The types of information that we collect and hold about you could include:
Over the course of our relationship with you, we may collect and hold additional personal information about you, including transactional or account information, and records about complaints or enquiries about your product or service.
If you apply for employment with us, our collection and processing of your personal information is governed by separate privacy terms that you can find hyperlinked on the NAB Group recruitment page.
Sometimes we need to collect sensitive information¹ about you. This could include things like health information, professional associations or other personal data. Unless required by law, we will always do this with your consent.
1 Sensitive information is information about a person’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trace association or trade union, sexual preferences or practices, criminal record, health information, genetic or biometric information.
We may seek your personal information because we are required by law or authorised to collect it. There are laws that affect financial institutions, including company and tax law, which require us to collect personal information. For example, we may require personal information to verify your identity under Commonwealth anti-money laundering laws.
We recognise the importance of your personal information to you. Unless it’s unreasonable or impracticable, we will try to collect personal information directly from you (referred to as ‘solicited information’). For this reason, it’s important that you help us to do this and keep your contact details up-to-date.
We may collect personal information in a number of ways. For example, we might collect your information when you fill out a form with us, use our website, speak with us on the telephone or drop into one of our offices. We find using electronic means, such as email or SMS, a convenient way to communicate with you and to verify your details. However, we’ll never ask you for your security details via email or other electronic communication – if you are ever unsure, just contact us using the details on our website.
Sometimes it may be necessary for us to collect your information from other sources. Instances of when we may need to include where we:
We may combine information that we hold about you with information appropriately collected from external sources such as those described above.
We may do this so in order to gain insights about you so that we can serve you better. This includes being able to better understand your preferences and interests, personalise your experience, enhance the products and services that you receive, and to tell you about products and services that may be of interest to you.
We may also collect information about you when you interact with us through social media channels. For all confidential matters, please interact with us via private messaging if you wish to use social media, or by another private channel.
You do not have to provide us with your personal information. However, this may prevent us from being able to provide services to you. If you don’t provide your personal information to us, we may not be able to:
Because we are part of a large organisation, people may share information with us we haven’t sought out (referred to as ‘unsolicited information’). Where we receive unsolicited personal information about you, we will check whether the information is reasonably necessary for our functions or activities, and whether we are permitted (or required) to retain it. If so, we’ll handle this information the same way we do with other information we seek from you. If not, we’ll ensure we do the right thing and destroy, de-identify or otherwise make it inaccessible.
When we receive personal information from you directly, we’ll take reasonable steps to notify you how and why we collected your information, who we may disclose it to and outline how you can access it, seek correction of it or make a complaint.
Sometimes we collect your personal information from third parties. You may not be aware that we have done so. If we collect information that can be used to identify you, we will take reasonable steps to notify you of that collection. Information about this can be found at www.nab.com.au/privacynotification
We store information in different ways, including in paper and electronic form. The security of your personal information is important to us and we take reasonable steps to protect it from misuse, interference and loss, and from unauthorised access, modification or disclosure. Some of the ways we do this are:
We may store personal information physically or electronically with third party data storage providers. Where we do this, we use contractual arrangements and other measures to ensure those providers take appropriate measures to protect that information from unauthorised access, use or disclosure.
We’ll only keep your information for as long as we require it for the purposes outlined in this Policy. We’re also required to keep some of your information for certain periods of time under law, such as the Corporations Act, Anti-Money Laundering & Counter-Terrorism Financing Act, and the Financial Transaction Reports Act. When we no longer need your information, we’ll ensure that your information is destroyed, de-identified or rendered inaccessible.
Because we offer a range of services and products, collecting your personal information allows us to provide you with the products and services you’ve asked for. This means we can use your information to:
We may use or disclose your personal information to let you know about products and services from across the Group that we believe may be of interest to you. We will not do this if you unsubscribe or otherwise advise us not to.
