Privacy Policy

  1. About

    This Policy is effective from 7th August 2023This Privacy Policy has been adopted by MB+M Pty Ltd (ABN 67 163 906 876), MB+M Financial Planners Pty Ltd (ABN 85 074 874 123) “MBM Group”, “we”, “us” and “our” including any corporate entity owned or controlled by this company.This Privacy Policy relates to any personal information that we collect, hold, disclose and/or use via and any of our related terms and conditions, email address or account, portals, website, social media page, internal website or intranet (“Websites”) or applications (“Applications”) or by us in any other manner. By providing personal information to us, or dealing with or interacting with us, you consent to our collection, use and disclosure of your personal information in accordance with this Privacy Policy. We reserve the right to make amendments to this Privacy Policy at any time and will make available to you details of the changes we make upon your request. We do suggest that you check this Privacy Policy periodically. Your continued use of the service after we post any modifications to this Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.

  2. Commitment

    As responsible data custodians we are committed to protecting your personal information. This Privacy Policy outlines how we collect, use, store and disclose your personal information in accordance with the Australian Privacy Principles 2014 (APPs) established under the Privacy Act 1988 (Privacy Act). You can obtain further information regarding the APPs and your privacy rights at the Office of the Australian Information Commissioner (OAIC) at

  3. What kinds of Personal or sensitive information do we collect and hold?

    Personal Information

    Throughout this Privacy Policy we refer to “Personal Information” which is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not.

    Sensitive Information

    “Sensitive Information” is a subset of Personal Information, and includes information or an opinion about a person’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, or health, genetic or biometric information.The type of information we may collect depends on your dealings with us and may include without limitation:

    • Name, contact details – e.g. your Delivery Address, registered address and/or billing address, contact phone number/s, email addresses.
    • Identification information – e.g. your tax file number, driver’s licence; passport, date of birth
    • Employment information – e.g. current and historical;
    • Financial information – e.g. credit card details, bank accounts, shareholdings, loans;
    • Financial circumstances – e.g. assets and liabilities, credit reporting, income, expenditure, insurance, superannuation;
    • Company name and details;
    • Individual preferences;
    • Trade references;
    • Your signature;
    • Your IP address;
    • Health information;
    • Gender; and
    • Information provided to us via client surveys.

    We may also combine your personal information with other information to provide and improve our products, services, content, and/or advertising.

    You are not required to provide the personal information that we have requested, but, if you choose not to do so, in many cases we will not be able to provide you with our products or services or respond to any queries you may have. You may be able to deal with us without identifying yourself (for example anonymously or by using a pseudonym) in certain circumstances. Please be aware that this may not be possible for example where we need to identify you for legal purposes or if it is impracticable to do so.

    We collect only personal information that is reasonably necessary for, or directly related to, our functions or activities. The nature and extent of personal information we collect and hold will vary depending on a person’s particular relationship and interaction with us.

    We will not collect Sensitive Information unless the person to whom it relates consents to the collection of that information, for example you provide certain health information that is sensitive in nature, and the information is reasonably necessary for one or more of our functions or activities, except where the collection is required or authorised by law, is necessary to prevent or lessen a serious and imminent threat to the person’s (or another person’s) life or health, or is necessary in relation to legal proceedings (current, anticipated or potential), or another permitted exception in the Privacy Act applies.

  4. How do we collect personal information?

    We may collect personal information from you or from third parties by:


    • Providing your information for the purpose of us providing you services including the entering into of any agreement as a customer or otherwise;
    • By communicating with us directly such as having face-to-face meetings and telephone discussions with you;
    • Asking you to complete client questionnaires;
    • You communicating with us through correspondence such as emails or letters or to obtain a quotation for our services; and
    • When you apply for a position with us such as emailing any resume to our office that may contain Personal Information.


    • You using our website and interacting with our social media sites;
    • Conferring with third parties such as financiers or the Australian Taxation Office on your behalf;
    • Using “cookies” or other similar tracking technologies on our website that track website usage, preferences and personal account information. For example, we may collect information about matters including but not limited to the date, time and duration of visits and which pages of a Website or Application are most commonly accessed. This information is generally not linked to the identity of visitors, except where a Website or Application is accessed via links in an email or another electronic message we have sent or where we are able to uniquely identify the device or user accessing a Website or Application, such as when you are logged into an account; and
    • Requesting information from a publicly available source.

    Public sources:

    When you use some of our services, or applications or post on a social networking service such as Instagram or Facebook, the personal information and content you share is visible to other users and can be read, collected, or used by them and us. For example, if your name or email address is contained in a public post, that information is then public and can be collected by us.

