information that has been requested?

It is your choice as to whether to provide your personal information.  However, if you do not, we might be unable to fulfil your request for a specific product or service or be unable to identify you to protect you against fraud.

What types of personal information do we collect?

We may ask for a range of personal information, limited to what we need, to assist us in providing you with information about our products and services.

To enable individuals to become clients, to transact and to access their authorised account, we employ third parties (e.g. registry platforms) to perform activities on Avestix’s behalf and as such, these third-party companies may be involved in capturing this information.   Avestix will take reasonable steps to ensure that these companies adhere to contractual and regulatory obligations around privacy and protection of your personal information.

The information we request could include (but is not limited to)

• Name
• Address
• Phone/ Mobile
• Email address
• Interests
• Personal/ employment related information (for recruitment)
• Tax file number and bank account details for the purpose of administering investor accounts and tax reporting and withholding
• Investor contribution details and investment choice
• Details about authorised signatories
• Domicile and citizenship status and financial information related to products and services offered.
• Copies of any relevant trust deeds, partnership agreements or constitutions, which may be relevant to comply with the Anti-Money Laundering and Counter Terrorism Financing Act.
• Information relating to powers of attorney or for probate and estate administration and in relations to beneficial owners.

How do we collect personal information?

Most of the personal information we collect will be directly from you.  We gather this information either through application forms or other forms that you complete and submit to us (in writing and digitally).

In some cases, we might collect your personal information from external sources.  Examples of the people, agencies or organisations that may provide us with information are:

• Contracted third parties employed to perform services on our behalf
• Persons authorised by you (such as lawyers or accountants)
• Other credit providers
• Market research organisations
• Credit reporting bodies
• Agencies such as the Australian Taxation Office
• Authorised representatives, such as executors or administrators
• Identification verification service providers

We only collect your information from external sources if it is impractical to collect it directly from you, or when we are permitted to do so.

Can you remain anonymous or use a pseudonym when dealing with us?

If you wish to remain anonymous or to use a pseudonym when dealing with us, we may be able to provide you with limited information or services.  However, in many cases it will be impracticable for us (or our authorised third-party provider) for us to assist you with your specific needs if you wish to remain anonymous or use a pseudonym.

How do we protect your personal information?

Whether your personal information is gathered through face-to-face meetings or by interacting with us via telephone, mail, internet.

We hold your personal information in:

• Secure computer systems;
• Secure electronic databases;

We take steps to store your information and protect personal information from misuse, loss, unauthorised access, modification, or improper disclosure.  These include:

• having in place stand-by systems and information backups to deal with major business interruptions;
• requiring any third-party providers to have acceptable security measures to keep your personal information secure;
• destroying or de-identifying personal information pursuant to the law and our record retention policies.
• educating our staff and authorised third parties who handle personal information on the importance of maintaining the confidentiality of personal information and the privacy of individuals.

These storage mechanisms may be managed in a number of ways. They may be managed or administered internally, or they could be managed by a third-party storage provider with whom Avestix has a contractual relationship.

When we do not need your personal information anymore, we will delete, destroy or de-identify it. In the unlikely event of a data breach we have measures in place to manage and respond to data breaches, which includes the notification to impacted individuals and data protection authorities, where required.

Who do we share personal information with?

To meet our clients’ needs and provide core administration services, it may be necessary for your information to be shared from time to time with internal and authorised third-party providers.   Additionally, we may be required by law to release personal information with legal and regulatory entities.  These may include, but not be limited to:

• Other areas and organisations within the Avestix Group that provide products and services, for reasonable business purposes
• Service providers and specialist advisers we engage to provide us with services such asadministrative, audit, financial, insurance or research services, some of whom may contact you on our behalf
• Courts, tribunals, and other dispute resolution bodies during a dispute
• Anyone authorised by you or to whom you have provided your consent (either expressly or impliedly), including but not limited to other financial services providers that we may need to deal with on your behalf
• Anyone to whom we, or our service providers, are required or authorised by law to disclose your personal information. For example, regulatory authorities including but not limited to the Australian Taxation Office (ATO), the Australian Securities and Investments Commission (ASIC), the Australian Transaction Reports and Analysis Centre (AUSTRAC) and the Australian Financial Complaints Authority (AFCA) to support dispute resolution, if required.

Do we send personal information to overseas recipients?

Your privacy is important to us and we are committed to managing your personal information responsibly and in accordance with our legal obligations including the requirements of the Privacy Act 1988 and with the Australian Privacy Principles.  For international investors, if relevant, we will manage and protect your information in line with the requirements of this Act.

