1. Introduction

At Australian Catholic Superannuation & Retirement Fund (the Fund) we understand your privacy is important.

As part of our commitment to protect your privacy, we have practices in place that we follow when we collect, use, disclose and store your personal information. This policy applies to Fund members as well as other individuals whose personal information we collect and hold.

The purpose of this Privacy Policy is to explain to you how personal information collected by the Fund is managed and how we comply with the requirements of the Privacy Act 1988 including the Australian Privacy Principles (APP).

2. Personal information

2.1 What is ‘personal information’?

“Personal information” means information or an opinion about an identified individual, or an individual who is reasonably identifiable.

The information or opinion does not need to be recorded in a material form and does not need to be true for it to be considered personal information.

“Personal information” also includes “sensitive information”. Sensitive information includes any personal information about your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record, health, genetic or biometric information.

Sensitive information also includes health information about an individual, including medical information.

2.2 What kinds of personal information do we collect about you?

The Fund collects, holds, and uses personal information about each Fund member reasonably necessary for the performance of its role in providing superannuation services.

Typically, we collect the following kinds of personal information about you:

  • name, date of birth, contact details, gender, email address, mobile number, employer details and employment history including salary information;
  • financial information;
  • bank account details;
  • Tax File Number (TFN) (if you choose to provide it);
  • insurance details including medical history and health information in connection with the insurance benefits provided through the Fund;
  • superannuation details such as member numbers, names of your beneficiaries and investment choices;
  • information collected from the Funds website and social channels, including geographic location, IP addresses, website page views, number of visits and performance of the website or members online, and
  • any other relevant information the Fund may require to provide you with products and services. 

Personal information may also be collected when a member deals with the Fund over the telephone, enters a competition, promotion or completes a survey.

The Fund might also collect health information in connection with the insurance benefits provided through the Fund.

The Fund may also collect personal information from other stakeholders, and that information will be collected as required for the interactions the Fund has with those individuals.

3. Collection of personal information

There are a number of ways that we can collect personal information about you:

3.1 Directly from individuals

Personal information about you is generally collected directly from you.

Personal information may also be collected when you interact with the Fund over the telephone or online (including entering a competition, promotion or completing a survey).

3.2 Employer and other third parties

On occasion, we may collect personal information from third parties, which may include:

  • When you join, your employer may provide us with your contact details, date of birth and tax file number. Employers also provide us with details of the date of termination of employment (where relevant), and notify us of updated address details from time to time.
  • If you make an insurance claim, most of the information (including your health information) about the claim is collected from you directly, but information may sometimes also be collected from doctors and your employer. If this is the case, the Fund will notify you of the personal information being collected to ensure that you are aware of the matter. The Fund will only collect health information about you with your consent.
  • In the event Family Law matters involving superannuation arise, we may receive personal information from a third party such as a law firm.
  • On your death, we normally collect information about potential beneficiaries from the beneficiaries themselves. However, we will also collect some information about the identity of potential beneficiaries from whoever notifies us of your death.

3.3 Unsolicited

If we receive personal information that we have not requested (unsolicited information) then if we could have collected it, we will retain it otherwise we will destroy or de-identify the information if it is lawful and reasonable to do so.

3.4 Web analytics

We use software to collect data about your interaction with our website. The purpose of collecting your data in this way is to improve your experience when using our site. The types of data we collect with these tools include:

  • your device’s IP address (collected and stored in an anonymised format);
  • device screen size;
  • device type, operating system and browser information;
  • geographic location (city);
  • referring domain and out link if applicable;
  • search terms and pages visited on our website; and
  • date and time when pages were accessed on our website.

3.5 Collecting information over the internet - Cookies

When you visit our website, our server attaches a small data file known as a ‘cookie’ to the hard drive. To improve your experience we use cookies to track your website movements and collect statistics to optimize site functionality. This enables us to analyse usage patterns on our site in order to personalise your online experience.

Most web browsers are set to accept cookies. If you don’t wish to accept cookies you can refuse the transfer of cookies to the computer's hard drive by making adjustments in your Internet browser. This may however, restrict some of the functionality of the Fund’s website or mobile app if cookies are disabled.

The Fund may engage with third parties to analyse use of its website and mobile app information, such as user’s interests, pages visited and number of visits. This assists the Fund in directing relevant campaigns to target groups and by geographic location. The information is de-identified and only the geographic location of the data is disclosed. The target campaigns are then displayed on web pages accessed by members when they are on the internet.

To opt-out of cookies being used by third parties, click on the relevant link below for instructions:

Our websites contain links to other third party websites that may hold and manage personal information differently to our practices. You should consult the other sites' privacy policies as we have no control over information that is submitted, or collected by these third parties.

3.6 Email list, registrations and feedback

We will collect information that you provide to us when signing up to mailing lists and registering for our events, or when submitting feedback on your experience with our website.

3.7 Social networking services

We use social networking services to communicate with you about our products and services. When you communicate with us using these services we may collect your personal information.

