brand-logo-mark.svg
Join now

Privacy Policy

Pepperstone Group Limited | Updated: February 2025

Section A – Introduction

1. Introduction

1.1 Protecting your privacy and keeping your personal information confidential is very important to us. This Privacy Policy ("Policy") sets out how we collect and manage your personal and sensitive information, in compliance with the Privacy Act 1988 (Cth) ("Privacy Act") and the Australian Privacy Principles ("APPs").

1.2 In this Policy, we use the terms "we" "us" "our" or "Pepperstone" to refer to Pepperstone Group Limited and its related companies.

1.3 Personal information is any information or opinion about you that is capable (or reasonably capable) of identifying you, whether the information or opinion is true or not, and regardless of whether the information is recorded in a material form.

1.4 Sensitive information includes things like your racial or ethnic origin, political opinions or membership of political associations, religious or philosophical beliefs, membership of a professional or trade association or trade union, sexual orientation or criminal record. Your health, genetic and biometric information and biometric templates are also sensitive information. Sensitive information is also personal information for the purposes of the Privacy Act.

1.5 We collect personal and/or sensitive information to provide you with the products and services that you ask for, as well as information about products and services offered by us or third parties.

1.6 We may use your personal and/or sensitive information to administer our products and services, for prudential and risk management purposes and, unless you tell us otherwise, to provide you with related marketing information. We also use the information we hold to help detect and prevent illegal activity. We cooperate with police and other enforcement bodies as required by law.

1.7 We disclose relevant personal information to external organisations that help us provide services. These organisations are bound by confidentiality arrangements. They may include overseas organisations.

1.8 You can seek access to the personal information we hold about you. If the information we hold about you is inaccurate, incomplete, or outdated, please let us know so that we can correct it. If we deny access to your personal information, we'll let you know the reason why.

Section B – Collection of Personal Information

2. Why we collect your personal information

2.1 We only collect personal information when it's reasonably necessary for us to do business with you.

2.2 We use your personal information to:

  • verify your identity;

  • provide you with the products and services that you've asked for;

  • help us monitor, evaluate and develop our products and services;

  • enable secure access to our client area;

  • unless you tell us otherwise, keep you informed about our products and services and those of our relevant business and initiative partners, and tailor this information to your needs and interests;

  • respond to any feedback, queries or complaints;

  • provide you with technical support;

  • participate in any third party acquisition or potential acquisition of an interest in us or our assets;

  • comply with our legal obligations under the applicable laws; and

  • take measures to detect and prevent fraud, crime or other activity which may cause harm to our business or our products and services.

3. Information we may collect

3.1 The personal information we collect about you generally includes the following: name; date of birth; postal or email address; phone numbers (including home, mobile and work); fax number; information relating to an individual's source of wealth; occupation; credit card details; bank account details; information relating to your trading experience; identification documentation as required under the AML/CTF Act; a Veda Check or other credit or bankruptcy check; and/or other information we consider necessary to our functions and activities.

3.2 We're required by law to identify you if you're opening a new account or adding a new signatory to an existing account. The AML/CTF Act requires us to sight and record details of certain documents (i.e. photographic and non-photographic documents).

3.3 Where necessary, we also collect information on trustees, partners, company directors and officers, officers of co-operatives and associations, client's agents, beneficial owners of the client, and persons dealing with us on a "one-off" basis.

3.4 We may take steps to verify the information we collect. For example, a birth certificate provided as identification may be verified with records held by the Registry of Births, Deaths and Marriages.

4. How we collect personal information

4.1 We may either collect personal information about you directly from you or from sources other than you when permitted under the AML/CTF Act. "Sources other than you" may include your agents, family members, friends, related entities, affiliates or divisions.

4.2 We may also collect information from you electronically, for instance, when you visit our website.

5. Incomplete or inaccurate information

5.1 If you provide us with incomplete or inaccurate information, we may not be able to provide you with the products or services that you ask for.

6. Consent

6.1 In most cases, we'll obtain your consent to use and disclose your personal information for our intended purposes either before or at the time that we collect it.

6.2 If you don't give us your consent or withdraw your consent, we may not be able to provide you with the products or services you ask for.

