Aurum Planning Pty Ltd

ABN 19 141 418 555 | AFSL No: 344139

PRIVACY POLICY (August 2023 V5)

This policy applies to Aurum Planning Pty Ltd, its associated and related entities, and all its directors and representatives (we, our or us).  This document explains our policy in relation to the collection and management of personal information we collect from individuals.  The Privacy Act 1988 requires us to handle personal information in accordance with the Australian Privacy Principles (APP). 

Collection of information – What is collected and why we collect it.

Personal information means information, or an opinion about, an identified individual, or an individual who is reasonably identifiable: whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not.

We are an Australian Financial Services (AFS) Licensee. When we provide you with financial services, we may be required by the Corporations Act 2001 to obtain certain personal information about you, including, but not limited to, your:

  • Name, date of birth, contact details and tax file number.
  • Employment details and employment history.
  • Financial details, including your needs and objectives.
  • Details of your investment preferences and attitude or tolerance to investment and financial risk.
  • Information about your family commitments and social security eligibility.

Sensitive information

We may also need to collect sensitive information if we organise insurance covers for you.  Sensitive information includes health information, racial information, and genetic information.

We will only collect sensitive information that is reasonably necessary for us to perform our functions or activities in advising you, acting for you and dealing with you and consented to by you.  

How is information collected? 

We collect personal and sensitive information in a number of ways, including:

  • Directly from you such as when you provide us with information at meetings, by phone, email, in data collection forms, when you visit our websites or from other parties with you whom you instruct us to deal on your behalf.
  • Our website may use “cookies”. Cookies are small data files that are downloaded from our website and stored on your computer when you visit our website.  Cookies are used to allow us to see which pages and what information is of most interest to visitors to our website, which in turn enables us to improve our offerings to our customers.  Your computer’s web browser will allow you to configure your computer to refuse to accept cookies.  You can also delete cookies from your computer’s hard drive at any time.  However, please note that doing so may hinder your access to valuable areas of information within our site.   
  • Indirectly from fund managers, superannuation funds, life insurance companies and other product issuers once you have authorised us to obtain such information or authorised other parties to provide us with this information.

Are you obliged to provide us personal information?

You are not required to provide us with the information that we request, or to allow us to collect your information from third parties.  However, if you choose not to provide us with the information we request, we may not be able to provide you with the services that you have requested from us, and we may elect to terminate any arrangements we may have with you.  Importantly, if you provide either inaccurate or incomplete information to us, you risk obtaining products or services that may not be appropriate or suitable for your needs and you may risk suffering a financial detriment or financial loss.

What happens if we obtain personal information about you that we have not solicited?

Where we receive unsolicited personal information about you, we will consider if we could have collected the information if we had solicited the information.  Where we determine that we could have collected the personal information from you, we will treat your personal information in the same manner as if we have solicited the information directly from you.  Where we determine that we could not have collected the personal information, we will destroy the information or ensure that the information is de-identified as soon as practicable.

Use of personal information

We use your personal information for the primary purpose for which the information was obtained, i.e., for the provision of financial services.  As an AFS licensee, that will typically mean for the purpose of:

  • Providing financial services and tax (financial) services to you.
  • Implementing investment or risk management recommendations on your behalf.

We may also use the information for the secondary purpose of:

  • Attempting to identify other products and services that may be of interest to you.
  • Referring you to our related entities and associated entities including Theng & Associates.
  • Conducting any professional quality control review program.
  • Managing our business operations such as maintaining secure IT systems.

Do we disclose personal information for direct marketing?

We may use your personal information to offer you products and services that we believe may interest you. We may also disclose your personal information to external associates and service providers who assist us to market our products and services. We will only disclose your personal information (other than sensitive information unless you have consented) if:

  • we collected the information from you; and
  • if you would reasonably expect us to use or disclose the information for that purpose; and
  • we provide you with a simple means by which you may easily request not to receive direct marketing communications from us; and
  • you have not made such a request to us before.

If you do not want to receive direct marketing offers from us please inform us.  Our contact details are included at the end of this policy.

Disclosure of personal information 

With your consent, we may disclose your personal information to:

  • Our representatives.
  • The product issuers of products and services that you have elected to acquire, vary or dispose of by using our assistance.
  • Parties who we think are necessary or convenient to provide financial services to you.
  • Our external service providers.
  • Our related entities and associated entities include Theng & Associates.
  • Prospective entities interested in acquiring all or part of our business.

