Boyce Chartered Accountants and any entity owned or controlled by Boyce Chartered Accountants or within the Boyce Chartered Accountants Group (together “Boyce Chartered Accountants”) are committed to protecting your privacy and handling personal, sensitive and special categories of information in an open and transparent way.
- Please note that if at any time Boyce Chartered Accountants is required by law to release information about you or your organisation, Boyce Chartered Accountants must cooperate fully.
- Collection of personal information
Boyce Chartered Accountants collects and holds personal information from clients, customers, employees, contractors and other individuals. We collect and hold this information when it is necessary for business purposes.
The main types of information collected and held by Boyce Chartered Accountants relate to the contact details and organisation roles of our clients, suppliers and other business contacts. Typically this information includes names, addresses, telephone numbers, email addresses and job titles.
We collect most information directly from individuals when we deal with them. The personal information collected may be provided in forms filled out by individuals, face to face meetings, email messages or telephone conversations. If you contact us, we may keep a record of that contact.
There may be some instances where personal information about you will be collected indirectly, for instance if you put us in contact with other service providers or we collect information about you from a government information service (eg the Australian Tax Office).
In the course of providing professional services to our clients, we may also collect sensitive and special categories of personal information. Sensitive information we may collect includes health information and information about racial or ethnic origins. Special categories of information we may collect include tax file numbers, financial details, and credit information.
If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the services you, or they, are seeking.
- How we may use your personal information
The main purposes for which Boyce Chartered Accountants collect, hold and use personal information are:
- To provide you with our professional services;
- To respond to an individual’s request;
- To maintain contact with clients;
- To keep clients and other contacts informed of the services we offer and industry developments or legislative changes that may be of interest to them, and to notify them of service offerings, seminars and other events we may be holding;
- For general management and reporting purposes such as invoicing and account management;
- As otherwise required or authorised by law; and
- For recruitment purposes;
- Other purposes related to our business.
Boyce Chartered Accountants also uses your personal information to send you information such as marketing or resource information (either by email or post). You may elect at any time to no longer receive such information by writing to the Privacy Officer, Boyce Chartered Accountants PO Box 1100 Dubbo NSW 2830 or by emailing us at email@example.com.
Alternatively, if we have contacted you by email, you may use the unsubscribe function in that email to notify us that you do not want to receive further marketing or resource information from us by email.
- Disclosure of personal information
Generally, Boyce Chartered Accountants only use or disclose personal information about you for the purposes for which it was collected as described in this document and for the specific purposes listed below:
- If it is necessary to provide you with a service or product which you have requested;
- If it is necessary to protect the rights, property or personal safety of any member of the public or a client of Boyce Chartered Accountants or the interests of Boyce Chartered Accountants;
- If some or all of the assets or operations of Boyce Chartered Accountants may be transferred to another party as part of the sale of some or all of Boyce Chartered Accountants’ business, in which case permission would be sought from all of our clients to pass on any information;
- If you give your consent; or
- If such disclosure is otherwise required or permitted by law, regulation, rule or professional standard.
Boyce Chartered Accountants may also share non-personal, non-identifiable and aggregated information for research or promotional purposes. Except as set out in this policy we do not sell or trade personal information with third parties.
- Privacy on our websites and applications
In order to properly manage our websites and applications we may log certain statistics about users of the facilities, for example software versions used, device identifiers (IP address), location data, dates, times, file metadata, referring website, data entered and user activity such as links clicked. This information does not specifically identify an individual and is used solely to ensure our website and applications present the best possible navigational experience for users.
- Security of personal information
We implement a range of measures to protect the security of your personal information and protect it from interference, misuse, loss, unauthorised access, modification or disclosure, including electronic and physical security measures. We also take measures in respect of destroying or de-identifying personal information that is no longer required for any business or legal purpose.
Boyce Chartered Accountants has team members and contractors based overseas who have secure remote access to your personal information held in Boyce systems. Boyce has employees and/or contractors in Australia, New Zealand and the Philippines.
Boyce complies with Australian Privacy Principles (APP’s) including APP 8 that requires Boyce to take reasonable steps to ensure that there is no breach by the overseas recipient of the APP’s.
In addition, Boyce Chartered Accountants may also use facilities or contractors, both onshore and offshore to provide certain services to us. As a result, we may at times be required to disclose, store or transfer your personal information to those facilities or contractors. This may include:
- Email services with locations in the United States.
- Practice management, financial statement and income tax return preparation software with support staff located in New Zealand (ReckonAPS).
- Practice management, financial statement and income tax return preparation software with data stored in the United States (Xero). Xero support staff for Australia are based in Australia and New Zealand.
- Proposal, engagement letter and billing software with data stored in the United States (Ignition). Ignition’s staff for Australia are based in Australia.
- Development and support of Boyce Management Insights (BMI) with contractors located in India.
- Microsoft Teams which we use for internal communication where chat data may be stored in the Asia Pacific region, including Hong Kong, Japan, Malaysia, Singapore and South Korea
These locations and providers will change from time to time at which point this policy will be updated.
You consent to the disclosure of your personal information to the overseas facilities, contractors and employees on this basis. Any such disclosure or transfer of information does not change any of our commitments to safeguard your privacy and the information remains subject to existing privacy and confidentiality obligations.
- Data breach notification
We acknowledge the introduction of the mandatory data breach notification scheme which commenced on 22 February 2018. In the event of an ‘eligible data breach’ we will promptly notify the Office of the Australian Information Commission and any affected or at risk individuals. Generally speaking, this would be when we have reasonable grounds to believe that there has been unauthorised access or disclosure of personal information, or that the information has been lost in a way that is likely to give rise to unauthorised access or disclosure and where there is a likely risk of serious harm as a result of the unauthorised access or disclosure.
If we notify you of a breach, where possible we will provide recommendations as to the steps you should take regarding the breach.
There are a number of exceptions that apply in relation to our obligation to notify you of an eligible data breach. These include where we have taken sufficient remedial action before any serious harm is caused.
- Procedures for access, correction and feedback
We will provide access to personal information upon request by an individual except in limited circumstances prescribed by the Privacy Act 1988 (Cth), for example where granting access would infringe another person’s privacy.
If you make a request to access personal information we may require that you provide some form of identification such as a driver’s licence or passport so that we can verify that you are the person to whom the information relates.
If at any time you want to know what personal information we hold about you, you may contact us by writing to: The Privacy Officer, Boyce Chartered Accountants, PO Box 1100, Dubbo NSW 2830, or emailing us at firstname.lastname@example.org.
If you believe that the information we hold about you is incorrect, incomplete or out of date, or if you have concerns about how we are handling your personal information, please contact us and we will try to resolve your concerns.
If we refuse to correct your personal information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.
Privacy | Quality Control Officer
Boyce Chartered Accountants
P: 02 6884 6499
Additional Privacy Information
Further information on privacy in Australia may be obtained by visiting the website of the Office of the Australian Information Commissioner at www.privacy.gov.au.
Updated 7 October 2021