5 July 2024
This privacy policy outlines the handling of personal information by Tiger Brokers (AU) Pty Limited (“TBAU,” “we,” “us,” “our”). At TBAU (ACN: 007268386 AFSL: 300767), we are committed to protecting the privacy of our clients and to comply with the Australian Privacy Principles (APP) and the Privacy Act 1988 (Cth) in Australia (Privacy Act) (together, the “Privacy Requirements”).
This privacy policy is subject to regular review to ensure continued compliance with relevant laws and regulations. Any updates to this policy will be communicated to you and made available on our website. You may also contact us to request a copy of the most current version of our privacy policy. Your continued use of our services constitutes your acknowledgement and acceptance of such changes.
This privacy policy sets out:
1. The kinds of personal information we collect and hold;
2. How we collect and hold personal information;
3. The purpose for which we collect, hold, use and disclose personal information;
4. Targeted advertising;
5. How clients may access personal information about themselves, that is held by us, and correction and deletion of such information;
6. How a client may lodge a complaint about a breach of the APP by us, and how we will deal with such a complaint;
7. Whether we are likely to disclose personal information to overseas recipients, and countries in which such recipients may be likely to be located;
8. Anonymity;
9. Sensitive information;
10. Consequences of failing to provide information or withdrawing the consent to this policy
11. Unsolicited personal information;
12. Direct marketing communication; and
13. Security and protecting your personal information.
1. The kinds of personal information we collect and hold
‘Personal information’ is defined under the Privacy Act as information or an opinion, whether true or not and whether recorded in a material form or not, about an individual who is identified or reasonably identifiable.
‘Sensitive information’ under the Privacy Act is a sub-set of personal information that is given a higher level of protection. Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information.
TBAU operates an online trading platform for its clients to access financial markets information and to trade financial products. During the course of provision of financial services and/or as a result of our other interactions or dealings with you, TBAU may collect your personal information.
Information that we may collect from you include but is not limited to:
your full name;
date of birth;
your contact details, including email address, phone numbers, residential address and business address;
tax file numbers, driver’s licence details, Medicare card details, and passport details;
financial details, occupation, bank account details and any other information we may consider necessary to undertake our activities and provide services to you.
Information that we may collect automatically during the course of providing products and services include but not limited to:
IP address
Cookies
Device identifier
Device information, such as device type, OS name and version
Location data from your mobile device, wireless carrier, or third-party service providers; you may control the collection of precise geolocation data through the user settings on your device;
The social media data such as your social account ID, name, email address, photo, contacts, and any other information that may be or that you make accessible to us when you connect your social media account to your account; and
Trading and other activity data
Not all types of information listed above are sufficient on their own to identify a person and thus be considered personal information. However, in certain scenarios, when combined with other data, they can be categorized as personal information.
2. How we collect and hold personal information
Where reasonable and practicable, we will endeavor to collect your personal information from you via our client application form which can either be a paper-based form or an online form. We may also collect information from you via phone, email and/or when you use our services or otherwise interact with us.
In certain situations, we may collect personal information about you from other parties, such as service providers, related parties, third parties you authorise to disclose your information to us, including but not limited to introducing broker, financial adviser, accountant, and employer and social media operator, and publicly maintained record or other publicly available sources of information.
If we have to collect personal information about you from third parties not disclosed in this privacy policy, we will advise you of this as soon as practicable, if not at or before the time of collection, the fact that we have collected the information and the circumstances of the collection. Further, we may also request for information from you via market research, surveys and questionnaires, these requests are voluntary.
Once we have collected your personal information, we will store this in our system, secured office onsite, or in a secured storage facility.
3. The purpose for which we collect, hold, use and disclose personal information
We collect, hold and use your personal information for the purpose of:
i. providing you with products or services provided by TBAU or a related company, including assessing your application, administering any facility you have with us, executing instructions and complying with our legislative and regulatory obligations relating to the product or service;
ii. meeting our ongoing obligations to you in providing you with the product or service;
iii. meeting our external obligations, such as with regard to third party systems and
relationships, in order to provide you with the product or service;
iv. meeting our obligations under applicable laws, such as customer identification requirements under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) and compliance requirements under the Corporations Act 2001 (Cth) and other legislation governing the provision of financial services;
v. protecting against fraud;
vi. to contact you with information about products or services that you might be interested in;
vii. requesting feedback and information from you, via market research and surveys regarding our products and services;
viii. for analytics, market research, business development and target advertising; and
ix. any other purpose you consent to.
