Privacy Policy (“Policy”)

This Policy was last updated on [05/02/2021].


Peter Hayes & Associates ABN 64 566 917 142 (‘we’, ‘our’, ‘us’, PHA Accountants & Advisors, Peter Kenwick Weaver Hayes AFS Licence Number 484815) is bound by the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (Privacy Act). This Privacy Policy (Policy) sets out how we collect, use and share your personal information and how to contact us with any queries or concerns.

By voluntarily supplying us with your personal or credit information, you are agreeing to be bound by this Policy. While we may update our Policy from time to time, the most recent version of this Policy will always be available on our website. If we change the Policy in any material way we will post a notice on our website along with the updated Policy. We may also contact you via your contact information on file, for example by email, notification or some other equivalent measure. 

If you have any queries, concerns or complaints about how we handle your personal information, please contact out Privacy Officer in the first instance:

Privacy Officer Contact: Peter Hayes


Postal address:
Attention: Privacy Officer
Peter Hayes & Associates
217 Fullarton Road
Eastwood  SA  5063

Our website may contain links to other websites. When a user clicks on a link to another site, they are no longer subject to this Policy.


1. What types of information do we collect and why?

In the course of providing our goods and services to you, we collect personal and other information about our accounting, taxation, SMSF financial advice and general business advice clients, customers, suppliers, etc. and how they interact with us, our goods and our services. We collect personal information through a number of mechanisms, including:

1.1       Collection from you: we collect and store information you provide directly to us (either in person, by email, by phone, or by any other direct means) in order to deliver our goods and services. This includes:

  • Contact information: such as your name, address, email address, telephone number;
  • Personal information: such as Tax File Number, employment details, date of birth and driver’s licence details;
  • Financial and credit information: such as your bank and credit card statements to assist in reconciling transactions in your financial accounts, bank account details for direct refunds from the Australian Taxation Office or to set up data feeds for accounting software where applicable, etc.;
  • Business details: such as your Australian Business Number and Australian Company Number.

1.2       Communications: when you communicate with us, we collect information such as your contact details (such as email address or phone number). You can elect to not receive communications from us by contacting our Privacy Officer.

1.3       Through other sources: where necessary, we also collect your information from publicly available records. This can include information relating to an individual’s credit worthiness and other information from credit providers, subject to legal restrictions. Where appropriate and necessary to do so we collect information from public records such as those maintained by the Australian Securities and Investments Commission, Australian Financial Security Authority (such as the Personal Property Securities Register), and land titles offices in each state. We may do this where it is unreasonable or impractical to collect this information from you.

If you have previously applied for a position with us we may have received your personal information from third parties such as recruiters or external websites. We use the information we receive to contact you about any potential opportunities or to evaluate your candidacy.

You have the option of not identifying yourself or interacting with us using a pseudonym to make general inquiries about the goods and services that we offer. However, we will not be able to provide services to you without this information.

2. How we use your information?

We will only use your information for the purposes for which it was collected (primary purpose) or a purpose related to that primary purpose if it would be reasonably expected by you or where we have separately obtained your consent.

We use personal information for the primary purpose of providing accounting, taxation, SMSF financial advice and risk management services to our clients.

How we use the information we collect depends, in part, on which services you use, how you use them and any preferences you have communicated to us. If you would like to restrict how your personal information is handled beyond what is outlined in this Policy, please contact our Privacy Officer.

2.1       Disclosure of personal information to third parties

We may disclose your information to third parties who assist us in providing, managing and administering our goods and services. We will also disclose your personal information where such disclosure is required by law.

We disclose your personal information to third parties that:

  • Manage and enhance our customer database including Chameleo IT who manages our internal IT and security systems.
  • Allow us to process information including MYOB who provides our practice management and accounting software, and BGL who provides our self-managed superannuation fund administration software.
  • Require your personal information to allow our office to deal with matters on your behalf including the Australian Taxation Office, Australian Investment Securities Commission and other Government entities
  • Assess your interest in our products or services or send marketing information to you including Content Partners who manages our website and bulk emailing services for important and timely communication to clients such as industry changes that may affect them and their tax planning strategies, along with our general newsletter;
  • Other purposes related to the provision of our goods and services as applicable to client’s needs. This may include:
    • Moore Australia to conduct the audit of self-managed superannuation funds.
    • Wallmans Lawyers for legal advice and specialist tax advice.
    • Andersons for legal advice.
    • Lindsay Wapper & Associates for property valuation services.
    • Morgan Stanley for financial and investment advice.
    • FinSec Partners for financial and investment advice.
    • Shaw and Partners for financial and investment advice.
    • Cowell Clarke provides compliance support for Peter Hayes’ Limited AFSL

We do not sell or license your information to third parties.

2.2       Disclosure of credit information to third parties

We do not disclose your credit information to any credit reporting bodies.


3. How do we store and secure the information we collect?

We store your personal and credit information as physical files in a secured area and on our electronic data base system and computers with appropriate encrypted back up and security systems.

3.1       Security and management of personal information

We will take reasonable steps to protect the personal information we hold from misuse, loss, and unauthorised access, modification or disclosure. We do this by:

  • putting in place physical, electronic and procedural safeguards in line with industry standards;
  • requiring any third party providers to have acceptable security measures to keep personal information secure;
  • limiting access to the information we collect about you;
  • imposing confidentiality obligations on our employees;
  • only providing access to personal information once proper identification has been given; and
  • We use Chameleo IT to manage our internal IT and security systems. Passwords, firewalls and virus/ransomware protection is used to protect electronic data.  Daily encrypted backups and offsite storage is used to minimise the risk of loss of data.  All encrypted electronic backups are stored on Australian servers for data sovereignty.  Examples of the software Chameleo IT use to protect the data is Veeam and CrashPlan.  Physical data (paperwork) is destroyed through our confidential security bins provider, Veolia Environmental Services.

While we take all steps reasonable in the circumstances to protect your information, in the unlikely event a data breach occurs, we will notify you in accordance with our obligations under the Privacy Act.

If we no longer require your personal information, and are not legally required to retain it, we will take reasonable steps to destroy or de-identify the personal information.  

3.2       Sending information overseas

We do not disclose personal information overseas to third parties.  Any information sent overseas will be directly to the client.


4. How to access and control your information?

4.1       Accessing the information we hold about you

Under the APPs you may be able to obtain a copy of the personal information that we hold about you. To make a request to access this information please contact us in writing. We will require you to verify your identity and specify what information you wish to access. If eligible, we will grant you access to the information within 30 days.

We may charge a fee to cover the costs of verifying your application, and retrieving, reviewing and copying any material requested.

4.2       Updating your personal information

We endeavour to ensure that the personal information we hold about you is accurate, complete and up-to-date. Please contact our Privacy Officer if you believe that the information we hold about you requires correction or is out of date. We endeavour to process any request within 30 days and will provide written reasons if your request is rejected, as well as providing details for making a complaint about the refusal if necessary.

For corrections to credit information we will provide, where practicable, written notice of the correction to any entity we have disclosed this information to previously. 


5. Complaints

If you are concerned that we have not complied with your legal rights or the applicable privacy laws, contact our Privacy Officer in the first instance. Please contact our Privacy Office with a thorough description of your concerns and a response will be provided within a reasonable period. All complaints must be in writing.

When processing a compliant, we will require you to provide us with information to confirm your identity before processing a request related to information we may hold about you.

We expect our procedures will deal fairly and promptly with your complaint. However, if you remain dissatisfied, you can also contact the Office of the Australian Information Commissioner as follows: 

Director of Compliance Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001


For more information on privacy see the Australian Information Commissioner’s website.