Privacy Policy

Section A – Introduction

  1. Introduction
    1. As part of PsyQuation Pty Ltd’s (“PsyQuation”) process to ensure that it continues to maintain the highest levels of professional integrity and ethical conduct, PsyQuation has adopted this Privacy Policy (“Policy”) to manage personal information in an open and transparent manner.
    2. The provisions of this Policy will assist PsyQuation in complying with the requirements of the Privacy Act 1988 (Cth) and the Australian Privacy Principles in protecting the personal information PsyQuation holds about its clients.
  2. When Does This Policy Apply?
    1. This Policy applies to all representatives and employees of PsyQuation at all times and the requirements remain in force on an ongoing basis.
  3. Glossary
    TermDefinition
    APP entitymeans an agency or organisation as defined in section 6 of the Privacy Act 1988.
    Australian law

    means

    (a) an Act of the Commonwealth or of a State or Territory; or

    (b) regulations, or any other instrument, made under such an Act;or

    (c) a Norfolk Island enactment; or

    (d) a rule of common law or equity.

    CollectsPsyQuation collects personal information only if PsyQuation collects the personal information for inclusion in a record or generally available publication.
    Court/tribunal order

    means an order, direction or other instrument made by:

    (a) a court; or

    (b) a tribunal; or

    (c) a judge (including a judge acting in a personal capacity) or a person acting as a judge; or

    (d) a magistrate (including a magistrate acting in a personal capacity) or a person acting as a magistrate; or

    (e) a member or an officer of a tribunal;

    and includes an order, direction or other instrument that is of an interim or interlocutory nature.

    De-identifiedpersonal information is de-identified if the information is no longer about an identifiable individual or an individual who is reasonably identifiable.
    HoldsPsyQuation holds personal information if it has possession or control of a record that contains the personal information.
    Identifier of an individual

    means a number, letter or symbol, or a combination of any or all of those things, that is used to identify the individual or to verify the identity of the individual, but does not include:

    (a) the individual’s name; or

    (b) the individual’s ABN (within the meaning of the A New Tax System (Australian Business Number) Act 1999); or

    (c) anything else prescribed by the regulations.

    Permitted general situationAs defined in s16A of the Privacy Act 1988
    Permitted health situationAs defined in s16B of the Privacy Act 1988
    Personal information means

    means information or an opinion about an identified individual, or an individual who is reasonably identifiable:

    (a) whether the information or opinion is true or not; and

    (b) whether the information or opinion is recorded in a material form or not.

    Sensitive information

    means

    (a) information or an opinion about an individual’s:

    (i) racial or ethnic origin; or

    (ii) political opinions; or

    (iii) membership of a political association; or

    (iv) religious beliefs or affiliations; or

    (v) philosophical beliefs; or

    (vi) membership of a professional or trade association; or

    (vii) membership of a trade union; or

    (viii) sexual orientation or practices; or

    (ix) criminal record;

    that is also personal information; or

    (b) health information about an individual; or

    (c) genetic information about an individual that is not otherwise health information.

    (d) biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or

    (e) biometric templates.

    Section B – Consideration Of Personal Information Privacy

  4. Privacy Statement
    1. PsyQuation’s CEO, Mr Michael Berman, must ensure that at all times the provisions of this policy are implemented in the day to day running of Psyquation.
    2. PsyQuation’s CEO must ensure that at all times this Policy:
      • is current and reflects the latest applicable Australian laws; and
      • contains the following information:
        • the kinds of personal information that PsyQuation collects and holds;
        • how PsyQuation collects and holds personal information;
        • the purposes for which PsyQuation collects, holds, uses and discloses personal information;
        • how an individual may complain about a breach of the Australian Privacy Principles, or other relevant legislation that binds PsyQuation, and how PsyQuation will deal with such a complaint;
        • whether PsyQuation is likely to disclose personal information to overseas recipients;
        • if PsyQuation is likely to disclose personal information to overseas recipients, the countries in which such recipients are likely to be located if it is practicable to specify those countries in this policy.

