Privacy Policy

Effective as of 24 May 2018

FinaMetrica Pty Ltd (referred to as “FinaMetrica”, “we”, “us” or “our”), is a company registered in Australia, ACN 081 638 271 with registered office at Suite 1703, Level 17, 227 Elizabeth Street Sydney, NSW 2000, Australia.

We at FinaMetrica and our affiliate PlanPlus Global Inc. are committed to respecting your privacy and recognize your need for appropriate protection and management of any personal information or personal data (“Personal Data”) you share with us. This Privacy Policy applies to our Website, Test and our Risk Profiling System subscription service (collectively “our Subscription Service”).

FinaMetrica is the company responsible for the processing of your Personal Data.

If you are registered to complete the Test, your use of the Website and any material contained therein (e.g. the Test) is also governed by our Terms and Conditions of Use. Please click here for the Terms and Conditions of Use.

If you are registered so as to be able to register others to complete the Test, your use of the Website and any material contained therein (e.g. the Test) is also governed by our Terms and Conditions of Use. Please click here for the Terms and Conditions of Use.

This Privacy Policy is incorporated into the relevant Terms and Conditions of Use above and sets out the basis on which any Personal Data we collect from you, or that you provide to us (either directly or via a third party such as your financial advisor or as described in this Privacy Policy), will be processed by us. It also describes your choices regarding use, access and correction of your Personal Data. Capitalized terms used in this Privacy Policy and not otherwise defined shall have the meanings provided for those terms in the Terms and Conditions of Use.

Please read the following carefully to understand our views and practices regarding your Personal Data and how we will treat it. By using our Subscription Service, you consent to the data practices described in this Privacy Policy. If you do not agree with the data practices described in this Privacy Policy, you must not use our Subscription Service.

By providing information to us about you (either directly or via a third party such as your financial advisor, from associated website or as described in this Privacy Policy), you are accepting and consenting to the practices described in this Privacy Policy.

Please ensure you have read and understood the relevant Terms and Conditions of Use in addition to this Privacy Policy before using the Website or submitting any Personal Data to us via the Test or otherwise.

The scope and nature of the service that FinaMetrica provides

FinaMetrica provides a web-based financial risk profiling system that is based on a psychometric test of personal financial risk tolerance (“the Test”) comprising the risk tolerance questionnaire, the demographic questionnaire, the scoring algorithms and the reports. The Test is available to persons wishing to assess their own financial risk tolerance, to financial advisors that assist their clients’ in assessing their financial risk tolerance, to financial services organisations which offer services to consumers and to financial services educators and researchers.

The Test statistically compares the risk tolerance answers provided by a user with the answers of a sample population of clients of financial advisors. The Test was designed to provide financial advisors with an objective starting point for discussions that will lead to a mutually agreed assessment of a client’s financial risk tolerance. This assessment will, in effect, constitute instructions to the advisor about the level of risk an individual would normally choose to take.

FinaMetrica makes the Test available at www.finametrica.com or on such other websites as nominated by FinaMetrica (“the Website”).

Persons wishing to test their own financial risk tolerance may register their access directly with FinaMetrica, register themselves at another website that offers access to the Test or be registered by a third party (usually a financial advisor).

Financial services professionals wishing to be able to arrange Tests for other persons may register their access directly with FinaMetrica or via another website, or service provider, that offers access to the Test, or be registered by a third party (for example, a financial services organisation which employs them or with whom they are associated).

Depending on the context of the relationship above, we may process Personal Data as a processor, controller or joint controller for the purposes of providing our services.

We also process certain Personal Data as a data controller. Such Personal Data includes, invoicing details and other Personal Data of our customer’s contact persons, in order to maintain our relationship and to provide support using the tools provided by our third party providers/processors as outlined in this Privacy Policy.

Information we collect from you

We may collect and process the following information about you:

  1. Information you give us

    You may give us information about you by filling in forms on our Website, by corresponding with us by phone, e-mail, LiveChat or otherwise. This includes information you provide when you register to use our Website, our services and when you report a problem with our Website and/or services.

  2. Information we receive from other sources

    We may receive information about you if you use any third party websites or a financial advisor, as described in this Privacy Policy, who submits your Personal Data to us via a third party website, directly or otherwise. In each case, you will have been informed when your information was collected that it may be shared with us and will have consented to this sharing before your information was shared with us.

