BTR BULLION PTY LTD – PRIVACY POLICY

Quick overview

• We collect information you provide to us and information we gather when we interact with you
• We use this information to provide our services and improve your experience
• We protect your information using secure systems and processes
• You have rights regarding your personal information, including access and correction rights

Information we collect

Basic identity and contact details

• Name, address, email address and phone number
• Date of birth
• Professional details

Identity and address verification information

• Passport details
• Driver's licence details
• Other documents relating to ID verification

Service related information

• Payment and transaction details for products and services you've purchased from us or enquiries about our products and services
• Your preferences for our services and your marketing preferences
• Feedback and survey responses
• Account login credentials

Digital information

• IP address for security purposes
• Basic server logs for website functionality

Recordings

• Call recordings
• Records of meetings and decisions

How we collect personal information

• Directly from you when you: interact with us, complete identity verification or compliance checks, contact us, fill out forms.
• Automatically when you: visit our website, use our technologies, interact with our online services.
• From third parties: service providers, identity verification and compliance service providers, business partners, public sources, government organisations and organisations or people authorised by you.
• From publicly available sources: such as ASIC and other regulatory bodies and professional networking sites such as LinkedIn.

Why we collect, hold, use and disclose personal information

We collect and use your personal information to run our business and provide our services as set out below.

Business operations

• To manage our relationship with you as a customer or supplier
• To process and deliver our products and services
• To handle your inquiries, support requests, and communications
• To maintain accurate records for billing and administration
• To comply with AML/CTF laws and regulatory obligations
• To verify your identity when required or permitted by law including through identity verification services such as the Document Verification Service (DVS) and other verification methods. Information about approved identity verification facilities is available at www.idmatch.gov.au.

Communication and support

• To respond to your questions and support requests
• To communicate important updates about our services
• To handle inquiries made through our website or platforms
• To manage your participation in surveys, feedback sessions, or events

Service improvement

• To conduct analytics and market research
• To improve our business operations and services
• To develop and enhance our applications and platforms
• To understand how our services are used

Marketing and promotions

• To send you promotional information about our services and events
• To inform you about products or services that may interest you
• To manage your marketing preferences
• To run competitions, promotions, and special offers
• To provide additional benefits to our customers

Employment purposes

• To assess employment applications
• To evaluate candidate qualifications
• To manage professional certifications and licences
• To maintain employment records

Legal and compliance

• To comply with our legal obligations
• To respond to court orders or legal processes
• To maintain required business records
• To fulfil regulatory requirements or reporting obligations
• To protect our legal rights and interests or as authorised by law

Our disclosures of personal information to third parties

We may disclose personal information to:

Service providers

• IT service providers
• Data storage providers
• Web hosting and server providers
• Payment processors
• Marketing and advertising providers
• Analytics providers
• Know Your Customer (KYC) service providers
• Identity verification service providers (including the Document Verification Service (DVS) and other identity verification methods)

Professional advisers

• Bankers
• Auditors
• Insurers and insurance brokers
• Legal advisers

Business partners

• Our existing or potential agents
• Our business partners or contractors

Corporate transactions

If we merge with or are acquired by another company, or sell our business assets:

• Your information may be disclosed to our advisers
• Your information may be disclosed to the potential purchaser's advisers
• Your information may be included in the transferred assets

Legal and regulatory bodies

• Courts and tribunals
• Regulatory authorities including as required for reporting obligations
• Law enforcement officers

Other parties

• Third parties that help us carry out the Service (for example, to complete credit checks, or complete payments)
• Third parties you have authorised
• Emergency services when necessary
• Any other parties as required or permitted by law

Overseas disclosure

Storage and access

We store your personal information in Australia. However, your information may be accessed from or transferred to locations outside Australia in these circumstances:

• When our service providers are located overseas
• When we work with overseas business partners
• When using cloud-based services or data storage solutions

Our approach to overseas disclosure

Before disclosing your personal information overseas, we take reasonable steps to ensure that the recipient treats your information in accordance with applicable law by only sending what is necessary, requiring recipients to protect your information through contractual agreements which require the recipient to comply with the privacy standards in applicable law or through other mechanisms that provide comparable safeguards and by monitoring how recipients handle your information.

Your privacy rights and choices

Providing information

You can choose whether to provide personal information to us, however, if you don't provide certain information, we may not be able to provide some services. Let us know if you don’t want to provide information and we will let you know when information is required versus optional.

Access to your information

You can request access to the personal information we hold about you and we will respond to your request within a reasonable time. We may charge a reasonable administrative fee for providing access and if we cannot provide access, we will explain why and explore alternative ways to share relevant information.

