Privacy Policy
Your privacy matters to us. We're committed to protecting your personal information and being transparent about how we collect, use, and safeguard your data.
Last Updated: March 15, 2025
1. Introduction and Scope
nuvethal Financial Services ("nuvethal", "we", "us", or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website nuvethal.com, use our financial services, or interact with us in any capacity.
This policy applies to all personal information we collect or receive about you, whether through our website, mobile applications, email communications, phone calls, or in-person meetings. By using our services, you consent to the collection and use of information in accordance with this policy and Australian privacy laws.
Our Commitment to Australian Privacy Laws
As an Australian business, we comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). We're committed to handling your personal information responsibly and transparently, ensuring you understand your rights and how to exercise them.
2. Information We Collect
We collect various types of information to provide you with effective financial services and business adaptation solutions. The information we collect falls into several categories:
Personal Identification
Name, address, phone number, email address, date of birth, government-issued identification numbers, and emergency contact information.
Financial Information
Bank account details, credit history, income information, tax file numbers, employment details, and investment preferences.
Business Information
Company registration details, ABN/ACN numbers, business structure, financial statements, and operational information for business clients.
Digital Interaction Data
Website usage patterns, IP addresses, browser information, device details, and communication preferences.
Communication Records
Records of phone calls, emails, meetings, and other communications for service quality and compliance purposes.
Marketing Preferences
Communication preferences, interests in our services, and responses to marketing campaigns and surveys.
How We Collect Information
- Directly from you through forms, applications, and conversations
- From publicly available sources like business registers
- Through our website using cookies and analytics tools
- From third parties like credit reporting agencies (with your consent)
- During the provision of our financial services
- Through our business partners and referral sources
3. How We Use Your Information
Legal Basis for Processing
We process your personal information based on several legal grounds under Australian privacy law, including your consent, performance of contracts, compliance with legal obligations, and our legitimate business interests in providing financial services.
Primary Purposes
- Providing financial advisory services and business adaptation solutions
- Assessing your financial needs and recommending appropriate products
- Processing applications and managing your accounts
- Communicating with you about our services and your accounts
- Complying with legal and regulatory requirements
- Conducting risk assessments and fraud prevention
Secondary Purposes
- Improving our services and developing new offerings
- Marketing our services (with your consent)
- Conducting market research and analysis
- Training our staff and quality assurance
- Maintaining business records and analytics
We will not use your personal information for purposes other than those outlined here without obtaining your explicit consent or unless required by law.
4. Information Sharing and Disclosure
We take your privacy seriously and only share your information when necessary for providing our services or when required by law. We never sell your personal information to third parties.
We May Share Information With:
- Financial institutions and product providers to process your applications
- Professional service providers (lawyers, accountants, auditors)
- Technology service providers who support our systems
- Credit reporting agencies for credit assessments
- Regulatory bodies and government agencies when required by law
- Our business partners for joint service delivery (with your consent)
International Data Transfers
Occasionally, we may need to transfer your information overseas to service providers or partners. When this occurs, we ensure appropriate safeguards are in place to protect your information, including contractual protections and verification that recipients maintain adequate privacy standards.
Countries where your data might be processed include the United States (for cloud services), the United Kingdom (for financial software), and New Zealand (for regulatory reporting). We will notify you of any significant changes to our international data transfer practices.
5. Your Privacy Rights
Under Australian privacy law, you have several important rights regarding your personal information. We're committed to helping you exercise these rights effectively.
Access Your Information
You can request access to the personal information we hold about you. We'll provide this within 30 days and may charge a reasonable fee for extensive requests.
Correction of Information
If you believe information we hold is incorrect or incomplete, you can request correction. We'll respond within 30 days and notify relevant third parties if corrections are made.
Withdraw Consent
Where we process information based on your consent, you can withdraw this consent at any time. This won't affect processing that occurred before withdrawal.
Marketing Opt-out
You can opt out of marketing communications at any time by contacting us directly or using unsubscribe links in our emails.
Data Portability
You can request a copy of your information in a commonly used electronic format for transfer to another service provider.
Complaint Process
If you're concerned about our privacy practices, you can lodge a complaint with us or directly with the Office of the Australian Information Commissioner.
