The Trustee recognises the importance of protecting the privacy of an individual’s personal information.
3. Overview of this policy
Personal Information Handling Practices, explains the Trustee’s general information handling practices across the Fund including information about how personal information is collected, used, disclosed and stored.
Information Collected Online, explains how the Trustee manages general and personal information collected and handling practices when a Member or an individual, interacts with the MTAA Super website (mtaasuper.com.au).
4. Personal Information Handling Practices
a) Dealing with the Trustee anonymously An individual has the option of interacting with the Trustee anonymously or by using a pseudonym. In such circumstances, the Trustee may provide the individual with general information about the Fund or its processes. The Trustee will not, however, be able to provide the individual with any specific information regarding his or her interest in the Fund. The provision of certain identifying information is required by law and/or for integrity purposes to administer member accounts, provide members with access to certain features of the MTAA Super website, and to provide access to other products, services and features that relate to the Fund.
b) Collection of personal information The Trustee collects personal information for the purpose of administering Fund membership. If the Trustee is unable to obtain the personal information it requires, it may be unable to properly administer a member’s account or benefits.
The Trustee may collect personal information in respect of an individual:
from the individual, in relation to their membership or other interest in the Fund;
from a member, if the individual has been nominated by the member as their beneficiary; or from an employer, in relation to a member’s membership or the employer intends to make contributions to the Fund in respect of the individual.
from an employer, in relation to a member’s membership or the employer intends to make contributions to the Fund in respect of the individual.
The Trustee may also collect personal information in respect of an individual at Trustee sponsored events, provided the individual has consented to such collection.
Personal information that is collected by the Trustee generally includes an individual’s full name, address, contact number(s), email address, date of birth and Tax File Number (if quoted).
Over time, additional financial or other information may be necessary to administer Fund membership, which the Trustee may collect from members, medical practitioner(s) or employer(s). This information may include financial details or medical records for the purpose of assessing eligibility for insurance cover or claims. In these circumstances, the Trustee would only collect such information with consent of the member, and only collect information that is necessary for the administration of the member’s account.
Personal information is primarily collected by the Trustee through external service providers:
Sensitive information For the purposes of administering the Life, Total and Permanent Disability or Income Protection Insurance products or assessing eligibility for insurance cover or claims, sensitive information such as race, ethnicity, disabilities, illnesses, injuries or any other health information, may be collected from members. The Trustee will only collect sensitive information with consent of the individual, and only collect information that is necessary for the administration of the member’s benefits. The Trustee recognises the importance of securing all information particularly that which is sensitive in nature and has implemented internal procedures to ensure that this information is adequately handled and protected.
Unsolicited information received In limited circumstances the Trustee may receive personal information which is not requested nor sought directly from an individual. If the Trustee determines that it could have collected the personal information for the purpose of administering Fund membership, the personal information will be managed as if it were received in the normal course of business. Otherwise, the information will be destroyed as soon as practicable, provided it is lawful to do so and the information is not contained in a Commonwealth record.
Government identifiers The Trustee will not adopt as its own identifier a government related identifier of an individual, such as a Tax File Number or Medicare card number. In addition, it will only use or disclose a government related identifier where the use or disclosure:
is reasonably necessary for the Trustee to verify the individual’s identity for the purposes for which it was provided, or for purposes which are directly related the Fund functions;
is reasonably necessary for the Trustee to fulfil its obligations to an agency or a State or Territory authority;
is required or authorised by or under an Australian law; or
is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.
c) Dealing with and use of personal information
Personal information received by the Trustee will only be used for the purpose for which it was provided, or for purposes which are directly related to the Fund’s functions.
MTAA Super has appointed a Fund Administrator, Insurers and other specialist organisations to provide professional services to MTAA Super. They are authorised, under the strictest confidence, to only use an individual’s personal information to administer Fund membership in accordance with the APPs.
An individual’s personal information will not be used or disclosed to any other third party, body or agency for any other purpose unless one of the following applies:
the individual would reasonably expect that personal information of that kind would be passed to those third parties, bodies or agencies;
it is otherwise required or authorised by law for example, the Trustee is required to report certain information to the Australian Taxation Office (ATO) for tax related purposes;
the individual has consented to the use or release;
it will prevent or lessen a serious and imminent threat to somebody's life or health;
it is reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of public revenue.