Social networking services may also handle your personal information for its own purposes. These services will likely have their own privacy policies, which you should access via their website.

3.8 Anonymity and pseudonymity

Where possible you may choose to remain anonymous or use a pseudonym when interacting with the Fund.

However, while the Fund understands its obligations in respect of anonymity and pseudonymity, superannuation legislation and Anti-money Laundering legislation generally requires the Fund to identify members and their beneficiaries when providing their superannuation benefits.

An individual may make an enquiry about the Fund by choosing to remain anonymous or use a pseudonym, but this may limit the way the Fund deals with your query.

If you decide not to provide the Fund with the personal information needed, or not allow your employer to provide the Fund with that information, then:

  • it may prevent the Fund from contacting you or
  • the Fund may not be able to provide you with superannuation benefits through the Fund.

If you decide not to provide your health information, then:

  • this may limit the level of death or disability benefits that you are able to access through the Fund; or
  • it may prevent any insurance claim you make from being settled.

If you choose not to provide your TFN to the Fund, then:

  • additional tax may be taken out of your superannuation account, as required by law.

4. Purpose of collecting personal information

Personal information collected by the Fund will be used by the Fund to:

  • administer any super, pension and insurance accounts you have, and keep you informed about your super and insurance and opportunities available to you;
  • facilitate the distribution of any benefits payable to you or your beneficiaries;
  • obtain insurance cover from the Fund’s insurer or to process a claim. If you submit incomplete or inaccurate information to our insurer(s), they may not be able to provide you with the insurance cover you are seeking, or complete their assessment of your insurance-related matters;
  • help provide financial education services and tailored communications;
  • conduct marketing campaigns to advise you of other products or services. The Fund may use third parties to carry out its marketing activities. You can opt out of receiving marketing information, this can be completed at any time by clicking on the unsubscribe link provided or by contacting the Fund on 1300 658 776; and
  • for employment candidates, the Fund collects your personal information for recruitment purposes, to manage your employment application and, if you are successfully placed in a position at the Fund, your ongoing employment.

5. Use and disclosure of personal information

The personal information collected by the Fund is required to maintain the Fund’s records, including in a format that identifies each member. Complete and accurate records are essential to the proper management of the Fund and to enable the Fund to provide members with superannuation benefits and keep member’s up to date on other products and services available to them through the Fund.

5.1 Adoption, use or disclosure of government related identifiers

The Fund requests members to provide their TFN.

The Fund restricts access to records containing members’ TFNs to staff who need to handle this information under taxation, personal assistance or superannuation law. In addition, in respect to TFNs, the Fund: 

  • maintains appropriate building security to prevent unauthorised entry to premises;
  • regularly trains staff around the security awareness practices and procedures in relation to TFNs;
  • applies policies on who can access and use records containing TFNs;
  • requires staff to securely store all files containing TFNs after use;
  • availability of audit trails to detect unauthorised access or misuse; and
  • implements access controls for authorised users.

Application forms submitted by members are scanned into the Administration System and stored. The physical application forms are securely shredded on site at regular intervals.

When TFNs are no longer required, the Fund takes all reasonable and practicable steps to de-identify or destroy the information in a secure manner. Alternatively, where that is not practicable reasonable steps are taken to protect the information from misuse or unauthorised disclosure.

5.2 Beneficiaries disclosure

Information about a member’s potential beneficiaries is only used in the event of their death to facilitate the appropriate distribution of any benefits payable.

The Fund uses the health information it holds about a member to enable it to obtain death or disability insurance cover from the Fund’s insurer or to process a member’s death or disability claim.

The records are kept both electronically and in hard copy.

5.3 Direct marketing

The Fund may use personal information for the purpose of directly marketing the Fund’s products and services to members and potential members. This may include the Fund contacting members to be involved in surveys and other research activities. The objective of direct marketing is to ensure that the Fund reviews member satisfaction and the effectiveness of the Fund’s products and services. The Fund may also conduct a number of marketing campaigns throughout the year to advise members of other products or services.

The Fund may use third parties to carry out its marketing activities. If a member does not wish for their information to be shared with third parties for marketing purposes or would like to opt out of receiving marketing information, this can be done at any time by contacting the Fund on 1300 658 776.

5.4 Other disclosures

In undertaking services to members, the Fund will be required to disclose your personal information to certain third parties who perform outsourced functions. The particular party we may disclose your personal information to will depend on the interactions you have with the Fund. Personal information may, as required, be disclosed, transferred to or otherwise handled by:

  • the Fund’s auditors and actuaries;
  • the Fund’s insurance brokers and insurers who provide insurance cover;
  • the Fund’s IT service providers, including web hosting companies, web and software application developers;
  • regulatory authorities, law enforcement agencies and legal bodies as required by law;
  • the Fund’s data matching and information provider who provides identification check’s against member’s information;
  • other fund trustees or administrators (where a member transfers or rolls over their account);
  • An employer, where this is necessary for the Fund to provide benefits to the member;
  • the Fund’s legal and other professional advisers;
  • other third party providers, including document storage, market research and technology companies, printing and collating companies, mail and electronic mail service providers;
  • the Australian Financial Complaints Authority (AFCA), if the member either takes legal action or makes a complaint;
  • if you die, we may share details about your super and insurance with your beneficiaries and legal personal representative as appropriate;
  • a person you have authorised to act on your behalf, for example a financial adviser; and
  • for employment candidates, the Fund may disclose your personal information to referees, recruiters and employment screening service providers.

