1. Your privacy matters to us
- Australian Retirement Trust Pty Ltd – ABN 88 010 720 840 (formerly Sunsuper Pty Ltd) as trustee of Australian Retirement Trust (ABN 60 905 115 063) (formerly QSuper), and as an employer;
- Precision Administration Services Pty Ltd (ABN 47 098 977 667) (‘Precision’) as a provider of superannuation administration services, and as an employer;
- Sunsuper Financial Services Pty Ltd (ABN 50 087 154 818) as a provider of financial advice services;
- QInsure Limited (ABN 79 607 345 853) as a life insurer;
- QInvest Limited (ABN 35 063 511 580) as a provider of financial advice and other services; and
- One QSuper Pty Ltd (ABN 90 601 938 774) as an employer.
References to ‘we’, ‘us’, or ‘our’ in this policy are references to Australian Retirement Trust entities.
This policy focuses on our members but applies generally to the following individuals:
- Members and prospective members of Australian Retirement Trust
- Beneficiaries (including potential beneficiaries), individuals identified on binding death nominations submitted by members and third parties authorised by members to act on their behalf
- Contact persons of employers who pay super to us
- Certain associates of our employees, contractors, directors, and committee members
- Individuals representing entities dealing with us in a commercial arrangement
- Our employees, directors, committee members, and contractors
- Individuals applying for jobs with us.
1.1 What laws we must follow
We are subject to the Privacy Act 1988 (Cth) and the Australian Privacy Principles.
Other laws require or authorise us to collect your personal information, and/or govern how we deal with this information. These laws include:
- Spam Act 2003
- Family Law Act 1975
- Anti-Money Laundering and Counter-Terrorism Financing Act 2006
- Superannuation (Unclaimed Money and Lost Members) Act 1999
- Superannuation Industry (Supervision) Act 1993
- Superannuation Guarantee (Administration) Act 1992
- Corporations Act 2001
- Income Tax Assessment Act 1936
- Income Tax Assessment Act 1997
- Taxation Administration Act 1953.
1.2 Updates to this policy
This policy may be updated from time to time. The most recent policy will be made available on our websites.
This version of our policy was published 28 February 2022.
2. What is personal information?
Under the Privacy Act, personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.
Personal information includes sensitive information. Sensitive information is any personal information about your racial or ethnic origin; political opinions; membership of a political association; religious beliefs or affiliations; philosophical beliefs; membership of a professional or trade association; membership of a trade union; sexual preferences or practices; criminal record; or health, genetic, or biometric information.
2.1 Personal information we collect about you
We may collect and hold a variety of personal information and data about you, including:
- Your name, date of birth, contact details, and gender
- Your residency and citizenship status
- Your identification documents
- Your tax file number (TFN)
- Your current and former employment details, including occupation, and employment arrangement
- Information about your super benefits, and financial information such as salary, contributions history, banking details, and your applications for benefit payments
- Information about your spouse, dependants, and/or beneficiaries for death benefit claims
- Sensitive information, including health and medical information (i.e. in connection with an insurance application or claim), lifestyle information, and any professional or trade association memberships
- Information about your investments, assets and liabilities, expenses, estate planning, insurances, income, and tax
- Information about your family commitments and social security eligibility and entitlements
- Family Law information such as financial agreements or court orders.
The types of personal information we collect will depend on the dealings you have with us. We only collect and hold personal information to look after our members and their super, to provide you with benefits and services including advice services, to improve our services and offerings, and to run our super fund.
3. For what purposes do we collect your personal information?
We collect, hold, use and disclose your information to do things like:
- Set up your account
- Invest your money
- Properly identify you, your beneficiaries, or any agents acting on your behalf
- Provide you with insurance or assess an insurance claim
- Pay your superannuation or insurance benefits to you or your beneficiaries
- Comply with the law
- Provide you with advice
- Conduct research to improve our products and services
- Directly market our products and services to you, including through social media and other digital platforms
- Assess your job application
- Run our super fund.
We will only use your personal information for the purposes for which it was collected, for related purposes, in order to comply with the law, or for another purpose only with your consent.
3.1 Direct marketing
We may also collect, hold, use and disclose your personal information to provide you with information and offers about our products and services and products and services offered by other parties that we believe may be of interest to you (including by way of direct mail, telephone, email, SMS and MMS, our secure portals, and online advertising and marketing) or to request your feedback for research purposes. We ensure that this activity is in accordance with the Spam Act and Privacy Act.
We engage third party service providers to assist us with delivering direct marketing via various channels, including through social media and other digital platforms. We take reasonable steps to ensure that your personal information is protected when disclosing information to these third parties. Sometimes, we may de-identify your information before disclosing it to third parties to facilitate our marketing activities.
We may also use your personal details to send you information about super, seminars or events, financial planning, and other products and services we think you might be interested in. If you don’t want to receive promotional material or participate in market research, please update your contact preferences in Member Online or contact us to let us know.
