28 January 2022
This Privacy Supplement sets out:
1. The kinds of personal information we collect and hold;
2. How we collect and hold personal information;
3. The purpose for which we collect, hold, use and disclose personal information;
4. Targeted advertising;
5. How clients may access personal information about themselves, that is held by us, and correction of such information;
6. How a client may lodge a complaint about a breach of the APP by us, and how we will deal with such a complaint;
7. Whether we are likely to disclose personal information to overseas recipients, and countries in which such recipients may be likely to be located;
9. Sensitive information;
10. Consequences of failing to provide information;
11. Unsolicited personal information;
12. Direct marketing communication; and
13. Security and protecting your personal information.
1. The kinds of personal information we collect and hold
‘Personal information’ is defined under the Privacy Act as information or an opinion, whether true or not and whether recorded in a material form or not, about an individual who is identified or reasonably identifiable.
‘Sensitive information’ under the Privacy Act is a sub-set of personal information that is given a higher level of protection. Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information.
Information that we may collect from you include but is not limited to:
- your full name;
- date of birth;
- your contact details, including email address, phone numbers, residential address and business address;
- tax file numbers, driver’s licence details, Medicare card details, and passport details;
- financial details, occupation, bank account details and any other information we may consider necessary to undertake our activities and provide services to you.
2. How we collect and hold personal information
Once we have collected your personal information, we will store this in our system, secured office onsite, or in a secured storage facility.
3. The purpose for which we collect, hold, use and disclose personal information
We collect, hold and use your personal information for the purpose of:
i. providing you with products or services provided by TBAU or a related company, including assessing your application, administering any facility you have with us, executing instructions and complying with our legislative and regulatory obligations relating to the product or service;
ii. meeting our ongoing obligations to you in providing you with the product or service;
iii. meeting our external obligations, such as with regard to third party systems and
relationships, in order to provide you with the product or service;
iv. meeting our obligations under applicable laws, such as customer identification requirements under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) and compliance requirements under the Corporations Act 2001 (Cth) and other legislation governing the provision of financial services;
v. protecting against fraud;
vi. to contact you with information about products or services that you might be interested in;
vii. requesting feedback and information from you, via market research and surveys regarding our products and services;
viii. for analytics, market research, business development and target advertising; and
ix. any other purpose you consent to.
We may disclose your information for such purposes to other organisations, including;
i. external service providers involved in our provision of products and services to you, such as mailing houses, call centres, debt collector agencies, professional advisers (such as our lawyers and compliance advisers), internal and external auditors;
ii. our parent company Up Fintech Holding Limited, and any associated companies and subsidiaries assisting in providing you with financial products and services;
iii. online application technology providers;
iv. identity verification services providers;
v. to any potential purchaser of the whole or part of our business (or any other relevant party advisers such as that), on a confidential basis;
vi. your agents, advisers or lawyers, such as where you have obtained a service from us through them or are otherwise dealing with us in any way through them;
vii. parties involved in markets and systems related to the products and services we provide to you, such as market operators and participants, counterparties,
intermediaries and custodians;
viii. entities involved in any corporate re-organisation affecting us;
ix. entities assisting us to maintain and improve our systems, products and services;
x. credit reporting agencies;
xi. entities to whom we are required or authorised by law to disclose your personal information, such as government and regulatory bodies.
4. Targeted Advertising
We use third-party advertising companies to serve advertisements regarding goods and services that may be of interest to you when you access and use the Services and other websites or online services, as well as to provide advertising-related services such as reporting, attribution, analytics, and market research. You may receive advertisements based on information relating to your access to and use of the Services and other websites or online services on any of your devices, as well as on information received from third parties.
These companies place or recognize a unique cookie on your browser (including through the use of pixel tags) that collects information about your use of the Services over time. They also use these technologies, along with information they collect about your online use, to recognize you across the devices you use, such as a mobile phone and a laptop. For advertising, we may share a common account identifier (such as an email address or user ID) in a hashed format with our third-party advertising partners to help identify you across devices.
We have enabled Google Analytics Advertising Features which may include but not limited to Remarketing Features, Advertising Reporting Features, Demographics and Interest Reports, Store Visits, Google Display Network Impression reporting. We and third-party vendors use first-party cookies (such as the Google Analytics cookie) or other first-party identifiers, and third-party cookies (such as Google advertising cookies) or other third-party identifiers together.
You can opt-out of Google Analytics Advertising Features including using a Google Analytics Opt-out Browser add-on found here. To opt-out of personalised ad delivery on the Google content network, please visit Google’s Ads Preferences Manager here or if you wish to opt-out permanently even when all cookies are deleted from your browser you can install their plugin here. To opt out of interest-based ads on mobile devices, please follow these instructions for your mobile device: On android open the Google Settings app on your device and select “ads” to control the settings. On iOS devices with iOS 6 and above use Apple’s advertising identifier. To learn more about limiting ad tracking using this identifier, visit the settings menu on your device.
