Privacy Statement

MGR Accountants are committed to protecting your privacy and developing technology that gives you the most powerful and safe online experience. This Statement of Privacy applies to the MGR Accountants website and governs data collection and usage. By using the MGR Accountants website, you consent to the data practices described in this statement.

The Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth) (Privacy Act) updates the Privacy Act 1988 (Cth) and is intended to establish a comprehensive national scheme for the collection, holding, use, correction, disclosure and transfer of personal information by organisations in the private sector. This gives individuals the right to know what information an organisation holds about them and a right to correct that information if it is wrong.

This policy is to ensure MGR Accountants complies with the Privacy Act established for the handling of personal information by organisations in the private sector. MGR Accountants is required to ensure that it complies with the thirteen Australian Privacy Principles (APPs) set out by the Privacy Act The Australian Privacy Principles (APPs) regulate the way MGR Accountants can collect, use, disclose, amend and pass on personal information.

Collection of your Personal Information

MGR Accountants collects personally identifiable information, such as your e-mail address, name, home or work address or telephone number. MGR Accountants also collects anonymous demographic information, which is not unique to you, such as your postcode, age, gender, preferences, interests and favorites.

There is also information about your computer hardware and software that is automatically collected by MGR Accountants. This information can include: your IP address, browser type, domain names, access times and referring website addresses. This information is used by MGR Accountants for the operation of the service, to maintain quality of the service, and to provide general statistics regarding use of the MGR Accountants website.

Please keep in mind that if you directly disclose personally identifiable information or personally sensitive data through MGR Accountants public message boards, this information may be collected and used by others. Note: MGR Accountants does not read any of your private online communications.

MGR Accountants encourages you to review the privacy statements of websites you choose to link to from MGR Accountants so that you can understand how those websites collect, use and share your information. MGR Accountants is not responsible for the privacy statements or other content on websites outside of the MGR Accountants and MGR Accountants family of websites.

Use of your Personal Information

MGR Accountants collects and uses your personal information to operate the MGR Accountants website and deliver the services you have requested. MGR Accountants also uses your personally identifiable information to inform you of other products or services available from MGR Accountants and its affiliates. MGR Accountants may also contact you via surveys to conduct research about your opinion of current services or of potential new services that may be offered.

MGR Accountants does not sell, rent or lease its customer lists to third parties. MGR Accountants may, from time to time, contact you on behalf of external business partners about a particular offering that may be of interest to you. In those cases, your unique personally identifiable information (e-mail, name, address, telephone number) is not transferred to the third party. In addition, MGR Accountants may share data with trusted partners to help us perform statistical analysis, send you email or postal mail, provide customer support, or arrange for deliveries. All such third parties are prohibited from using your personal information except to provide these services to MGR Accountants, and they are required to maintain the confidentiality of your information.

MGR Accountants does not use or disclose sensitive personal information, such as race, religion, or political affiliations, without your explicit consent.

MGR Accountants keeps track of the websites and pages our customers visit within MGR Accountants, in order to determine what MGR Accountants services are the most popular. This data is used to deliver customized content and advertising within MGR Accountants to customers whose behavior indicates that they are interested in a particular subject area.

MGR Accountants websites will disclose your personal information, without notice, only if required to do so by law or in the good faith belief that such action is necessary to: (a) conform to the edicts of the law or comply with legal process served on MGR Accountants or the site; (b) protect and defend the rights or property of MGR Accountants; and, (c) act under exigent circumstances to protect the personal safety of users of MGR Accountants or the public.

Use of Cookies

The MGR Accountants website use 'cookies' to help you personalize your online experience. A cookie is a text file that is placed on your hard disk by a web page server. Cookies cannot be used to run programs or deliver viruses to your computer. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you.

One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the Web server that you have returned to a specific page. For example, if you personalize MGR Accountants pages, or register with MGR Accountants site or services, a cookie helps MGR Accountants to recall your specific information on subsequent visits. This simplifies the process of recording your personal information, such as billing addresses, shipping addresses and so on. When you return to the same MGR Accountants website, the information you previously provided can be retrieved, so you can easily use the MGR Accountants features that you customized.

You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the MGR Accountants services or websites you visit.

