Privacy Policy | Zaju & Company

Protecting our clients’ privacy is very important to us. The Privacy Act requires that we handle your personal information in accordance with a set of national principles, known as the Australian Privacy Principles (APPs), which regulate the collection, use, correction, disclosure and transfer of personal information about individuals by organisations like us in the private sector. This Policy explains Zaju & Company Pty Ltd ATF Zaju Consulting Trust ABN 47 501 984 117 (us, we or our) policies and practices with respect to the collection, use and management of your personal information and our approach to the APPs.

Roles, Responsibilities And Policy Governance

Our Director is ultimately responsible for overseeing this Policy. Our Privacy officer is responsible for updating this Policy and for managing the business impacts of privacy laws within Zaju & Company.

This Policy is reviewed and updated annually by the Privacy Officer, unless required earlier. The most current version of the Policy can be obtained from our website or by contacting us using the details below. Questions about this policy should be directed to the Privacy officer.

Further Information and Feedback

You can contact our Privacy officer by:

Phone: 1800 925 826

Mail: PO Box 254, Indooroopilly Centre Qld 4068

Email: consulting@zaju.com.au

General Obligations

What information do we collect?

We will collect and hold your personal information for the purposes of:

Providing advice, products and services to you
Managing and administering our consulting and support services to you
Verifying your identity
Letting you know about our other products and services

The type of information collected from you includes information that is necessary to operate your account or for us to provide advice to you. We may ask you to provide personal information such as your:

Name, residential or postal address, email address, date of birth, telephone numbers (including mobile and fax)
Details of your interactions with us
Location information
Bank account details or credit or debit card details
Business (AFSL representatives), accounting and financial information
Occupation, employment history and details
Residency status and tax file number (TFN)
Criminal and bankruptcy history
Any other relevant information that you give to us for the purpose of providing you with our products or services

This information is primarily collected from forms you have completed, or through ongoing communications with you or persons you authorise to communicate with us on your behalf such as your representative(s). We may collect information about you from others such as:

Related entities
Third party suppliers and service providers in connection with providing our products and services
Public sources such as ASIC or AFCA
Your current/previous employer
Representatives of your AFSL

We will inform you of any legal requirements for us to ask for information about you and the consequences of not giving us that requested information. For example, we will require certain identification documents to facilitate applications for financial services licences with ASIC.

We will only solicit personal information about you where you have knowingly provided that information to us, we believe you have authorised a third party to provide that information to us, or we are obligated by law to obtain such information. Third parties that we may need to collect information from include your authorised representatives, product issuers, employers, accountants or solicitors. To verify your identity for Know Your Customer (KYC) purposes, we may also solicit personal information about you from reliable identity verification service providers.

What if you do not give us the information we request?

You are not obligated to give us the information that we request. However, if you do not give us the information that we ask for, or the information you give is not complete or accurate, this may:

Prevent us from being able to provide you with business and regulatory consulting services
Prevent our services from meeting your needs or may cause you to suffer unforeseen financial consequences
Prevent or delay the processing of your application(s) or variations with ASIC or your professional indemnity insurer
Prevent us from lodging notices with ASIC or other regulatory bodies on behalf of your AFS licensee or entities
Prevent us from contacting you

Use Of Information

How do we use the information that we collect from you?

We use your personal information for the purpose for which it has been obtained and for related purposes. For example, we may collect, hold, use and disclose your personal and credit information for the following purposes:

To provide regulatory consulting services such as AFSL applications and variations, carrying out audits of representatives, and general licensee management consulting
To provide compliance reports to ASIC where required
To send service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested
To provide information to representatives and advisors, including lawyers and accountants, to help us comply with legal, accounting, or security requirements
To send marketing and promotional messages and other information that may be of interest to our clients
To send surveys to our clients which enable us to enhance our products and services
To enable our clients to access and use our website and services
To identify and control or minimise risks to our services
To enable us to monitor suspicious or fraudulent activity in relation to our services
To enforce compliance with our terms
Where we believe it is necessary to protect our legal rights, interests and the interests of others, including in connection with legal claims, compliance, regulatory and audit functions, prevention of fraud, ensuring data security
To comply with our legal obligations, resolve any disputes that we may have with any of our customers, and enforce our agreements with third parties and
For any purpose related to the above

We will not adopt as our own any identifiers that you may provide to us such as TFNs, Medicare numbers or MyGov details etc. They may be held on file if you have provided consent.

Disclosure

Who do we give your information to?