    Section C – Collection Of Personal Information (solicited Personal Information)

  5. Personal Information (other Than Sensitive Information)
    1. This Section C applies to the collection of personal information that is solicited by PsyQuation.
    2. PsyQuation must not collect personal information (other than sensitive information) unless the information is reasonably necessary for one or more of PsyQuation’s functions or activities.
    3. Psyquation’s functions or activities include:
      • PsyQuation’s software provides quantitative and behavioural analytics for the broker and trader community;
      • PsyQuation’s software is browser based and feeds in data from a client’s MT4 account and provides them with alerts when their trading goes outside pre-set parameters.
  6. Sensitive Information
    1. PsyQuation must not collect sensitive information about an individual unless:
      • the individual consents to the collection of the information and the information is reasonably necessary for one or more of PsyQuation’s functions or activities (as described in section 5.3); or
      • the collection of the information is required or authorised by or under an Australian law or a Court/Tribunal order; or
      • a permitted general situation exists in relation to the collection of the information by PsyQuation; or
      • a permitted health situation exists in relation to the collection of the information by PsyQuation
  7. Means Of Collection
    1. PsyQuation must only collect personal information by lawful and fair means.
    2. PsyQuation must only collect personal information about an individual from the individual (rather than someone else), unless it is unreasonable or impracticable to do so or the individual has instructed PsyQuation to liaise with someone else.
    3. PsyQuation will collect personal information from an individual when:
      • a Client creates a PsyQuation account via the PsyQuation website;
  8. Information Collected By PsyQuation
    1. The information PsyQuation collects may include the following:
      • name;
      • gender;
      • postal and email address;
      • phone number;
      • other information PsyQuation considers necessary to their functions and activities.
  9. Purpose Of Collection
    1. If an individual is acquiring or has acquired a product or service from PsyQuation, the individual’s personal information will be collected and held for the purposes of:
      • checking whether an individual is eligible for PsyQuation’s product or service;
      • providing the individual with PsyQuation’s product or service;
      • managing and administering PsyQuation’s product or service;
      • protecting against fraud, crime or other activity which may cause harm in relation to PsyQuation’s products or services;
      • complying with legislative and regulatory requirements in any jurisdiction;
      • to assist PsyQuation in the running of its business.
    2. PsyQuation may also collect personal information for the purposes of letting an individual know about products or services that might better serve their needs or other opportunities in which they may be interested. Please refer to Section G for further information.

    Section D – Collection Of Personal Information (unsolicited Personal Information)

  10. Dealing With Unsolicited Personal Information
    1. If PsyQuation:
      • receives personal information about an individual; and
      • the information is not solicited by PsyQuation
        PsyQuation must, within a reasonable period after receiving the information, determine whether or not it was permitted to collect the information under Section C above.
    2. PsyQuation may use or disclose the personal information for the purposes of making the determination under paragraph 10.1.
    3. If PsyQuation:
      • determines that it could not have collected the personal information; and
      • the information is not contained in a Commonwealth record,
        PsyQuation must as soon as practicable, destroy the information or ensure that the information is de-identified, only if it is lawful and reasonable to do so.

    Section E – Notification Of The Collection Of Personal Information

  11. Notification Of Collection
    1. This section 11 applies to:
      • solicited information; and
      • unsolicited information to which section 10 does not apply.
    2. PsyQuation must notify the individual of the following matters in the Privacy Statement:
      • PsyQuation’s identity and contact details;
      • if PsyQuation collects the personal information from a third party or the individual is not aware that PsyQuation has collected the personal information, the fact that PsyQuation so collects, or has collected the information and the circumstances of that collection;
      • if the collection of the personal information is required or authorised by or under an Australian law or a Court/Tribunal order, the fact that the collection is so required or authorised (including the details of the law or court);
      • the purposes for which PsyQuation collects the personal information;
      • the main consequences (if any) for the individual if the information is not collected by PsyQuation;
      • any other entities to which PsyQuation usually discloses personal information of the kind collected by PsyQuation;
      • that PsyQuation’s Privacy Statement and this Privacy Policy contains information about how the individual may access the personal information about the individual that is held by PsyQuation and seek correction of such information;
      • that PsyQuation’s Privacy Statement contains information about how the individual may complain about a breach of the Australian Privacy Principles and how PsyQuation will deal with such a complaint;
      • whether PsyQuation will disclose the personal information to overseas recipients; and
      • if PsyQuation discloses the personal information to overseas recipients – the countries in which such recipients will be located if it is practicable to specify those countries in the notification or to otherwise make the individual aware of them.

