Privacy Policy
Protecting Your Privacy
Protecting your privacy and maintaining confidentiality in relation to your personal information is something we take very seriously at OHM, Chartered Accountants (OHM). Our Privacy Policy is designed to ensure that we communicate to our clients, as clearly as possible, how we manage their personal information. Accordingly, we encourage you to read this policy very carefully and to contact us should you have any questions or concerns.
OHM deals with your personal information and related privacy in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APP's) set out in the Privacy Act. We reserve the right to amend or modify this Privacy Policy at any time however, an up to date copy of this document will remain available on our firm's website at all times.
Personal Information
In order to provide the best possible accounting, taxation related and/or financial advisory services to you, OHM needs to collect and store your personal information.
Personal information is any information which might identify you or by which your identity might reasonably be determined. Personal information collected by OHM may include, but is not limited to, your name, birthdate, place of residence, email address, telephone number, bank account details, superannuation details, taxation details (both past and present), accounting and financial information.
Whilst you can of course choose not to provide us with your personal information, OHM will be unable to provide you with services if you opt to do so.
How We Collect Your Personal Information
OHM will, whenever possible collect your personal information from you directly. Where we are unable to obtain personal information directly from you we may request your consent, either written or verbal as appropriate, to obtain your personal information from a third party.
Ultimately, we may collect your personal information in a number of ways during the course of our relationship with you, including the following:
- during personal conversations with you;
- from documentation, hardcopy or digital media provided by you;
- from communications sent from you by fax, email, post or other means;
- when you forward or upload electronic data to our office network;
- when you provide us with direct access to your electronic records or systems;
- from forms completed by you and returned to our office;
- from third parties when you have authorised us to do so;
- from event enrolment forms;
- when you visit our website; or
- when you connect with us using social media.
It is possible also that we may collect personal information about you from other sources without your direct knowledge such as when funds are transferred from your bank account to our trust or general accounts and your bank account details are advised to us.
Regardless of how we collect your personal information, OHM will deal with your personal information in accordance with this privacy policy.
How We Use Your Personal Information
OHM uses your personal information for the following purposes:
- to verify your identify;
- to contact and communicate with you;
- to provide you with agreed services;
- to notify you of any new or amended services offered by OHM relevant to the agreed service or otherwise;
- to assist you with technical support or support relating to the agreed service or otherwise;
- to carry out marketing initiatives relating to the services provided by OHM;
- to offer you additional services; and
- to comply with laws or regulations in relevant jurisdictions.
When instructing OHM to provide an agreed service you consent to the collection, storage and use of your personal information as outlined in this policy and for any other use you may otherwise authorise. OHM will only use your personal information for the provision of services to you and/or the purposes outlined in this Privacy Policy or as otherwise expressly authorised by you.
Whenever possible, OHM will require you to specifically consent to any disclosure of your personal information to a third party where the disclosure of personal information is not in accordance with, or is unrelated to, the provision of services to you.
In order to provide quality, efficient and affordable services to you, it is possible that your personal information may be viewed by third parties with whom OHM has a vested relationship such as providers of auditing and bookkeeping services, audit insurance providers, accounting contractors, providers of financial services, IT contractors, and providers of software support. We may use Cloud Based Software during the analysis of your data and during the provision of some services, it is possible that your information may be reviewed by our overseas contractors, Backoffis Pty Ltd (processing centre in Ahmedabad, India), with whom OHM has a close valued association.
If at any time OHM is required by law to release your personal information, we must cooperate fully.
Once the provision of services to you is complete your personal information, both electronic and otherwise may be retained by OHM for a period of seven years or more in the event that future instruction for the provision of additional or ongoing services may be forthcoming.
