Deutsche Bank comprises Deutsche Bank AG (ABN 13 064 164 162) and its subsidiaries, including Deutsche Australia Limited (“Deutsche Bank”, “we” or “us”).
At Deutsche Bank we recognise that one of our fundamental responsibilities is to ensure that we protect the information entrusted to us by our clients, our website visitors, our contractors, staff and all those with whom we communicate or otherwise interact with. This is critical not only for the maintenance of Deutsche Bank’s reputation but also to meet the extensive legal and regulatory requirements which are imposed upon us to safeguard our customers and maintain orderly markets. We also believe it is important that our information handling processes are clear and transparent.
This policy does not apply to certain types of information which are not covered by the Privacy Act, including certain employee records in relation to our current or former employees. However, where you are a current or former employee and the personal information which we have collected about you is within the scope of the Privacy Act, this Policy applies to that personal information.
You may have also entered into, or been provided with, a collection statement if you have submitted personal information to us or entered into other terms and conditions which contain specific provisions relating to how we handle personal information collected about you (Other Terms). These Other Terms may also apply to you together with this Policy.
We may update this Policy from time to time to reflect Deutsche Bank’s current information handling practices. When we do so, the updated Policy will be available on this website. We will endeavour to take reasonable steps to bring any material changes to this Policy to your attention. However, we recommend that you regularly visit and review our Policy to check and ensure that you understand the terms that apply at the relevant time.
What personal information do we collect?
Personal information is any information (including an opinion) which can be used to identify you. Sensitive information is a subset of personal information which includes (for example) information about an individual’s race or ethnicity, political or religious beliefs, sexual preferences, criminal record and health information.
We only collect personal information that is reasonably necessary for us to conduct and operate our business, including to: enable us to deliver products, services, information or advice to you or to an organisation you work for, maintain a business relationship with you, enable us to assist you in using our products and services; improve and better understand your preferences in respect of our products and services; assess your suitability for employment with us or for the provision of services to us as an independent contractor, manage our relationship with you if you are an employee or contractor or otherwise engaged by us; and, fulfil our legal and regulatory obligations from time to time.
The types of personal information we collect includes names, contact details, personal details, business details, personal preferences, employment history, information about the products and services we provide to you and financial information. We generally do not need to collect sensitive information in order to provide our products and services to you, however it may be necessary for us to collect sensitive information from time to time.
As long as it is reasonable and practicable for us to do so, we will only collect personal information about you directly from you. This personal information is collected in a number of ways, including: when you visit or use our online services, apply for, enquire about or request services or products, when you apply for work or to otherwise perform services at or for Deutsche Bank or when you otherwise contact, do business or interact with us. In limited circumstances it may be necessary for us to collect information about you from a third party, for example where we need to verify information you have provided to us or to comply with our regulatory obligations or collect information about you when conducting reference checks. We only collect sensitive information directly from you with your consent, or where we are required, authorised or otherwise permitted to collect the information by law.
You may choose not to provide your personal information, including sensitive information, to Deutsche Bank, or you may choose to deal with us on an anonymous basis (including by the use of a pseudonym) if it is practicable for you to do so. However, in most circumstances, it will be illegal and/or impracticable for us to do business or otherwise interact with you unless you provide us with your personal information.
All emails, instant messages and other electronic communications sent to and from Deutsche Bank (including via third-party applications and services) may be automatically captured and retained in secure digital storage facilities. These communications may be monitored, accessed, reviewed, audited and otherwise used for a variety of supervisory and compliance-related purposes, including to ensure compliance with applicable laws and regulations, Deutsche Bank corporate governance and risk management policies, employee codes of conduct, and other business controls. These communications may also be disclosed to third parties (such as enforcement bodies or regulatory authorities) in appropriate circumstances.
Use and disclosure of personal information
The personal information we collect will generally be used or disclosed only for the purposes for which it is collected and for any other purpose which is related to that primary purpose and for which you might reasonably expect us to use it (including as described in this Policy) or as otherwise permitted under a Privacy Act.
For example, we generally use and disclose your personal information for the purpose of:
assessing an application, establishing, administering, operating and maintaining systems and processes in relation to you so that we can provide products and services you have requested from us;
managing our relationship with you;
conducting client satisfaction, staff engagement and other surveys, regarding our products, service and performance;
for direct marketing (as permitted under the APPs), including to provide you with information about Deutsche Bank’s other products and services as well as information about products and services available from Deutsche Bank’s affiliated entities;
responding to a regulatory request, regulatory investigation or other inquiry where a local for foreign regulator, administrative agency or other enforcement body (Regulator) requests the emails, records, or other personal information we hold about you in connection with the Regulator’s functions and activities;
any permitted general situation, permitted health situation or where we are otherwise permitted to do so under the privacy Act; and
for any purpose to which you subsequently consent form time to time.
We may also disclose your personal information to third party service providers, vendors, suppliers and business associates and other third parties in order to conduct and carry out the operation of our business such as:
third parties who provide services and financing in connection with our products and services;
information technology vendors who provide technology and data services to us;
entities conducting marketing and business analysis, such as third party providers undertaking surveys on our behalf.