Security of your Personal Information

MGR Accountants secures your personal information from unauthorized access, use or disclosure. MGR Accountants secures the personally identifiable information you provide on computer servers in a controlled, secure environment, protected from unauthorized access, use or disclosure. When personal information (such as a credit card number) is transmitted to other websites, it is protected through the use of encryption, such as the Secure Socket Layer (SSL) protocol.

Changes to this Statement

MGR Accountants will occasionally update this Statement of Privacy to reflect company and customer feedback. MGR Accountants encourages you to periodically review this Statement to be informed of how MGR Accountants is protecting your information.


The Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth) (Privacy Act) updates the Privacy Act 1988 (Cth) and is intended to establish a comprehensive national scheme for the collection, holding, use, correction, disclosure and transfer of personal information by organisations in the private sector. This gives individuals the right to know what information an organisation holds about them and a right to correct that information if it is wrong.

This policy is to ensure MGR Accountants complies with the Privacy Act established for the handling of personal information by organisations in the private sector. MGR Accountants is required to ensure that it complies with the thirteen Australian Privacy Principles (APPs) set out by the Privacy Act The Australian Privacy Principles (APPs) regulate the way MGR Accountants can collect, use, disclose, amend and pass on personal information.

Responsibility and Authority

All Managers and Staff
Ensure compliance with the policy

Privacy Compliance Officer
- Receives complaints from an individual regarding an alleged breach of privacy by MGR Accountants
- Investigates and attempts to resolve any alleged breach of privacy complaint internally with the individual
- MGR Accountants’ Privacy Officer is Marita Hughes

Part 1 – Consideration of Personal Information Privacy

APP 1: Open and Transparent Management of Personal Information

Personal information will only be collected to the extent necessary by lawful and fair means and not in an unreasonably intrusive way for one or more of MGR Accountants’ functions or activities.
At the time of collection (or as soon as practicable afterwards) MGR Accountants will take reasonable steps to ensure personal information is managed is an open and transparent way. Under the Privacy Act you are entitled to:
- know the kind of information the entity collects and holds
- how the entity collects and holds personal information
- the purposes for collecting, holding and disclosing personal information
- how they can access and seek correction of such information
- how an individual may complain about a breach of the Australian Privacy Principles, and how the entity would deal with such a complaint
- whether the entity is likely to disclose personal information to overseas recipients
- if the entity is likely to disclose personal information to overseas recipients, the countries in which such recipients are likely to be located if it is practicable to do so

MGR Accountants will provide upon request from an individual or body free access to MGR Accountants’ privacy policy in such form as appropriate.

APP 2: Anonymity and pseudonymity

Whenever it is lawful and practicable, an individual will have the option of not identifying themselves or of using a pseudonym in relation to a particular matter.

Part 2 – Collection of Personal Information

APP 3: Collection of solicited personal information

Personal Information other than Sensitive Information

MGR Accountants will only collect personal information (other than sensitive information) if it is reasonably necessary for one or more of the MGR Accountants’ functions or activities.

Sensitive Information

MGR Accountants will not collect sensitive information about an individual unless:

(a) the individual has consented and the information is reasonably necessary for one or more functions or activities;
(b) the collection is required or authorised by law; or
(a) a permitted general situation exists in relation to the collection of information by MGR Accountants
(b) a permitted health situation exists in relation to the collection of information by MGR Accountants

Permitted general situations:
• lessening or preventing a serious threat to the life, health or safety of any individual, or to public health or safety
• taking appropriate action in relation to suspected unlawful activity or serious misconduct
• locating a person reported as missing
• asserting a legal or equitable claim
• conducting an alternative dispute resolution process

Permitted health situation:
• the collection of health information to provide a health service
• the collection of health information for certain research and other purposes
• the use or disclosure of health information for certain research and other purposes
• the use or disclosure of genetic information
• the disclosure of health information for a secondary purpose to a responsible person for an individual

Personal Information: means information or an opinion about an identified individual, or an individual who is reasonably identifiable
a) Whether the information or opinion is true or not; and
b) Whether the information or opinion is recorded in a material form or not.