7. Withdrawing consent

7.1 You can withdraw your consent at any time. To withdraw your consent, please email support@pepperstone.com in the first instance.

8. Sensitive information

8.1 We'll only collect sensitive information about you if we have your consent, or if we're required or authorised by law.

9. Aggregated Data

9.1 Aggregated data is general data about groups of people which doesn't identify anyone personally. We use aggregated data to help us understand how you use our products and services and to customise the way we communicate with you. We may share aggregated data with our business or industry partners.

10. Anonymity and pseudonymity

10.1 In certain situations we may be able to give you the option of using a pseudonym or remaining anonymous when you deal with us, where it is practical and not required by law to identify you.

11. Dealing with unsolicited personal information

11.1 If we receive personal information about you that we haven't asked for, we'll only retain it if we determine that the information is reasonably necessary for us to do business with you and you've either consented or it wasn't practical to obtain your consent.

11.2 If these conditions aren't met, we will destroy or de-identify the information.

11.3 If the unsolicited information we receive about you is sensitive information, we'll get your consent to retain it, regardless of the circumstances.

Section C – Integrity of Your Personal Information

12. Quality of personal information

12.1 We ensure that the personal information we collect and handle is accurate, up to date, complete and relevant.

12.2 Please contact us if any of the details you have provided to us change or if you believe that the information we have about you isn't accurate or up to date.

13. Security of personal information

13.1 We're committed to protecting the personal information we hold about you from misuse, unauthorised access and disclosure.

13.2 We've implemented a range of practices and policies to provide a robust security environment. Our security measures include:

  • educating our employees about their obligations when they collect and handle personal information;

  • requiring our employees to use passwords when accessing our systems;

  • encrypting data sent from your computer to our systems during internet transactions and client access codes transmitted across networks;

  • employing firewalls, intrusion detection systems and virus scanning tools to protect against unauthorised persons and viruses;

  • using dedicated secure networks or encryption when we transmit electronic data for purposes of outsourcing;

  • practising a clean desk policy for all premises and providing secure storage for physical records; and

  • employing physical and electronic security measures such as swipe cards, alarms, cameras and guards to protect against unauthorised access to buildings.

13.4 Where we identify that we no longer need certain personal information, we ensure that it's effectively and securely destroyed.

Section D – Use or Disclosure of Personal Information

14. Who we disclose personal information to

14.1 We may share your information with our related entities and third parties that we outsource functions to or partner with, in certain limited situations where it's necessary for us to provide our products and services or perform associated business activities.

14.2 These entities and third parties include: brokers and agents who refer your business to us; our third party business partners or joint initiative providers; auditors; any person acting on your behalf (including financial advisers, solicitors, accountants); regulatory bodies and government agencies; credit reporting agencies; and other organisations who assist us in providing products and services.

14.3 Our Apps run on third-party software platforms (e.g. Apple iOS and Google Android). Your use of our Apps is also subject to the relevant mobile app platform provider's terms and conditions and privacy policy.

15. Disclosure required by law

15.1 We'll also disclose your personal information if we're required by law or permitted to do so under the Privacy Act.

Section E – Direct Marketing

16. Direct marketing

16.1 Unless you've asked us not to, we may use your personal information to let you know about new or improved products and services and special offers that may be of interest to you.

16.2 If you don't want us to use your personal information for marketing purposes, please contact us by:

  • Phone: 1300 033 375

  • Email: support@pepperstone.com

  • Post: Level 16, Tower One, 727 Collins Street, Melbourne, VIC 3008, Australia – for the attention of the Head of Compliance.

Section F – Cookies

17. What is a cookie

17.1 A cookie is a small file which asks permission to be placed on your computer's hard drive. If your computer settings allow cookies, then the file is added and the cookie helps analyse web traffic or lets the site owner know when you visit a particular site.

18. Why we use cookies

18.1 Cookies help us provide you with a better website by enabling us to monitor the pages that you find useful and tailor our website to your needs. We may also collect information about your computer, including your IP address, operating system and browser type, for system administration.

