Privacy Policy

Privacy Policy

This Privacy Policy sets out the personal information handling practices of the Wilson Pateras Group, including the following entities:

• Wilson Pateras Accounting Pty Ltd ACN 606 714 354 as trustee for the Wilson Pateras Accounting Trust ABN 40 184 483 623;
• Wilson Pateras Audit Pty Ltd ACN 687 092 717;
• Wilson Pateras Bendigo Pty Ltd ACN 684 660 651 as trustee for the Wilson Pateras Bendigo Trust ABN 26 587 636 889;
• Wilson Pateras IP Holdings Pty Ltd ACN 685 418 320 as trustee for the Wilson Pateras IP Holdings Trust;
• Wilson Pateras Lending and Finance (VIC) Pty Ltd ACN 606 064 313 as trustee for the Wilson Pateras Lending and Finance Unit Trust ABN 86 846 816 968;
• Wilson Pateras Sydney Pty Ltd ACN 684 661 603 as trustee for the Wilson Pateras Sydney Trust ABN 30 722 858 464;
• WPFP Group Pty Ltd ACN 623 340 698;
• Wilson Pateras Wealth Pty Ltd ACN 644 195 344 as trustee for the Wilson Pateras Wealth Trust ABN 11 210 431 740; and
• Canny Wealth Pty Ltd ACN 162 295 687 ABN 45 162 295 687;

(“we“, “us”, “our” or “Wilson Pateras Group”)

We recognise the importance of privacy, and we are committed to ensuring the privacy of your personal information. We are bound by the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) and the Health Privacy Principles contained in the Health Records Act 2001 (Vic) and Health Records and Information Privacy Act 2002 (NSW) in respect of our handling of personal information and health information, respectively. In this Privacy Policy, “personal information” includes any information about an identified or reasonably identifiable individual, and “health information” includes any information about the health of an individual that is also personal information.

By providing us with your personal information, you consent to us handling it in accordance with this Privacy Policy. If you provide us with any personal information about another individual, then we rely upon you to inform that individual of the details contained in this Privacy Policy.

We may amend this Privacy Policy from time to time. If we do so, we will publish the amended Privacy Policy on our website and via our email signature.

1. HOW + WHY DO WE COLLECT, STORE, USE + DISCLOSE OF PERSONAL INFORMATION

HOW DO WE COLLECT YOUR PERSONAL INFORMATION?

We collect personal information directly from you in person and from your communication with us, including by telephone, email, form, letter, file upload, facsimile or other means. For example, we may collect your personal information directly from you when:

• you request us to provide you with our products or services;
• you attend our events;
• you request us to provide you with information about our products, services or events;
• you complete a survey or provide feedback in respect of our products or services; or
• you subscribe to receive news or other information about our products or services.

We may also collect your personal information from a third party or publicly available source for the purpose of providing our services to you.

WHY WE COLLECT PERSONAL INFORMATION

We collect, store, use, and disclose personal information for purposes relating to our accounting, audit, financial planning and lending functions and activities. For example, we may collect, store, use, or disclose your personal information for one or more of the following purposes:

• providing you with our products or services;
• inviting you to attend our events;
• managing our client relationship with you;
• providing you with information about our products, services or events;
• sending you publications that may be of interest to you, invitations to events and product information alerts; and
• carrying out our accounting, audit, financial planning or lending functions and activities; and
• complying with our legal or regulatory obligations.

It is important to us that your personal information is up to date, accurate and complete. If you find that the information we have is not up to date or is inaccurate, please advise us through the ‘make an enquiry’ button on this website so we can update our records and ensure we can continue to provide quality services to you.

2. WHAT PERSONAL INFORMATION DO WE COLLECT?

The types of personal information that we collect and store about you depends on the type of product or service that we are providing to you.

The personal information that we collect and store about you may include:

• name, address and contact details, including email addresses;
• date of birth, age and your intended plans for retirement;
• marital status and information regarding any previous relationships;
• financial goals, needs, objectives and circumstances;
• details of your dependents and beneficiaries;
• financial information (for the purposes of preparing a tailored financial plan and/or statement of advice);
• your employment details (including your occupation, details of your employer, the nature of your employment and salary);
• details of any corporate structure which may be used by you to own and/or operate your business (and details of the relevant corporate entities);
• your Australian Tax File Number and Australian Business Number (where you have provided those to us);
• in some cases, insurance claim information;
• details of your assets, or assets in which you wish to invest;
• details of your health insurance provider (and relevant membership numbers);
• legal documents to which you are a party (including your will); and
• documentation which verifies your identity (which, in some cases, we are required to collect by the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth)).