For example, information may be disclosed to the following parties:

  • Product issuers for the purpose of giving effect to the recommendations made by us, and other organisations who support the products and services we offer.
  • Other parties involved in the administration of your financial products (e.g. custodians, brokers, actuaries, call centres, mail houses, product registries, any persons who propose to guarantee (or have guaranteed) repayment of any credit provided to you, etc.).
  • Our external service providers (e.g. IT providers, professional advisers and contractors).
  • Government and regulatory authorities and other organisations, as required or authorised by law.
  • Any person considering acquiring, or acquiring, an interest in our business.

 Government related identifiers

 We do not adopt government related identifiers as our own.  However, in certain circumstances, we are required to collect government related identifiers such as your tax file number, Medicare or pension card number.  We do not use or disclose government related identifiers other than when required or authorised by or under an Australian law or a court/tribunal order.

Cross-border disclosure of personal information

We may transfer personal information to related bodies corporate or external service providers in locations outside Australia, including, but not limited to, India, the United States, China, Poland and the Philippines, in the course of storing that personal information and when using or disclosing it for one of the purposes referred to above.  When transferring personal information to foreign jurisdictions, we will ensure that we satisfy one of the requirements below:

  • we will take reasonable steps to ensure the overseas recipient does not breach the APP (other than APP 1) in relation to the information by entering into contractual agreements with the overseas recipient that requires the overseas recipient to comply with the APP, other than APP 1;
  • we form a reasonable belief that the overseas recipient is subject to a law, or binding scheme, that has the effect of protecting the information in a way that, overall, is at least substantially similar to the way in which the APP protects the information and there are mechanisms that the individual can access to take action to enforce that protection of the law or binding scheme; or
  • we will seek your informed consent prior to disclosing your personal information overseas. Most of the services that we provide are based on an integrated model of professional and reliable service providers that we have selected after thorough due diligence. If you do not agree to us disclosing your information outside Australia to our external service providers, we will not be able to provide services to you.

Storage and security of personal information

We store personal information in our computer database and hard copy files.  We take reasonable steps to ensure the personal information collected and held by us is protected from misuse, interference, loss, unauthorised access, modification or disclosure.  

In the event you cease to be a client of ours, any personal information which we hold about you will be maintained for a period of not less than 7 years in order to comply with legislative and professional requirements.

Notifiable data breaches

We are required to notify you and the Information Commissioner of an eligible data breach.  An eligible data breach happens if:

  • there is unauthorised access to, unauthorised disclosure of, or loss of personal information held by us; and
  • the access, disclosure or loss is likely to result in serious harm to you.

If you receive a notification from us of an eligible data breach, you should read and implement the steps recommended to you. 

Access and correction of personal information

You may request access to the personal information we hold about you, and we will respond within a reasonable period after the request is made.  Where we provide you access to such information, we may charge a reasonable fee to cover our costs.  We will disclose the amount of such costs to you before providing you with the information.

We will take reasonable steps to ensure that the personal information that we collect, use or disclose is accurate, up-to-date, complete and relevant.  In the event that you become aware, or believe, that any personal information which we hold about you is inaccurate or incomplete, you may contact us to correct the information.  We do not charge you to correct your personal information.

If we disagree about the correction you have supplied and refuse to correct the personal information, or if we believe that we are unable to comply with your request to access the personal information that you have provided us, we will give you a written notice to that effect.  You have a right to make a complaint if you disagree with our decisions about these matters (see below).


If you believe that we have breached the APP or disagree with a decision that we have made about our Privacy Policy, you may complain to us.  To enable us to understand and deal with your complaint in a timely fashion you should set out a brief description of your privacy problem, the reason for your complaint and what action or remedy you are seeking from us.  Please address your complaint to our Privacy Officer.  Contact details are included at the end of this policy.

Your complaint will be investigated and responded to within 30 days.  If you are not satisfied with the outcome of your complaint, you are entitled to contact the Office of the Australian Information Commissioner.

Policy updates

This policy is subject to change from time to time.  The most current version of our Privacy Policy can be obtained from our website ( or by contacting us.

Contact details

Privacy Officer:           Stuart Fulton

Address:                      15 Charles Street, SOUTH PERTH WA 6151

Postal Address:          PO Box 951, SOUTH PERTH WA 6951

Telephone:                  (08) 9367 7166