For the purpose of providing services to you (or a related purpose), we may disclose personal and credit information for the purposes described in this Privacy Policy to:

Organisations involved in providing, managing or administering our products or services such as paraplanning services, advice software vendors, external dispute resolution services, insurers, investment managers, product issuers, superannuation trustees or mail houses
Businesses that supply software or application services to us such as Microsoft or Large Language Models/AI
Other Australian Financial Services Licensees, financial advisers or their agents for due diligence purposes in the event of business sales or reference protocols
Financial institutions that hold accounts for you
Professional advisers appointed by us such as accountants to ensure the integrity of our operations
Professional advisers appointed by you (including your accountant, solicitor, executor, administrator, trustee, guardian or attorney)
Businesses that may have referred you to us (for example your Accountant or Lawyer)
Related entities
Third party suppliers and service providers in connection with developing and providing our products and services
Payment systems operators such as Xero, Ezidebit or Stripe
Banks or other financial institutions
Anyone to whom our assets or businesses (or any part of them) are transferred
Specific third parties authorised by you to receive information held by us

Like other financial services companies, there are situations where we may also disclose your personal information where it is:

Required by law such as to the Australian Securities and Investments Commission (ASIC), the Australian Taxation Office (ATO), pursuant to a court order, or the Australian Transaction Reports and Analysis Centre (AUSTRAC)
Authorised by law such as where we are obliged to disclose information in the public interest or to protect our interests
Necessary to discharge obligations such as to foreign governments for the purposes of foreign taxation
Required to assist in law enforcement such as to a police force or AUSTRAC

We may also disclose your information if you give your consent.

Will my information be disclosed overseas?

It is generally unlikely that we will disclose your personal information overseas. However, we may use third-party service providers or outsourcing services that include offshore operations to provide services to you (such as Microsoft or Large Language Models/AI services as described earlier). Depending on the circumstances, the relevant countries will vary such that it is not practicable to list them here.

Any overseas disclosure does not affect our commitment to safeguarding your personal information and we will take reasonable steps to ensure any overseas recipient complies with the APPs.

Where we may transfer your personal information overseas, we will ensure that appropriate contractual measures are in place requiring the overseas entity to protect your personal information in accordance with our obligations under Australian privacy law.

Access And Correction Of Information

Can I access my information and what if it is incorrect?

You may request access to the personal information we hold about you.

There may be circumstances where we are unable to give you access to the information that you have requested. If this is the case, we will inform you and explain the reasons why.

We will take reasonable steps to ensure that the personal information we collect, hold, use or disclose is accurate, complete, up to date, relevant and not misleading.

You have a right to ask us to correct any information we hold about you if you believe it is inaccurate, incomplete, out of date, irrelevant or is misleading. If we do not agree with the corrections you have supplied and refuse to correct the personal information, we are required to give you a written notice to that effect and a statement if requested.

To access or correct your personal information, please contact us. We will take reasonable steps to make any necessary updates.

Protection Of The Personal And Sensitive Information That We Hold

How do we protect the security of your information?

We have security systems, practices and Procedures in place to safeguard your privacy. We also train our staff as to their obligations about your personal information.

We may use cloud storage or third-party servers to store the personal information we hold about you. These services are subject to regular audit and the people who handle your personal information have the training, knowledge, skills and commitment to protect it from unauthorised access, disclosure or misuse.

If you use secure sections of our websites, we will verify your identity by your username and password. Once verified, you will have access to secured content. You are responsible for maintaining the secrecy of your login details.

Risks of using the Internet

There are inherent security risks in transmitting information through the internet. You should assess these potential risks when deciding whether to use online services. If you do not wish to transmit information through electronic means, there are other ways in which you can provide information to us.

Our websites may use cookies and/or other analytics tools which may enable us to identify you, your browser or other information about you while you are using our site. These cookies may be permanently stored or temporary session cookies. They are used for a variety of purposes, including security and personalisation of services. They are frequently used on websites, and you can choose if and how a cookie will be accepted by configuring your preferences and options in your browser.

All browsers allow you to be notified when you receive a cookie, and you may elect to either accept it or not. If you wish not to accept a cookie, this may impact the effectiveness of the website.

Where you choose to communicate with us by email, we may store your email, name and address with any other contact or personal details you have provided on our databases.

Retention of your personal information

We are required by law to retain certain records of information for varying lengths of time and, in certain circumstances, permanently. Where your personal information is not required to be retained under law and is no longer required for the purpose for which it was collected, we will take reasonable steps to destroy or de-identify it.

European Union General Data Protection Regulation (GDPR)

If you reside in a country that is a member of the European Economic Area (the EU and Norway, Lichtenstein and Iceland), in addition to the protection you receive under the Privacy Act, you are entitled to other protections provided by the GDPR, including, in certain circumstances, the right to:

Have your personal information erased
Access your personal information in an electronic and portable format
Restrict or object to the processing of your personal information

Complaints And Breaches

If you believe that we have breached the APPs by mishandling your information, you may lodge a complaint with the Privacy officer.

The Privacy officer will respond to your complaint within 30 days
If you are not satisfied with the outcome, you may lodge a complaint with the Australian Information Commissioner (OAIC). Further information is available at www.oaic.gov.au

If you have a complaint about a breach of the GDPR, you may contact the local regulator in your European Economic Area.

We are committed to helping you have control of your personal information and so it is our practice to take reasonable steps to notify you if we are aware that we have breached your privacy.

In accordance with the Notifiable Data Breaches Scheme, if your personal information is involved in a data breach that is likely to result in serious harm to you, we will notify you and the Australian Information Commissioner.

Effective: 6 May 2025