    Combining/linking Personal Information

    Other than as referred to elsewhere in this Policy, we will not facilitate the merging of personally identifiable information with non-personally identifiable information without prior user consent to that merger to optimise our Website and Website marketing. For example, we may collate Personal Information data and aggregate data for the purpose of comparing marketing costs with revenue on a transactional basis.

    Passive collection of information – Direct Marketing and Behavioural Advertising
    • As you navigate through any Websites and access any Applications, certain information can be passively collected (that is, gathered without you actively providing the information) using various technologies, such as cookies, Internet tags or web beacons, and navigational data collection (log files, server logs, and clickstream data).
    • For example, we may collect information about matters including but not limited to the date, time and duration of visits and which pages of a Website or Application are most commonly accessed. This information is generally not linked to the identity of visitors, except where a Website or Application is accessed via links in an email or another electronic message we have sent or where we are able to uniquely identify the device or user accessing a Website or Application, such as when you are logged into an account.
    • We may share hashed portions of your information with certain strategic partners to make our business more responsive to your interests and/or those of like-minded consumers. For example, we may aggregate your email address together with the email addresses of others who place enquiries on any Website, locally hash such data, and transmit the resulting hashed data to third parties including but not limited to Facebook/LinkedIn/Google for the purpose of creating “Custom Audiences” (where targeted ads are sent to people on Facebook who have already been on our Website), and “Lookalike Audiences” (where targeted ads are sent to people on Facebook/LinkedIn/Google who have similar characteristics to people on our Custom Audience list).
    • Where we use Personal Information for promotional or direct marketing purposes, a person may at any time request us to not use their Personal Information for sending direct marketing material to that person including if you wish to opt-out of the use of certain hashed portions of your Personal Information. Such a request can be made by contacting us either in writing, by email or by telephone at the contact details below in this Policy. There is no fee for making such a request.
    • Direct marketing can include for example: Displaying an advertisement on a social media site that an individual is logged into, using Personal Information, including data collected by cookies relating to websites the individual has viewed.
    Cookies & Web Beacons
    • We may use cookies on our Websites. Cookies are text files placed in your computer’s browser to store your preferences. Cookies, by themselves, do not tell us your e-mail address or other personally identifiable information. However, once you choose to furnish the Websites with personally identifiable information, this information may be linked to the data stored in the cookie.
    • We may use web beacons on the Websites from time to time. Web beacons or clear .gifs are small pieces of code placed on a web page to monitor the behaviour and collect data about the visitors viewing a web page. For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page.
  5. The purposes for which we collect, hold and use personal information

    We collect, hold and use personal information in various ways in the course of conducting our business, to provide and improve our services, content, and advertising including for the purposes of:

    • Contacting persons interested or enquiring about our services
    • Providing our services to clients for example providing you with financial advice;
    • Contacting persons via email with updates
    • Interaction with clients or persons who utilise our Website
    • Preparing tax returns and financial accounts; and
    • Liaising with third parties on your behalf such as financial institutions, government organisations, insurance;
    • To better understand your needs, enabling us to improve our services;
    • To make improvements to our website to enhance the user experience; and/or
    • Promotional and marketing activities.
  6. The purposes for which we disclose information

    We may disclose your personal information for the following purposes:

    • To enable you to access and use our services, and in turn provide our services to you;
    • To provide you with direct marketing materials that may be of interest to you such as articles or product brochures or correspondence from our business partners;
    • For purposes that you consent to such disclosure or for a related purpose where you would reasonably expect such disclosure; and/or
    • Any circumstance otherwise authorised by the APPs and/or the Privacy Act.

    Where we receive your personal information and we did not solicit the information we will do our best to notify you of our receipt of your personal information within a reasonable time. If we determine that we could not have received the information under the APP we will use our best endeavours to destroy the information. We may use or disclose the information to make such a determination.

    We will only use sensitive information for the primary purpose it was obtained for or for a secondary purpose that is directly related to the primary purpose (or where otherwise required by law).

    We may disclose your information to our related companies, service providers and specialist advisers who have been contracted with administrative or other services, insurers, credit providers, a person authorised by you to access the information. We may also disclose personal information to others if required to do so by law. For example, we may disclose your personal and sensitive information to trusted third parties, including the following entities (without limitation):

    • Our representatives, advisers, employees, dealers, agents and related bodies corporate;
    • third party suppliers and service providers such as the providers for the operation of our website or business services;
    • The Australian Taxation Office (ATO) to meet ongoing compliance;
    • The Australian Securities & Investments Commission (ASIC) on request to meet ongoing compliance, mandatory professional standards and other legal obligations;
    • Specific third parties authorised by you to receive information held by us; and
    • As required by law or directed by legal decision/process; and/or
    • Any industry body, tribunal, court or otherwise connected with any complaint regarding our services.