How to Exercise Your Rights
To exercise any of these rights, contact our Privacy Officer using the details provided below. We may need to verify your identity before processing your request. Most requests are handled within 30 days, though complex requests may take longer.
6. Data Security and Protection
We implement comprehensive security measures to protect your personal information from unauthorized access, alteration, disclosure, or destruction. Our security framework includes both technical and organizational measures.
Encryption
All sensitive data is encrypted in transit and at rest using industry-standard encryption protocols.
Access Controls
Strict access controls ensure only authorized personnel can access your information on a need-to-know basis.
Regular Audits
We conduct regular security audits and vulnerability assessments to identify and address potential risks.
Staff Training
All team members receive regular privacy and security training to ensure proper handling of personal information.
Secure Infrastructure
Our systems are hosted in secure Australian data centers with physical and digital security measures.
Incident Response
We maintain detailed incident response procedures to quickly address any security breaches or data incidents.
Despite our best efforts, no security system is completely impenetrable. If you become aware of any security vulnerability or incident involving your personal information, please contact us immediately.
7. Data Retention and Deletion
We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, comply with legal requirements, or resolve disputes.
| Information Type | Retention Period | Legal Basis |
|---|---|---|
| Client Records | 7 years after relationship ends | Corporations Act requirements |
| Financial Advice Documentation | 7 years from advice date | ASIC regulatory requirements |
| Marketing Communications | Until consent withdrawn | Consent-based processing |
| Website Analytics | 26 months | Legitimate business interests |
| Communication Records | 7 years | Business records requirements |
| Identity Verification | 7 years after verification | Anti-money laundering laws |
Secure Deletion Process
When information reaches the end of its retention period, we securely delete or anonymize it using industry-standard data destruction methods. This includes securely wiping digital storage media and properly destroying physical documents.
8. Cookies and Website Analytics
Types of Cookies We Use:
- Essential Cookies: Required for website functionality and security
- Analytics Cookies: Help us understand website usage and improve user experience
- Preference Cookies: Remember your settings and personalization choices
- Marketing Cookies: Used to deliver relevant advertisements (with your consent)
We use Google Analytics to understand website usage patterns. This involves collecting anonymized data about page views, session duration, and user interactions. You can opt out of Google Analytics tracking using Google's opt-out browser add-on.
Managing Cookies
You can control cookie settings through your browser preferences. Disabling certain cookies may affect website functionality. We provide detailed cookie information and management options in our Cookie Policy, available on our website.
9. Third-Party Services
We work with various third-party service providers to deliver our financial services effectively. These relationships are governed by strict privacy and security requirements.
Key Third-Party Categories:
- Financial Product Providers: Banks, insurers, and investment platforms
- Technology Providers: Cloud hosting, customer relationship management systems
- Professional Services: Legal, accounting, and compliance specialists
- Marketing Services: Email platforms and website analytics providers
- Payment Processors: Secure payment processing and transaction management
All third-party relationships include contractual privacy protections, regular security assessments, and compliance monitoring. We conduct due diligence on all partners to ensure they maintain appropriate privacy and security standards.
Links to External Websites
Our website may contain links to external sites. We're not responsible for the privacy practices of these sites and encourage you to review their privacy policies before providing any personal information.
10. Privacy Policy Changes
We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or business operations. Material changes will be communicated to you through appropriate channels.
How We Communicate Changes:
- Email notification for significant changes affecting your rights
- Website notices for general policy updates
- Direct communication for changes affecting existing client relationships
- Updated "Last Modified" date on this policy
We encourage you to review this policy periodically. Continued use of our services after policy changes constitutes acceptance of the updated terms, unless the changes require explicit consent.
Previous versions of this policy are archived and available upon request for your reference.
Contact Our Privacy Officer
If you have questions about this Privacy Policy, want to exercise your privacy rights, or need to report a privacy concern, please contact our dedicated Privacy Officer.
Privacy Officer
nuvethal Financial Services
7/92 Hoskins St, Mitchell ACT 2911, Australia
Phone: +61412443225
Email: privacy@nuvethal.com
Response Time: We aim to respond to all privacy inquiries within 5 business days and resolve most requests within 30 days.
If you're not satisfied with our response to a privacy complaint, you can contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or call 1300 363 992.