18.3 We may disclose the data we collect through cookies to our related companies.

19. How to block cookies

19.1 Most web browsers allow you to adjust settings to erase cookies, disallow cookies, or receive a warning before a cookie is set. Please note that some parts of our websites may not function fully if you disallow cookies.

Section G – Cross Border Disclosure of Personal Information

20. Disclosing personal information to cross border recipients

20.1 Some of our related companies and third parties may be located outside of Australia, including in the United Kingdom, Cyprus, Germany, the UAE, Kenya, the Bahamas, Chile, the United States, Thailand, China, and other countries. We'll only disclose your personal information to an offshore recipient once we have taken reasonable contractual and practical steps to ensure appropriate protection.

Section H – Adoption, Use or Disclosure of Government Identifiers

21. Adoption of government related identifiers

21.1 We won't adopt a government related identifier (such as your Medicare or driver's license number) as our own identifier unless required or authorised to do so under an Australian law, regulation or court/tribunal order.

22. Use or disclosure of government related identifiers

22.1 Before using or disclosing a government related identifier, we'll ensure that such use or disclosure is reasonably necessary to verify your identity, fulfil our obligations to a government agency, is required by law, or is within a permitted general situation.

Section I – Access to, Correction and Erasure of Personal Information

23. Access, correction and erasure

23.1 If you've provided us with personal information, you have the right to request to access or correct it.

23.2 You may also at any time contact us to request erasure of your personal data. Please note that for legal reasons we might not always be able to comply with these requests. Please write to: Head of Compliance, Pepperstone Group Limited, compliance.au@pepperstone.com.

23.3 Requests for access to or correction of limited amounts of personal information, such as checking an address or telephone number, can generally be handled over the phone.

23.4 We'll respond to your request as soon as we're able to. In some cases we may ask you to pay an administrative fee to cover costs associated with your request.

23.5 We'll endeavour to comply with your request within 30 days of hearing from you.

23.6 We'll always confirm your identity before providing you with access to your personal information.

24. Exceptions and refusal to give access, correct or erasure

24.1 In some circumstances we might have to deny your request for access, correction, or erasure. In either of these situations, we'll let you know the reasons for our decision in writing. If you disagree with our decision, you can make a complaint following the process set out in Section J of this Policy.

25. Access to a credit report about you

25.1 You have the right to ask for a copy of any credit report we have obtained about you from a credit-reporting agency. The best means of obtaining an up-to-date copy is to get in touch with the credit-reporting agency directly.

25.2 You have a right to have any inaccuracies corrected or, if there's any dispute about accuracy, to have a note added to your credit reporting agency file explaining your position.

25.3 If we decline your credit application wholly or partly because of adverse information on your credit report, the Privacy Act requires us to let you know and tell you how you can go about getting a copy of your credit report.

25.4 The major credit-reporting agency in Australia is Veda Advantage Business Information Services Limited. Public Access Division, Veda Advantage Business Information Services Limited, PO Box 964, North Sydney NSW 2059.

Section J – Contact Us and Complaints

26. Contact

26.1 If you have any questions or would like further information about our privacy and information handling practices, please contact us:

  • Email: support@pepperstone.com

  • Phone: 1300 033 375

  • Post: Level 5, 530 Collins Street, Melbourne, VIC, 3000 – for the attention of the Head of Compliance.

27. Making a complaint

27.1 We offer a free internal complaint resolution scheme to all of our clients. If you have a privacy complaint, please contact us using the details above. We'll try to resolve your complaint as quickly as possible, and in any event within 30 days of hearing from you.

27.3 If you're not satisfied with our handling or resolution of your complaint, there are other bodies you can contact.

27.4 The Financial Ombudsman Service Australia ("FOS") can consider most privacy complaints involving providers of financial services. FOS can be contacted at: GPO Box 3, Melbourne Victoria 3001 | Phone: 1300 780 808 | Website: www.fos.org.au.

27.5 Under the Privacy Act you may complain to the Office of the Australian Information Commissioner about the way we handle your personal information. The Commissioner can be contacted at: GPO Box 5218, Sydney New South Wales 2001 | Phone: 1300 363 992 | Email: enquiries@oaic.gov.au | Website: www.oaic.gov.au.

Issued by Pepperstone Group Limited | February 2025