Privacy

Privacy statement

1.    Introduction

We manage personal information in accordance with the Privacy Act 1988 and Australian Privacy Principles. This policy applies to information collected by dmh Accounting Pty Ltd (“dmh”).We only collect information that is reasonably necessary for the proper performance of our activities or functions.We do not collect personal information just because we think it could be useful at some future stage if we have no present need for it.We may decline to collect unsolicited personal information from or about you and take steps to purge it from our systems.By reading below you will be able to find out how we manage your personal information as an APP Entity under the Australian Privacy Principles (APPs).You will also be able to find out about the information flows associated with that information.If you have any questions, please contact us.

 

1.1. APP Entity

dmh manages personal information, as an APP Entity, under the Australian Privacy Principles (APPs).Because we are a contracted service provider to a range of Commonwealth, State and Territory government agencies, it sometimes becomes necessary for us to collect and manage personal information as an Agency under different privacy arrangements.  If you wish to know whether this applies to you, please contact us.

 

1.2. Information Flow

When we collect your personal information:

  • we check that it is reasonably necessary for our functions or activities as an accounting firm;
  • we check that it is current, complete and accurate. This will sometimes mean that we have to cross check the information that we collect from you with third parties;
  • we record and hold your information in our Information Record System. Some information may be disclosed to overseas recipients
  • we retrieve your information when we need to use or disclose it for our functions and activities. At that time, we check that it is current, complete, accurate and relevant. This will sometimes mean that we have to cross check the information that we collect from you with third parties – especially if some time has passed since we last checked.
  • subject to some exceptions, we permit you to access your personal information in accordance with APP:12 of the (APPs).
  • we correct or attach associated statements to your personal information in accordance with APP:13 of the (APPs).
  • we destroy or de-identify your personal information when it is no longer needed for any purpose for which it may be used or disclosed provided that it is lawful for us to do so. We do not destroy or de-identify information that is contained in a Commonwealth Record.

2.    Kinds of information that we collect and hold

Personal information that we collect and hold is information that is reasonably necessary for the proper performance of our functions and activities as an accounting firmThe type of information that we typically collect and hold about our clients is information that is necessary to prepare financial statements and tax returns:

  • Names, employment titles, contact details;
  • Date of birth and gender;
  • Information in identification documents (e.g. passport, driver’s licence);
  • Tax file numbers, ACNs, ABNs and other government related identifiers;
  • Assets and liabilities;
  • Personal income;
  • Bank account details;
  • Shareholdings and details of investments;
  • Superannuation details;
  • Tax and financial statements;
  • Information regarding insurance;
  • Personal information about your spouse and dependents

 

3.    Purposes

The purposes for which we collect, hold, use and disclose your personal information is to provide your taxation, accounting and business services relevant to your circumstances.

 

4.    How your personal information is collected

We sometimes collect information from third parties and publicly available sources when it is necessary for a specific purpose such as checking information that you have given us or where you have consented or would reasonably expect us to collect your personal information in this way.Sometimes the technology that is used to support communications between us will provide personal information to us – see the section in this policy on Electronic Transactions. 

4.5 Electronic Transactions

Sometimes, we collect personal information that individuals choose to give us via online forms or by email.It is important that you understand that there are risks associated with use of the Internet and you should take all appropriate steps to protect your personal information.  It might help you to look at the OAIC’s resource on Internet Communications and other Technologies.You can contact us by telephone or post if you have concerns about making contact via the Internet.

 

5.    How your personal information is held

Personal information is held in our Information Record System until it is no longer needed for any purpose for which it may be used or disclosed at which time it will be de-identified or destroyed provided that it is lawful for us to do so.We take a range of measures to protect your personal information from:

  • misuse, interference and loss; and
  • unauthorised access, modification or disclosure.

 

5.1 Our Information Record System

Our Information Record System is an accounting system that stores data electronically. Information is stored on a server in a secure data room in Australia.Any physical records of your information are securely stored in on dmh premises in Australia.

 

5.2 Information Security

All electronic data is protected by multi layer security systems both physical and online including IPS, authentication and firewalls.Physical personal information is stored with restricted access and shred upon disposal.