Sensitive Information: means:
(a) information or an opinion about an individual’s:
(i) racial or ethnic origin; or
(ii) political opinions; or
(iii) membership of a political association; or
(iv) religious beliefs or affiliations; or
(v) philosophical beliefs; or
(vi) membership of a professional or trade association; or
(vii) membership of a trade union; or
(viii) sexual preferences or practices; or
(ix) criminal record;
that is also personal information; or

(b) health information about an individual; or
(c) genetic information about an individual that is not otherwise health information.

Means of Collection

MGR Accountants will only collect personal information by lawful and fair means. MGR Accountants can only collect personal information about an individual from that individual unless it is unreasonable or impractical to do so.

APP 4: Dealing with Unsolicited Personal Information

Where MGR Accountants receives personal information in a manner that is not compliant with APP3, that information will be destroyed and/or de-identified. If unsolicited personal information is contained in a Commonwealth record, MGR Accountants is not required to destroy or de-identify that information.

APP 5: Notification of the Collection of Personal Information

At the time of collection (or as soon as practicable afterwards) MGR Accountants will take reasonable steps to ensure that the individual is notified:

(a) The identity and contact details of MGR Accountants
(b) That MGR Accountants is or has collected information, and the circumstances of that collection
(c) MGR Accountants will state when the collection of personal information is required and/or authorised by law, and provide details of the relevant law or order.
(d) The purpose for which the personal information is collected
(e) The main consequences (if any) for the individual if some/all of the personal information is not collected
(f) Of any disclosures of personal information that MGR Accountants will make to any other entity, body or person.
(g) How the individual can access and seek the correction of personal information
(h) How the individual can lodge a complaint of a breach of the Australian Privacy Principles or a registered APP code that binds MGR Accountants, and how MGR Accountants will deal with complaints.
(i) Whether MGR Accountants is likely to disclose personal information to overseas recipients, and if applicable, which countries.

Procedure for making a complaint

A person may make a complaint if they feel their personal information has been handled inappropriately by a private sector organisation in breach of MGR Accountants’ privacy obligations under the Privacy Act.

In the first instance, complaints must be directed to MGR Accountants’ Privacy Officer in writing. MGR Accountants will investigate the complaint and prepare a response to the complainant in writing within a reasonable period of time.

If the complainant is not satisfied with MGR Accountants’ response or the manner in which MGR Accountants has dealt with the complaint, the individual may make a formal complaint to the Office of the Australian Information Commissioner (OAIC). The OAIC may investigate, resolve or close complaints based on information found during preliminary inquiries. If the OAIC believes there is enough evidence to support the complaint, it will try to conciliate the matter.

If conciliation does not resolve the complaint, depending on the circumstances, the Australian Information Commissioner may make a determination. A determination could include a requirement that MGR Accountants issue an apology, improve practices to reduce likelihood of a breach of the Privacy Act, or compensation is to be paid to the complainant. A complainant may withdraw their complaint at any time.

Where OAIC has made a decision, a complainant may request OAIC to review it by a new officer. If the OAIC closes the file or the Information Commissioner makes a determination that is not legally correct, the complainant may apply to the Federal Court or the Federal Magistrates Court by way of appeal. Either party may also appeal to the Administrative Appeal Tribunal within 28 days of a final OAIC decision for a review of any compensation amount ordered by the Information Commissioner.
MGR Accountants may amend and vary this policy from time to time.

Part 3 – Dealing with Personal Information

APP 6: Use or Disclosure of Personal Information

MGR Accountants will not use personal information for another purpose (secondary purpose) unless:
1) the individual has consented; or
2) the secondary purpose is related to the primary purpose and the individual would reasonably expect MGR Accountants to use or disclose the information for the secondary purpose.
3) The use/disclosure of the information is required by law
4) A permitted general/health situation exists in relation to the disclosure. Health situation information will be de-identified before MGR Accountants discloses it.
5) MGR Accountants believes that the use/disclosure of information is reasonably necessary for one or more enforcement related activities conducted by/on behalf of an enforcement body

Written Note of Use or Disclosure

MGR Accountants will make a written note of all uses and disclosures of personal information.

Related Bodies Corporate

Where MGR Accountants collects personal information from a body corporate, it will treat personal information in the same manner as stated above.

Exceptions

Where personal information is used or disclosed for the purpose of direct marketing or government related identifiers, the above principles do not apply.