    Where an associated website or other third party registered your access to the Test, such third parties may have access to your Personal Data also. For example, if you are the client of a financial advisor, your financial advisor will have access to your answers to the risk tolerance and demographic questionnaires, and your risk tolerance report

    If your access to the Test was registered through an associated website, via your financial advisor or other third party (or via a combination of these means), you will need to review the privacy policies of these individuals or entities to understand how they process your Personal Data.

 

Submitting Personal Data to us about third parties

If you provide us with information about another person, then you must:

  • have a lawful basis to do so; or
  • have their consent:
    - that you are disclosing their Personal Data to us, and
    - provide them with a copy of (or refer them to) this Privacy Policy.

 

Legal bases for processing (for EEA users)

If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have legal bases for doing so under the EU General Data Protection Regulation (GDPR). The legal bases depend on the services you use and how you use them. This means we collect and use your information only where:

  • we need it to provide you the services, including to operate the services, provide customer support and personalized features and to protect the safety and security of the services;
  • it satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development and to protect our legal rights and interests;
  • you give us consent to do so for a specific purpose; or
  • we need to process your data to comply with a legal obligation.

 

If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect the lawfulness of the processing of your Personal Data that has already taken place. Where we are using your information because we or a third party (e.g. your financial advisor) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the services. 

Where we rely on contract, we will ask that you agree to the processing of Personal Data that is necessary for entering into or performance of your contract.

FinaMetrica’s data security commitment to you

We will take all reasonable and appropriate security measures to protect your Personal Data from misuse, interference and loss, unauthorised access, modification or disclosure, unauthorised or unlawful processing and against accidental loss or destruction, or damage.

FinaMetrica retained the services of BAE Systems Detica to assist FinaMetrica to develop and implement appropriate technical security controls and organisational measures, aligned with ISO/IEC 27001, the International Standard for Information Security Management.

FinaMetrica have implemented appropriate technical and organisational (including staff training) measures to protect your Personal Data consistent with standard industry practice. Such measures take into account the state of the art, the costs of implementation and the nature, scope, context and purposes of processing as well as the risk of varying likelihood and severity for the rights and freedoms of natural persons, including where appropriate, the following measures:

  • access right controls to systems;
  • the pseudonymisation and encryption of Personal Data;
  • the ability to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services;
  • the ability to restore the availability and access to Personal Data in a timely manner in the event of a physical or technical incident;
  • a process for regularly testing, assessing and evaluating the effectiveness of technical and organisational measures for ensuring the security of the processing.

 

Unfortunately, the transmission of data via the internet, whether wired or wireless, is not completely secure. Although we will do our best to protect your Personal Data, internet data transmissions, cannot be guaranteed to be 100% secure, and as a result, we cannot ensure the security of data you transmit to us; accordingly, you acknowledge that you do so at your own risk. We recommend that you take the appropriate steps to secure all computing devices that you use in connection with our Website, software, system and services. Once we have received your information, we will take reasonable steps and security features to prevent unauthorized access.

Confidentiality

We will treat all Personal Data as confidential and we will inform all our employees, representatives and/or approved processors and sub-processors engaged in processing the Personal Data of the confidential nature of the Personal Data. We will ensure that all such persons or parties have signed an appropriate confidentiality agreement, are otherwise bound to a duty of confidentiality, or are under an appropriate statutory obligation of confidentiality.

PART 1: Privacy Statement for those registered to complete the Test.

Please click here for the Privacy Statement for those registered to complete the Test

PART 2: Privacy Statement for financial services industry participants trialling, supplying or commercially using the Risk Profiling System to complete the Test.

Please click here for the Privacy Statement for financial services industry participants trialling, supplying or commercially using the Risk Profiling System to complete the Test

Data Subjects Rights and how to exercise them

If you are an individual in the EEA, you have certain rights in respect to your Personal Data. Where we decide how and why Personal Data is processed, we are a data controller and we include further information about the rights that individuals have and how to exercise them below. These rights include:

  • The right to be informed
  • The right of access
  • The right to rectification
  • The right to erasure
  • The right to restrict processing
  • The right to data portability
  • The right to object
  • Rights in relation to automated decision making and profiling

 

If you wish to exercise any of these rights, please send an email to dpo@finametrica.com. We will aim to respond to any requests for information promptly, and in any event within one month of the request.