We may disclose your information for such purposes to other organisations, including;
i. external service providers involved in our provision of products and services to you, such as mailing houses, call centres, debt collector agencies, professional advisers (such as our lawyers and compliance advisers), internal and external auditors;
ii. our parent company Up Fintech Holding Limited, and any associated companies and subsidiaries assisting in providing you with financial products and services;
iii. online application technology providers;
iv. identity verification services providers;
v. to any potential purchaser of the whole or part of our business (or any other relevant party advisers such as that), on a confidential basis;
vi. your agents, advisers or lawyers, such as where you have obtained a service from us through them or are otherwise dealing with us in any way through them;
vii. parties involved in markets and systems related to the products and services we provide to you, such as market operators and participants, counterparties,
intermediaries and custodians;
viii. entities involved in any corporate re-organisation affecting us;
ix. entities assisting us to maintain and improve our systems, products and services;
x. credit reporting agencies;
xi. entities to whom we are required or authorised by law to disclose your personal information, such as relevant regulatory bodies, government, tax authorities, law enforcement agencies or other administrative, self-regulatory or statutory agencies, or stock exchange or clearing house.
4. Targeted Advertising
We use third-party advertising companies to serve advertisements regarding goods and services that may be of interest to you when you access and use the Services and other websites or online services, as well as to provide advertising-related services such as reporting, attribution, analytics, and market research. You may receive advertisements based on information relating to your access to and use of the Services and other websites or online services on any of your devices, as well as on information received from third parties.
These companies place or recognize a unique cookie on your browser (including through the use of pixel tags) that collects information about your use of the Services over time. They also use these technologies, along with information they collect about your online use, to recognize you across the devices you use, such as a mobile phone and a laptop. For advertising, we may share a common account identifier (such as an email address or user ID) in a hashed format with our third-party advertising partners to help identify you across devices.
If you would like more information about this practice, and to learn how to opt out of it in desktop and mobile browsers on the particular device on which you are accessing this Privacy Policy, please visit http://optout.aboutads.info/ and http://optout.networkadvertising.org/.
Google Analytics
We have enabled Google Analytics Advertising Features which may include but not limited to Remarketing Features, Advertising Reporting Features, Demographics and Interest Reports, Store Visits, Google Display Network Impression reporting. We and third-party vendors use first-party cookies (such as the Google Analytics cookie) or other first-party identifiers, and third-party cookies (such as Google advertising cookies) or other third-party identifiers together.
You can opt-out of Google Analytics Advertising Features including using a Google Analytics Opt-out Browser add-on found here. To opt-out of personalised ad delivery on the Google content network, please visit Google’s Ads Preferences Manager here or if you wish to opt-out permanently even when all cookies are deleted from your browser you can install their plugin here. To opt out of interest-based ads on mobile devices, please follow these instructions for your mobile device: On android open the Google Settings app on your device and select “ads” to control the settings. On iOS devices with iOS 6 and above use Apple’s advertising identifier. To learn more about limiting ad tracking using this identifier, visit the settings menu on your device.
5.How clients may access personal information about themselves, that is held by us, and correction and deletion of such information
You have the right to request access to your personal information which we hold. Your access rights are subject to some exceptions permitted by law. To obtain access to your personal information, you will have to provide proof of identity to ensure that personal information is provided only to the correct entities and that the privacy of others is protected. We will respond to your request in accordance with the Privacy Act and any other law which affects this obligation. A fee may be payable if you request a copy of your information. If we deny your access request we will provide you with written reasons for doing so. If you wish to lodge a complaint in reference to this refusal, you may do so via the details provided in section 6 below.
We aim to keep the personal information we hold about you up-to-date. Should any of your personal details change, or if you believe that information we hold about you is incorrect, please contact us so we can correct this. If we refuse your request to correct information, we will generally give you a written reason for the refusal. If you wish to lodge a complaint in reference to this refusal, you may do so via the details provided in section 6 below.
You may delete your account at any time through Settings - Account Management- Delete Account in the trading app and your personal information will be deleted in the normal course of business pursuant to our current data retention practices. You may also request to have your personal information deleted by contacting us. We will comply with deletion requests within a reasonable time to the extent permissible by law. However, we will not delete data that we are legally required to maintain, such as information regulators require for audit or substantiation purposes.
6. How a client may lodge a complaint about a breach of the APP by us, and how we will deal with such a complaint
For any privacy related feedback, or complaints, please send your written request to: Tiger Brokers (AU) Pty Limited
Email: compliance@tigerbrokers.com.au
Address: Suite 28.01, 25 Bligh Street, Sydney NSW 2000
Phone: +61 2 9169 6999
If you are not satisfied with a response received from TBAU in reference to a privacy complaint or feel that TBAU may have breached an Australian Privacy Principle, then you have the right to refer the complaint directly to the Office of the Australia Information Commissioner (OAIC). A complaint form may be lodged via the OAIC website, or via the details below.
