BGL Group Privacy Policy and Data Collection Statement
This privacy statement discloses the privacy practices of BGL Group based at Suite 2, 606 – 608 Hawthorn Road, East Brighton, Vic, 3187, Australia.
When we refer to “we”, “us”, or “our”, we mean BGL Group, which consists of:
- BGL Corporate Solutions Pty Ltd
- BGL Client Services Pty Ltd
- BGL Data Services Pty Ltd
- BGL Innovations Pty Ltd
- BGL SmartDocs Pty Ltd
- BGL Corporate Solutions Limited (New Zealand)
- BGL Corporate Solutions Pte. Ltd. (Singapore)
- BGL Corporate Solutions Pty Ltd (Hong Kong)
- BGL Corporate Solutions Ltd (United Kingdom)
It is BGL Group’s mission to build users’ trust and confidence as BGL Group is committed to user privacy and would like to disclose our practices.
We may need to update this privacy policy from time to time, without prior notice. If it is changed, the changes will be posted at www.bglcorp.com so that you are always aware of the type of information collected, how the information may be used, and under what circumstances it may be disclosed by us.
We define “Personal Data” as any identifiable information about you, which may include your name, address, telephone, email address, bank account information, TFN, and so on.
Which regulations apply to the use of your Personal Data?
The BGL Group is required to comply with various privacy laws in the jurisdictions in which we operate. These include:
- The Privacy Act 1988 of Australia
- Regulation (EU) 2016/679 (General Data Protection Regulation)
- The Data Protection Act 2018 of the United Kingdom, which incorporates Regulation (EU) 2016/679 as the “UK GDPR”.
- Privacy Act 2020 of New Zealand
- Personal Data Protection Act 2012 of Singapore
The Personal Data (Privacy) Ordinance 1996 of Hong Kong
Information Collection and Use
The BGL Group is the sole owner of the information collected. We will not sell, share, or rent this information to others in ways different from what is disclosed in this statement. The BGL Group collects information from our clients and prospects via email, BGL website, MyBGL, BGL Community, BGL Client Centre, BGL Wiki forums, Dropbox, Zendesk, telephone, mail and various web services
Information is collected when a prospect or client:
- enquires about our software or services
- purchases any of our software or services
- provides feedback by any media
- completes surveys or replies to expressions of interest
- registers for BGL Group promotional events
- registers for hands on training, update seminars or webinars
- renews a software subscription or service subscription
- obtains any other service or product from us
- participates in special offers
- logs a support call
- uses support chat
- accesses our Internet site
- communicates in our online Community
- provides feedback through our website
- uses the Software
- provides feedback through the Software
Data files containing client information (and information of our clients’ clients) may also be collected to:
- assist with the resolution of software problems
- convert data from another software package to a BGL Group software package
- combine software data sets
The BGL Group also collects
- bank account data for our Bank Data Service
- contract note data for our Contract Note Service
- registry data for our Registry Data Service
- documents submitted for processing by BGL SmartDocs
Only certain employees from relevant departments have access to data stored in our web applications CAS 360, Simple Fund 360, Simple Invest 360, BGL Smartdocs 360 and BGL SmartDocs AI Studio.
BGL successfully achieved ISO 27001 certification for CAS 360, Simple Fund 360, Simple Invest 360 and BGL SmartDocs 360 and BGL SmartDocs AI Studio. At that time, BGL implemented an Information Security Management System and instituted processes and procedures to ensure the privacy of data is always maintained.
What happens if you do not provide the information?
Should the relevant information not be provided, clients may be disadvantaged as they may not receive software and product updates, support calls may not be able to be resolved and information may not be provided to the correct person.
What does BGL Group collect and how is your information used by BGL Group?
We request information from the clients to provide you with a specific service. This may include details of special offers, updates to software, details of product training courses, update sessions and webinars, newsletters, new product information and other information of interest. Information collected may be in the form of email, website submissions, facsimile, phone, face to face or mail. A client may provide information such as contact names, business name, contact number(s), facsimile number, mailing address and financial information like direct debit data. This information is used for billing purposes. If we have trouble processing payment, the contact information is used to contact the client.
The BGL Group uses IP addresses to analyse trends, administer our website and gather broad demographic information for aggregate use. IP addresses are not linked to personally identifiable information.
The BGL Group will send materials to clients by email, mail and facsimile. If at any time you receive material that you did not request or do not want to receive such material anymore, see Correcting and Updating Your Profile below.
Data files are used by the BGL Group to resolve software problems or to convert or combine data files.
Bank account, contract note and registry data is used to provide these services to clients.
Documents submitted by you for processing by BGL Smartdocs. These documents are used by BGL SmartDocs to train the BGL Smartdocs AI models to improve the BGL SmartDocs service.
Who does the BGL Group disclose personal information to?
The BGL Group will not sell, rent, or trade any personal information or data files obtained from you without your consent.*
BGL Group will only share your personal data with:
- A third party service provider and / or partner who you have authorised requires data from us to provide you a service, or
- SelfWealth*,
- Regulators and law enforcement bodies, or
- Other entities where we have your consent.
* From 1 January 2017, Simple Fund 360 includes automated integration with SelfWealth Ltd, a BGL business partner. BGL has agreed with SelfWealth to automatically add new Simple Fund 360 funds to the SelfWealth platform. The SelfWealth platform is available to all BGL Simple Fund 360 clients free of charge. If you do not want your funds added to the SelfWealth platform, you can disable this function in your Simple Fund 360 software. SelfWealth’s Privacy Policy states it will not share your data with any third party.
Who does the BGL Group disclose aggregated data to?
The BGL Group may share unidentifiable aggregated demographic data with other organisations and may use the unidentifiable aggregated demographic data to provide clients with a better user experience.