Withdrawal of consent

Where we process Personal Data based on consent, individuals have a right to withdraw consent at any time, without affecting the lawfulness of processing based on consent before your withdrawal. To withdraw consent to our processing of your Personal Data please email us at dpo@finametrica.com or, to stop receiving an email from us e.g. marketing list, please click on the unsubscribe link in the relevant email received from us.

When and how we share Personal Data and locations of processing

We will only share Personal Data with others when we are legally permitted to do so. When we share data with others, we put contractual arrangements and security mechanisms in place to protect the data and to comply with our data protection, confidentiality and security standards. To facilitate our global operations, we may process, transfer, store and access Personal Data from around the world, including Canada, the United States and Australia.

Service Providers/Processors: We work with third-party service providers/processors to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis and other services for us, which may require them to access or use information about you. If a third-party service provider/processor needs to access information about you to perform services on our behalf, they do so under close instruction from us, including policies and procedures designed to protect your information.

Personal Data will be transferred outside the countries where we and our customers are located. This includes countries outside the EEA, Canada and Australia. Where we transfer personal data outside of the EEA to a country not determined by the European Commission as providing an adequate level of protection for Personal Data, we have taken steps to ensure all Personal Data is provided with adequate protection and that all transfers of Personal Data outside the EEA, Canada and Australia are done lawfully.

You acknowledge and agree that, in connection with the performance of our services, Personal Data will be transferred to our relevant third party service provider/ processor to perform services on our behalf listed at www.riskprofiling.com/gdpr/serviceprovider for the purposes and at the location stipulated. Our providers HubSpot Inc., LiveChat Inc., Atlassian Pty Ltd based in the United States have been certified to the EU-U.S. Privacy Shield Frameworks as administered by the U.S. Department of Commerce, in order to implement appropriate safeguards for such transfers pursuant to Article 46 of the GDPR.

Our Subscription Service including our Test is hosted by our provider located in Sydney, Australia given FinaMetrica provides its services from Australia. The information provided by you or about you by a third party such as your financial advisor will be processed and stored on our secure server(s) located in Australia.

If you are from a country outside Australia, the various electronic communications will necessarily result in the transfer of information across national boundaries. We rely on Article 49(1)(b) for the transfer of Personal Data outside of the EEA to Australia. If you are based in the EEA, the transfer is necessary for the performance of a contract between you and FinaMetrica, the performance of a contract between you and your financial adviser to have access to the Test or the implementation of pre-contractual measures taken at your request.

Personal data held by us may also be shared and transferred to:
Our Partners: We work with third parties including our Regional Partners listed on https://www.riskprofiling.com/about in the UK and Germany who provide consulting, sales, and technical services to deliver and implement customer solutions around the services. We will share your information with these third parties in connection with their services, such as to assist with billing and collections, to provide localized support, and to provide customizations. We also share information with other third parties including our Alliance Partners that you have selected to receive an associated subscription discount.

Sharing with affiliated companies: We share information we collect with affiliated companies and, in some cases, with prospective affiliates, in order to operate and improve products and services, to provide localized support and to offer other affiliated services to you. Affiliated companies are companies that own us, or are owned by our affiliated companies, or operated by us. The protections of this Privacy Policy apply to the information we share in these circumstances.

Links to Third Party Sites: The services may include links that direct you to other websites or services whose privacy practices may differ from ours. If you submit information to any of those third-party sites, your information is governed by their privacy policies. We encourage you to carefully read the privacy policy of any website you visit.

With your consent: We share information about you with third parties when you give us consent to do so. For example, we often display personal testimonials of satisfied customers on our public websites. With your consent, we may post your name alongside the testimonial.

Business Transfers: We may share or transfer information we collect under this Privacy Policy in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will be notified via email and/or a prominent notice on the services if a transaction takes place, as well as any choices you may have regarding your information.

Compliance with Law and Similar Obligations

In exceptional circumstances, we may also disclose your Personal Data as is necessary to: (a) respond to or comply with a subpoena or court order; (b) co-operate with law enforcement or other government agency; (c) establish or exercise our legal rights; (d) defend against legal claims; or (e) as otherwise required by law or permitted by law.

