Privacy Collection Statement

The extent of what the APSS Trustee can do with the personal member information it collects, holds and uses is set out in the latest Privacy Collection Statement

Privacy policy

PostSuper Pty Ltd (the Trustee), as Trustee of the Australia Post Superannuation Scheme (APSS), is bound by the Australian Privacy Principles in the Privacy Act 1988 (Cth) (the Privacy Act), as well as other applicable laws protecting privacy, including the Health Records Act 2001 (Vic) and the Health Records and Information Privacy Act 2002 (NSW).

The Trustee of the APSS has always been committed to protecting your privacy and confidentiality. This commitment continued with the introduction of the Australian Privacy Principles (APPs). The APPs set up a framework as to how personal information is to be handled. 'Personal information' is information or an opinion about an identified individual or an individual who is reasonably identifiable (whether the information or opinion is true or not). This Privacy Policy addresses how and why the Trustee handles the personal information of APSS members.

Below we provide you with a list of the APPs. A summary of the main elements that make up the APPs is available online at the Australian Information Commissioner website: www.oaic.gov.au.

The Trustee may modify or update its Privacy Policy from time to time by publishing it on the APSS website: www.apss.com.au. The Trustee encourages individuals to check the APSS website periodically to ensure that they are aware of the Trustee's current Privacy Policy.

This Policy will apply on and from 23 June 2017.

What personal information does the Trustee collect and why?

To properly meet your expectations as an APSS Member, the Trustee needs to collect, store and use personal information about you. For example, personal information would be relevant to determining whether a member is entitled to be paid a superannuation benefit out of the APSS and the amount of any benefit payable. Information about our members is also used in the development of the superannuation products we offer.

At a minimum, the personal information that we collect will include your name, address, date of birth, gender, salary, email address and tax file number (if provided). In some circumstances additional personal information may be collected — for example, health information in connection with a benefit claim you have made, or details of persons you may have nominated to be the beneficiaries of your superannuation benefit in the event of your death. If an individual chooses not to provide certain personal information to the Trustee, the Trustee may not be able to provide the individual with certain services or information.

How and when do we collect personal information?

Information is usually collected at the time you join the APSS. However, it is also collected when you make changes to your personal information (such as a change of address) and when you claim a benefit from the APSS, such as for total and permanent disablement.

Normally, the Trustee will receive your personal information from your employer, if it does not receive this information directly from you in your application documents and other communications with APSS. Personal information may also be passed to your employer in order to (for example) validate salary, leave history or next of kin details.

The Trustee may also collect personal information from various online sources, including social media, in order to investigate or validate information provided by members to the Trustee in the course of reviewing or assessing complaints or claims for total and permanent disablement or death benefits.

Who else receives your personal information?

The Trustee uses various agents to help it administer the APSS. Information collected by the Trustee may be passed to the APSS's agents, as needed, to enable them to properly perform their respective functions in relation to the APSS. These agents include the APSS's administrator and claims assessor, legal, actuarial, accounting, auditors, insurer, mail house and other professional advisers. All of these agents are under binding legal obligations to keep the information given to them secure and confidential and to deal with it only as authorised by the Trustee. Each agent is provided only with the personal information it reasonably requires in order to perform its services to the Trustee.

From time to time, the Trustee may also be required to disclose personal information regarding APSS members in order to comply with Australian laws which apply by virtue of the Trustee's role as the trustee of a superannuation fund. These include disclosures to regulatory bodies (including periodic reporting obligations) and to courts and tribunals.

The Trustee does not sell or otherwise disclose or pass on personal information about APSS members to any third parties, except to the extent and for the purposes explained in this Privacy Policy.

How do we hold personal information?

We may store your personal information in hard copy or electronic format (or both). Hard copies are stored onsite at the place of business of the Trustee (or the relevant agent performing services on behalf of the Trustee, if applicable), or offsite at a secure managed storage facility. Electronic data is stored offsite at a managed server facility.

The Trustee and its agents have in place various measures and policies aimed at ensuring an appropriate level of security and risk management in relation to your personal information. The measures which are implemented to manage the risk of improper use of your personal information include (but are not limited to) firewalls, anti-virus software, secure identity access management, restricting access permissions according to employee role, data encryption, staff awareness training and the use of segregated restricted access facilities.

The effectiveness of these security and risk management measures are tested in a number of ways, including periodic penetration testing and vulnerability assessments.

For each member of the APSS whose personal information we hold, we or our agents maintain a consolidated record of all such information.

