Privacy Policy (Australia)

Policies and Documents
Our Commitment to You

GAM appreciates the opportunity to help you meet your financial needs. We are committed to safeguarding the privacy and confidentiality of the Personal Information you have entrusted to us. It is important for you to understand what Personal Information we will collect, how we will use it, and who may access it.

Scope

This Privacy Policy applies to the operations of GAM Investments (Australia) Pty Ltd.

If you are an existing customer of ours, further details about how we use your Personal Information is set out in your customer contract with us. Further notices highlighting certain uses we wish to make of your Personal Information together with the ability to opt in or out of selected uses may also be provided when we collect Personal Information from you.

Our websites may contain links to other third party websites. If you follow a link to any of those third party websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for their policies or processing of your Personal Information. Please check these policies before you submit any Personal Information to such third party websites.

This Privacy Policy outlines our commitment to you.

All + symbols can be clicked to provide further detail.

1. Accountability

We have strict policies and procedures governing how we deal with your Personal Information. Each and every one of our employees is responsible for respecting and protecting the Personal Information to which the employee has access.

Our Group Data Protection Officer oversees privacy governance including policy, dispute resolution, education, communications activities and reporting to our Board of Directors on privacy matters. Please see Contact Us for information on how to reach our Group Data Protection Officer.

2. Personal Information that we collect

We only collect the Personal Information that we determine we need for the purposes set out in 3. How we collect your Personal Information.

For example, we may collect:

Information you provide to us

Personal Information that you provide to us, such as when using the contact form on our websites, including your name, email address, and other contact details;

Anti-Crime and Fraud Information

information relating to your financial situation, your creditworthiness or any criminal or fraudulent activities provided to us by you or third parties including information which establishes your identity, such as driving licences, passports and utility bills; information about transactions, credit ratings from credit reference agencies or information pooling groups; fraud, offences, suspicious transactions, politically exposed person and sanctions lists where your details are included;

Financial Information

to ensure that the advice and/or products we provide you are appropriate for you and the investments you purchase are suitable for you;

Your transactions and holdings

details of transactions with us or holdings with us that you have made or initiated;

Our correspondence

if you contact us, we will typically keep a record of that correspondence;

Device Information

such as information about your operating system, browser, software applications, IP address, geolocation, security status and other device information in order to improve your experience, to protect against fraud and manage risk;

Website and communication usage

details of your visits to the websites and information collected through cookies and other tracking technologies including, but not limited to, your IP address and domain name, your browser version and operating system, traffic data, location data, web logs and other communication data, and the resources that you access;

Marketing preference information

details of your marketing preferences (e.g. communication preferences) and information relevant to selecting appropriate products and services to offer you;

Email tracking information

Our emails may contain a single, campaign-unique “web beacon pixel” to tell us whether our emails are opened and combined with other technology verify any clicks through to links within the email. We may use this information for purposes including determining which of our emails are more interesting to you and to query whether users who do not open our emails wish to continue receiving them. The pixel will be deleted when you delete the email. If you do not wish the pixel to be downloaded to your device, you should select to receive emails from us in plain text rather than HTML or choose not to click links that we send you or unsubscribe from the receipt of our emails. This information may be include Personal Information;

Call recordings and CCTV

We may monitor or record our incoming or outgoing telephone calls with you to ensure accuracy, security, service quality, for training purposes and to establish a record of our communications. If you do not wish to have your call recorded, you have other options to conduct business with us such as online, or by contacting us in writing. We may record CCTV footage in and around our premises and other locations for the safety of our clients and employees, and to protect against theft, property damage and fraud;

Survey information

we may also ask you to complete surveys that we use for research purposes. In such circumstances we shall collect the information provided in the completed survey.

Employment-related information

we may collect employment-related information about you (such as your employment history) if you apply for a position with us.


When we collect your Personal Information directly from you unless it is unreasonable or impracticable to do so. When collecting Personal Information from you, we may collect in ways including:

  • through your access and use of our website;
  • when you apply for a position with us;
  • when you visit our premises;
  • during conversations between you and our representatives; or
  • when you complete an application form for our products or services.

We may also collect Personal Information from third parties including from third party companies such as recruitment agents, credit reporting agencies, marketing agencies, providers of databases and screening tools used in the prevention of money laundering and terrorist financing, and our other service providers.

When we collect your Personal Information, we may use or disclose it for the following purposes. Below each purpose we note the “legal ground” that allows that use of your Personal Information. An explanation of the scope of the “legal grounds” can be found at here.

To provide and manage products and services you have requested

to administer our services, including to carry out our obligations arising from any agreements entered into between you and us, or to notify you about changes to our services and products.