Correction rights

You can ask us to correct any information that is inaccurate, out of date, incomplete, irrelevant or misleading and we will take reasonable steps to correct your information promptly. If we cannot make the correction, we will explain why and discuss alternatives. You can ask us to add a statement to your information noting your requested correction.

Marketing communications

You can opt-out of receiving marketing communications at any time. Each marketing communication will include an unsubscribe option. You can change your marketing preferences by contacting us. We will process your request as soon as practicable.

How to contact us about your rights or to make a complaint and what happens next

Step 1: Contact our Privacy Officer

• Email: kylie@btrbullion.com.au
• Phone: 0416 240 675
• Post: Factory 6, 28 Enterprise Drive, ROWVILLE, VICTORIA 3178

What to include:

Your full name, contact details, clear details about your request or complaint, and any relevant dates or reference numbers.

Step 2: Our response

We will:

• Verify your identity before processing your request
• Investigate thoroughly (for complaints) or process your request (for rights)
• Respond to you in writing within reasonable timeframes and as required by law
• Explain what actions we will take and keep you updated on progress
• Not charge you for making a request (except for reasonable access fees if applicable)
• Help you understand and exercise your rights

Step 3: If you're not satisfied (complaints only)

If you're not satisfied with our response to your complaint, you can:

• Ask for a review by our senior management, or
• Contact external bodies:
• Australian residents: Office of the Australian Information Commissioner (Phone: 1300 363 992, Website: www.oaic.gov.au)

This is the same process whether you want to access your information, correct mistakes, change marketing preferences, or make a complaint about our privacy practices.

Protecting your information

We use multiple layers of security to protect your information.

Technical safeguards

• Enterprise-grade encryption for data storage and transmission
• Regular security testing and monitoring
• Automated threat detection systems

Operational security

• Staff training on security and privacy
• Strict access controls based on job requirements
• Regular security audits and incident response procedures testing

Physical security

• Secure premises with controlled access
• Secure disposal of physical documents
• Equipment security protocols

Public information

Please note that any information you choose to share publicly on online platforms (such as comments or reviews) can be accessed and used by others. We cannot control or protect information that you make publicly available.

How long we keep your information

We keep your personal information only as long as we need it for the purposes we collected it, or as required by law. When we no longer need it, we securely destroy or de-identify it.

Document Verification Service (DVS)

How we use the DVS: We use the DVS to verify the authenticity of certain identity documents provided to us and otherwise to provide our services to our clients. We will only collect personal information and use the DVS as required to provide our services, and in accordance with this Privacy Policy.

Your rights: Your rights regarding your personal information processed through the DVS are set out in the "Your privacy rights and choices" section of this Privacy Policy. This includes your rights to access, correct, and make complaints about how we handle your personal information.

Consequences of declining consent: Verification through the DVS is an essential part of our identity verification process and our ability to provide our services. If you choose not to consent to our use of the DVS to verify your identity documents, we may not be able to provide our services to you or complete your transaction.

Complaints: If you have any concerns about how we handle your personal information in relation to the DVS, you can lodge a complaint by contacting our Privacy Officer using the details provided in the "How to contact us about your rights or to make a complaint and what happens next" section of this Privacy Policy.

Cookies and Analytics

We do not currently use cookies, tracking pixels, or similar technologies on our website beyond what is necessary for website functionality and security.

Artificial Intelligence (AI) Technologies

Overview

We use artificial intelligence and machine learning technologies in our business operations and services, including AI tools provided by third parties. We only use these technologies when legally permitted and necessary for our business.

How we use AI

We may use AI technologies to:

• Conduct analysis and data processing
• Generate and modify content and coding
• Improve and optimise our services and operations
• Automate routine tasks and communications
• Personalise your experience with our services
• Support quality assurance processes
• Assist with customer support and queries

Data protection and security

When we work with third-party AI providers, we ensure they handle your personal information in accordance with privacy laws through contractual requirements and appropriate safeguards.

Your rights and our commitments

Any information generated or inferred about you by AI technologies is treated as personal information, and you maintain all the rights outlined in this privacy policy. When using AI with your personal information, we commit to:

Transparency and control

• We'll inform you when AI is used to make decisions that may significantly affect you
• We maintain human oversight and review of significant AI-generated decisions
• Our staff are trained to understand AI limitations and verify outputs before relying on them
• We implement processes to verify the accuracy of AI-generated outputs

Security

• We use appropriate technical and organisational measures to maintain the security and integrity of your personal information
• We regularly test and monitor AI outputs for accuracy and reliability

Risk mitigation

• We regularly assess and document risks associated with using AI to process personal information
• We implement appropriate measures to address these risks
• We continuously monitor AI performance and regularly review their impact

Amendments

We may update this policy at any time by posting the revised version on our website. We recommend that you review our website regularly to stay current with any policy changes.