Case studies

Terms of Use

Privacy Policy

LEGISLATION

The Privacy Act 1988 (Privacy Act) requires entities bound by the Australian Privacy Principles to have a Privacy Policy. The Office of the Information Commissioner (OAIC) is responsible for privacy functions that are conferred by the Privacy Act 1988.


WHAT KINDS OF PERSONAL INFORMATION IS COLLECTED AND HELD?

Halo Labs Pty Ltd trading as (Halo Labs) ABN 41 674 221 286 may be required to collect and hold personal information in order to provide services to our clients. Generally, the kinds of personal information we may collect includes:

  • Name, home address, work address, email address, telephone number and signature.

When recruiting employees or appointing contractors Halo Labs may collect and hold personal information such as: the individual’s name, contact details, date of birth, citizenship, employment references, civil credit and criminal records, regulatory accreditation and driver’s licence information, education, and employment history. Once appointed we will also collect and hold TFNs, financial information relating to the appointing and banking details for payments.


HOW IS IT COLLECTED?

For our clients, personal information is mainly collected via meetings, telephone, email or correspondence and online forms.


WHY WE COLLECT, HOLD, USE, AND DISCLOSE CLIENTS' PERSONAL INFORMATION?

Halo Labs collects, holds, uses, and discloses clients' personal information for the purposes of:

  • Providing technical support and services; and
  • Complying with our regulatory or legal requirements, including:
  • The Corporations Act 2001
  • The Australian Securities and Investments Commission Act 2001
  • The Anti-Money Laundering & Counter-Terrorism Act 2006
  • The Bankruptcy Act 1966 
  • The Tax Laws Amendment (Implementation of the FATCA Agreement) Act 2014
  • The Tax Laws Amendment (Implementation of the Common Reporting Standard) Act 2016; and
  • Applicable taxation law.

HOW IS IT HELD?

We respect the personal information you have entrusted to us, and we have a responsibility to manage and protect that information. Your personal information will be stored in a secure environment in hard copy, electronically or both. With the exceptions detailed within this policy, your information will only be available to employees of Halo Labs or our service providers on a need-to-know basis in order to perform their obligations and duties.


WHAT HAPPENS IF PERSONAL INFORMATION SECURITY IS BREACHED?

We implement corrective plans if our security measures are breached, or your personal information is lost or inadvertently accessed by an unauthorised person. You and the Privacy Commissioner will be advised if we assess the data breach is likely to cause you serious harm.   


HOW DO YOU ACCESS YOUR PERSONAL INFORMATION AND SEEK CORRECTION OF IT?

Should you wish to know what personal information Halo Labs holds on to you, you may request to view this information by contacting our Privacy Officer:


Name: Privacy Officer – Halo Labs

Address: Levels 1, 2 & 3, 60 Martin Place, Sydney, NSW 2000

Tel no: 1800 968 052

Email: hello@halolabs.com.au


The Privacy Officer will promptly investigate your privacy enquiry and provide you with appropriate answers where required. Should you discover that any information is outdated, incorrect or incomplete you may request to have the personal information corrected and Halo Labs will promptly update our records. You may also contact the Privacy Officer if you have any questions on our compliance with the Privacy Act 1988 (Cth). 


HOW CAN I COMPLAIN ABOUT A BREACH OF MY PRIVACY?

If you wish to make a complaint about our handling of your personal information you should contact the Halo Labs Privacy Officer as referred to above.  If we cannot resolve your complaint, then you may raise your issue with the Office of the Australian Information Commissioner.


All privacy breaches that have resulted in or are likely to result in serious harm to any individual affected are 'eligible data breaches' which must be reported by Halo Labs to the Office of the Australian Information Commissioner.  


TO WHOM MIGHT IT BE DISCLOSED?

Halo Labs will only disclose your personal information for the purposes of providing our financial products or services to you. This may include disclosing your personal information to related entities of Halo Labs and third parties where necessary to provide you with our financial products or services. These third parties may include government departments and regulatory authorities. They may also include our auditors, insurers, custodians, IT providers and third-party administrators (service providers).


We may disclose personal information to overseas recipients in order to provide our financial products and/or services. Before disclosing any personal information to an overseas recipient Halo Labs will take reasonable steps to ensure the overseas recipient complies with the Australian Privacy Principles (AAPs) or is bound by a similar privacy regime or you otherwise consent to the overseas disclosure, or the disclosure is required or authorised by law.


IS SENSITIVE PERSONAL INFORMATION COLLECTED?

Halo Labs will not collect sensitive personal information on clients. Sensitive personal information is information about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, health information, genetic information, biometric information, or biometric templates.


NOTIFIABLE DATA BREACHES

Halo Labs is required to notify individuals and the Office of the Australian Information Commissioner about ‘eligible data breaches’. An eligible data breach occurs when the following criteria are met:

  • There is unauthorised access to, or disclosure of personal information held by us (or information is lost in circumstances where unauthorised access or disclosure is likely to occur).
  • This is likely to result in serious harm to any of the individuals to whom the information relates.
  • We have been unable to prevent the risk of serious harm with remedial action.

We will conduct an assessment if it is not clear if a suspected data breach meets these criteria. The assessment will determine whether the breach is an ‘eligible data breach’ that triggers notification obligations.


ADDITIONAL INFORMATION

Further information on privacy in Australia may be obtained by visiting the website of the Office of the Australian Information Commissioner (OAIC) at: oaic.gov.au. We regularly review the OAIC website to keep informed of issues and developments in privacy law and changing legal obligations.