APP 7: Direct Marketing

Direct Marketing

Direct marketing concerns the use/disclosure of personal information to communicate directly with an individual to promote goods and services. MGR Accountants will not use or disclose personal information held about an individual for the purposes of direct marketing unless one of the exceptions outlined below apply.

Exceptions – Personal Information other than Sensitive Information

MGR Accountants will not use or disclose personal information for the purposes of direct marketing unless:
(a) MGR Accountants has collected the information from the individual and the individual would reasonably expect MGR Accountants to use/disclose the information for this purpose
(b) MGR Accountants has provided a simple means where the individual may easily request not to receive direct marketing communications, and the individual has not made such a request

Where MGR Accountants has collected the personal information from a third party or from the individual directly, but the individual does not have a reasonable expectation that their personal information will be used for the purpose of direct marketing, MGR Accountants will seek consent from an individual for each direct marketing communication.

Exception – Sensitive Information

MGR Accountants will not use or disclose sensitive information about an individual for the purposes of direct marketing without the consent of the individual.

Exception – Contracted Service Providers

MGR Accountants may use or disclose personal information for the purpose of direct marketing where:
(a) MGR Accountants is a contracted service provider for a Commonwealth contract
(b) MGR Accountants collected the information for the purpose of meeting (directly or indirectly) an obligation under the contract
(c) The use or disclosure is necessary to meet (directly or indirectly) such an obligation

Individual may request not to receive direct marketing communications

Where an individual has requested for MGR Accountants not to use or disclose their personal information for the purpose of direct marketing, or for the purpose of facilitating direct marketing by other organisations, MGR Accountants will give effect to any such request by an individual within a reasonable period of time and without cost to the individual.

MGR Accountants will, on request, notify an individual of its source of the individual’s personal information that it has used or disclosed for the purpose of direct marketing unless this is unreasonable or impracticable to do so.

This does not apply to the extent that the Do Not Call Register Act 2006, the Spam Act 2003 or any other legislation prescribed by the regulations apply.

APP 8: Cross-Border Disclosure of Personal Information

MGR Accountants will not disclose personal information to a person overseas unless reasonable steps have been taken to ensure that the recipient does not breach the Australian Privacy Principles.

This does not apply when:
(a) MGR Accountants reasonably believes that the recipient is subject to a law or scheme that is overall similar to the APP, and the individual can access mechanisms to enforce the protection of that law or scheme.
(b) MGR Accountants seeks the consent of the individual to disclose the personal information, expressly stating that they will not take reasonable steps to ensure the recipient does not breach the APP.
(c) The disclosure of information is required/authorised by an Australian law or court/tribunal order
(d) A permitted general situation exists in relation to the disclosure of the information by MGR Accountants

APP 9: Adoption, Use or Disclosure of Government Related Identifiers

Adoption of Government Related Identifiers

MGR Accountants will not adopt as its own identifier an identifier that has been authorised under Australian law. Examples are an individual’s Medicare or tax file number.

Use or Disclosure of Government Related Identifiers

MGR Accountants will not use or disclose an identifier unless:
(a) It is to verify the identity of the individual for the purposes of their activities/functions
(b) It is necessary for MGR Accountants to fulfil its obligations to an agency or a State/Territory
(c) It is required/authorised by law
(d) A permitted general situation exists in relation to the use/disclosure of the identifier
(e) MGR Accountants reasonably believes that the use or disclosure of the identifier is reasonably necessary for one or more enforcement related activities conducted by or on behalf of an enforcement body

Regulations about Adoption, Use or Disclosure

MGR Accountants may use/adopt or disclose a government related identifier of an individual if:
(a) The identifier is prescribed by regulations
(b) MGR Accountants is prescribed by the regulations, or is included in a class of organisations prescribed by the regulations
(c) The adoption, use or disclosure is prescribed by the regulations

APP 10: Quality of Personal Information

MGR Accountants will take reasonable steps to ensure that personal data collected, used or disclosed is accurate, up to date and complete.

APP 11: Security of Personal Information

MGR Accountants will take reasonable steps to protect personal information it holds from misuse and loss and from unauthorised access, modification or disclosure. MGR Accountants will also take reasonable steps to destroy or permanently de-identify personal information if it is no longer needed for any purpose for which the information may be used or disclosed under Principle 3.