Keeping Your Personal Information Secure
OHM is committed to the protection of your personal information whether stored electronically or on file, and takes all reasonable precautions to protect it from unauthorised disclosure, access or modification. We incorporate a number of systems and procedures to ensure your personal information remains secure, including the following:
- a requirement for all staff to agree in writing to client and work related confidentiality at the time they commence employment with OHM;
- training for all staff regarding the protection of client personal information in keeping with the Privacy Act;
- out of office hours electronically secure premises accessible only to OHM staff with access cards;
- client and third party meeting rooms external to a secure work area;
- onsite servers;
- computer firewall protection;
- up to date technology / computer systems / servers and ongoing maintenance to ensure data security and prevent unauthorised access;
- the use of passwords for access to our network and restrictions within our database to ensure that staff only access the information required to perform their duties; and
- security shredding bins for the disposal of written information.
OHM will correspond with you by email if you indicate that this is appropriate and acceptable to you. In providing this direction you acknowledge also that the internet is not a secure environment and that the transmission of personal information over the internet is at your own risk and cannot be guaranteed by OHM.
Notifiable Data Breach Scheme
The Australian Government’s Office of the Australian Information Commissioner (OAIC) is responsible for privacy functions that are conferred by the Privacy Act 1988. The passage of the Privacy Amendment (Notifiable Data Breaches) Act 2017 established the Notifiable Data Breaches (NDB) scheme in Australia. The NDB scheme applies to all agencies and organisations with existing personal information security obligations under the Privacy Act 1988 from 22 February 2018.
The NDB scheme introduced an obligation to notify individuals whose personal information is involved in a data breach that is likely to result in serious harm. This notification must include recommendations about the steps individuals should take in response to the breach. The Australian Information Commissioner (Commissioner) must also be notified of eligible data breaches.
OHM has observed the requirements of the NDB scheme and sought external advisor resource in order to:
- Document a Privacy Program (why, what, how, who, when).
- Appoint a Privacy Officer.
- Conduct a Personal Information Management Audit to test the security of personal information protection processes and procedures.
- Ensure all Information Collection Forms, such as client on boarding forms, include a Privacy Collection Notice.
- Ensure all direct marketing communications set out clear ‘’opt out’’ provisions.
- Review your Privacy Policy to ensure it reflects your approach to managing personal information, including your use of technology to collect or hold personal information.
- Create a Data Breach Response Plan to document how your will respond to a Notifiable Data Breach.
- Train our staff on privacy issues.
- Establish practices, systems and procedures to ensure your organisation’s ongoing compliance with your privacy obligations through a Compliance Program.
- Establish practices, systems and procedures to ensure that your Privacy Program is being effectively monitored and regularly reviewed.
Direct Marketing
OHM will, on occasion, use your personal information such as your address, contact details or financial information, to provide you with industry information or to introduce you to additional services that we offer. In this regard, we may, for example, send you written communications, electronic newsletters and/or invitations to events. If at any time you do not wish to receive information such as this, we invite you to contact us on 03 95000911 or to unsubscribe where offered when the communication is electronic and we will not send you any further information.
Accessing And Amending Your Personal Information
We encourage you to always communicate with us immediately there is a need to access or update your personal information.
You can at any time request access to your personal information or request that we update your personal information by contacting us on 03 9500 0911, by written communication, or by emailing us at info@ohm.com.au.
You may only access your own personal information. We will attempt to handle all requests for access to personal information in a reasonable time period. In the event that information requested is substantial, OHM may charge a fee to cover the cost of retrieval and provision of the information to you. Additionally, OHM reserves the right to deny access to personal information where the request for same is considered to be frivolous or vexatious.
Complaints Regarding Breaches Of Privacy
If at any time you believe OHM to be in breach of the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APP's) set out in the Privacy Act, we encourage you to contact us on 03 9500 0911 or to lodge a complaint in writing addressed as follows:
The Practice Manager
OHM
Box 428
MALVERN Vic 3144
If you are unsatisfied with our response you may contact the Federal Privacy Commissioner on 1300 363 992. Alternatively you may write to the Director of Complaints, Office of the Federal Privacy Commissioner, GPO Box 5218, Sydney NSW 1042.