YOUR PRIVACY

Boyce Pty Limited collects and holds personal information from clients, customers, employees, contractors and other individuals. We collect and hold this information when it is necessary for business purposes.

The main types of information collected and held by Boyce Pty Limited relate to the contact details and organisation roles of our clients, suppliers and other business contacts. Typically this information includes names, addresses, telephone numbers, email addresses and job titles.

We collect most information directly from individuals when we deal with them. The personal information collected may be provided in forms filled out by individuals, face to face meetings, email messages or telephone conversations.  If you contact us, we may keep a record of that contact.

There may be some instances where personal information about you will be collected indirectly, for instance if you put us in contact with other service providers or we collect information about you from a government information service (eg the Australian Tax Office). 

In the course of providing professional services to our clients, we may also collect sensitive and special categories of personal information. Sensitive information we may collect includes health information and information about racial or ethnic origins. Special categories of information we may collect include tax file numbers, financial details, and credit information.

In some instances it may be necessary to collect personal, sensitive and special categories of information from clients that relates to their employees, members, customers, third parties, their spouse and dependents to provide professional services to those clients. In those circumstances we rely on clients to only provide us with information that they have handled in accordance with the Privacy Act, including obtaining any necessary consent to disclose that information to Boyce Pty Limited for the purposes use and disclosure in accordance with this Privacy Policy.

If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the services you, or they, are seeking.

The main purposes for which Boyce Pty Limited collect, hold and use personal information are:

• To provide you with our financial and advisory services
• To respond to an individual’s request;
• To maintain contact with clients;
• To keep clients and other contacts informed of the financial and advisory services we offer and industry developments or legislative changes that may be of interest to them, and to notify them of service offerings, seminars and other events we may be holding;
• For general management and reporting purposes such as invoicing and account management;
• As otherwise required or authorised by law; and
• For recruitment purposes;
• Meeting our AML and CTF Act obligations
• Direct marketing purposes  
• Other purposes related to our business.

Boyce Pty Limited also uses your personal information to send you information such as marketing or resource information (either by email or post).  You may elect at any time to no longer receive such information by writing to the Privacy Officer, Boyce Pty Limited PO Box 1100 Dubbo NSW 2830 or by emailing us at privacy@boyceca.com.

Alternatively, if we have contacted you by email, you may use the unsubscribe function in that email to notify us that you do not want to receive further marketing or resource information from us by email.

Employee records are generally not subject to the Privacy Act and therefore this Privacy Policy may not apply to the handling of information about employees by Boyce Pty Limited. For further information about our practices relating to the handing of personal information of employees or job applicants, please contact the People and Culture Team, Boyce Pty Limited on 02 6971 0600 or email PC@boyceca.com.

Generally, Boyce Pty Limited only use or disclose personal information about you for the purposes for which it was collected as described in this document and for the specific purposes listed below:

• If it is necessary to provide you with a service or product which you have requested;
• If it is necessary to protect the rights, property or personal safety of any member of the public or a client of Boyce Pty Limited or the interests of Boyce Pty Limited;
• If some or all of the assets or operations of Boyce Pty Limited may be transferred to another party as part of the sale of some or all of Boyce Pty Limited business, in which case permission would be sought from all of our clients to pass on any information;
• If you give your consent; or
• If such disclosure is otherwise required or permitted by law, regulation, rule or professional standard.

Boyce Pty Limited may also share non-personal, non-identifiable and aggregated information for research or promotional purposes. Except as set out in this policy we do not sell or trade personal information with third parties.

As part of the provision of our services and business operations it may be necessary to allow individuals or organisations outside of Boyce Pty Limited access to personal information held by us.  This may include, but is not limited to, our related entities and organisations and our third party services providers who assist us in operating our business, such as independent contractors and consultants, off-site security storage providers, information technology providers, outsourced para-planning, event managers, credit managers and debt collecting agencies. We generally require our service providers to adhere to our privacy guidelines and not to keep, use or disclose personal information we provide to them for any unauthorised purposes, however, these service providers may not be required to comply with our Privacy Policy (and will be dealt with in accordance with their own privacy policy).

If you ask us to sign up to third party applications or services on your behalf (for instance Xero or Evolv for SMSF audits), we will do so, but those services are subject to their own terms and privacy policies, and we do not control what access to personal information those services have.  Use of those services may also involve the disclosure of personal information overseas.  It is your responsibility to review the terms of use and privacy policies of any such services. Boyce Pty Limited does not share this information with credit reporters.