We do not collect sensitive information about you unless required by law, or if you have consented to it. Sensitive information includes information relating to:

• racial or ethnic origin;
• political opinions or associations;
• religious or philosophical beliefs;
• trade union membership or associations;
• sexual orientation or practices;
• criminal record;
• health or genetic information; or
• some aspects of biometric information.

We may collect your health information with your consent, where it is relevant to provide our services including obtaining insurance for you.

If you choose not to provide information to us, we may not be able to provide you with our products or services.

3. HOW DO WE SECURELY STORE PERSONAL INFORMATION?

We are committed to keeping your personal information secure. We will take reasonable steps to protect your personal information from misuse, loss, unauthorised access, modification and disclosure. We store your personal information in different ways, including in paper and electronic format. The measures we take to protect the security of your personal information include electronic and physical security measures, such as:

• securing our premises, by requiring security passes to enter our offices;
• placing passwords and varying access levels on databases to limit access and protect electronic information;
• the use of firewalls, virtual private networks, encryption, passwords and digital certificates;
• providing locked cabinets and rooms for the storage of physical records; and
• requiring our staff to undertake ongoing privacy and data protection training.

Where the information we collect is no longer required, we will delete the information or permanently de-identify it.

4. WHEN WE MAY DISCLOSE PERSONAL INFORMATION

We may disclose your personal information to third parties for the purpose of providing our services including the following third parties:

• members of the Wilson Pateras Group to offer you or provide you with services such as accounting, audit, taxation, financial services and lending;
• your authorised representatives in connection with providing you with our products or services;
• other professional advisors such as accountants, auditors, lawyers and financial planners;
• software providers including cloud storage programs;
• document providers;
• service providers that assist us to carry out our accounting, audit, financial planning or lending functions and activities and process client work (“Service Providers”);
• insurance companies;
• financial institutions, including for the purpose of procuring finance for your investments where you have requested us to do so;
• organisations offering products and services you wish to invest in or obtain; and

• regulatory and government bodies.

In order to provide our services efficiently, we may disclose personal information to third-party service providers located outside Australia. These providers support our business functions such as:

• Administrative support
• IT and cloud-based systems (including email, file storage, and data processing)
• Artificial intelligence (AI) or transcription tools
• Customer service and software development

Where we do so, we take reasonable steps to ensure that those overseas recipients do not breach the Australian Privacy Principles (APPs) in relation to your personal information. We conduct suitable due diligence and risk assessments, including data security, of all third parties prior to engaging them or using their services.

We currently engage service providers based in the Philippines.

These providers are contractually required to maintain the confidentiality and security of your personal information and to use it only for the purposes for which it was disclosed. We do not sell or share personal information with overseas parties for marketing purposes. All overseas disclosures are made solely to help us deliver our services and meet our legal and compliance obligations.

By providing your personal information to us, you consent to the disclosure of your information to overseas recipients as described above. If you have any concerns about this, please contact us using the details provided in this policy.

We do not sell personal information to third parties.

We may additionally use or disclose personal information where authorised or required by law.

DIRECT MARKETING

We may use your personal information to send you publications that may be of interest to you (such as newsletters containing industry knowledge and changes to legislation), invitations to events and product information alerts. If you do not want to receive marketing communications from us, you can contact us as detailed at the end of this Privacy Policy (see ‘Contact us about Privacy’). In each direct marketing communication we send you, we will give you the opportunity to ‘opt out’ or unsubscribe from receiving marketing communications in the future.

5. ACCESS TO PERSONAL INFORMATION

Under the Australian Privacy Principles and Health Privacy Principles you have rights to access personal information and health information respectively that we store about you, except as set out below. To access the information, please contact our Risk and Compliance Officer at compliance@wilsonpateras.com.au.

In some circumstances, we may refuse to give you access to your personal information or health information. Those circumstances are set out in the Australian Privacy Principles and Health Privacy Principles respectively and include situations when your request may unreasonably impact on another person’s right to privacy and frivolous or vexatious requests. If we are entitled under the Australian Privacy Principles or Health Privacy Principles, to refuse to give you access to your personal information or health information respectively, we will tell you and provide reasons for our decision.