Member Personal information may be provided to third parties for the purposes of conducting research and analytics related to the functions of the Trustee.
A member’s personal information may also be provided to the ATO to locate a member’s lost super, provided the member has consented to this disclosure. The individual may opt out at any time by contacting the Trustee’s Privacy Officer.
The Trustee’s collection of personal information at Trustee sponsored events is generally collected by way of conducting a competition for the purpose of promoting careers in the motor trades and allied industries. Personal information collected at such events may therefore be provided by the Trustee to third parties involved with conducting the relevant competition, or to state automotive training organisations, provided the individual had consented to this disclosure. The individual may opt out at any time by contacting the Trustee’s Privacy Officer.
Retention of Member information The Trustee will only retain member information for the minimum period of time required to facilitate the administration of the member account and to ensure compliance with Legislative requirements. To facilitate this, the Trustee has identified that:
all hard copy documents will be destroyed within three months of being imaged/scanned;
all digital records will be held for a period of at least ten years following the closure of a member account; and
Subsequent to this period member information that is no longer required will be destroyed or de-identified as appropriate.
Direct marketing The Trustee may use or disclose personal information in order to inform individuals of products and services that may be of interest to them. An individual may opt-out of receiving such communications at any time using the opt-out mechanism available on such communications, or by contacting the Trustee’s Privacy Officer.
The Trustee will not use or disclose sensitive information for the purpose of direct marketing unless the individual has consented to being contacted for such purpose.
The Trustee will not disclose personal information to an entity that is located outside Australia, nor allow such an entity to hold personal information, unless one of the following applies:
The Trustee has taken reasonable steps to ensure that the overseas entity is committed to protecting the individual’s privacy and complies with the APPs; or
The Trustee reasonably believes that:
the overseas entity is subject to a law or binding scheme that, overall, is at least substantially similar to the way in which the APPs protect information, and there are mechanisms that the individual can access to take action to enforce that protection of the law or binding scheme; or
the disclosure of the information is required or authorised by or under an Australian law or a court/tribunal order; or
the overseas entity is an agency and the disclosure of the information is required or authorised by or under an international agreement relating to information sharing to which Australia is a party; or
the overseas entity is an agency and the overseas entity reasonably believes that the disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body, and the recipient is a body that performs functions, or exercises powers, that are similar to those performed or exercised by an enforcement body.
If applicable the overseas jurisdictions where personal information may be held or disclosed is attached to this policy at Appendix A.
d) Integrity of personal information
The Trustee takes steps to ensure that personal information collected is accurate, up to date, relevant and complete. These steps include maintaining and updating personal information when advised by individuals that their personal information has changed, or proactively seeking clarification of details as necessary.
The Trustee takes steps to protect the personal information held to prevent against loss, unauthorised access, use, modification, interference or disclosure, and against other misuse. These steps include password protection for access to its information technology systems, securing paper files in locked cabinets and other physical access restrictions.
When the personal information is no longer required by the Trustee, it will de-identify, destroy or delete the information in a secure manner as deemed most appropriate by the Trustee for the particular item.
The Trustee has security practices, procedures and measures in place to safeguard privacy. Staff that handle personal information have the knowledge, skills, training and commitment to protect it from unauthorised access or misuse.
Despite taking reasonable steps, it is possible that data breaches may occur from time to time.
An eligible data breach occurs when a reasonable person would conclude that there is a risk of serious harm to a member as a result of a data breach and the Trustee has not been able to prevent the likely risk of serious harm with remedial action.
The Trustee is committed to taking action to prevent and minimise the risk of an eligible data breach. However, if we have reasonable grounds to believe that an eligible data breach has occurred, we will notify all affected members and recommend any steps that members should take in response to the data breach. We are also required to notify the Australian Information Commissioner.
e) Access and correction of personal information An individual may at any time request access to personal information held by the Trustee about them, or request that the Trustee correct their personal information, subject to the individual providing appropriate proof of identity. The Trustee will allow access or make requested changes unless it is determined that there is a sound reason under the Privacy Act, APPs or other relevant legislation to withhold the information, or not make the requested changes.
