Privacy Policy

North Advisory Pty Ltd

ABN 82 632 119 263
Privacy Policy
Effective from 01 July 2026

 

1. About this policy

North Advisory Pty Ltd (ABN 82 632 119 263) (we, us, our) is a chartered accounting, tax and advisory firm based in Dee Why, New South Wales. We are committed to protecting your personal information and complying with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This policy explains the kinds of personal information we collect and hold, how and why we collect, hold, use and disclose it, how you can access and correct it, and how to make a privacy complaint. It applies to personal information we handle about clients, prospective clients, the individuals associated with our clients (such as directors, trustees, beneficial owners and authorised representatives), suppliers and contacts.

2. The kinds of personal information we collect and hold

Depending on our relationship with you, we may collect and hold:

  • identity and contact details – name, date of birth, residential and postal address, email, phone, and identifiers such as a tax file number, ABN, passport or driver licence number;
  • financial and tax information – income, assets, liabilities, accounting records, bank and transaction details, superannuation and SMSF information, and structuring and entity details;
  • information needed to meet our anti-money laundering obligations – identity verification details, beneficial ownership and control information, and the results of politically exposed person, sanctions and adverse media screening; and
  • records of our dealings with you, including correspondence and file notes.

Sensitive information. Some information we collect is sensitive information under the Privacy Act (for example, information about membership of a political or professional association collected to confirm your occupation or to screen for politically exposed person status). We collect sensitive information only where it is reasonably necessary for our functions and where permitted by law, including where required by the AML/CTF Act.

3. How we collect personal information

We generally collect personal information directly from you – for example when you engage us, complete forms, or correspond with us. Where it is reasonable and practicable we will collect it from you directly. We may also collect personal information:

  • from our identity verification provider (currently Ignition Compliance), which verifies identity electronically;
  • from public registers and records, such as ABN Lookup, ASIC and land registries;
  • from third parties you authorise us to deal with, such as the ATO, banks, lenders, brokers, financial advisers and your other professional advisers; and
  • through our website, which uses Google Analytics and the Meta (Facebook) Pixel to understand how visitors use the site. Most browsers let you manage or refuse cookies.
4. Why we collect, hold, use and disclose personal information

We collect, hold, use and disclose personal information to:

  • provide accounting, tax, compliance, SMSF and advisory services;
  • verify your identity and meet our customer due diligence, reporting and record-keeping obligations under the AML/CTF Act;
  • communicate with you and manage our engagement and our relationship with you;
  • meet our legal, regulatory and professional obligations; and
  • manage our business, including billing, quality review and risk management.
5. Customer due diligence and AML/CTF

As a reporting entity under the AML/CTF Act, we are required to collect and verify identity and beneficial ownership information before providing certain services, to assess and monitor money laundering and terrorism financing risk, to make reports required by law, and to keep records. Where the law requires it, we may make reports or disclosures to regulatory authorities (such as AUSTRAC) without notifying you, and we may be prohibited from telling you that a report or disclosure has been made. We do not store copies of your identity documents; verification is carried out through our identity verification provider and the verification outcome is recorded in our practice systems.

6. Who we disclose personal information to

We may disclose personal information to:

  • our outsourced and cloud service providers, including those listed in our engagement terms (for example Xero, MYOB, Suitefiles, Ignition and Ignition Compliance, BGL Simple Fund 360, NowInfinity and Microsoft Office 365);
    regulatory and government bodies where required or authorised by law, including the ATO, AUSTRAC and the Tax Practitioners Board;
  • our professional advisers, insurers, and Chartered Accountants Australia and New Zealand as part of its quality review program;
    third parties you authorise us to deal with; and
  • a purchaser or potential purchaser of our practice, subject to confidentiality.

We do not sell personal information.

7. Overseas disclosure

Some of our service providers store or process information outside Australia. In particular:

  • our document storage and electronic signing provider (Suitefiles) stores information in Australia and Singapore;
  • Ignition and Ignition Compliance (proposals, engagement, and identity verification) store information on servers in the United States, and processing by their group or sub-processors may occur in other countries;
  • our marketing email provider (MailChimp) stores information in the United States; and
  • some accounting support work is performed by contractors located in the Philippines, under access controls that restrict the information they can reach. Customer due diligence personal information and identity documents are not disclosed to, or accessible by, these contractors.

Where we disclose personal information overseas, we take reasonable steps to ensure the recipient handles it consistently with the Australian Privacy Principles.

8. Direct marketing

We may use your contact details to send you information about our services and updates that may be of interest to you. We manage our marketing email list through MailChimp. You can opt out at any time using the unsubscribe link in any marketing email, or by contacting us. Opting out of marketing does not stop service communications relating to your engagement.

9. How we hold and protect your information

We hold personal information in our practice systems and with our service providers. We take reasonable steps to protect it from misuse, interference, loss, and unauthorised access, modification or disclosure, including access controls, secure systems and staff training. If we experience a data breach that is likely to result in serious harm, we will respond in accordance with the Notifiable Data Breaches scheme and notify affected individuals and the Office of the Australian Information Commissioner (OAIC) where required.

10. How long we keep your information

We keep personal information for as long as it is needed for the purposes set out in this policy and to meet our legal and professional obligations. Certain records, including AML/CTF records, must be kept for at least seven years. We take reasonable steps to destroy or de-identify personal information when it is no longer needed and we are not required to retain it.

11. Accessing and correcting your information

You can ask us for access to the personal information we hold about you, and to correct it if it is inaccurate, out of date, incomplete, irrelevant or misleading. Contact us using the details below. We will respond within a reasonable period. In limited circumstances we may decline a request as permitted by law, and if we do we will tell you why.

12. Complaints

If you have a concern about how we have handled your personal information, please contact our Privacy Officer using the details below. We will acknowledge your complaint and aim to respond within 30 days. If you are not satisfied with our response, you can contact the OAIC at www.oaic.gov.au or 1300 363 992.

13. Contact us

Privacy Officer: Judy She, Compliance Officer.
North Advisory Pty Ltd, Suite 6, 11 Oaks Avenue, Dee Why NSW 2099.
Email: privacy@northadvisory.com.au Phone: (02) 9984 7774.

14. Changes to this policy

We may update this policy from time to time. The current version is available at https://northadvisory.com.au/privacy-policy/. This version is effective from 01 July 2026.