This Privacy Policy applies to any personal information we collect via our websites including boyceca.com, boycefs.com and boycecareers.com, and applications including mobile applications. In addition to the personal information you provide to us directly (such as where you make a request or complete a registration or subscribe to a publication), Boyce Pty Limited collects personal information from you via our applications and websites.

Cookies will be used on some areas of our websites to allow a website to recognise a previous user and to observe how a user navigates within a website. If you are concerned about the use of cookies, you can configure your web browser to reject or delete cookies.

In order to properly manage our websites and applications we  log certain statistics about users of the facilities, for example software versions used, device identifiers (IP address), location data, dates, times, file metadata, referring website, data entered and user activity such as links clicked. This information does not specifically identify an individual and is used solely to ensure our website and applications present the best possible navigational experience for users.

In some cases third parties may use cookies and other technologies such as those described above in connection with activities like surveys, website analytics and email campaign management. The services we may use from time to time include Google Analytics, Campaign Manager and Microsoft. You can contact us to request further details for the services we use.

As we endeavour to ensure website users are provided with as much information and resources as possible, our websites include a number of links to websites operated by third parties. Boyce Pty Limited is not responsible for the privacy practices or policies of those sites. We encourage you to review each website’s privacy policy. A link to a non-Boyce Pty Limited website is not an express or implied endorsement, promotion or warranty of the products or services offered by or accessible through that site or advertised on that site.

We hold personal information electronically and in hard copy form, both at our own premises and with the assistance of outside service providers based in Australia. Some or all of this personal information may be available to directors and authorised staff of Boyce Pty Limited for use in accordance with this Privacy Policy.

We implement a range of measures to protect the security of your personal information and protect it from interference, misuse, loss, unauthorised access, modification or disclosure, including electronic and physical security measures.

Boyce Pty Limited takes technical, physical and organisations measures to protect your information against accidental or unlawful destruction, alteration, disclosure, or access. We employ several physical and electronic safeguards to keep your information safe. Where appropriate, data is protected using encryption and access is monitored. We store all our data on servers in secure facilities and implement systematic processes and procedures for securing and storing data. We limit access to your personal and financial information to only those employees, contractors or third parties with authorised access and who need to know the information in order to perform their jobs. 

We also take measures in respect of destroying or de-identifying personal information that is no longer required for any business or legal purpose.

Boyce Pty Limited may also use overseas facilities or contractors to provide certain services to us. As a result, we may at times be required to transfer your personal information to our overseas facilities or contractors. This may include:

• email services with locations in the United States. 
• Practice management, financial statement and income tax return preparation software with support staff located in New Zealand.
• Development and support of Boyce Management Insights (BMI) with contractors located in India.
• Microsoft Teams which we use for internal communication where chat data may be stored in the Asia Pacific region, including Hong Kong, Japan, Malaysia, Singapore and South Korea

We acknowledge the introduction of the mandatory data breach notification scheme which commenced on 22 February 2018. In the event of an ‘eligible data breach’ we will promptly notify the Office of the Australian Information Commission and any affected or at risk individuals. Generally speaking, this would be when we have reasonable grounds to believe that there has been unauthorised access or disclosure of personal information, or that the information has been lost in a way that is likely to give rise to unauthorised access or disclosure and where there is a likely risk of serious harm as a result of the unauthorised access or disclosure

If we notify you of a breach, where possible we will provide recommendations as to the steps you should take regarding the breach.

There are a number of exceptions that apply in relation to our obligation to notify you of an eligible data breach. These include where we have taken sufficient remedial action before any serious harm is caused.

We will provide access to personal information upon request by an individual except in limited circumstances prescribed by the Privacy Act 1988 (Cth), for example where granting access would infringe another person’s privacy.

If you make a request to access personal information we may require that you provide some form of identification such as a driver’s licence or passport so that we can verify that you are the person to whom the information relates. Boyce will  acknowledge your request or complaint and respond to you regarding your complaint within a reasonable period of five business days.

If at any time you want to know what personal information we hold about you, you may contact us by writing to: The Privacy Officer, Boyce Pty Limited, PO Box 1100, Dubbo NSW 2830, or emailing us at privacy@boyceca.com.  If you believe that the information we hold about you is incorrect, incomplete or out of date, or if you have concerns about how we are handling your personal information, please contact us and we will try to resolve your concerns.

If we refuse to correct your personal information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.

If you have any further queries relating to our Privacy Policy, or you have a problem or complaint, please contact our Privacy Officer at the details below.  If you are not satisfied with our handling of your problem or complaint you may contact the Office of the Australian Information Commissioner at www.oaic.gov.au or by phone 1300 363 992.