If the Trustee does not agree to provide access to personal information or to amend or annotate an individual’s personal information, written notice will be provided to that individual. The individual may seek a review of the Trustee’s decision or make a statement about the requested changes to be attached to the record.
Individuals can obtain further information about how to request access or change information held by the Trustee by contacting 1300 362 415.
If an individual believes that the Trustee has breached it responsibilities under the Privacy Act or the APPs they should write to:
Locked Bag 5134
Parramatta NSW 2124
Submissions will be assessed and responded to within 30 days depending on business demands.
Further information about the Privacy Act or the APPs can be obtained from the Office of the Australian Information Commissioner’s on 1300 363 992 or by email: email@example.com.
5. Information collected online
a) Collection of online Information
General and personal information collected about an individual, and their activities on the MTAA Super website, will depend on the manner in which the individual uses the facilities offered by the MTAA Super website. When an individual visits the unsecured area of the MTAA Super website to read, browse or download information, the system will record:
the date and time of visit to the MTAA Super website;
the pages viewed on the MTAA Super website;
the operating system in use; and
any information downloaded by the individual.
The systems will not record any personally identifiable information.
The MTAA Super website currently offers a number of interactive facilities including tools such as budget planners, super retirement, salary sacrifice and aged pension calculators. The Trustee does not capture any personal information entered when using the provided online tools except where a session is suspended and saved. In this case, information is stored so that the user may recover the information at a later point. Any information stored in a suspended or saved session is segregated and not visible or accessible by MTAA Super staff.
b) Dealing with and use of online information Information collected within the unsecured section of the MTAA Super website is only used for data metric purposes and in the case of saved planning sessions for retrieval by the user.
Information collected within the Member section of the MTAA Super Website is only used for the purpose of administering the member’s account.
The Trustee does not provide or disclose personal information collected online to other Australian or international organisations or individuals without the consent of the individual, unless the individual would reasonably expect, or has been told, that information of that kind is usually disclosed, or the disclosure is otherwise required or authorised by law.
Within the MTAA Super website is a secure section, SuperSite™ which provides Member services. SuperSite™ uses temporary session cookies which if a browser is configured to reject all cookies, will prevent use of SuperSite™. All other MTAA Super website content should appear as normal.
The Trustee will preserve the content of any e-mail received if it is believed that there is a legal requirement to do so. E-mail message content may be monitored for security purposes including where e-mail abuse is suspected and response may be monitored for quality assurance purposes.
E-mail addresses, may be used to promulgate information such as updates on new and existing products and services offered by the Trustee as well as information relating to products and services offered to Members by other companies.
e) System Security
f) Access and Correction
For information about how to access or correct personal information collected on the MTAA Super Web Site see Access and Correction in Part 4 of this document.
6. Review of this Policy
there are changes to relevant standards.
MOTOR TRADES ASSOCIATION OF AUSTRALIA SUPERANNUATION FUND PTY LTD ABN 14 008 650 628
The Trustee has appointed a Fund Administrator, Insurers and other specialist organisations to provide professional services to MTAA Super. They are authorised, under the strictest confidence, to only use an individual’s personal information to administer Fund membership in accordance with the Privacy Act 1988 and associated APPs.
This list is accurate at the date on which this policy is approved, based on the information available to the Trustee. Reasonable steps have been undertaken to ensure the information contained below is accurate. Due to business operational variations and circumstances, this register is subject to change. This register will be updated by the Trustee when it becomes aware of a change.
MetLife Insurance Limited (ABN 75004274 882)
MetLife provide Total Permanent Disablement (TPD), Income Protection and Life Insurance products to members of the Trustee.
As part of the provision of insured benefits to Members, disclosures may be made to MetLife, and as a result to the listed countries predominately due to relationships with reinsurers.
Australian Administration Services Pty Ltd (ABN 62 003 429 114)
Papua New Guinea
China [Hong Kong]
The Link Group does not hold or disclose Personal Information to overseas entities however does have connections to a number of support functions located in foreign jurisdictions. The Link Group takes reasonable steps to confirm that third parties with whom they deal, are also compliant with the Privacy Act
In executing services, activities and functions, where necessary, personal information may be disclosed to third parties and/or related bodies corporate.