Use justifications: contract performance; consent, legitimate interests (to enable us to perform our obligations and provide our services to you or to notify you about changes to our service)

To verify your identity, protect against fraud and manage risk

we and other organisations may access and use certain information to prevent fraud, money laundering and terrorism as may be required by applicable law and regulation and best practice at any given time, including checking against sanctions, politically exposed persons (PEP) and other fraud or crime screening databases. If false or inaccurate information is provided and fraud is identified or suspected, details may be passed to fraud prevention agencies and may be recorded by us or by them.

To comply with legal or regulatory requirements, or as otherwise permitted by law

we may process your Personal Information to comply with our regulatory requirements or dialogue with our regulators or defend or prosecute claims as applicable which may include disclosing your Personal Information to third parties, the court service and/or regulators or law enforcement agencies in connection with enquiries, proceedings or investigations by such parties anywhere in the world. Where permitted, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime.

Use justifications: legal obligations; legal claims; legitimate interests (to cooperate with law enforcement and regulatory authorities)

To monitor certain activities

to monitor queries and transactions to ensure service quality, compliance with procedures and to combat fraud;

Use justifications: legal obligations, legal claims, legitimate interests (to ensure that the quality and legality of our services)

To communicate with you regarding products and services that may be of interest

to provide you with updates and offers, where you have chosen to receive these. We may also use your information for marketing our own and our selected business partners’ products and services to you by post, email, phone, SMS or online or social media advertisement. Where required by law, we will ask for your consent at the time we collect your data to conduct any of these types of marketing. We will provide an option to unsubscribe or opt-out of further communication on any electronic marketing communication sent to you or you may opt out by visiting Contact Us.

Use justifications: legitimate interests (to keep you updated with news in relation to our products and services); consent

To understand our customers and to develop and tailor our products and services

we may analyse the Personal Information we hold in order to better understand our clients’ services and marketing requirements, to better understand our business and develop our products and services. In order to ensure that content from our website is presented in the most effective manner for you and for your device, we may pass your data to business partners, suppliers and/or service providers;

Use justifications: legitimate interests (to ensure the quality and legality of our services, to allow us to improve our services and to allow us to provide you with the content and services on the website)

To reorganise or make changes to our business

in the event that we (i) are subject to negotiations for the sale of our business or part thereof to a third party, (ii) are sold to a third party or (iii) undergo a reorganisation, we may need to transfer some or all of your Personal Information to the relevant third party (or its advisors) as part of any due diligence process for the purpose of analysing any proposed sale or reorganisation. We may also need to transfer your Personal Information to that reorganised entity or third party after the sale or reorganisation for them to use for the same purposes as set out in this policy;

Use justifications: legitimate interests (in order to allow us to change our business)

To communicate effectively with you and conduct our business

to conduct our business, including to respond to your queries, to otherwise communicate with you, or to carry out our obligations arising from any agreements entered into between you and us.

Use justifications: contract performance; legitimate interests (to enable us to perform our obligations and provide our services to you)


5. Consent and Your Choices

Most of our processing is permitted by “legal grounds” other than consent (see section 4 above and here). In relation to Direct Marketing, where we are required to do so, we will obtain your consent before using your Personal Information for this purpose. If you prefer not to receive our Direct Marketing communications, you can have your name deleted from our Direct Marketing and/or shared information lists. If you want to change your privacy preferences, see Contact Us.

In relation to processing of criminal convictions data and politically exposed person data for the purposes of complying with our anti-money laundering obligations and to combat fraud we consider that our processing is permitted by the substantial public interest ground (to prevent or detect crime) but to the extent it is not you give and we rely on your consent to process that type of Personal Information.

If we are not able to collect or process the Personal Information described above, either because you have withdrawn your consent (and our processing cannot be justified on another legal basis) some or all of the following may happen:

  • we may not be able to provide the requested products, services or advice to you, either to the same standard or at all;
  • we may not be able to provide you with information about products and services that you may want;
  • we may be unable to tailor the content of our websites to your preferences and your experience of our websites may not be as enjoyable or useful; or
  • if you are applying for a position with us, we may be unable to consider your application for a position.
6. Sharing your Personal Information (and transfers outside your country)

We will only use or disclose your Personal Information for the purpose(s) it was collected and as otherwise identified in this Privacy Policy.

Sharing outside the GAM group: Personal Information may be provided to third parties, including anti-fraud organisations, legal, regulatory or law enforcement authorities in cases of suspected criminal activity or contravention of law, for the detection and prevention of fraud, or when required to satisfy the legal or regulatory requirements of governments, regulatory authorities or other self-regulatory organisations, or to comply with a court order or for the protection of our assets (for example, collection of overdue accounts).