    Section F – Use Or Disclosure Of Personal Information

  12. Use Or Disclosure
    1. Where PsyQuation holds personal information about an individual that was collected for a particular purpose (“the primary purpose”), PsyQuation must not use or disclose the information for another purpose (“the secondary purpose”) unless:
      • the individual has consented to the use or disclosure of the information; or
      • the individual would reasonably expect PsyQuation to use or disclose the information for the secondary purpose and the secondary purpose is:
        • directly related to the primary purpose (if the information is sensitive information); or
        • related to the primary purpose (if the information is not sensitive information);
      • the use or disclosure of the information is required or authorised by or under an Australian law or a Court/Tribunal order; or
      • a permitted general situation exists in relation to the use or disclosure of the information by PsyQuation; or
      • PsyQuation reasonably believes that the use or disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.
    2. Where PsyQuation uses or discloses personal information in accordance with section 12.1(e), PsyQuation will keep a copy of this disclosure (e.g.: the email or letter used to do so).
    3. This section 12 does not apply to:
      • personal information for the purposes of direct marketing; or
      • government related identifiers.
    4. If PsyQuation collects personal information from a related body corporate, this section 12 applies as if PsyQuation’s primary purpose for the collection was the primary purpose for which the related body corporate collected the information.
  13. Who Does Psyquation Disclose Personal Information To?
    1. PsyQuation may disclose personal information collected from clients and prospective clients to the following:
      • organizations involved in providing, managing or administering PsyQuation’s product or service such as third party suppliers, e.g. printers, posting services, and our advisers;
      • organizations involved in maintaining, reviewing and developing PsyQuation’s business systems, procedures and infrastructure, including testing or upgrading PsyQuation’s computer systems;
      • organizations involved in a corporate re-organisation;
      • organizations involved in the payments system, including financial institutions, merchants and payment organizations;
      • organizations involved in product planning and development;
      • other organizations, who jointly with PsyQuation’s, provide its products or services;
      • authorised representatives who provide PsyQuation’s products or services on its behalf;
      • the individual’s representatives, including your legal advisers;
      • debt collectors;
      • PsyQuation’s financial advisers, legal advisers or auditors;
      • fraud bureaus or other organizations to identify, investigate or prevent fraud or other misconduct;
      • external dispute resolution schemes;
      • regulatory bodies, government agencies and law enforcement bodies in any jurisdiction.

    Section G – Direct Marketing

  14. Direct Marketing
    1. PsyQuation must not use or disclose the personal information it holds about an individual for the purpose of direct marketing.
  15. Exception – Personal Information Other Than Sensitive Information
    1. PsyQuation may use or disclose personal information (other than sensitive information) about an individual for the purposes of direct marketing if:
      • PsyQuation collected the information from the individual; and the individual would reasonably expect PsyQuation to use or disclose the information for that purpose; or
      • PsyQuation has collected the information from a third party; and either:
        • PsyQuation has obtained the individual’s consent to the use or disclose the information for the purpose of direct marketing; or
        • it is impracticable for PsyQuation to obtain the individual’s consent; and
      • in each direct marketing communication with the individual PsyQuation:
        • includes a prominent statement that the individual may make such a request; or
        • directs the individual’s attention to the fact that the individual may make such a request; and
      • the individual has not made such a request.
  16. Exception – Sensitive Information
    1. PsyQuation may use or disclose sensitive information about an individual for the purpose of direct marketing if the individual has consented to the use or disclosure of the information for that purpose.
  17. Requests To Stop Direct Marketing
    1. Where PsyQuation uses or discloses personal information about an individual for the purposes of direct marketing by PsyQuation or facilitating direct marketing by another organisation, the individual may request:
      • that PsyQuation no longer provide them with direct marketing communications;
      • that PsyQuation does not use or disclose the individual’s personal information for the purpose of facilitating direct marketing by another organisation;
      • that PsyQuation provides the source of the personal information.
    2. Where PsyQuation receives a request from an individual under section 17.1, PsyQuation will:
      • give effect to the request under section 17.1(a) or 17.1(b) within a reasonable period after the request is made and free of charge; and
      • notify the individual of the source of the information, if the individual requests it, unless it is impracticable or unreasonable to do so.
    3. This Section G does not apply to the extent that the following laws apply:
      • the Do Not Call Register Act 2006;
      • the Spam Act 2003; or
      • any other Act of the Commonwealth of Australia.

