At Sunsuper we aim to provide members with the best possible service and in doing so we are committed to protecting your privacy and the security of your personal information.
2. What does ‘personal information’ mean?
“Personal information” means information or an opinion about an identified individual, or an individual who is reasonably identifiable.
Personal information includes ‘sensitive information’. Sensitive information is any personal information about your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record, health, genetic or biometric information.
3. What personal information do we collect?
The type of personal information we collect and hold about you will depend on the dealings you have with Sunsuper. When you deal with Sunsuper (including for the purposes described in section 4 of this policy) the types of personal information you may be required to provide include:
- your contact details, date of birth, gender, occupation, employer and employment history;
- financial information, potentially including your spouse’s financial information (if applicable);
- your investment preferences;
- your medical history and other health information;
- your salary information and beneficiaries;
- your Tax File Number;
- your bank account or other financial institution details where a benefit is to be paid or when we have received a request to set up a direct debit;
- Family Law information such as Financial Agreements or Court Orders; and
- identification documents.
4. For what purposes will Sunsuper use your personal information?
We collect, use and disclose your personal information in order to provide superannuation benefits and related services to you, including for the following purposes:
Your identification details are used to process your member application, manage your participation in the Sunsuper Superannuation Fund (the Fund), ensure that you receive your entitlements from the Fund, provide you with information about your superannuation benefits from time to time, process superannuation contributions including through our clearing house and to ensure that we comply with our legal and regulatory obligations.
Your insurance-related information is collected so that your eligibility for death and disability insurance cover can be assessed. If you make an insurance claim, additional personal information may be collected about your claim in order to assess your eligibility for the benefit.
During the time you are a member of the Fund we will hold investment-related information about you including the amount of your superannuation contributions (including rollovers and other contributions) and your investment preferences.
Your Tax File Number is collected in order for Sunsuper to be able to accept all types of contributions for you, and to ensure that your superannuation is taxed correctly.
When a benefit is due to be paid to you or a beneficiary, Sunsuper is required by law to confirm that you or the beneficiary are the person to whom the benefit belongs. We do this by asking you or the beneficiary to provide acceptable identification documents.
If you die, we will need personal information about who is entitled to be considered for distribution of the death benefit. This includes your spouse, children, any other dependant, and any person who might be a beneficiary of your estate. The information we will ask for about those persons will include their name and residential address, gender, date of birth, details of their financial position and financial needs, and any other information that will assist us in deciding to whom the death benefit should be distributed.
To provide you with financial advice you request, we will ask for certain financial information and personal information about you and your spouse (if applicable) in order to assess your situation.
In the event that a Family Law situation involving superannuation arises, we will require the necessary information and instructions in order to proceed as required in accordance with family law superannuation splitting provisions.
Your identification details are used to register your attendance at Sunsuper events and seminars, when you enter into Sunsuper competitions, and to provide you with information about important changes to Sunsuper and any superannuation benefits and related services.
We may also use your personal information for any purpose:
- for which your personal information was originally collected or you have consented;
- for enforcement related activities conducted by, or on behalf of, an enforcement body; or
- which is authorised or required by a court/tribunal order or an Australian law.
We may also collect, use and disclose your personal information to provide you with information about our products and services and products offered by other parties that we believe may be of interest to you (including by way of direct mail, telephone, email, SMS and MMS, secure Sunsuper portals, and online advertising and marketing) or to request your feedback for research purposes. You always have the right to opt-out of receiving such information. You may exercise that right by contacting us as set out below in section 14.
5. How do we collect personal information?
Sunsuper will generally collect your personal information as much as possible directly from you. For example, we collect information about you through your Membership application form, Benefit payment request form and through various other forms.
On occasion, we may collect your personal information from publicly available sources of information and from third parties. Examples of third parties we may collect your personal information from include:
- When you join Sunsuper, your employer may provide us with your contact details, birth date and tax file number. Employers also provide us with details of the date of termination of employment (where relevant), and notify us of updated address details from time to time.