We may collect, hold, use or disclose information about you in order to enable the development of consumer insights so that we can serve you better. This includes being able to better understand your preferences and interests, personalise your experience and enhance the products and services you receive. This may include combining the information that we hold about you with information about you collected from or held by other trusted partners or from public sources. We may also use trusted service providers to undertake the process of creating these consumer insights. Before disclosing your information for consumer insights purposes, we will generally remove any information that may identify you to the service provider.
4. When we share your personal information
Sometimes we may give your information to other people, including:
- A person you have authorised to act on your behalf (e.g. your power of attorney, trustee, or financial adviser)
- Between the entities of Australian Retirement Trust
- Our service providers and advisers (e.g. our insurers, IT services and support, mail and electronic mail service providers, research and data analysis services, auditors)
- Direct marketing service providers
- Medical, health, and wellbeing professionals in connection with an insurance claim
- Legal bodies (e.g. court, police, regulators such as ASIC or AUSTRAC)
- Government agencies (e.g. Centrelink, WorkCover, ATO, Department of Veterans’ Affairs)
- International agencies with your consent (e.g. a KiwiSaver fund)
- Other organisations (e.g. your employer, other super funds where you are transferring into or out of our fund).
- Any other person where we are required by law (e.g. your spouse, or former spouse subject to an arrangement under the Family Law Act).
We only disclose your personal information if it is necessary for the purpose the information is being used for, if you have consented to it, or if it is authorised by law.
4.1 Sharing personal information overseas
Some third-party service providers we share your information with may be located or have operations overseas. Overseas countries where we may disclose your personal information include the United States, Ireland, the Netherlands, France, Canada, New Zealand, Malaysia, Singapore, Hong Kong, India, Czech Republic, the United Kingdom, and the Philippines.
5. How we collect your personal information
We will generally collect your personal information directly from you, your authorised representatives, or your employer. We do collect some information from other third parties such as the ATO and publicly available sources. Situations where we collect your information include:
- When we receive superannuation payment and other mandatory data sent by your employer, another super fund, or the ATO
- When you (or a third party you have authorised to act on your behalf) visit our website, log in to Member Online or call us for information or financial advice and we may record the call and store the information provided in these interactions
- When you submit forms or applications to us
- If you make an insurance claim, we collect information from you, and may collect information from health professionals, your employer, and other third parties service providers
- If you apply for insurance subject to underwriting, we collect information from you, and may collect information from health professionals
- If you attend an event that we sponsor, your information may be provided to us by the event organisers with your consent for marketing and research purposes
- In the event you are involved in family law matters, we may receive information and instruction from solicitors or the Federal Circuit and Family Court of Australia.
We only collect and hold your personal information if it is necessary, if you have consented to it, or if it is authorised by law.
5.2 Do you have to provide your personal information?
Where possible, we may offer you the opportunity to deal with us anonymously or by using a pseudonym. For example, we can provide general information to you about our products or services, or general guidance on how to fill out our forms, without collecting any personal information.
However, it is normally impracticable for us to deal with you anonymously or by using a pseudonym. For example, if you do not provide your personal information to us, we will be unable to properly administer your benefits, notify you about your entitlements, or adequately provide our services.
6. How we hold and protect your personal information
Your personal information may be held on-site at our offices, in secure premises, or in secure information systems (including in the cloud) operated by our service providers. Your information is only accessible by authorised staff, and authorised service providers who are engaged by us to perform specific functions. We take reasonable steps to ensure that your personal information is protected from unauthorised access, disclosure, modification, misuse, or loss. These steps include having:
- Privacy and security training for our staff
- Building security measures and surveillance
- System security measures such as access controls, firewalls, virus scanning, and encryption
- Security assessments of service providers, and contract provisions requiring the protection of personal information and restrictions on its use.
6.1 Notifiable data breaches
We must notify the Office of the Australian Information Commissioner (OAIC) and affected individuals if we become aware that there are reasonable grounds to suspect an eligible data breach has occurred. An eligible data breach is generally a data breach that is likely to result in serious harm to one or more individuals. We have policies and procedures in place to identify and assess data breaches and to notify the OAIC if required.
7. Accessing and changing your information
You may request access to any of the personal information we hold about you by contacting us as set out in section 8. We will provide you with access to your personal information in accordance with the Privacy Act.
We strive to ensure the personal information we hold about you is correct and up-to-date. If the information we hold about you is incorrect or out-of-date, please let us know so that we may update this. We may ask you to check the information we hold about you from time to time. We may do this with your annual member statement or when you call us.
8. Enquiries and complaints
If you make a privacy complaint, we will endeavour to respond and resolve the issue as quickly as possible. If you are not happy with our response, or we have not responded within 30 days, you can refer your complaint to the Office of the Australian Information Commissioner (OAIC) by: