1. Policy Introduction
“Personal information” is any information that can identify an individual or that can reasonably enable an individual’s identity to be determined. This information could include the individual’s name, postal or email address, date of birth or financial details. It also covers “sensitive information” such as the individual’s health or genetic information, racial or ethnic origin, political opinions, membership of political association, religious beliefs or affiliations, philosophical beliefs, membership of professional or trade association, membership of trade union, sexual preferences or practices or criminal record.
Hearts and Minds Investments is bound by the Privacy Act 1998 (Cth) (Act) and the Australian Privacy Principles (APP) that are contained in that Act.
At or before, or if that is not practicable, as soon as practicable after, the time personal information is collected, we will take reasonable steps to ensure that the individual is aware of the matters required by the APP, including:
- why the personal information is being collected;
- who else the personal information might be given to;
- how to contact us, including to make a complaint.
If we collect personal information about an individual from someone else, we will take reasonable steps to ensure the individual is aware we have collected the information and of the above matters.
2. Collection of Personal Information
Hearts and Minds Investments may collect personal information about an individual in a variety of ways, including when an individual interacts with us in person or electronically, for example when an individual accesses our website, email correspondence, written correspondence and telephone conversations.
We will only collect personal information about an individual where the information is reasonably necessary for one or more of our functions or activities. The kinds of personal information collected and held, how that information is collected and held and the purposes for which that information will be collected, held, used and disclosed will depend on the circumstances and dealings the individual will have with us.
Examples of the kinds of personal information Hearts and Minds Investments may collect and hold include:
- phone number;
- fax number;
- email address;
- information about goods or services ordered, acquired or supplied;
- information from enquiries made;
- communications between Hearts and Minds Investments and an individual; and
- bank account or other financial institution details.
Hearts and Minds Investments do not expect to collect sensitive information but it may do so where it has obtained the individual’s consent to the collection and the sensitive information is reasonably necessary for one or more of our functions or activities or if the collection is authorised or required by a court/tribunal order or the law.
We will generally collect an individual’s personal information as much as possible directly from the individual. For example, through completing a form or becoming a shareholder. We may on occasion collect an individual’s personal information from publicly available sources of information and from third parties.
For individuals that use our website, we may indirectly collect their internet protocol (IP) address, device identifiers, browser type, operating system, internet service provider, location, mobile network information, pages accessed and time stamps (where relevant).
Hearts and Minds Investments will take reasonable steps to ensure that the personal information that is collected, used or disclosed by it is complete and up to date.
3. Purpose of the collection
Hearts and Minds Investment collects, uses and discloses an individual’s personal information to conduct the functions and activities as an Australian listed investment company and to provide financial support to the selected medical research institutes. For example, we:
- collect personal information from shareholders for the purposes of enabling proper records to be kept and for reporting purposes; and
- collect personal information from individuals who enter into service agreements, joint venture agreements or other transactions with Hearts and Minds Investments for the purpose of administering those agreements or transactions or for reporting purposes.
We may also use the personal information for any purpose:
- for which the individual’s personal information was originally collected or have consented to;
- any related purpose for which it would reasonably be expected to be used or disclosed;
- for enforcement related activities conducted by, or on behalf of, an enforcement body; or
- which is authorised or required by a court/tribunal order or an Australian law.
If we are unable to collect and/or verify some or all of an individual’s personal information, we may not be able to provide the services (such as reporting on our investment activities) and functions or enter into a business relationship with the individual.
We may collect, use and disclose an individual’s personal information to provide them with information about our products and services and products offered by other parties that we believe may be of interest to them (including by way of direct mail, telephone, email, SMS and MMS, secure portals, and online advertising and marketing) or to request their feedback for research purposes. The individual always have the right to opt out of receiving such information and may exercise that right by contacting us as set out below in section 6.
Where the individual ceases its relationship with us, we will only retain their personal information on file to the extent necessary to meet our regulatory obligations and we will only contact the individual with their consent.
4. Use and Disclosure of Personal Information
There are a range of people and organisations we may disclose your personal information to and collect your personal information from. The particular party we may disclose your personal information to will depend on the dealings you have with us. Some examples of persons to whom we may disclose an individual’s personal information include:
- Mail and electronic mail service providers for the communication of investor statements and other information.
- Investment, legal and other professional advisers and other experts.
- Regulatory authorities and legal bodies as required by law (e.g. Australian Taxation Office, the Australian Transaction Reports and Analysis Centre, Australian Prudential Regulation Authority, the Australian Securities and Investments Commission or a Court or tribunal).
- Auditors (in order to assist them in conducting their independent audit and review activities of our financial statements and operations).
- Third parties (if the individual provides us permission to do so e.g. their financial adviser).
- Other third party service providers so that they can provide contracted services to us such as information technology support, hosting services, telephone services, mailing or sending other documentation, identity verification, fraud prevention, marketing or market research.
We may also share an individual’s personal information with a third party where we have obtained the individual’s consent.
We may require the individual’s consent to use and/or disclose their personal information if we need to use their information for a purpose that is not related to the purpose for which it was collected.