- If you make an insurance claim, most of the information about the claim is collected from you directly, but information may also be collected from doctors and other experts and sometimes from your employer.
- In the event Family Law matters involving superannuation arise, we may receive personal information and instructions as to required action from a third party such as a law firm.
- On your death, we normally collect information about potential beneficiaries from the beneficiaries themselves. However, we will also collect some information about the identity of potential beneficiaries from your executor or administrator or whoever notifies us of your death.
- We may collect personal information (including your health information) from medical practitioners for insurance purposes.
- If we cannot contact you we may try to obtain your contact details through other organisations that provide contact details such as Australia Post and Australian Taxation Office.
- We may also collect your personal information from direct marketing organisations and data providers.
We only collect ‘sensitive information’ if you have consented to the collection of the information and the information is reasonably necessary for one or more of our functions or activities or if the collection of sensitive information is authorised or required by a court/tribunal order or an Australian law, including the relevant Australian Laws set out in Appendix A.
6. Who do we disclose your personal information to?
As set out in sections 4 and 5 above, there are a range of people and organisations we disclose your personal information to and collect your personal information from. The particular party we may disclose your personal information to will depend on the dealings you have with Sunsuper. Some examples of the parties to whom we may disclose your personal information include:
- Sunsuper’s clearing house for the purpose of facilitating payment of employer contributions.
- Mail and electronic mail service providers for the communication of member statements and other information.
- Insurers, insurance assessors or medical practitioners for the purpose of the assessment of claims for insurance benefits or request for insurance cover.
- Legal advisers and other experts.
- Regulatory authorities and legal bodies as required by law (e.g. Australian Taxation Office, the Australian Transaction Reports and Analysis Centre (AUSTRAC), Australian Prudential Regulation Authority (APRA), Office of the Australian Information Commissioner (OAIC) or a Court or tribunal).
- Auditors - in order to assist them in conducting their independent audit and review activities of Sunsuper’s financial statements and operations.
- Third parties - if you give us permission to do so (e.g. a financial planner with whom you are dealing).
- Overseas superannuation funds and overseas regulators (e.g. a foreign tax office) where you have requested a transfer to or from the overseas superannuation fund.
- Sunsuper’s overseas service provider for conducting surveys, if you participate in a survey.
- Sunsuper’s overseas service provider for our online member community, if you join the online community.
- Other third party service providers so that they can provide contracted services to Sunsuper such as information technology support, hosting services, telephony services, mailing or sending other documentation.
We may also share your personal information with an organisation where we have obtained your consent.
7. Notifiable data breaches
On 22 February 2018, amendments to the Privacy Act took effect, introducing a scheme for notifying certain data breaches. As a result of these amendments, Sunsuper must notify the Office of the Australian Information Commissioner (OAIC) and the affected individual(s) if:
- there is unauthorised access to, unauthorised disclosure, or loss of personal information;
- this is likely to result in serious harm to one or more individuals; and
- Sunsuper has not been able to prevent the likely risk of serious harm with remedial action.
You can find more information about the Scheme on the OAIC website at www.oaic.gov.au.
8. Do we disclose your personal information overseas?
We may disclose personal information to overseas recipients. For a list of overseas countries where recipients of information that Sunsuper may disclose are located please refer to Appendix B.
Sunsuper will only disclose your personal information to a recipient overseas in accordance with the Privacy Act. Circumstances in which we will do this include:
- you have asked us to or we have your consent to do so;
- we have outsourced a business activity or function to an overseas provider;
- we reasonably believe that the overseas recipient is subject to a law or binding scheme that protects the information in a way that is substantially similar to the way the information is protected under the Privacy Act and the Australian Privacy Principles, and there are mechanisms you can access to take action to enforce that protection; or
- the disclosure is required or authorised by or under an Australian law or a court/tribunal order.
9. Do you have to provide your personal information to us?
If lawful and practicable, we offer you the opportunity to deal with us anonymously or by using a pseudonym. For example, we can provide general information to you about our products or services, or general guidance on how to fill out our forms without collecting any personal information.