These third parties may be located locally or overseas.
Deutsche Bank may also use or disclose your personal information (including to overseas recipients):
with your consent;
where we are required, authorised or permitted to do so by law, or to a person authorised to act on your behalf.
Disclosure outside Australia
As detailed above, in some circumstances Deutsche Bank may disclose your personal information to entities located outside Australia including our own related bodies corporate, third party service providers and business associates. There are certain safeguards which must be met before we are allowed to transfer your personal information outside Australia, which are set out in the Privacy Act.
Deutsche Bank is a global company with operations in many countries across the world. The entities to which your personal information may be disclosed by Deutsche Bank may be located in (without limitation) Germany, Hong Kong, India, the Philippines, Singapore, the United Kingdom and the United States.
Storage and security
Personal information which we hold may be stored by Deutsche Bank or by third party service providers on our behalf. We use up-to-date techniques and processes to ensure the personal information which we hold is secure and is protected from misuse, interference, loss or unauthorised access, modification or disclosure. Access is restricted to employees of the Deutsche Bank group and those who perform services on our behalf, who are authorised to handle personal information.
Stored electronic communications will only be accessed by specific people in defined roles (e.g. supervisors/managers, compliance personnel, legal officers) where it is reasonably necessary for one of the purposes referred to above. Every step of this process is logged in an audit trail, and all copies of electronic communications will be destroyed at the end of the applicable retention period.
Where personal information we hold is no longer necessary for any purpose for which Deutsche Bank may use or disclose it, we will delete the information or permanently de-identify it, unless we are legally required to keep it.
Opting Out of Direct Marketing
We may use or disclose your personal data for direct marketing purposes such as informing you about our services and products, upcoming promotions and events, or other opportunities that my interest you including the products and services offered by other Deutsche Bank entities. If you do not want to receive such direct marketing communications, you can opt-out at any time by contacting us using the contact details below or the opt-out facility on the direct marketing communication. If you opt-out of receiving direct marketing material from us, we may still contact you in relation to our ongoing relationship with you.
Accessing and correcting your personal information
Deutsche Bank takes reasonable steps to ensure that the personal information it holds is accurate, up to date, complete, relevant and not misleading. You can request access to the personal information that we hold about you at any time, Deutsche Bank will respond to such a request within a reasonable time, and will try to give you full access to personal information in the manner you have requested, uncles there is a legal or administrative reason we cannot do so. In some cases we may charge a reasonable fee for providing access.
You may also request that the personal information we hold about you be corrected to ensure it remains accurate, up to date, complete, relevant and not misleading. There is no charge payable in connection with a request for correction.
Please contact us if your personal information changes or if you believe that the personal information we hold is no longer accurate or complete.
You can make a complaint if you believe that Deutsche Bank has breached its obligations under the Privacy Act or has failed to comply with this Policy. Any complaint should be made in writing and sent to our Head of Compliance using the contact details below. Deutsche Bank will review and respond to your complaint as soon as possible, and generally within 30 days of receiving.
If you are not satisfied with our response, you can refer your complaint to the Office of the Australian Information Commissioner (“OAIC”). The OAIC will generally only consider your complaint if you have first written to use and given us a reasonable opportunity to resolve your complaint (usually 30 days).
If you would like to:
access, update or correct your personal information held by Deutsche Bank;
request more information about how we handle personal information or any privacy issues, or make a complaint in relation to privacy,
you can contact us by phone, email or by posting using the following contact details:
Deutsche Bank AG
GPO Box 7033
Sydney NSW 2001
Phone: (+61) 2 8258 1234
Attention: Head of Compliance
Use of Website
Deutsche Bank may also collect information about you through your use of the Deutsche Bank Australia site (“Site”). For example we may log the following details when you use the Site: your server address, operating system, top level domain name and the type of browser you use, the date and time of the visit to the Site and whether you have visited the Site previously; and what pages of the Site you accessed and what you download.
Generally the type of information collected through your use of the Site is not personal information unless, for example, you email us with a suggestion, comment or query about the Site.
Any information we collect through you use of this Site may be used to help us improve the Site by tailoring it to better suit your needs and to provide quicker and more effective access to the various components of the Site. If you email us with a suggestion, comment or query we will use the personal information provided to respond to you. We may also use or disclose information gathered via your use of the Site to other persons for these purposes or for related purposes, including to information technology companies, located locally or overseas, who assist us in constructing, designing and maintaining the Site.
We may use “cookies” while you are visiting our site. Cookies are small files which are stored on your hard drive. There are two different types of cookies. Session cookies are temporary and erased when you close your browser. Persistent cookies remain on your hard drive until you erase them or they expire. We may use persistent cookies to recognise previous visitors when they return but only the cookie on your computer is identified. Most web browsers can be set to prevent you from receiving new cookies, notify you before accepting cookies or disable cookies altogether. The instructions for this can often be found via your browser’s Help function. You can delete cookies already on your hard drive at any time. If you choose to disable cookies, this may result in a reduced availability of the services provided by our Site.