Sharing within the GAM group: We may share your Personal Information within the GAM group, including locations outside of the European Economic Area where we do business, for marketing purposes, for legal and regulatory purposes, to manage credit risk and other business risks, to perform analytics, to ensure we have correct or up to date information about you (such as your current address or date of birth) and to better manage your relationship with us.

Business sale or reorganisation: Over time, we may buy new businesses or sell some of our businesses. Accordingly, Personal Information associated with any accounts, products or services of the business being purchased or sold will be reviewed as part of the due diligence process and subsequently transferred as a business asset to the new business owner. We may also transfer Personal Information as part of a corporate reorganisation or other change in corporate control.

Sub-contractors and agents: We may use affiliates or other companies to provide services on our behalf such as data processing, account administration, fraud prevention and detection, analytics and marketing. Such companies will be given only the Personal Information needed to perform those services and we do not authorize them to use or disclose Personal Information for their own marketing or other purposes. We have contracts in place holding these companies to standards of confidentiality equivalent to ours.

Transfers outside of your country: Your Personal Information may be accessed by staff, suppliers or other persons in, transferred to, and/or stored at, a destination outside your country, including outside the European Economic Area (EEA) in which data protection laws may be of a lower standard than in your country/the EEA. We will, in all circumstances, safeguard Personal Information as set out in this Privacy Policy.

Where we transfer Personal Information from inside the EEA to outside the EEA, we may be required to take specific additional measures to safeguard the relevant Personal Information. Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and therefore no additional safeguards are required to export Personal Information to these jurisdictions. In countries which have not had these approvals (see the full list here), we will establish legal grounds justifying such transfer, such as EU Commission-approved model contractual clauses, or other legal grounds permitted by applicable legal requirements.

Please Contact us if you would like to see a copy of the specific safeguards applied to the export of your Personal Information.

7. Retention of your Personal Information

Our retention periods for personal data are based on business needs and legal requirements. We retain your Personal Information for as long as is necessary for the processing purpose(s) for which the information was collected, and any other permissible, related purpose. For example, we may retain certain transaction details and correspondence until the time limit for claims arising from the transaction has expired, or to comply with regulatory requirements regarding the retention of such data. When Personal Information is no longer needed, our policy is to either irreversibly anonymise the data (and we may further retain and use the anonymised information) or securely destroy the data.

8. Maintaining the accuracy of your Personal Information

We are committed to maintaining the accuracy of your Personal Information and ensuring that it is complete and up-to-date. If you discover inaccuracies in our records, or your Personal Information changes, please notify us immediately so that we can make the necessary changes. Failure to notify us of changes to your Personal Information may negatively impact the way we communicate or provide services to you. Where appropriate, we will advise others of any material amendments to your Personal Information that we may have released to them. If we do not agree to make the amendments that you request, you may challenge our decision as described in Contact us.

9. Safeguarding your Personal Information

We use physical, electronic and procedural safeguards to protect against unauthorised use, access, modification, destruction, disclosure, loss or theft of your Personal Information in our custody or control.

We have agreements and controls in place with third party service providers requiring that any information we provide to them must be safeguarded and used only for the purpose of providing the service we have requested the company to perform.

Security over the internet

No data transmission over the Internet or website can be guaranteed to be secure from intrusion. However, we maintain commercially reasonable physical, electronic and procedural safeguards to protect your Personal Information in accordance with data protection legislative requirements.

All information you provide to us is stored on our or our subcontractors’ secure servers and accessed and used subject to our security policies and standards. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our websites, you are responsible for keeping this password confidential and for complying with any other security procedures that we notify you of.

10. Changes to this Privacy Policy

From time to time, we may make changes to this Privacy Policy.
This Privacy Policy at www.gam.com/legal/privacy-policy is always the most recent version.
Please see Contact us to answer any questions you may have about our Privacy Policy.

11. Your Rights

If you have any questions in relation to our use of your Personal Information, you should first contact us as per the Contact us section below. Under certain conditions (in particular where GAM has directed the use of your Personal Information from one of its European subsidiaries), you may have the right to require us to:

  • provide you with further details on the use we make of your information;
  • provide you with a copy of information that you have provided to us;
  • transmit your data directly to a third party, where technically feasible;
  • update any inaccuracies in the Personal Information we hold (please see paragraph 7);
  • delete any Personal Information that we no longer have a lawful ground to use;
  • where processing is based on consent, to withdraw your consent so that we stop that particular processing (see paragraph 5 for marketing);
  • object to any processing based on the legitimate interests ground unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights; and
  • restrict how we use your information whilst a complaint is being investigated.