    Section H – Cross Border Disclosure Of Personal Information

  18. Disclosing Personal Information To Cross Border Recipients
    1. Where PsyQuation discloses personal information about an individual to a recipient who is not in Australia and who is not PsyQuation or the individual, PsyQuation must ensure that the overseas recipient does not breach the Australian Privacy Principles (with the exception of APP1).
    2. The countries we may disclose an individual’s personal information to include:
      • Australia;
      • United Kingdom,
      • United States of America;
      • Hong Kong; and
      • Singapore.
    3. Section 18.1 does not apply where:
      • PsyQuation reasonably believes that:
        • information is subject to a law or binding scheme that has the effect of protecting the information in a way that is at least substantially similar to the way in which the Australian Privacy Principles protect the information; and
        • there are mechanisms that the individual can access to take action to enforce that protection of the law or binding scheme; or
      • both of the following apply:
        • PsyQuation has informed the individual that if they consent to the disclosure of information PsyQuation will not take reasonable steps to ensure the overseas recipient does not breach the Australian Privacy Principles; and
        • after being so informed, the individual consents to disclosure;
      • the disclosure of the information is required or authorised by or under an Australian law or a Court/Tribunal order; or
      • a permitted general situation (other than the situation referred to in item 4 or 5 of the table in subsection 16A(1) Privacy Act) exists in relation to the disclosure of the information by PsyQuation.

    Section I – Adoption, Use Or Disclosure Of Government Identifiers

  19. Adoption Of Government Related Identifiers
    1. PsyQuation must not adopt a government related identifier of an individual as its own identifier unless:
      • PsyQuation is required or authorised by or under an Australian law or a Court/Tribunal order to do so; or
      • the identifier, PsyQuation and the circumstances of the adoption are prescribed by regulations
  20. Use Or Disclosure Of Government Related Identifiers
    1. Before using or disclosing a government related identifier of an individual, PsyQuation must ensure that such use or disclosure is:
      • reasonably necessary for PsyQuation to verify the identity of the individual for the purposes of the organisation’s activities or functions; or
      • reasonably necessary for the organisation to fulfill its obligations to an agency or a State or Territory authority; or
      • required or authorised by or under an Australian law or a Court/Tribunal order; or
      • within a permitted general situation (other than the situation referred to in item 4 or 5 of the table in subsection 16A(1) Privacy Act; or
      • reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
      • the identifier, PsyQuation and the circumstances of the adoption are prescribed by regulations.

    Section J – Integrity Of Personal Information

  21. Quality Of Personal Information
    1. PsyQuation will ensure that the personal information it collects and the personal information it uses or discloses is, having regard to the purpose of the use or disclosure, accurate, up to date, complete and relevant.
  22. Security Of Personal Information
    1. PsyQuation will ensure that it protects any personal information it holds from misuse, interference, loss, unauthorised access, modification and disclosure.
    2. PsyQuation will take reasonable steps to destroy or de-identify any personal information it holds where:
      • PsyQuation no longer needs the personal information for any purpose for which the information may be used or disclosed by PsyQuation;
      • the information is not contained in a Commonwealth record;
      • PsyQuation is not required to retain that information under an Australian law, or a Court/Tribunal order.
  23. Storage Of Personal Information
    1. PsyQuation stores personal information in different ways, including:
      • through Amazon Web Services. Amazon Web Services is a cloud based storage system.
    2. In order to ensure PsyQuation protects any personal information it holds from misuse, interference, loss, unauthorised access, modification and disclosure, PsyQuation implements the following procedure/system:

    Section K – Access To, And Correction Of, Personal Information

  24. Access
    1. PsyQuation must give an individual access to the personal information it holds about the individual if so requested by the individual.
    2. PsyQuation must respond to any request for access to personal information within a reasonable period after the request is made.
    3. PsyQuation must give access to the information in the manner requested by the individual, if it is reasonable and practicable to do so and must take such steps as are reasonable in the circumstances to give access in a way that meets the needs of PsyQuation and the individual.
    4. PsyQuation must not charge an individual for making a request, and must not impose excessive charges for the individual to access their personal information.
  25. Exceptions
    1. PsyQuation is not required to give an individual access to their personal information if:
      • PsyQuation reasonably believes that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety; or
      • giving access would have an unreasonable impact on the privacy of other individuals; or
      • the request for access if frivolous or vexatious; or
      • the information relates to existing or anticipated legal proceedings between PsyQuation and the individual, and would not be accessible by the process of discovery in those proceedings; or
      • giving access would reveal intentions of PsyQuation in relation to negotiations with the individual in such a way as to prejudice those negotiations; or
      • giving access would be unlawful; or
      • denying access is required or authorised by or under an Australian law or a Court/Tribunal order; or
      • PsyQuation has reason that unlawful activity, or misconduct of a serious nature, that relates to our functions or activities has been, or may be engaged in and giving access would be likely to prejudice the taking of appropriate action in relation to the matter; or
      • giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
      • giving access would reveal evaluative information generated within PsyQuation in connection with a commercially sensitive decision-making process.
  26. Refusal To Give Access
    1. If PsyQuation refuses to give access in accordance with section 24 or to give access in the manner requested by the individual, PsyQuation will give the individual a written notice that sets out:
      • the reasons for the refusal except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so; and
      • the mechanisms available to complain about the refusal; and
      • any other matter prescribed by the regulations.
    2. Where PsyQuation refuses to give access under section 25.1(j) PsyQuation may include an explanation of the commercially sensitive decision in its written notice of the reasons for denial.

    Section L – Correction Of Personal Information

  27. Correction Of Information
    1. PsyQuation must take reasonable steps to correct all personal information, having regard to the purpose for which the information is held where:
      • PsyQuation is satisfied the information is inaccurate, out of date, incomplete, irrelevant or misleading; or
      • the individual requests PsyQuation corrects the information.
    2. Where PsyQuation corrects personal information about an individual that PsyQuation previously disclosed to another APP entity and the individual requests PsyQuation to notify the other APP entity of the correction, PsyQuation must take reasonable steps to give that notification, unless it is impracticable or unlawful to do so.
  28. Refusal To Correct Information
    1. If PsyQuation refuses to correct personal information as requested by the individual, PsyQuation will give the individual a written notice that sets out:
      • the reasons for the refusal except to the extent that it would be unreasonable to do so; and
      • the mechanisms available to complain about the refusal; and
      • any other matter prescribed by the regulations.
  29. Request From A Client To Associate A Statement With Their Information
    1. If:
      • PsyQuation refuses to correct personal information as requested by the individual; and
      • the individual requests that PsyQuation associate a statement noting that the information is inaccurate, out of date, incomplete, irrelevant or misleading, with the individual’s information,

      PsyQuation must take such steps as are reasonable in the circumstances to associate the statement (as described in section 29.1(b)) with the individual’s personal information. The statement should be associated with the information in such a way that will make the statement apparent to users of the information.

  30. Dealing With Requests
    1. PsyQuation must:
      • respond to requests under this Section L within a reasonable period after the request is made; and
      • must not charge the individual for the making of the request, for correcting the personal information or for associating the statement with the personal information.

    Section M – Miscellaneous

  31. Policy Breaches
    1. Breaches of this Policy may lead to disciplinary action being taken against the relevant party, including dismissal in serious cases and may also result in prosecution under the law where that act is illegal. This may include re-assessment of bonus qualification, termination of employment and/or fines (in accordance with the Privacy Act 1988 (Cth)).
    2. Staff are trained internally on compliance and their regulatory obligation to PsyQuation. They are encouraged to respond appropriately to, and report all breaches of the law and other incidents of non-compliance, including PsyQuation’s policies, and seek guidance if they are unsure.
    3. Staff must report breaches of this Policy directly to the CEO.
  32. Retention Of Forms
    1. The Compliance Officer will retain the completed forms for seven (7) years in accordance with PsyQuation’s Document Retention Policy. The completed forms are retained for future reference and review.
    2. As part of their training, all staff are made aware of the need to practice thorough and up to date record keeping, not only as a way of meeting PsyQuation’s compliance obligations, but as a way of minimizing risk.

Issued by PsyQuation Pty Ltd. May 2016