 

6.    Disclosures

We may disclose your personal information for any of the purposes for which it is primarily held or for a lawful related purpose.We may disclose your personal information where we are under a legal duty to do so.Disclosure will usually be:

  • internally and to our related entities
  • to the Australian Tax Office and other regulatory bodies

 

6.1 Related Purpose Disclosures

We outsource a number of services to contracted service suppliers (CSPs) from time to time.  Our CSPs may see some of your personal information.  Typically, our CSPs would include:

  • Software solutions providers;
  • Legal and other professional advisors;
  • Insurance brokers, loss assessors and underwriters;
  • SMSF Auditors;

We take reasonable steps to ensure that terms of service with our CSPs recognise that we are bound by obligations to protect the privacy of your personal information and that they will not do anything that would cause us to breach those obligations.

 

6.2 Cross-Border Disclosures

dmh Accounting may disclose personal information to overseas recipients in order to provide our products and/or services. dmh Accounting may also store, process or back-up your personal information on computer servers or networks which are located overseas or in the cloud, including where services are performed by service providers who are located overseas. dmh Accounting does not disclose any credit information to any recipient located outside of Australia. 

It is not practicable to list all countries in which recipients may be located, however, dmh Accounting will only disclose your personal information to an overseas recipient where reasonably necessary in order to provide its products and/or services and for administrative, data storage or other business management purposes. 

Overseas recipients may have different privacy and data protection standards. However, before disclosing any personal information to an overseas recipient, dmh Accounting will take steps reasonable in the circumstances to ensure the overseas recipient complies with the Australian Privacy Principles or is bound by a substantially similar privacy scheme unless you consent to the overseas disclosure or it is otherwise required or permitted by law.  

 

7.    Access & Correction

Subject to some exceptions set out in privacy law, you can gain access to your personal information that we hold.  For more information about access to your information see our Access Policy.For more information about applying to correct your information see our Correction Policy.

 

7.1 Access Policy

If you wish to obtain access to your personal information you should contact our Privacy Co-ordinator. Additionally you will need to be in a position to verify your identity.

  • Requests to access to your personal information will be acknowledged within 5 working days
  • Where possible such access will be granted within 30 working days. In the event there are circumstances restricting access within this time frame Launch will advise you of these restrictions and communicate the revised timeframe

 

7.2 Correction Policy

If you find that personal information that we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to correct it by contacting us. We will take such steps as are reasonable in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant and not misleading.If we have disclosed personal information about you that is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to notify the third parties to whom we made the disclosure and we will take such steps (if any) as are reasonable in the circumstances to give that notification unless it is impracticable or unlawful to do so.

  • Requests to correct to your personal information will be acknowledged within 5 workings day
  • Where possible such access will be granted within 30 working days. In the event there are circumstances restricting your information being corrected within this time frame, Launch will advise you of these restrictions and communicate the revised timeframe

 

8.    Complaints

You have a right to complain about our handling of your personal information if you believe that we have interfered with your privacy.

 

8.1 Complaints procedure

If you are making a complaint about our handling of your personal information, it should first be made to us in writing.You can make complaints about our handling of your personal information to our Privacy Co-ordinator, by clicking here.
You can also make complaints to the Office of the Australian Information Commissioner.NOTE: The Association Code and Dispute Resolution Rules do NOT constitute a recognised external dispute resolution scheme for the purposes of the APPs; but are primarily designed to regulate the good conduct of the Associations members.When we receive your complaint:

  • We will take steps to confirm the authenticity of the complaint and the contact details provided to us to ensure that we are responding to you or to a person whom you have authorised to receive information about your complaint;
  • Upon confirmation we will write to you to acknowledge receipt and to confirm that we are handling your complaint in accordance with our policy.
  • We may ask for clarification of certain aspects of the complaint and for further detail;
  • We will consider the complaint and may make inquiries of people who can assist us to established what has happened and why;
  • We will require a reasonable time (30 days) to respond;
  • If the complaint can be resolved by procedures for access and correction, we will suggest these to you as possible solutions;
  • If we believe that your complaint may be capable of some other solution we will suggest that solution to you, on a confidential and without prejudice basis in our response.

If the complaint cannot be resolved by means that we propose in our response, we will suggest that you take your complaint to any recognised external dispute resolution scheme to which we belong or to the Office of the Australian Information Commissioner