We may use or disclose personal information where we have reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to the Fund’s functions or activities has been, is being or may be engaged in, and reasonably believe that the collection use or disclosure is necessary in order for the Fund to take appropriate action in relation to the matter.

We may also share your personal information with an organisation where we have obtained your consent.

We may share your information without your consent where this is necessary to satisfy any applicable law, regulatory process, contractual obligations or Government requests.

Personal information may be sent or stored overseas with the Fund’s outsourced service providers. The countries to which your personal information may be transferred to or stored in as at the date of this Privacy Policy are the United States, Japan, and the Philippines. Additional countries may be added to this list in future subject to business requirements.

The Fund takes reasonable steps to ensure all personal information disclosed to or held by overseas providers are safeguarded and comply with Australian privacy laws.

6. Access to and correction of personal information

6.1 Right to access personal information

You can request to access your own personal information by contacting the Fund on 1300 658 776. We will provide you with access to your personal information in accordance with the Privacy Act.

However, under the Privacy Act, there are some circumstances in which the Fund is entitled to deny access to information. These include circumstances where such information is used in confidential decisions or in a commercially sensitive decision-making process, where the privacy of others may be breached if the information was accessed or where the law requires or authorises such access to be denied.

The Fund’s Privacy Officer will respond to any request for access to information within a reasonable time period and will advise if the request for information is refused and the reason why.

The Fund may charge a reasonable fee for the provision of the requested information.

6.2 Correcting personal information

To ensure that the quality of the information we hold about you and that it remains accurate, complete and
up-to-date, we may ask you to check and correct your personal details from time to time.

We may do this when your annual member statement is sent out, when you make a telephone enquiry, or through other means.

Please let us know if you believe any of your personal information is incorrect by contacting the Fund on
1300 658 776.

There will be no charge for the correction of personal information.

7. Protection and security of personal information

7.1 General

The Fund takes all reasonable steps to protect personal information from:

  • misuse, interference and loss; and
  • unauthorised access modification or disclosure.

Physical documents are scanned into the Fund’s Administration System. After a reasonable period of time, the physical documents are destroyed securely.

Your personal information may be held on-site at our offices, in secure premises, or in secure information systems (including in the cloud) operated by our service providers. Your information is only accessible by authorised staff, and authorised service providers who are engaged by us to perform specific functions.

The Fund does not adopt, use or disclose government related identifiers (such as your Tax File Number) except as required or permitted by law.

The Fund has in place the following safeguards for the security of personal information:

  • appropriate building security to prevent unauthorised entry to premises;
  • audit trails to record any unauthorised access;
  • all Fund staff must undergo a thorough security check prior to their employment;
  • login and password controls;
  • segregation of duties;
  • secure file transfer for files containing confidential information;
  • implementation of a clean desk policy;
  • approved policies relating to information security; and
  • security and cybersecurity training for staff.

You can access your account online by using your login and password. The traffic between the Fund’s website and your browser is encrypted.

7.2 Notifiable data breaches

Since February 2018, it has been mandatory to notify the OAIC and the affected individual(s) if:

  • there is unauthorised access to, unauthorised disclosure, or loss of personal information; and
  • this is likely to result in serious harm to one or more individuals; and
  • the Fund has not been able to prevent the likely risk of serious harm with remedial action.

You can find more information about this on the OAIC website at www.oaic.gov.au

8. Enquiries and complaints

You can request a hard copy of this Privacy Policy by contacting us on 1300 658 776, there will be no charge for this.

If you believe your privacy has been breached or you have a privacy complaint, you should write to the Fund’s Privacy Officer on the details listed below.

Name: Sandy Rimagmos
Title: Head of Head of People & Culture
Address: 33 Burwood Road
Postal address: PO Box 656
Telephone: (02) 9715 0000 or 1300 658 776 
 E-mail: privacyofficer@catholicsuper.com.au


If you are not satisfied with the Fund’s response, the matter can be referred to the Office of the Australian Information Commissioner (OAIC) on:

A summary of the Australian Privacy principles can be found here.

9. Changes to our Privacy Policy

This Privacy Policy may change from time to time in response to changes in business or legal requirements and is reviewed at least every three years.

Document last updated on: 30 June 2020

Australian Privacy Principles
Source: https://www.oaic.gov.au/privacy/australian-privacy-principles/australian-privacy-principles-quick-reference