This Policy applies to RV Advisory Group Pty Ltd (ACN 665 612 840) and any holding companies, subsidiaries or related entities, all of which are referred to as “RVAG”, “we”, “our”, “us”. The Policy extends to and covers all operations and functions of RVAG including the “Website” www.rvag.com.au owned and operated by RVAG.

RVAG is a registered tax agent providing professional services including tax, accounting, bookkeeping and business advisory services (Professional Services) in accordance with RVAG terms and conditions.

At RVAG, we are committed to ensuring the confidentiality and security of the personal information supplied by clients. RVAG is bound by the National Privacy Principles (‘NPPs’) contained in the Privacy Act 1988 (Cth) (‘Privacy Act’).

The word “client” or “you” refers to every client including individual, partnership including partners, companies including directors & shareholders, trusts including trustees & beneficiaries, non-profit organisations, charities or SMSFs with whom we come into contact. All contractors, sub-contractors, vendors, service providers, clients, agents or any other third parties that have access to and/or utilise personal information collected and/or held by RVAG must abide by this Privacy Policy.

By using our Professional Services including our Website, users agree that they consent to:

• The conditions set out in this Privacy Policy, and
• The collection, use, and retention of the data listed in this Privacy Policy.

The nature of our work requires us to collect certain personal information about the client from various sources. “Personal information” is information or an opinion relating to a client, which can be used to identify that client as described in the Privacy Act. Some personal information, which we collect, is “sensitive information” and “credit information”.

“Sensitive information” includes information relating to a person’s identity, Tax File Number, bank details, financial information, racial or ethnic origin, political opinions, religion, trade union or other professional or trade association membership, sexual preferences and criminal record, which is also personal information, and also includes health information about the client.

As we may provide professional services with longer payment terms i.e., more than 7 days, we are a Credit Provider according to Division 2 of the Privacy Act. Therefore, we may collect “Credit information” from you as part of our normal provision of professional services. Credit information includes details of your financial arrangements with credit providers, credit applications and outstanding credit details.

The information we collect depends on the nature of your interactions with us. We generally collect personal, sensitive and/or credit information from the client by the following methods:

• you engage with us for our Professional Services including our Website;
• financial and/or personal information including any other correspondence provided to us via email, messages, social media, phone calls etc., as well as interviews and conversations with you and your affiliates.
• from a variety of third party sources, including Australian Taxation Office, financial institutions, solicitors, etc.

The above list is not exhaustive.

In some circumstances we may be provided with personal information about a client from somebody else, for example a referral from another person. We will take reasonable steps to inform the client that it holds the personal information and the purpose for which it holds the personal information.

We must not collect sensitive information unless the client has consented, or it is required by law, or in other special specified circumstances.

If the personal information we request is not provided, we may not be able to customised professional services, or provide client with the benefit of our services, or meet a client’s needs appropriately.

We collect personal information for the following purposes:

•  to conduct our business of providing professional services to our clients;
• to enter into contracts with various service providers including softwares to conduct our business;
• to help us manage and enhance our services including our Website;
• to comply with our legal obligations; and

When we refer to “use “of personal information, we mean use within our organisation for the purposes outlined above. When we use the word “disclose” we mean providing the information to persons outside our organisation.

We may use and disclose personal information for the primary purposes for which it is collected, and also for reasonably expected secondary purposes which are related to the primary purpose and in other circumstances authorised by the Privacy Act. Sensitive information will be used and disclosed only for the purpose for which it was provided or a directly related secondary purpose, unless the client agrees otherwise, or where certain other limited circumstances apply (e.g., where required by law).

We may use and disclose personal information for the following purposes:

• to conduct our business of providing our services to clients;
• to enter into contracts with sub-contractors to conduct our business;
• to assess information by clients to provide them with our services;
• to help us manage and enhance our services;
• to communicate with clients, by providing them from time to time with information contained in newsletters, emails or brochures;
• to comply with our legal obligations; and
  to help us manage and enhance our services.

We do not disclose personal information we collect to others for the purpose of allowing them to direct market their products and services. We do not use or disclose sensitive information for direct marketing purposes.

We may engage other people to perform services for us, this may involve those people handling personal information that we possess. In these situations, we prohibit that person from using personal information about you except for the specific purpose for which we supply it.

In relation to sensitive information held by us about a client’s financial history, credit worthiness or bank account details we undertake to securely store your sensitive information within secure physical premises. Access to our premises is restricted to employees of RVAG. When your account with us becomes inactive we undertake to securely archive all of your personal information for a period of 7 years. Following the expiration of this period all of your information held by us will be destroyed.

We may disclose personal and/or sensitive information to:

• third parties, including (but not limited to) any entities or organisations who assist in providing our services including hosting and data storage providers and debt collectors;
• third parties we engage to manage our business including, but not limited to, software providers and various other applications or organisations;
• organisations involved in managing our corporate risk;
• our lawyers;
• our compliance consultants;
• regulatory authorities, including the Australian Securities and Investment Commission (ASIC), and the Australian Taxation Office (ATO) if required by law; and
• anyone else to whom the clients authorises us to disclose it.

