# SDG Impact (Australia) Pty Ltd trading as Finoptis Consulting Services - Privacy Policy
1. Introduction SDG Impact (Australia) Pty Ltd trading as Finoptis Consulting Services is committed to protecting the privacy of the individuals with whom we interact. We are bound by, and comply with, the *Privacy Act 1988 (Cth)* (Privacy Act) and the Australian Privacy Principles (APPs) set out in the Privacy Act. This policy outlines how SDG Impact (Australia) Pty Ltd trading as Finoptis Consulting Services manages the personal information we collect, primarily in the context of our business-to-business (B2B) relationships. This policy does not apply to information that is not personal information (e.g., corporate data). 2. What is Personal Information? Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information is recorded in a material form or not. 3. Collection of Personal Information We primarily collect personal information directly from the individuals we deal with, or from their employer or company, for the purpose of managing our B2B relationships and providing our financial services. 3.1. Types of Personal Information Collected The personal information we collect is typically related to individuals acting in their professional capacity on behalf of a company, including: * Contact Details:** Name, job title, company name, business address, professional email address, and professional phone numbers. * Identity Information:** Details required for professional identification, registration, or regulatory compliance purposes. * Interaction Data:** Records of communications (emails, calls, meetings) and relationship history. * Technical Data:** Usernames, passwords (securely stored), and log-in details for our client-facing systems. * Website Usage Data:** IP addresses, browser type, and details of website use collected via cookies and analytics. 3.2. Sensitive Information We do not routinely collect sensitive information (such as health or criminal history) unless required by law or necessary for a specific transaction or service, in which case we will seek your consent. 4. Purposes for Collection and Use of Personal Information We collect, hold, use, and disclose personal information that is reasonably necessary for us to carry out our business functions and activities, which include: * Service Delivery: Providing, managing, and administering our financial products and services to our client organisations. * Relationship Management: Maintaining and managing our relationships with our clients, vendors, and business partners. * Contractual Obligations: Fulfilling our obligations and enforcing our rights under contracts with client organisations. * Communication: Communicating with client representatives regarding account, service, or product updates. * Compliance: Meeting our legal, regulatory, and reporting obligations (including anti-money laundering and counter-terrorism financing laws). * Improvement: Improving our service offerings and website functionality. 5. Disclosure of Personal Information We may disclose personal information to third parties in the course of our B2B activities where you would reasonably expect us to, or as otherwise required or authorised by law. This may include disclosing information to: * Service Providers: Third-party providers that assist us with our business operations, such as IT service providers, cloud data storage providers, professional advisers, payment processing providers, and auditors. * Regulatory Bodies: Government, regulatory, and law enforcement agencies where required by law (e.g., the Australian Securities and Investments Commission (ASIC) or the Australian Taxation Office (ATO)). * Related Entities: Our related bodies corporate within the SDG Impact (Australia) Pty Ltd trading as Finoptis Consulting Services. 5.1. Cross-Border Disclosure We may disclose personal information to overseas recipients (for example, to offshore cloud service providers or to an affiliate located outside Australia). Before doing so, we will take reasonable steps to ensure that the overseas recipient complies with the APPs, or that we obtain your express consent. We may remain accountable for how the overseas recipient handles your personal information.6. Data Quality and Security
We take reasonable steps to ensure the personal information we collect is accurate, up-to-date, and complete. We take reasonable steps to protect the personal information we hold from misuse, interference, loss, and unauthorised access, modification, or disclosure. We use physical, administrative, and technical safeguards, including encryption and access controls, to protect data. We will permanently de-identify or securely destroy personal information when it is no longer required for any purpose for which it was collected, or as required by law. 7. Access, Correction, and Anonymity 7.1. Access and Correction You have a right to request access to and correction of the personal information we hold about you. We will respond to a request for access or correction within a reasonable period. We may charge a reasonable fee for providing access to the personal information, but we will not charge a fee for making the request. 7.2. Anonymity and Pseudonymity You have the option of dealing with us anonymously or by using a pseudonym where it is lawful and practicable. Given the nature of our B2B financial services, it is generally impractical for us to deal with individuals who are not properly identified. 8. Direct Marketing and Opt-Out We may use your professional contact details to send you information about our services, updates, or events that may be relevant to your organisation. All direct marketing communications sent by SDG Impact (Australia) Pty Ltd trading as Finoptis Consulting Services will comply with the *Australian Spam Act 2003 (Cth)* and will include an option to **unsubscribe** or **opt-out** from receiving future communications. You may also opt-out at any time by contacting our Privacy Officer. 9. How to Make a Complaint If you believe that SDG Impact (Australia) Pty Ltd trading as Finoptis Consulting Services has breached this Privacy Policy or the APPs, please contact our Privacy Officer immediately using the details below. We will investigate your complaint and endeavour to provide a response within 30 days. If you are not satisfied with our response, you may refer the matter to the Office of the Australian Information Commissioner (OAIC). 10. Contacting Our Privacy Officer All requests regarding access, correction, complaints, or questions about this Policy should be directed to: | Role: | Privacy Officer | | Director | :Nash Balaghee | | Email: | info@finoptis.net | 11. Policy Updates We may update this Privacy Policy from time to time. The latest version will always be posted on our website.