5. How clients may access personal information about themselves, that is held by us, and correction of such information
You have the right to request access to your personal information which we hold. Your access rights are subject to some exceptions permitted by law. We will respond to your request in accordance with the Privacy Act and any other law which affects this obligation. A fee may be payable if you request a copy of your information. If we deny your access request we will provide you with written reasons for doing so. If you wish to lodge a complaint in reference to this refusal, you may do so via the details provided in section 5 below.
We aim to keep the personal information we hold about you up-to-date. Should any of your personal details change, or if you believe that information we hold about you is incorrect, please contact us so we can correct this. If we refuse your request to correct information, we will generally give you a written reason for the refusal. If you wish to lodge a complaint in reference to this refusal, you may do so via the details provided in section 5 below.
6. How a client may lodge a complaint about a breach of the APP by us, and how we will deal with such a complaint
For any privacy related feedback, or complaints, please send your written request to: Tiger Brokers (AU) Pty Limited
Address: Suite 28.01, 25 Bligh Street, Sydney NSW 2000
Phone: +61 2 9169 6999
If you are not satisfied with a response received from TBAU in reference to a privacy complaint, or feel that TBAU may have breached an Australian Privacy Principle, then you have the right to refer the complaint directly to the Office of the Australia Information Commissioner (OAIC). A complaint form may be lodged via the OAIC website, or via the details below.
For provisions of the Privacy Act, please refer to the website www.oaic.gov.au
Office of the Australian Information Commissioner Email: email@example.com
Phone from within Australia 1300 363 992
Phone from outside Australia +61 2 9284 9749 Address: Level 3, 175 Pitt Street, Sydney
As per TBAU’s IDR – complaints handling policy, if you lodged a complaint with TBAU, you should receive a response within 5 business days from the date TBAU receives the complaint. The complaint will be dealt by the Compliance department. If additional time is required to resolve the complaint, the Compliance department will inform you of this. TBAU aims to resolve a compliant as soon as possible, and within 30 days.
If you are still not satisfied with TBAU’s response, you can then proceed to lodge a formal complaint with OAIC.
7. Whether we are likely to disclose personal information to overseas recipients, and countries in which such recipients may be likely to be located
TBAU may disclose your personal information to related entities located outside the Australian jurisdiction. These related entities are our parent company Up Fintech Holding Limited, and subsidiary offices of our parent company to which we may outsource certain services to, including but not limited to New Zealand, Singapore and China. You consent to your personal information being transferred to such entities for the purpose of operating your trading account.
Where we disclose your personal information to other third parties listed above in section 3 of this Privacy Supplement, these third parties may store, transfer or access personal information outside of Australia. Unless we seek and receive your consent to an overseas disclosure of your personal information, we will only disclose your personal information to countries with laws which protect your personal information in a way which is substantially similar to the Australian Privacy Principles and/or we will take such steps as are reasonable in the circumstances to require that overseas recipients protect your personal information in accordance with the Australian Privacy Principles.
Under the Privacy Act, you have the right to deal with us anonymously where this is lawful and practicable. For instance, this can sometimes be the case when you are enquiring about our products and services. However, in situations where we may need
to take instructions from you or implement a change to your account, this may not be appropriate and in compliance with AML/CTF rules and regulations.
9. Sensitive information
While we usually do not need to collect sensitive information about you (such as health information; information about racial or criminal record information), if we require such information we will generally only collect it with your consent. This is subject to exceptions, such as where the collective is required by law or necessary to establish or defend a legal claim.
10. Consequences of failing to provide information
If you do not provide us with any requested personal information, this may mean that we are unable to provide you with financial products or services, or potentially pursue the relationship you have as a client with TBAU.
11. Unsolicited personal information
If you have received unsolicited personal information regarding you, which we did not solicit, we will as soon as practical, destroy the information, or ensure the information is de-identified. However, if it is information which is provided to us in a situation where it is mixed or attached with information that we have requested, you acknowledge that this information may be held by us as described in this policy.
12. Direct marketing communication
TBAU may from time to time send you information regarding our current and upcoming products and services, events being held by TBAU, surveys and/or request for feedback on how we can improve on our products and services to you as a client, or information we may consider of interest to you. Such communication will be sent to you via the personal details you provide to us in the client application form, commonly your registered email address. If you do not wish to receive such information, please email firstname.lastname@example.org or you may submit a request to unsubscribe from receiving such information via the actual communication email.
We collect or store user information on our website by using “cookies” for marketing purposes, such as displaying pages that are more relevant to your preferences.
13. Security and protecting your personal information
The security of your personal information is important to us and so we take reasonable steps to protect it from misuse, loss and unauthorised access or disclosure. Such steps include:
i. security measures for access to our systems and premises and for document and file storage;
ii. by reasonably limiting internal access to clients’ personal information to staff who require it to fulfil our obligations towards to and related matters; and
iii. firewall and data encryption measures protecting our website.