However, in order to provide our services to you it is normally impracticable for us to deal with you anonymously or by using a pseudonym. For example if you do not provide your personal information to us, Sunsuper will be unable to properly administer your benefits, notify you about your entitlements, or adequately provide our services.
10. Can you access the personal information we hold about you?
You may request access to any of the personal information we hold about you by contacting us as set out below in section 14. A summary of personal information such as your name and contact details, insurance cover and superannuation accounts you have with us is available to you upon request. We will provide you with access to your personal information in accordance with the Privacy Act. Under the Privacy Act we can deny access to some or all of your personal information in specified circumstances, and will provide reasons for any refusal in writing.
11. Can you correct any personal information held by us that is incorrect?
Sunsuper endeavours to ensure that the personal information we hold about you is accurate, up-to-date, complete, and relevant and not misleading. Please let us know if you believe any of your personal information is incorrect by contacting us as set out below in section 14.
To ensure that the information we hold about you remains accurate, complete and up-to-date, we may ask you to check and correct your personal details from time to time. We may do this when your annual member statement is sent out, when you make a telephone enquiry, or through other means.
12. How do we protect your personal information?
Sunsuper has security policies and systems in place to protect your personal information. We implement multiple layers of security controls throughout our systems so that in the event that one control fails, or a vulnerability is exploited, there are other measures still in place to protect your personal information.
The people who handle your personal information have the training and skills to protect your personal information from unauthorised access or misuse.
Sunsuper uses industry standard security protocols to protect the personal information you disclose in using our Member Online, Sunsuper app and Employer Online facilities. Sunsuper uses encryption to provide more secure communications when using our Member Online, Sunsuper app and Employer Online facilities. In addition, when you join Member Online or Employer Online or set up the Sunsuper app you must read and accept terms and conditions relating to privacy and security.
We have appointed a Privacy Officer. If you have any queries you can contact us by the following means:
Call: 13 11 84
Email: Contact us online
The Privacy Officer,
Sunsuper Pty Ltd
GPO Box 2924
Brisbane Qld 4001
15. Can you complain about a breach of your privacy?
Call: 13 11 84
Email: Contact us online
The Privacy Officer
Sunsuper Pty Ltd
GPO Box 2924
Brisbane Qld 4001
We will endeavour to resolve the issue as quickly as possible. If we have not resolved your complaint within 21 days, we will write to you about the progress of your complaint.
If you are not happy with Sunsuper’s response to your complaint or Sunsuper has not responded within 30 days, you can refer your complaint to the Office of the Australian Information Commissioner (OAIC) by:
GPO Box 5218
Sydney NSW 2001
Fax: +61 2 9284 9666
Call: 1300 363 992
* Sunsuper is the name we use to describe the business that offers a range of superannuation products and related financial services. Sunsuper Pty Ltd (ABN 88 010 720 840, AFSL No. 228975) is the Trustee of the Sunsuper Superannuation Fund. Financial product advice is provided by representatives of Sunsuper Financial Services Pty Ltd (ABN 50 087 154 818, AFSL No. 227867), wholly owned by the Sunsuper Superannuation Fund. Administration services are provided by Precision Administration Services Pty Ltd (ABN 47 098 977 667, AFSL No. 246604) (Precision), wholly owned by the Sunsuper Superannuation Fund.
Need more information?
You can contact us in writing at GPO Box 2924, Brisbane, QLD 4001 or call us on 13 11 84 between 8.00am and 6.30pm AEST Monday to Friday.
Australian Laws under which Sunsuper is required or authorised to collect information.
Anti-Money Laundering and Counter-Terrorism Financing Act 2006
Corporations Act 2001
Family Law Act 1975
Income Tax Assessment Act 1936
Income Tax Assessment Act 1997
Privacy Act 1988
Superannuation (Unclaimed Money and Lost Members) Act 1999
Superannuation Industry (Supervision) Act 1993
Overseas Countries where Sunsuper may disclose information
United States of America