ESV Business advice and accounting (ESV) understands that you value your privacy and wish to have your personal information kept secure. For these reasons, ESV places a high priority on the security of information we hold. We have developed this policy to inform you of how we manage your personal information and maintain its integrity and security.
We are bound by the Privacy Act 1988 (Cth) and must comply with the Australian National Privacy Principles (APPs). ESV is a regarded as an APP entity and has a Data Breach Response Plan in place. You can find more information about the Privacy Act and the National Privacy Principles APP at the Office of the Australian Information Commissioner (OAIC) website at www.oaic.gov.au.
While we believe in keeping your personal information highly secure, we also believe that you have the right to be informed about how we deal with that information so, if on reading this policy you are unclear on any of the matters or simply want more information, please contact us at the addresses provided below.
We aim to collect personal information only if it is relevant and necessary to providing the service you have requested from ESV.
In general, we collect and hold the following information:
- e-mail address;
- telephone and fax number;
- identifying information/documents;
- date of birth;
- bank account details, shareholdings and investments;
- assets and liabilities;
- salary and personal income information; and
- any other information you provide to us.
In most cases we will collect this information from you directly however in some cases we may, with your prior consent, obtain information from your advisers and other third parties such as lawyers, financial planners, bankers etc.
Naturally we collect and hold a broad range of personal information gathered during the course of providing our accounting, audit, taxation and business advisory services. However as stated above, we strive to ensure that we collect and hold only that personal information which is relevant and necessary to your specific matters.
It may be necessary in some circumstances for ESV to collect sensitive information about you in order to provide specific services. The types of sensitive information we may collect include:
- health status;
- ethnic origin;
- details of any membership/s to professional associations;
- Tax file numbers and other government issued identification numbers; and
- criminal record.
We will only collect sensitive information where:
- you consent to the collection of your sensitive information and the information is reasonably necessary for, or directly related to, the services we provide to you; or
- an exception to the prohibition against the collection of sensitive information applies including whether the collection is required or authorised by law.
You have a right to refuse to provide us with your personal information or to anonymity or the use of a pseudonym. However, if you do refuse to provide such information, or request the use of anonymity or a pseudonym we may be unable to complete or fulfil the purpose for which such information was collected, including providing you or our clients with the services we were engaged to perform.
We also collect information from you when you use our website. Your use of facilities and services available through our website will determine the amount and type of information which we collect about you. Some of this information will not be personal information because it will not reveal your identity.
The only personal information which we collect about you when you use our website is what you tell us about yourself, for example, by completing an online form when you accept an invitation to attend a seminar, or information you provide to us when you send us an email. We will record your email address if you send us an email.
You should only provide us with someone else’s personal information where you have their express consent to do so and it is for the purpose of us providing services to you. Matters in this policy should be communicated to any person whose personal information you collect and provide to us. In providing such information to us in the provision of our services to you, you agree that you have obtained the relevant consent from that person and are authorised to do so.
There may be circumstances where we are provided with personal information which we did not actively seek. An example may be misdirected mail, or an excess of documents provided to us by clients.
In such situations, we will make a determination on whether we could have obtained the information lawfully in accordance with the APPs. If the information was not lawfully obtained it will be destroyed or de-identified. We will try to notify the relevant person, whose information has been mistakenly received, if this situation arises.
We collect information primarily to ensure we have all the relevant and necessary information to provide our services to you.
We may also use your personal information:
- to send newsletters to you;
- to invite you to seminars or events hosted by ESV
- to inform you of developments and other services that we can provide; and
- to ensure we provide you with the most up-to-date information relevant to your changing circumstances.
- for general management and reporting purposes, including invoicing and account management;
- to meet regulatory obligations;
- to conduct surveys and seek your feedback;
- for purposes related to the employment of our personnel and providing internal services to our own staff; and
- all other purposes related to our business.
