Disclaimer | Privacy | Data Security

AdvisorCorp Legal Disclaimer

The information provided on this website is intended for general guidance purposes only and does not constitute professional advice. The application and impact of laws, rules, and regulations can vary significantly depending on the specific circumstances involved. Due to the evolving nature of laws, as well as potential delays, omissions, or inaccuracies arising from electronic communication, the information on this site may not be entirely accurate or up-to-date.

By accessing and using this website, you acknowledge that the content authors and publishers are not providing accounting, tax, mortgage broking, legal, finance, or any other professional services. This website's content should not replace consultations with qualified professional advisors. We recommend seeking advice from an AdvisorCorp professional before making decisions or taking action based on the information provided on this site.

AdvisorCorp has taken reasonable efforts to ensure that the information on this site is obtained from reliable sources. However, we do not guarantee the information's completeness, accuracy, or timeliness, nor do we guarantee the results obtained from using this information. The site's content is provided "as is," without any warranties, express or implied, including but not limited to performance, merchantability, and fitness for a particular purpose.

Under no circumstances shall AdvisorCorp, its affiliated entities, partners, agents, or employees be held liable for any decision made or action taken based on the information on this site, nor for any consequential, special, or similar damages, even if advised of the possibility of such damages.

This website may contain links to third-party websites that are not controlled or maintained by AdvisorCorp. We do not endorse or make any representations regarding the accuracy or any other aspect of the information contained in these external websites.

AdvisorCorp Privacy Policy

Who are we?

'We', 'us' and 'our' refer to AdvisorCorp Pty Ltd ACN 611 218 556, along with our subsidiaries and related businesses.

Our commitment to protecting your privacy

We acknowledge the importance of protecting your personal information. This policy outlines our commitment in respect of the personal information we hold about you and what we do with that information. We are committed to abiding by the Australian Privacy Principles for the protection of personal information, as set out in the Privacy Act 1988 (Cth) and any other relevant law.

Personal information

Personal information refers to information or an opinion about you from which your identity is reasonably ascertainable. This information may include but is not limited to, details such as your name, address, email address, phone numbers, tax file numbers (TFNs), financial information, and employment history.

Why do we collect your personal information?

We collect personal information for various purposes, such as to evaluate your application for finance, manage your finance, prepare your tax returns, and for direct marketing purposes. We may also offer you other products and services from time to time.

How do we collect your personal information?

Where reasonable and practical, we collect your personal information directly from you. We may also collect your personal information from credit reporting bodies, finance brokers, and other people such as accountants and lawyers.

Do we disclose your personal information?

We may disclose your personal information to various entities as outlined in our full privacy policy document. We will take reasonable steps to ensure that any person or organisation to whom we disclose your personal information is committed to protecting your privacy and complies with the Australian Privacy Principles, or is authorised by law to receive this information.

Direct marketing

We may use your personal information to provide you with information about offers, promotions, goods or services, which we believe may be of interest to you. You can opt out of receiving such information at any time.

Government identifiers

When we collect government identifiers, such as your TFN, we do not use or disclose this information other than as required by law or unless you have voluntarily agreed to the disclosure.

Sensitive information

We will only collect sensitive information about you with your consent and where it is reasonably necessary for our functions, like servicing a client's needs or internal management.

Security of your personal information

We will take reasonable steps to protect your personal information, stored in both digital and hard copy form, from misuse, interference, loss, unauthorised access, modification or disclosure.

Opting out

You may opt out of receiving marketing communications from us at any time by contacting us at marketing@advisorcorp.com.au.

Changes to the privacy policy

We keep our privacy policy under regular review and place any updates on our website. It is your responsibility to keep us informed if your personal data changes during your relationship with us.

Complaints

If you believe that we have not complied with our obligations under the Privacy Act, you have a right to lodge a complaint with us, and if unsatisfied with our resolution, with the Office of the Australian Information Commissioner (OAIC).

For further information about how we manage your personal information, please contact us at compliance@advisorcorp.com.au.

Please note: This privacy policy might not include all the rights and obligations under the Privacy Act. For a more comprehensive understanding of your rights and our obligations in respect of your personal information, please refer to the Australian Privacy Principles as set out in the Privacy Act 1988 (Cth).

AdvisorCorp Data Security

At AdvisorCorp, we take data security very seriously. We understand that our customers trust us with sensitive information, and we are committed to keeping that information safe and secure. Here's how we ensure your data is protected:

Encryption: We use industry-standard encryption to protect your data in transit and at rest. This means that your data is protected by a complex algorithm that makes it extremely difficult for unauthorised parties to access.
Access controls: We have strict access controls in place to limit who can access your data. Our employees and contractors are only given access to the information they need to perform their job duties, and we regularly audit and monitor access logs to ensure that everything is secure.
Monitoring: We continuously monitor our systems for any suspicious activity or attempts to access unauthorised data. This allows us to quickly identify and respond to any potential threats.
Compliance: We comply with all relevant data protection laws and regulations, and regularly review and update our policies and procedures to ensure that we are following best practices.

At AdvisorCorp, we understand that data security is essential to maintaining your trust and confidence in us. Rest assured that we take every possible measure to protect your data and keep it safe.

AdvisorCorp CRM 'Salestrekker' Data Security

The Salestrekker team is committed to taking care of any data entered in our application or stored on our servers.

Our measures can be summarised as follows:

Application design and system architecture
Security monitoring and scanning
Management processes and accreditations

Application design and system architecture

Salestrekker is hosted on Amazon's AWS infrastructure in the Asia Pacific (Sydney) Region. AWS provides industry-standard data protection.
We hold documents in AWS S3 buckets, which utilise AES-256 encryption for data at rest and limited encrypted access.
Databases are hosted on AWS EC2 servers with storage encrypted utilising AWS algorithms.
Access to these servers is limited via SSH encrypted communication protocol and 1024-bit keys.
The Salestrekker application utilises TLS 1.2 and 1.3 encryption.
Application servers are protected using AWS firewalls and additional firewalls within the servers.

Security monitoring and scanning

Fail2Ban scanning actively monitors log files blocking access to all suspicious connections.
A dedicated Qualys Vulnerability Management and Web Application Scanning server continuously scans all Salestrekker servers and monitors application and architecture security.
Utilising Qualys, we perform regular system scans to establish compliance with various standards, such as PCI DSS and APRA's CPG 234 (Note: We are not currently certified under PCI DSS or CPG 234 standards).
We undertake annual independent penetration tests to ensure third-party checks of our application and architecture security.

Management processes and accreditations

Salestrekker has an ISMS comprising policy, procedures, risk management, training, system monitoring, incident management and continuous improvement management processes.
We have obtained SOC 2 Type II accreditation, certifying our existing management practices and monitoring their upkeep.
We are committed to obtaining other industry-relevant security certifications in the future (e.g. PCI DSS).
APRA-regulated banks regularly audit our data security and management processes.

The Salestrekker Privacy Policy deals with other aspects of data handling.

Effect of Policies

AdvisorCorp operates within a constantly evolving business landscape, and we strive to keep our policies up-to-date through annual reviews. We reserve the right to modify this privacy policy at any moment by posting the revised version on our website. The updated policy will be effective between us, regardless of whether we have provided specific notice of any changes.

The latest update to these policies was made on May 12, 2023.