How do we update your personal information?

We will update your personal information if you contact us.  If you are an existing client, you can update your personal information directly online via your authorised Avestix account (or third-party provider) or over the phone by calling 1300 766 261.

How do you find out about your personal information we hold?

You can access the personal information that we hold about you by calling, emailing, or writing to us (see How you can contact us about privacy).

We’ll do our best to respond within 30 days; if it’s going to take longer, we’ll get in touch to let you know why and ask for more time.

There are some situations where we are allowed to refuse or limit your access to information, for example when the information is commercially sensitive. If that happens, we’ll write to you and let you know why.

There is no charge for making a request to access your personal information.  However, in some cases there may be a charge to cover the time we spend locating, compiling, and explaining the information you ask for.   If there is a charge, we’ll give you an estimate up front and confirm that you wish for us to proceed.

How can you contact us about privacy?

You can call us on 1300 766 261, send an email to info@avestix.com, or write to us at Avestix Investor Relations , to:

• Seek more information about anything contained in this policy, or to request a printed copy of this policy
• Update or correct your personal information
• Opt-out of receiving direct marketing material
• Ask about accessing or correcting the personal information we hold about you; or
• Make a privacy related complaint.

How can you make a complaint about privacy?

If you ever have an issue or complaint in relation to privacy, please contact us on 1300 766 261, send an email to info@avestix.com, or write to us at Avestix Investor Relations .  We take privacy related complaints very seriously and consider all complaints carefully as part of our commitment to being open, honest, and fair in dealing with your concerns.  We’ll contact you within ten working days of receiving your complaint to let you know what actions we are taking regarding the matter.

How can you escalate unresolved privacy complaints?

If you feel your complaint has not been satisfactorily addressed in the first instance, or that it is taking too long to resolve, you can ask for your concerns to be escalated to the General Manager, Avestix Group by email to info@avestix.com or write to: General Manager, Avestix Group

If an issue has not been resolved to your satisfaction, you can lodge a complaint with the Office of the Australian Information Commissioner or request a review by the Australian Financial Complaints Authority as follows, if relevant:

Office of the Australian Information Commissioner (OAIC)

Complaints must be made in writing

1300 363 992

Office of the Australian Information Commissioner GPO Box 5218 Sydney NSW 2001

enquiries@oaic.gov.au

www.oaic.gov.au

Australian Financial Complaints Authority (AFCA)

AFCA has authority to hear certain disputes.

Contact AFCA to confirm if they can assist you.

1800 931 678

Australian Financial Complaints Authority

GPO Box 3 Melbourne VIC 3001

info@afca.org.au www.afca.org.au

What are cookies and how do we use them?

Cookies are small pieces of text stored on your computer to help us determine the type of browser and settings you are using, where you have been on the website, when you return to the website, where you came from, and to ensure your information is secure. The purpose of this information is to provide you with a more relevant and effective experience on our websites, including presenting web pages according to your needs or preferences.

We use cookies to give you access to certain pages of the websites without having to log in each time you visit.  We may also use external service providers to track the traffic and usage on the website.

Cookies are frequently used on many websites on the internet and you can choose if and how a cookie will be accepted by changing your preferences and options in your browser.

You may not be able to access some parts of our websites if you choose to disable the cookie acceptance in your browser, particularly the secure parts of the website.  We therefore recommend you enable cookie acceptance to benefit from all the services on the website.

Links to third party websites

Our websites have links to external third-party websites that may benefit the user.

External websites should contain their own privacy statements and we recommend you review them when using their websites.  Please note, however, that third party websites are not covered by this policy, and these sites are not subject to Avestix’s privacy standards and procedures.

Website analytics

Website analytics measurement software is used to assist in tracking traffic patterns to and from our websites, anonymously surveying users of the sites.  The system is used to collect such information as the number of unique visitors, how long these visitors spend on the website when they do visit, and common entry and exit points into and from the website.

This non-personal information is collected and aggregated by third-party software and provided to us to assist in our analysis of our websites.

About this policy

This policy is effective as of 10 June 2020.  We will update this policy when our information handling practices change, and any amendments will apply to the information we hold at the time of the update.  We will post the updated policy on our website; we encourage you to check our website from time to time to view our current policy or contact us for a printed copy.

Policy Version and Revision Information

Policy Authorised By:                        General Manager, Avestix Group

Original Issue:                                         10 June 2020

Current Version:                                   V1.0

Revision Date:                                        n/a