We may also collect personal and/or sensitive information from these organisations and/or individuals, and deal with that information in accordance with this Policy.

We may need to disclose personal information to recipients outside of Australia including United States, Europe, Hong Kong, Singapore and India other than to a related company in order to provide our services. Where we disclose your personal information to overseas third party service providers, we will remain responsible for the security of your information. We take reasonable steps to ensure those third party recipients take appropriate steps to protect the information from unauthorised access, modification or disclosure, and from misuse, interference and loss.

The NPPs require us to take all reasonable steps to protect the security of personal information. RVAG personnel are required to respect the confidentiality of personal information and the privacy of clients. We will seek to ensure that clients’ personal information is protected from misuse, loss, unauthorised access, modification or disclosure.

We take reasonable steps to protect personal information held from misuse and loss and from unauthorised access, modification or disclosure, for example by use of physical security and restricted access to electronic records. Where we no longer require the personal information for a permitted purpose under the NPPs, we will take reasonable steps to destroy it.

In the event that a client ceases to be a customer of RVAG, the client’s personal information will be kept for a period of 7 years, after which the information will be destroyed.

We take reasonable steps to ensure that the personal information it holds is accurate, complete and up-to-date. We encourage clients to contact us in order to update any personal information we hold about them. Our contact details are set out below.

Privacy Officer
RV Advisory Group Pty Ltd
Phone: 03 9424 2774
Email: reetika@rvag.com.au

Subject to the exceptions set out in the Privacy Act, clients may gain access to the personal information, which RVAG holds, about them by contacting the RVAG Privacy Officer. If we refuse to provide the information, we will provide reasons for the refusal and inform the client of any exceptions relied upon under the Privacy Act. We will endeavour to respond to any request for access within 14 -30 days of the request depending on the complexity of the information requested.

We will require identity verification and to specify what information is required. An administrative fee for search and photocopying costs may be charged for providing access. We will advise the likely cost in advance.

This policy is current as of 9^th August 2023 and will be reviewed from time to time to take account of new laws and technology, changes to our operations and practices and the changing business environment. The most current version is available at www.rvag.com.au and can also be obtained by contacting our Privacy Officer at reetika@rvag.com.au

It is the responsibility of management to inform employees and other relevant parties that this Privacy Policy is maintained and enforced. Management must ensure that they periodically advise RVAG’s employees and other relevant parties of any changes or any new Privacy Policies in a timely manner. It is the responsibility of all employees and other relevant parties to ensure that they understand and adhere to this Privacy Policy. Ignorance of the existence of the Privacy Policy will not be an acceptable excuse for non-compliance.

All new employees must be provided with timely and appropriate access to RVAG’s Privacy Policy. All employees must be provided with opportunities to attend appropriate and periodic Privacy awareness training and must ensure that they understand the Privacy related issues that could adversely affect RVAG’s position if not properly adhered to.

Any RVAG employee or relevant third party that identifies, knows about, or suspects a Privacy breach must immediately report the matter to the Privacy Officer. Employees or other relevant parties that contravene or do not comply with RVAG’s Privacy Policy may be subject to disciplinary action.

If a client has a privacy complaint, he or she is required to send it in writing to the Privacy Officer.

RVAG has an effective incidents/complaints handling process in place to manage privacy risks and issues. The incidents/complaints handling process involves:

• identifying (and addressing) any systemic/ongoing compliance problems;
• increasing consumer confidence in RVAG’s privacy procedures; and
• helping to build and preserve RVAG’s reputation and business.

We must ensure that all contractual arrangements with third parties adequately address privacy issues.

Each third party is aware of this Privacy Policy, and has informed us that they have implemented policies in relation to the management of personal information in accordance with the Privacy Act, including:

• regulating the collection, use and disclosure of personal information;
• de-identifying personal information wherever possible;
• ensuring that personal information is kept securely, protected from loss or misuse, with access to it only by authorised employees or agents
  of the related organisations; and
• ensuring that personal information is only disclosed to organisations which are approved by RVAG.

The third parties specifically agree only to use personal information for the purposes consented to by RVAG or by the client’s concerned.

RVAG’s website may contain links to other websites whose operator may or may not adhere to a privacy policy or be governed by the NPPs. RVAG has no control over the privacy practices of sites that are linked to this site via hyperlinks or banner advertising. Please take care at all times to check whose site you are visiting.

When a client accesses our website, our website may use cookies which allow us to identify the client’s browser. Cookies do not identify the client – they simply allow us to track usage patterns so that we can measure the level of interest in various areas of its site. All browsers allow clients to be notified when they receive a cookie and elect whether to accept it.

We may also use third parties to analyse traffic at our website, which may involve the use of cookies. Information collected through such analysis is anonymous. This privacy policy also applies to users of our Website.

If you have any questions about privacy-related issues please contact the RVAG Privacy Officer:

Reetika Gupta
Privacy Officer
Telephone: 0420 661 881
Email: reetika@rvag.com.au