BGL Group marketing and you the customer
The BGL Group may market products and services to you that we think will benefit your business. These products and services may be from the BGL Group or from our business partners.
You have the opportunity to opt out of BGL Group marketing.
How does BGL Group keep your personal information secure?
The BGL Group takes every precaution to protect our clients’ information. When clients submit sensitive information via the BGL website, BGL Client Centre, MyBGL, Dropbox or Zendesk, information is protected both online and off-line. When the BGL Group registration / purchase form asks users to enter sensitive information, that information is protected.
Credit card payments made through the BGL website are handled by Stripe which is a certified PCI Level 1 Service Provider. Credit card payments made by the BGL Group Team are made through ANZ Egate which is part of ANZ Bank. BGL Group does not retain credit card numbers.
The BGL Group has security measures designed to protect against the loss, misuse and/or alteration of the information under its control.
Client and prospect information is maintained in our SugarCRM and Zendesk systems which are secured. SugarCRM data is stored at BGL Group in Australia. Zendesk data is stored by Zendesk at multiple locations on the east coast of the USA. All client information is password protected. All paper files maintained are stored securely.
BGL uses Gmail by Google, the Google suite of applications and the Microsoft suite of applications. This data is stored by Google and Microsoft at numerous locations throughout the world. Access to BGL web applications is secured by username, password and (where available) multi factor authentication.
All client data stored on our file servers is controlled by login names and passwords. Client data is deleted once the support issue has been resolved or the conversion or combination of data is complete.
Changes to our Privacy Policy
If we decide to change our privacy policy, we will post those changes on our Website so our clients are always aware of what information we collect, how we use it and under what circumstances, if any, we disclose it. If at any point we decide to use personal identifiable information in a manner different from that stated at the time it was collected, we will notify users by way of an email.
Clients will have a choice as to whether or not we use their information in this different manner. We will use information in accordance with this privacy policy under which the information was collected.
BGL Group will respond to requests for client data from regulatory authorities, courts and law enforcement authorities where required under legislation or by Court Order. BGL Group will advise the client before releasing client data when it is permitted to do so.
BGL Group will respond to requests for client data from other third parties where the client has approved the release of the data or where BGL Group is required by Law to release the data. Where BGL Group is required by Law to release data to a third party, BGL Group will advise the client before releasing client data when it is permitted to do so.
This Privacy Policy does not apply to acts or practices of BGL Group that are directly related to employee records of current or former employees.
Correcting and/or updating your profile
The BGL Group gives you the following options for accessing and modifying Information previously provided:
(a) You may gain access to Information that BGL has collected about you by contacting us by email at [email protected]. We will not charge you for responding to such a request, unless we incur costs in providing the information.
(b) You are able to change/update personal information through MyBGL or by obtaining a Change of Subscriber Form from BGL Group. You can also email BGL Group to change your data held by us at [email protected].
Complaints
If you have any concern about your personal information and how it is being handled by BGL Group, email us at [email protected] describing your concern. BGL Group will acknowledge receipt of your email within 3 working days. It is BGL Group’s duty to investigate any privacy matters and resolve it (make a decision) as soon as possible, however, in some circumstances, it could take us up to 30 days to reach a decision. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner and submit a complaint through their website.
Contacting us
BGL has appointed a Data Protection Officer to oversee our data protection strategies and ensure we remain compliant with data protection obligations. If you have any questions regarding this Privacy Policy or the BGL Group’s Privacy Practices or wish to contact our Data Protection Officer:
BGL Corporate Solutions Pty Ltd
PO Box 8063
Brighton East, VIC 3187
Australia
Tel + 61 (0)3 9530 6077
[email protected]
Released: 17 August 2005
Updated: 9 December 2024
Addendum
UK General Data Protection Regulation (GDPR)
If your data falls under the UK GDPR, the following additional provisions apply:
Rights under the UK GDPR:
You have specific rights including:
- The right to be informed about the collection and use of your personal data.
- The right to access the personal data we hold about you.
- The right to rectification if personal data is inaccurate or incomplete.
- The right to erasure of your personal data.
- The right to restrict processing.
- The right to data portability.
- The right to object to data processing.
- Rights concerning automated decision-making and profiling.
To exercise any of your rights under the UK GDPR, you can contact us at [email protected].
The Purposes for BGL Using Your Personal Data
The following outlines the purposes and legal basis for BGL’s use of personal data under the GDPR.
If you have a commercial relationship with us, we may collect and process the personal data of your employees, collaborators, service providers or platform users for the following purposes:
Purposes | Legal Basis |
Provision of the web application services in accordance with our contract with You | Performance of a Contract |
Authentication of your identity, and provide You access to our web applications | Performance of a Contract |
Managing client relationships (prospective, current or non-current) | Consent |
Provide product support | Consent |
Provide client services (i.e. data conversions) | Consent |
Managing supplier relationships | Performance of a Contract |
Distribution of marketing and promotion, materials, and newsletters | Consent |
Registration of events and webinars organised by BGL or in partnership with a third-party | Consent |
Creation of aggregated data using techniques such as inference, anonymisation, pseudonymisation, or other data masking methods. This data is used for exploring and analysing purposes to ultimately provide enhanced services to You | Legitimate Interests |
Collection of feedback provided through the software | Consent |
Monitor, evaluate, and analyse the use of our services to diagnose and fix issues and bugs, and to enhance the user experience | Legitimate Interests |
Data Transfers under UK GDPR:
When transferring personal data outside the UK, especially to countries that do not have an adequacy decision from the UK government, BGL Group will ensure that appropriate safeguards are in place as per the UK GDPR requirements. This could be through the use of standard contractual clauses, binding corporate rules, or other permissible mechanisms under the UK GDPR.
Updated on 09/12/2024