For provisions of the Privacy Act, please refer to the website www.oaic.gov.au
Office of the Australian Information Commissioner Email: enquiries@oaic.gov.au
Phone from within Australia 1300 363 992
Phone from outside Australia +61 2 9284 9749 Address: Level 3, 175 Pitt Street, Sydney
As per TBAU’s IDR – complaints handling policy, if you lodged a complaint with TBAU, you should receive a response within 5 business days from the date TBAU receives the complaint. The complaint will be dealt by the Compliance department. If additional time is required to resolve the complaint, the Compliance department will inform you of this. TBAU aims to resolve a complaint as soon as possible, and within 30 days.
If you are still not satisfied with TBAU’s response, you can then proceed to lodge a formal complaint with OAIC.
7. Whether we are likely to disclose personal information to overseas recipients, and countries in which such recipients may be likely to be located
TBAU may disclose your personal information to recipients, including related entities and other 3rd party service providers, located outside the Australian jurisdiction, which includes but not limited to the United States, New Zealand, Singapore, and China(including Hong Kong SAR).
The related entities are our parent company Up Fintech Holding Limited, and the subsidiary offices of our parent company to which we may outsource certain services to,. You consent to your personal information being transferred to such entities located in those overseas jurisdictions for the purposes stated in section 3.
Where we disclose your personal information to other third parties listed in section 3, these third parties may store, transfer or access personal information outside of Australia. Unless we seek and receive your specific consent to an overseas disclosure of your personal information, we will only disclose your personal information to countries with laws which protect your personal information in a way which is substantially similar to the Australian Privacy Principles and/or we will take such steps as are reasonable in the circumstances to require that overseas recipients protect your personal information in accordance with the Australian Privacy Principles.
8. Anonymity
Under the Privacy Act, you have the right to deal with us anonymously where this is lawful and practicable. For instance, this can sometimes be the case when you are enquiring about our products and services. However, in situations where we may need
to take instructions from you or implement a change to your account, this may not be appropriate and in compliance with AML/CTF rules and regulations.
9. Sensitive information
While we usually do not need to collect sensitive information about you (such as health information; information about racial or criminal record information), if we require such information we will generally only collect it with your consent. This is subject to exceptions, such as where the collective is required by law or necessary to establish or defend a legal claim.
10. Consequences of failing to provide information or withdrawing the consent to this policy
If you do not provide us with any requested personal information, this may mean that we are unable to provide you with financial products or services, or potentially pursue the relationship you have as a client with TBAU.
Similarly, if you request to withdraw your consent to this policy and/or how we use, collect, disclose, transfer or process your personal information, we may not be able to provide or continue providing our services to you.
Please note that withdrawing consent does not affect our right to collect, store, use, transfer, process and/or disclose personal data where such collection, storage, usage and disclosure is required by law including the Privacy Requirements and/or is permitted without consent.
11. Unsolicited personal information
If you have received unsolicited personal information regarding you, which we did not solicit, we will as soon as practical, destroy the information, or ensure the information is de-identified. However, if it is information which is provided to us in a situation where it is mixed or attached with information that we have requested, you acknowledge that this information may be held by us as described in this policy.
12. Direct marketing communication
TBAU may from time to time send you information regarding our current and upcoming products and services, events being held by TBAU, surveys and/or request for feedback on how we can improve on our products and services to you as a client, or information we may consider of interest to you. Such communication will be sent to you via the personal details you provide to us in the client application form, commonly your registered email address. If you do not wish to receive such information, please email clientservice@tigerbrokers.com.au or you may submit a request to unsubscribe from receiving such information via the actual communication email.
We collect or store user information on our website by using “cookies” for marketing purposes, such as displaying pages that are more relevant to your preferences.
13. Security and protecting your personal information
The security of your personal information is important to us and so we take reasonable steps to protect it from misuse, loss and unauthorised access or disclosure. Such steps include:
i. security measures for access to our systems and premises and for document and file storage;
ii. by reasonably limiting internal access to clients’ personal information to staff who require it to fulfil our obligations towards to and related matters; and
iii. firewall and data encryption measures protecting our website.
We may provide access to you to other 3rd parties’ websites through links on our websites or trading platform. Please note that we are not responsible for the privacy standards and processes of those entities and their websites. It is recommended that you read and understand their privacy policy, among other disclosure documents and terms and conditions, before providing any personal information.
We must stress however, that no security system is impenetrable. We cannot guarantee that our security measures will prevent all illicit attempts of obtaining the personal information, or that our database and/or systems will not be subject to any cyber attack. TBAU retains your personal information for as long as necessary to accomplish the purpose for which it was collected, to meet our legal and regulatory obligations including compliance with our records retention practices, and as permitted to meet our legitimate interests.