Privacy Statement

The Privacy Act 1988 (‘Privacy Act’) and the Australian Privacy Principles regulate the way organisations collect, use, disclose, keep, secure and give people access to their personal information. We may collect personal information about you and individuals associated with you in order to provide products and services to you, and to ensure compliance with legal and regulatory obligations (including under the Corporations Act, the AML/CTF Act and tax related legislation).

You must ensure that all personal information which you provide to us is true and correct in every detail, and should those personal details change it is your responsibility to ensure that you promptly advise us of the changes in writing. If you do not provide the information requested, we may not be able to process your application, administer, manage, invest, pay or transfer your investment(s). We may also obtain or confirm information about you from publicly available sources in order to meet regulatory obligations.

We may disclose your information to other members of our corporate group or to third parties, where it is necessary, in order to provide you with the products or services. Those third parties may be situated in Australia or offshore, and we take reasonable steps to ensure that all third parties with whom we have a contractual relationship or other influence comply with the Australian Privacy Principles. The third parties that we may disclose your information to include, but are not limited to:

Details of the Privacy Policies applying to the collection of data by our Fund Administrator is available by emailing them to request a copy at: registry@mainstreamgroup.com.au.

Privacy Policy
What kinds of personal information do we collect and hold?
When you speak to us about our provision of financial services to you (for example, financial advice or applying for an interest in a fund), we may collect information that is necessary to be able to provide you with financial services.
For instance, we may ask for identification information such as your name, address, and date of birth. Any
unsolicited personal information we may collect will be promptly destroyed.
Why do we collect, hold, use and disclose personal information?
The main reason we collect, use, hold and disclose personal information is so we can service your request for financial services. This may include:
• Checking your eligibility for our financial services;
• Providing you with financial services; and
• Helping you manage our financial services.
How do we collect personal information?
We collect most personal information directly from you. Sometimes we collect personal information about you from other people such as publicly available sources of information.
How do we hold personal information?
Much of the personal information we hold will be stored electronically and securely by us at the offices of the fund administrator. We use a range of security measures to protect the personal information we hold.
Who do we disclose your personal information to, and why?
Sometimes we may disclose your personal information to organisations outside our operations. For example, with the administrator of a fund, so that it may perform its duties for the fund and our financial services.
What is an eligible data breach?
In accordance with the Scheme of the Privacy Act, we (along with our service providers) are required to notify you of any unauthorised access, disclosure or loss of personal information.
In these circumstances, we perform an assessment to determine if there has been an ‘eligible data breach’. To do so, we consider if the access or disclosure of personal information is likely to result in serious harm to the individuals affected by the suspected data breach.
If we determine there has been an ‘eligible data breach’, then you will be notified as soon as practicable. We will notify the affected party will the details of the breach and the recommended steps to take to mitigate any concern. As required, we will report an ‘eligible data breach’ to the Office of the Australian Information Commissioner (OAIC).
In summary, subject to certain exemptions, the scheme requires us to:
• carry out a reasonable and expeditious assessment if there are reasonable grounds to suspect that there may have been an eligible data breach (and to take reasonable steps to complete that assessment within 30 days);
and

• make the prescribed notifications (to the OAIC, and if practicable, to affected individuals) as soon as we are aware that there are reasonable grounds to believe that there has been an eligible data breach. The
notifications must include a description of the data breach, the kinds of information concerned and
recommendations about the steps individuals should take in response to the data breach.
Who do we notify when there is a data breach of your personal information?
We are obliged to notify individuals whose personal information is involved in a data breach that is likely to result in serious harm (i.e. ‘eligible data breaches’). This notification must include recommendations about the steps individuals should take in response to the breach. The OAIC must also be notified of eligible data breaches.
Do we disclose personal information overseas?
We may disclose your personal information to recipients located outside Australia. These entities may include our service providers.
Do we use or disclose personal information for marketing?
We may use your personal information to offer you further financial services that we believe may interest you. We will not do this if you tell us not to.
If you don’t want to receive marketing offers from us, please contact us on the details listed at ‘Contact us’.
Access to and correction of personal information
You can request access to the personal information we hold about you. You can also ask for corrections to be made. To do so, please contact us on the details listed at ‘Contact us’.
Resolving your privacy concerns and complaints – your rights
If you are concerned about how your personal information is being handled or if you would like to make a complaint, please contact us on the details listed at ‘Contact us’.
If you are not satisfied by our response to an error or complaint about our privacy practices, you may refer to the OAIC (see www.oaic.gov.au).
Contact us
If there is anything you would like to discuss, please contact us. If you have any questions or concerns about our
privacy policy or practices, please contact us on the details listed at ‘Contact us’.