    We or third parties may disclose your personal information to overseas recipients, which may occur for example where personal information is disclosed to an entity which is an overseas recipient by virtue of the personal information being stored on a third party’s software or cloud based service or where any personal information is published by us on the internet, whether intentionally or not, and it is accessible to an overseas recipient. Disclosure to overseas recipients may also occur where for example we emailed or sent a document to an overseas client that contained an individual’s personal information.

    We do not sell, publish or give away your information to any other party where the information could be linked to you without your prior consent. As set out above, when you use some of our services, applications or post on a social networking service such as Instagram, Facebook, Twitter or LinkedIn, if your name, suburb or email address is contained in a public post or perhaps your personal preferences set out in a review of our products and services or in relation to us, that information is then public and can be collected and disclosed by us.

  7. How we hold information and Security

    How we hold information

    We hold Personal Information electronically and may in hard copy form, both at our own premises and with the assistance of third-party service providers. Data may be collected, processed and stored using third-party software that is to the best of our knowledge secure and confidential. We may retain the information you provide to us including your contact details to enable us to verify transactions and customer details and to retain adequate records for legal and accounting purposes. This information is held on secure servers in controlled facilities.


    We take our security obligations seriously and your personal information is regarded as confidential and may be held in both hard copy and/or electronic versions. We will take all reasonable steps to safeguard your information so that it is not misused, lost, modified, accessed by unauthorised persons or disclosed without authorisation. We act to safeguard the security and privacy of your information, whether you interact with us personally, by telephone, mail, over the internet or other electronic medium. We strive to take reasonable steps to protect the information we hold from misuse, interference, loss and unauthorised access modification or disclosure, however we cannot guarantee its absolute security. We may store information both in hard copy paper form and in soft copy electronic form. Where the information is of a sensitive nature, we will take particular steps to secure the information. In certain circumstances we may use third party storage providers such as cloud storage and back-ups to hold information that is stored in soft copy electronic form. Our website may contain links to external websites operated by third parties. The privacy polices of these other websites may not accord with this Privacy Policy and we cannot be held responsible and do not have control of the use of your personal information by these third parties.

    As responsible data custodians, any breach of this Privacy Policy by our employees, contractors, consultants, partners and any other entity that at our direction have access to your personal information will invoke disciplinary and possible legal action against the offending party.

    When your information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your personal information. However most personal information is stored in client files which will be kept for a minimum as required by law.

  8. Controlling Your Personal and Sensitive Information

    You have a right to access your personal information, subject to exceptions allowed by law. If you would like to do so, please provide us with a request in writing to the contact details listed below. We will take reasonable steps to ensure the accuracy and completeness of the Personal Information we hold. However, if at any time you believe that information we hold about you is incomplete, inaccurate, irrelevant, misleading or not up-to-date, please contact us in writing via our contact details below and we will take reasonable steps to correct the information in accordance with the Privacy Act. We will grant a person access and/or make any corrections to their Personal Information that may be necessary from time to time as soon as possible, subject to the circumstances of the request. Verification of identity is required with a request to access (or update) Personal Information so that we can ensure your Personal Information is disclosed only to you. Freedom of Information Act 1982 (Cth)An individual may also have the right under the Freedom of Information Act 1982 (Cth) to request access to documents that we hold and ask for information that we hold about that person to be changed or annotated if it is incomplete, incorrect, out-of-date or misleading.

  9. Complaints and Inquiries

    If you have a complaint regarding for example the way we have handled your information, about a breach of the Australian Privacy Principles, or have any questions about this Privacy Policy, or your personal information, please contact us by via the contact details below. Please make sure to include your name and return contact details with any inquiry. We will make an assessment of the complaint or inquiry and will endeavor to respond to your complaint or inquiry within a reasonable period from when it is received. Any further action following this initial response will vary depending on the nature of the complaint or inquiry. If necessary, a complaint may be taken to the Office of the Australian Information Commissioner (OAIC) or to another review body if an external review is required.

    If you are not satisfied with our response to your complaint or inquiry you can contact the Office of the OAIC at

  10. Our contact details

    Attention: Privacy officer
    Postal address: PO Box 400, SHEPPARTON VIC 3632
    Phone: 03 5821 9177