We will not charge for simply making the request and will not charge for making any corrections to your Personal Information.

Your exercise of these rights is subject to certain exemptions. These include exemptions to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege). If you exercise any of these rights we will check your entitlement to do so under the local laws which apply to you and respond in most cases within a month.

If you are not satisfied with our use of your Personal Information or our response to any exercise of these rights you have the right to complain to the data protection regulator in the country where the GAM entity with which you deal is established (listed here below under “Contact us”).

If you have any questions or concerns about our privacy practices or the privacy of your Personal Information, please let us know.

We request that complaints about breaches of privacy be made in writing, so we can be sure about the details of the complaint. Our Data Privacy Officer deals with privacy complaints and any complaints should be directed to our Data Privacy Officer using the contact details below. We will attempt to confirm as appropriate and necessary with you your understanding of the conduct relevant to the complaint and what you expect as an outcome. We will inform you whether we will conduct an investigation, the name, title, and contact details of the investigating officer and the estimated completion date for the investigation process.

After we have completed our enquiries, we will contact you, usually in writing, to advise the outcome and invite a response to our conclusions about the complaint. If we receive a response from you, we will assess it and advise if we have changed our view. To unsubscribe from marketing material we send you, please follow the instructions at the bottom of the email you have received. Alternatively, you may:

  • Contact us at client.info@gam.com, and we will provide you with our form to contact our Data Protection Officer;
  • Write to your local subsidiary and direct your correspondence to the attention of the Data Protection Officer; or
  • Email us at DataProtectionOfficer@gam.com

You may also choose to contact our Group Data Protection officer:

GAM (U.K.) Limited
Data Protection Officer
8 Finsbury Circus
London EC2M 7GB
United Kingdom
DataProtectionOfficer@gam.com

If after contacting us you do not feel that we have adequately addressed your concerns, you may contact the data protection regulator in the country where the GAM entity with which you deal is established:

Australia

Office of the Australian Information Commissioner

https://www.oaic.gov.au/

UK

The Information Commissioner’s Office

https://ico.org.uk/

Italy

Garante per la protezione dei dati personali

http://www.garanteprivacy.it/

Germany

Die Bundesbeauftragte für den Datenschutz und die Informationsfreiheit

http://www.bfdi.bund.de/

Hessische Datenschutzbeauftragte
https://datenschutz.hessen.de//

Spain

Agencia de Protección Datos
https://www.agpd.es/

Switzerland Eidgenössischer Datenschutz- und Öffentlichkeitsbeauftragter

https://www.edoeb.admin.ch/edoeb/de/home.html

France

Commission Nationale de l'Informatique et des Libertés

https://www.cnil.fr/fr

Austria

Datenschutzbehörde

https://www.dsb.gv.at/

Luxembourg

National Commission for Data Protection

https://cnpd.public.lu/en.html

Ireland

Data Protection Commissioner

https://www.dataprotection.ie/docs/Home/4.htm

Direct Marketing is our communication with you such as mail, telemarketing or email, using your contact information, to inform you about products and services that we think may be of interest and value to you. This does not include communications regarding products or services that you currently have, including improved ways to use the products, or additional features of the products as well as transactional information.

Personal Information is information about an identifiable individual. It includes information that you have provided to us or was collected by us from other sources. It may include details such as your name and address, age and gender, personal financial records, identification numbers including your Social Insurance Number and personal references, to the extent permitted by local laws.

GAM means GAM Holding AG, its subsidiaries and certain other affiliated entities. Regional and local policies supersede this Privacy Policy.

Use of personal information under EU data protection laws must be justified under one of a number of legal “grounds” and we are required to set out the grounds in respect of each use in this policy. An explanation of the scope of the grounds available is set out below. We note the grounds we use to justify each use of your information next to the use in the “Uses of your personal information” section of this policy.

These are the principal legal grounds that justify our use of your information:

Consent: where you have consented to our use of your information (you may withdraw your consent by following the instructions at the bottom of the email received, or contacting client.info@gam.com).

Contract performance: where your information is necessary to enter into or perform our contract with you.

Legal obligation: where we need to use your information to comply with our legal obligations.

Legitimate interests: where we use your information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights.

Legal claims: where your information is necessary for us to defend, prosecute or make a claim against you, us or a third party.

Substantial Public interest; where we use Personal Information relating to criminal convictions or political affiliations for a purpose that is expressly in the substantial public interest, including for the prevention or detection of crime or fraud