How we use Cookies

FinaMetrica requires cookies to be activated in order for the Website to function efficiently. A cookie contains information that enables our servers (ie. the computers that house this Website) to identify and interact efficiently with your device. The Website uses session cookies which exist only for the browser session and are deleted automatically once you close your browser.

The Website also allows you to use cookies to save passwords and preferences so you do not have to re-enter them each time you visit the Website. These cookies can be deleted by you at any time. For more information about why we use cookies, see our Cookie Statement.

You can configure your browser to either accept all cookies, reject all cookies or to notify you when a cookie is being sent to your device. The Help function on your browser will provide you with details on how to change your browser configurations. You will need to accept cookies in order to use some functionality on this Website.

By accessing and using the Website, you consent to the placement of cookies in your browser in accordance with our Privacy Policy and Cookie Statement.

Browsing the Website

When you visit and access the Website, we collect general information that enables us to continually evaluate and improve the performance of the Website. This general information includes:

  • Device and connection information such as browser type and version, operating system and platform;
  • The name and Internet Protocol (IP) address of the device accessing the Website;
  • The number of users visiting the Website and the number of pages viewed;
  • The date, time and duration of visits; and
  • The path taken through the Website.

 

By using the above general information, FinaMetrica can identify errors on the Website, such as defective hyperlinks or program defects, and thus continually improve the quality of the Website. By using the Website, you hereby consent to FinaMetrica collecting and processing such information. FinaMetrica reserves the right to review the IP address of a user where FinaMetrica has reasonable cause to believe that the user is using the Website and/or the Test in breach of contractual agreements or the applicable legislation.

How long we keep information

How long we keep information we collect about you depends on the type of information, as described in further detail below. After such time, we will either delete or anonymize your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

Subscription information: We retain your subscription information for as long as your account is active and a reasonable period thereafter in case you decide to re-activate the Subscription Service. We also retain some of your information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our services. Where we retain information for service improvement and development, we take steps to eliminate information that directly identifies you, and we only use the information to uncover collective insights about the use of our services, not to specifically analyze personal characteristics about you.

Information you share for the Test: We do not delete your answers to the risk tolerance questionnaire used by FinaMetrica for the purpose of producing your risk tolerance report, including your risk tolerance score and information for your personal use in the management of your financial affairs or for use by your financial advisor in advising you with regard to your financial affairs or for use by the third party through whom you were registered to do the Test. We retain the information as necessary to comply with our legal obligations, to resolve disputes, to enforce our agreements, to support business operations, and to continue to develop and improve our services. Where we retain information for service improvement and development, we only use the information to uncover collective insights about the use of our services, not to specifically analyze personal characteristics about you.

Marketing information: If you have elected to receive marketing emails from us, we retain information about your marketing preferences for a reasonable period of time from the date you last expressed interest in our services. We retain information derived from cookies and other tracking technologies for a reasonable period of time from the date such information was created.

Changes to our Privacy Policy

As FinaMetrica evolve, will need to update this Privacy Policy from time to time to keep pace with changes in our Website, Subscription Service, our business, and laws applicable to us and you. We will, however, always maintain our commitment to respect your privacy. We will notify you of any material changes that impact your rights under this Policy by email (to your most recently provided email address) or post any revisions to this Policy, along with their effective date, on www.riskprofiling.com/privacy/privacy_policy, so we recommend you check back here frequently to stay informed of any changes.

You acknowledge that your continued use of our Website, the Subscription Service, our services and/or continued provision of Personal Data to us after we publish or send a notice about our changes means that the collection use and sharing of your Personal Data is subject to the updated Privacy Policy.

You confirm that you have read and understand this Privacy Policy and that you consent to the terms of our Privacy Policy.

Complaints

We hope that you won’t ever need to, but if you do want to complain about our use of Personal Data, please send an email with the details of your complaint to dpo@finametrica.com. We will look into and respond to any complaints we receive.

If you are based in the EU you also have the right to lodge a complaint with the relevant local supervisory authority for data protection.

How to Contact Us

If you have any questions about this Privacy Policy or how and why we process Personal Data, please contact us at:
Data Protection Officer
Email: dpo@finametrica.com
Phone: +612 8668 9270 or write to us at Suite 1703, Level 17, 227 Elizabeth Street Sydney, NSW 2000, Australia