If the individual does not consent to us collecting, using and/or disclosing their personal information for such other purposes, this may affect our ability to deliver and improve our services, or to engage or do business with them.
Hearts and Minds Investments is unlikely to disclose personal information to overseas recipients. If we do, we will only disclose personal information to a recipient overseas in accordance with the Act. Circumstances in which we will do this include where:
- the individual has asked us to or we have their consent to do so;
- we have outsourced a business activity or function to an overseas service provider;
- we reasonably believe that the overseas recipient is subject to a law or binding scheme that protects the information in a way that is substantially similar to the way the information is protected under the Act and the APP, and there are mechanisms the individual can access to take action to enforce that protection; or
- the disclosure is required or authorised by or under an Australian law or a court/tribunal order.
Please note that the laws on processing personal information in other countries may be less stringent than in Australia. When we disclose personal information overseas, we will take reasonable measures to ensure that the individual’s information is held, managed and accessed in accordance with the standards that apply in Australia, including the APP.
Hearts and Minds Investments requires its service providers to keep the personal information confidential and not use it for any purpose other than performing those services.
5. Security of Personal Information
Hearts and Minds Investments will take reasonable steps to ensure that the personal information that it holds is protected from misuse, interference and loss and from unauthorised access, modification and disclosure.
We have security policies and systems in place to protect your personal information, which are reviewed and updated on a regular basis. We implement multiple layers of security controls throughout our systems so that in the event that one control fails, or a vulnerability is exploited, there are other measures still in place to protect your personal information. Relevant measures include firewalls, data encryption, limiting access to data and controls over access to information.
The people within our organisation who handle your personal information are only those who have the need to access it and they have the training and skills to protect your personal information from unauthorised access or misuse.
Our website uses industry standard security protocols to protect the personal information you disclose in using our online facilities. We use encryption to provide more secure communications when using our online facilities. In addition, when you use our online facilities you must read and accept terms and conditions relating to privacy and security. You can review the online terms and conditions here.
If you provide us with your personal information over the internet you accept that such information will be transmitted at your own risk as the security of such information cannot be guaranteed.
Hearts and Minds Investments will also take reasonable steps to ensure that personal information it holds that is no longer necessary for the disclosed purpose is destroyed or permanently de-identified, subject to any legal obligation to keep the personal information for any required period of time.
6. Access to, Updating and Correcting Personal Information
At the request of an individual, Hearts and Minds Investments will, in most circumstances, provide access to an individual to any personal information that is being held by Hearts and Minds Investments about that individual.
We endeavour to ensure that the personal information we hold is accurate, up-to-date, complete, relevant and not misleading. An individual can seek access to, and update or correct, any personal information that is being held by Hearts and Minds Investments about that individual by contacting us here.
We will provide an individual with access to their personal information in accordance with the Act. Under the Act we can deny access to some or all of a person’s personal information in specified circumstances, and will provide reasons for any refusal in writing. If the person is not satisfied with any refusal to grant them access to their personal information, they may make a complaint.
We may seek to verify the individual’s identity before we process any access or correction requests to make sure that the personal information we hold is sufficiently protected.
To ensure that the information we hold about the individual remains accurate, complete and up-to-date, we may ask the individual to check and correct their personal details from time to time. We may do this as part of our regular communications with them, when they make a telephone enquiry, or through other means. Where we consider the personal information is incorrect, we will take reasonable steps to correct the personal information, unless there is a law that allows or requires us not to.
7. Amendment of Policy
Hearts and Minds Investments may amend this Policy from time to time. The latest policy is available on this website and on request.
8. Intranet and Website
Some of the pages on the Hearts and Minds Investment website use "cookies", which are small files that may be placed on the person’s hard disk for record-keeping purposes. Cookies helps us remember the person viewing our website and may collect and store the person’s server address, top level domain name (e.g. .com, .gov, .net etc), the date and time of visit, location of country service address, the type of browser used, the pages viewed and any downloads made, the previous site visited and the site visited next. We may also use the information to assist in improving the website, marketing and product development.
You can set your browser to notify you when you receive a cookie, giving you the chance to decide whether or not to accept it. A server cannot find out a name or email address, or anything about you by using cookies.
We do not store or collect cookie information. Once we receive information from you, via email or any other means, the information is stored in a secure environment.
9. Concerns, Queries and Complaints
If a person has any concern, query or complaint about:
- any personal information that may have been collected, used or disclosed by Hearts and Minds Investments;
- a breach of the Australian Privacy Principles,
they can contact us here. Any concerns, queries or complaints are to be referred to the Company Secretary/Chief Financial Officer.
Hearts and Minds Investments takes complaints very seriously and will respond shortly after receiving written notice of the complaint. We will try to resolve the complaint quickly and fairly.
If the person is not satisfied with the manner in which we deal with their complaint they may refer it to the Office of the Australian Information Commissioner (OAIC):
Online: by visiting www.oaic.gov.au
Phone: 1300 363 992
Mail: GPO Box 5218
Sydney NSW 2001
Approved 28 February 2022