Such marketing activities may be via email, telephone, SMS, iM, mail, or any other electronic means. We may also market our products to you through third party channels (such as social networking sites), or based on your use of Group programs. We will always let you know that you can opt out from receiving our third party or Group program marketing offers.
Where we market to prospective customers, we are happy to let them know how we obtained their information and will provide easy to follow opt-outs.
With your consent, we may disclose your personal information to third parties such as brokers or agents, or for the purpose of connecting you with other businesses or customers. You can ask us not to do this at any time.
You can let us know at any time if you no longer wish to receive direct marketing offers from the Group. We will process your request as soon as practicable.
Where you have subscribed to something specific (like a newsletter) and you no longer wish to receive it, please click the unsubscribe link included with the email.
To make sure we can meet your specific needs and for the purposes described in ‘How we use your personal information’, we sometimes need to share your personal information with others.
We may share your personal information with other Group members. This could depend on the product or service you have applied for and the Group member you are dealing with.
We might also need to share your personal information with your representative or any person acting on your behalf (for example, financial advisors, lawyers, settlement agents, accountants, executors, administrators, trustees, guardians or auditors).
There are times when we need to disclose your personal information to third parties outside of the Group, including:
We run our business in Australia, however we may from time to time engage with third parties overseas in providing our services to you, including in India. Where we are obliged to provide information overseas we might need to ask you before this happens. For example some nations have enacted laws to prevent tax evasion by their citizens or permanent residents, requiring us to report certain financial information to relevant overseas taxation bodies.
The Group runs its business in Australia and overseas, and may share information with organisations outside Australia. You can view a list of countries the Group discloses personal information to at www.nab.com.au/privacy/overseas-countries-list/
We may store your information in cloud or other types of networked or electronic storage. If your information is stored in this way, disclosures may occur in countries different to those listed.
If your personal information is shared with organisations outside Australia, those organisations may be required to disclose that information under a foreign law. In such circumstances, we will not be responsible for that further disclosure.
We‘ll always give you access to your personal information unless there are certain legal reasons why we can’t. You can ask us to access your personal information that we hold by contacting your JBWere Adviser or JBWere’s Privacy Officer.
We will give you access to your information in the form you want it where it’s reasonable and practical. We may charge you a small fee to cover our costs when giving you access, but we’ll always check with you first.
The privacy law permits an organisation to deny a request for personal information in certain circumstances such as where giving access to the requesting individual would unfairly impact the privacy of others. If we validly deny your access request, we will tell you why in writing.
Please contact us if your contact details change or if you think we hold incorrect information about you. Where we agree that the information needs to be corrected, we will update it. If we do not agree, you can request that we make a record of your correction request with the relevant information.
If you are worried that we have given incorrect information to others, you can ask us to tell them about the correction. We’ll try and help where we can - if we can’t, then we’ll let you know in writing.
If you have a complaint about how we have handled your personal information, please tell us about it. View our complaints management process.
You can get in contact with us by:
We will acknowledge your complaint as soon as we can after we receive it, and will aim to resolve the matter quickly and fairly within 30 days.
If you still feel your issue hasn't been resolved to your satisfaction, then you can raise your concern with:
Office of the Australian Information Commissioner (OAIC)
Phone: 1300 363 992
Fax: +61 2 9284 9666
Mail: GPO Box 5218 Sydney NSW 2001 or GPO Box 2999 Canberra ACT 2601
Australian Financial Complaints Authority (AFCA)
Phone: 1800 931 678 (free call)
Mail: GPO Box 3, Melbourne, VIC, 3001
If you have general enquiry type questions, you can choose to do this anonymously or use a pseudonym. We might not always be able to interact with you this way however as we are often governed by strict regulations that require us to know who we’re dealing with. In general, we won’t be able to deal with you anonymously or where you are using a pseudonym when:
In certain circumstances we may be required to collect government-related identifiers such as your tax file number. We will not use or disclose this information unless we are authorised by law.
This Policy may change. We will let you know of any changes to this Policy by posting a notification on our website.