We reserve the right to charge a reasonable fee for fulfilling your request for access to your personal information or health information.

6. DATA BREACH PROCEDURE

In the event of a significant data breach, under the Notifiable Data Breaches (“NDB”) scheme we may be required to notify individuals who are likely to suffer serious harm as a result of an eligible data breach. We must also notify the Privacy Commissioner.

7. OUR WEBSITE

If you access our website, we may collect additional information about you in the form of your IP address or domain name.

Our website uses ‘Cookies’. Cookies are small text files placed on your computer when you first visit the site and are used on some parts of our website. Most browsers now recognise when a cookie is offered and permit you to refuse or accept it. If you are not sure whether your browser has this capability, you should check with the software manufacturer, your company’s IT help desk or your Internet service provider. We sometimes use cookies to analyse statistical data such as the date and time that you accessed the site and the internet address of the site that linked you to our site. We do not and are not able to use cookies to gain personal information.

Wilson Pateras uses remarketing to advertise online. Third-party vendors, including Google, show our ads on sites across the internet. Third-party vendors, including Google, use cookies to serve ads based on your past visits to this website. Visitors can opt out of Google’s use of cookies by visiting the Ads Preference Manager or visitors can opt out of a third-party vendor’s use of cookies by visiting Network Advertising Initiative opt-out page.

Our website may contain links to other websites. We are not responsible for the privacy practices of linked websites and any linked websites are not subject to our privacy policies and procedures. These third party websites are not under our control and we do not accept any responsibility for the conduct or operation of third party websites. Before disclosing information on any other website you should examine the terms and conditions and privacy policy of that website.

8. THIRD PARTY WEBSITES

We may, from time to time, provide you with links to websites owned or operated by unrelated third parties. These websites are not under our control and we are not responsible for their respective privacy handling policies. We suggest that you read theses websites’ privacy policies before disclosing personal information to them.

9. ARTIFICIAL INTELLIGENCE

As part of our commitment to delivering efficient and high-quality services, we may use artificial intelligence (AI) tools to assist in recording, transcribing, and summarising client meetings (including telephone, video, or in-person consultations).

These tools may capture and process personal information you share with us, such as your name, financial circumstances, and goals.

We use AI tools only for the purpose of:

• Accurately documenting advice discussions or service meetings;
• Ensuring we meet our regulatory obligations (such as record-keeping); and
• Enhancing the quality and consistency of the services we provide

We ensure that any AI tools or platforms we use:

• Comply with Australian privacy and data security standards;
• Are subject to strict access controls and confidentiality obligations;
• Do not use your personal information for unrelated or commercial

If an AI service provider is located outside Australia, we will take reasonable steps to ensure that the provider complies with privacy obligations equivalent to those under the Privacy Act 1988 (Cth) (in accordance with APP 8 – Cross-border disclosure).

You may request access to, or deletion of, meeting notes that have been recorded or transcribed using AI by contacting us at the details provided in this policy.

10. CONTACT US ABOUT PRIVACY

If you have any questions about this Privacy Policy or would like to contact us for any reason about privacy, then we ask that you contact our Privacy Officer in writing by emailing compliance@wilsonpateras.com.au.

If you have a complaint, we will respond in a reasonable time frame and advise whether we agree with your complaint.  If we do not agree, we will provide reasons.  If we do agree, we will advise what (if any) action we consider appropriate to take in response.  If you are still not satisfied after having contacted us, then if your complaint relates to our handling of your personal information you may contact the Office of the Australian Information Commissioner or, alternatively, if your complaint relates to our handling of your health information, you may contact the Office of the Victorian Health Complaints Commissioner.

You may contact the Office of the Australian Information Commissioner by:

Phone: 1300 363 992 Post: GPO Box 5218, Sydney, NSW 2001

Email: enquiries@oaic.gov.au

Website: www.oaic.gov.au/privacy

You may contact the Office of the Victoria Health Complaints Commissioner by:

Phone: 1300 582 113 Post: Level 26, 570 Bourke Street, Melbourne, VIC 3000

Email: hcc@hcc.vic.gov.au

Website: https://hcc.vic.gov.au/providers/reporting-privacy-breaches-or-incidents-hcc

Last updated: 3 December 2025