APP 12: Access to Personal Information

Access

Where MGR Accountants holds personal information about an individual, it will provide the individual with access to the information on request.

Exceptions to access
MGR Accountants is not required to give the individual access to the personal information where:
(a) MGR Accountants reasonably believes that giving access would pose a serious threat to the life, health or safety of any individual/to public health/public safety
(b) Giving access would have an unreasonable impact on the privacy of other individuals
(c) The request for access is frivolous or vexatious
(d) The information relates to existing or anticipated legal proceedings between the entity and the individual, and would not be accessible by the process of discovery in those proceedings
(e) Giving access would reveal the intentions of the entity in relation to negotiations with that individual, and would prejudice those negotiations
(f) Giving access would be unlawful
(g) Denying access is required/authorised by or under Australian Law or a court/tribunal order
(h) MGR Accountants has reason to suspect that unlawful activity or serious misconduct relating to MGR Accountants has been engaged in, and giving access is likely to prejudice the taking of appropriate action
(i) Giving access would be likely to prejudice one or more enforcement related activities conduced by/on behalf of an enforcement body
(j) Giving access would reveal evaluative information generated within the MGR Accountants in connection with a commercially sensitive decision-making process

Dealing with requests for access

MGR Accountants must respond to requests for access to personal information within 30 days of a request by an agency, or within a reasonable time period after the request is made by an organisation.

Access to information should be given in the manner requested by the individual if it is reasonable and practicable to do so.

Other means of access
Where MGR Accountants refuses to give access to personal information on a permitted ground or refuses to give access in the manner requested by the individual, MGR Accountants must take reasonable steps to give access in a way that meets the needs of the individual and MGR Accountants (e.g. deleting personal information for which there is a ground for refusing access and giving the redacted version to the individual, or giving a summary of the requested personal information to the individual).

Access may be given through the use of a mutually agreed intermediary.

Access Charges

MGR Accountants may impose a charge for giving access to personal information (such as copying costs, postage costs, costs associated with using an intermediary). This charge must not be used to discourage an individual from requesting access to personal information, and cannot be
applied to the making of the request.
Refusal to give access

Refusals by MGR Accountants to give access to personal information will be in writing and will state:
(a) The reasons for the refusal
(b) The mechanisms available to complain about the refusal
(c) Any other matter prescribed by the regulations

Where MGR Accountants has refused access due to evaluative information in connection with a commercially sensitive decision-making process, MGR Accountants may include an explanation for the commercially sensitive decision.

APP 13: Correction of Personal Information

Correction

Where MGR Accountants or an individual believes that personal information is inaccurate, out of date, incomplete, irrelevant or misleading, MGR Accountants will take reasonable steps to correct that information.

Notification of Correction to Third Parties

MGR Accountants will take reasonable steps to ensure that all third parties privy to personal information have been notified of a correction unless it is unlawful or unreasonable to notify.

Refusal to Correct Information

If MGR Accountants refuses to correct personal information as requested by the individual, a written notice will be provided that contains:
(a) The reasons for refusal
(b) The mechanisms available to complain about the refusal
(c) Any other matter prescribed by regulations

Request to Associate a Statement

Where MGR Accountants has refused to correct personal information and the individual has requested for an associated statement that the information is out of date, inaccurate, incomplete, irrelevant or misleading, MGR Accountants will take reasonable steps to associate the statement in such a way that will make the statement apparent to users of the information.

Dealing with Requests

MGR Accountants will respond to requests to associate a statement:
(a) Within 30 days (if request is from an agency)
(b) Within a reasonable period after the request is made

MGR Accountants will not charge an individual for making a request, for correcting information or associating a statement with the personal information.

Queries regarding privacy should be directed to MGR Accountants’ Privacy Officer:

Email: mgr@mgr.com.au
Phone: 03 5443 8888
Post: PO Box 793
Bendigo Vic 3552

MGR Accountants may amend and vary this policy from time to time.

Contact Information

MGR Accountants Group welcomes your comments regarding this Statement of Privacy. If you believe that MGR Accountants Group has not adhered to this Statement, please contact us at mgr@mgr.com.au. We will use commercially reasonable efforts to promptly determine and remedy the problem.