When your personal information is no longer required for the purposes described in this Policy, reasonably practicable steps are taken to destroy it or de-identify it. Where this is not practicable, reasonable steps are taken to protect it against loss, unauthorised access, use, modification or disclosure, or other misuse.

Collection and retention of sensitive information

In the course of performing its role as Trustee of the APSS, the Trustee may come into possession of sensitive information about you. Sensitive information is a type of personal information and includes health or medical information, racial or ethnic origin, religious or philosophical beliefs or affiliations, and sexual orientation. The Trustee collects, holds and discloses your sensitive information only to the extent reasonably necessary for it to perform its role as Trustee of the APSS. The APPs include a list of very limited circumstances in which your sensitive information can be gathered without your express consent.

Accessing, updating and correcting personal information

Generally speaking, you can access the personal information about you which the APSS holds. In some circumstances it may not be possible for the Trustee to provide you with all of your personal information, or an exemption under the Privacy Act may apply which excuses the Trustee from providing it to you (for example, where giving access would be unlawful, or where the request for access is frivolous or vexatious). Where this is the case, the Trustee will tell you why.

You also have a right to request corrections to your personal information held by the Trustee.

If you wish to access any personal information that the Trustee holds about you, or you think that any of that information is inaccurate, incomplete or no longer up-to-date, you may contact the Trustee by calling 1300 360 373. Alternatively, you can complete an online e-form, available from www.apss.com.au. The Trustee will take reasonable steps to provide that information, or ensure that the information is corrected, as applicable. When you request access or changes to personal information, the Trustee (or its agent) may need to take measures to verify your identity before providing or updating such information.

The APSS aims to have the personal information it collects and uses as accurate and as up-to date as reasonably possible, which is why the Trustee encourages you to keep your personal information up-to-date.

Complaints handling

If you wish to make a complaint about the way the Trustee has handled your personal information (including if you think the Trustee has breached the APPs or another part of the Privacy Act) you may do so by contacting the Trustee in writing at the address set out at the end of this Privacy Policy. If a complaint is made, please include contact details such as name, contact email, address and telephone number, and clearly describe the complaint. The Trustee's Privacy Officer will investigate the complaint and respond promptly. If you consider that the Trustee has failed to resolve the complaint satisfactorily, you may be able to complain to the Office of the Australian Information Commissioner or to the Superannuation Complaints Tribunal.

If you would like to access and/or correct your information please contact the Trustee in writing at the address set out at the end of this Privacy Policy or by calling 1300 360 373. This is also the number you should call with any general inquiries regarding the privacy of your personal information.

Cross-border disclosures

In the course of its administration of the APSS, the Trustee or its agents may disclose your personal information to recipients that are located outside Australia.

The Trustee’s benefits administrator may disclose personal information to its overseas offices located in India and the Philippines and the Trustee’s Insurer - MetLife Insurance may disclose personal information to its overseas offices in Malaysia and Hong Kong.

The Trustee’s auditors KPMG and EY may also disclose personal information to their overseas entities. For a full list of countries where the information may be shared, this can be found in their respective privacy policies:

KPMG: https://home.kpmg.com/au/en/home/misc/privacy.html

EY: http://www.ey.com/au/en/about-us/privacy-policy-statement

Australian Privacy Principles (APPs)

Below is a list of the APPs. The full text version of the APPs is available online at the website of the Office of the Australian Information Commissioner: www.oaic.gov.au.
  • APP 1 - open and transparent management of personal information
  • APP 2 - anonymity and pseudonymity
  • APP 3 - collection of solicited personal information
  • APP 4 - dealing with unsolicited personal information
  • APP 5 - notification of the collection of personal information
  • APP 6 - use and disclosure of personal information
  • APP 7 - direct marketing
  • APP 8 - cross-border disclosures
  • APP 9 - adoption, use or disclosure of government related identifiers
  • APP 10 - quality of personal information
  • APP 11 - security of personal information
  • APP 12 - access to personal information
  • APP 13 - correction of personal information

Changes to the Privacy Policy

APSS may change its Privacy Policy from time to time and changes to the Policy will be updated on the APSS website at www.apss.com.au.

Further Information
For further information about the Trustee's privacy policies or practices, or for inquiries or complaints regarding access to or correction of personal information about you held by the APSS, please contact the Trustee's Privacy Officer by writing to:
Attention: Privacy Officer
Australia Post Superannuation Scheme
Locked Bag A5005
Sydney South NSW 1235