From time to time, we may share your personal information with other entities outside ESV to provide our services to you, and to meet our operational and legal obligations. The entities that we may share your personal information may include:
- third-party contractors we engage to provide services or engage as part of our services to our clients;
- our service providers;
- your authorised representatives or legal advisers (when requested by you to do so);
- credit-reporting and fraud-checking agencies;
- credit providers (for credit-related purposes such as creditworthiness, credit rating, credit provision and financing);
- our professional advisers, including auditors and lawyers;
- organisations who manage our business strategies, including those involved in a transfer/sale of all or part of our assets or business (including accounts and trade receivables) and those involved in managing our business risk and funding functions; and
- government and regulatory authorities and other organisations, as required or authorised by law;
- courts, tribunals and other dispute resolution boded as required as part of a dispute; and
- law enforcement authorities or other appropriate persons where your communication suggests possible illegal activity or harm to others.
In order to manage our work efficiently and improve our processes, we may need to share your personal information to service providers or third parties which may be located in or have operations outside of Australia. The countries to which your personal information could be disclosed include our TIAG affiliated countries, New Zealand, USA, South Africa and the United Kingdom.
If we send your personal information to an overseas recipient, we will take reasonable precautions to ensure the overseas recipient complies with the APPs or similar applicable law regarding personal information.
Storage and security of your personal information
We keep personal information only for as long as is reasonably necessary for the purpose for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements.
We are committed to maintaining the confidentiality of the information that you provide us. We will take all high precautions to protect your personal information from unauthorised disclosure, use or alteration. In our business, personal information may be stored both electronically (on our computer systems and cloud hosting systems) and in hard-copy form.
Firewalls, anti-virus software and email filters, as well as passwords and authentication systems, protect all of our electronic information. Our electronic information is stored and secured at Microsoft AZURE securely in a password protected off-site facility operated in Australia and is accessible only by ESV and our authorised personnel.
We take also reasonable measures to ensure a high-level security of hard-copy information at our business premises such as locks, alarms and barrier systems.
Accessing your personal information
You may access your personal information at any time upon request. We will respond within a reasonable time after the request is made and give you access to your personal information in the manner requested by you, unless it is impracticable to do so. We are entitled to charge you a reasonable administrative fee for giving you access to the information requested.
In limited circumstances, we may refuse your request to access, in which case, we will give you a reason for that refusal.
We are not required to provide you access to your personal information where:
- denying access is required or authorised by law; or
- providing access would be unlawful.
We are committed to ensuring that all reasonable procedures are in place to ensure that your personal information is accurate, complete and up to date. If you suspect that any of your personal information requires amendments, please contact us immediately, and we will take steps to correct any such information. If we are not able to resolve the issue within a reasonable time, we will either give you an explanation as to why or discuss alternative courses of action.
The ESV website uses Google Analytics or other third-party software to analyse aggregate user behaviour. Google Analytics and such other software uses first party cookies, which are text files placed on your computer for the purpose of anonymously identifying your session. These cookies are not used to grant ESV access to your personally identifiable information. Non-identifiable information (such as the pages you visit) may be tracked. By directing your browser to delete your cookies, this data will be erased. For more information about Google Analytics, please follow the links provided on our website.
The information is collected using first party cookies, meaning that this information is only accessible by ESV however, your information may be aggregated with information from other users for the purpose of improving our website and offerings. We will not associate any data gathered from our website with any personally identifiable information, unless you explicitly submit that information (e.g. your email address) via our online information form.
You may make a complaint about ESV’s handling of your personal information, or in relation to your dealings with us about your personal information, by contacting the Privacy Officer at the relevant contacts noted below.
You will be asked to submit any complaints in writing, and we undertake to respond to your complaint within 30 days of receipt of the completed complaint form. If we cannot respond to you within this time, we will provide you with reasons.
We may decline to investigate a complaint, for example in instances where the complaint relates to privacy issues that are unreasonable, unlawful, frivolous, or interferes with another’s right to privacy.
ESV Business advice and accounting
68 York Street
SYDNEY NSW 2000
Ph: 02 9283 1666