FinWin Advisors complies with and operates in compliance with the Privacy Act and the National Privacy Standards. The commitment of FinWin Advisors to ensuring the handling of personal data is unwavering.
The information we collect includes:
The collection and use of personal information is only to facilitate the services we provide to your firm as requested by you. We only use personal information for the purpose(s) for which it was given to us and for directly related purposes (unless otherwise required by or authorised by law) or as consented to by you or your firm.
FinWin Advisors will only provide the information to their staff and associated providers that relate specifically to the tasks requested by your firm. The information will not be provided or sold to other institutions. If there is a legal situation, the information may be provided in accordance to the law.
Your firm and staff can access the personal information that you provide. FinWin Advisors will take the necessary steps to identify you are a client of FinWin Advisors before they give the information to you.
We have taken the necessary measures to ensure our data integrity is not compromised. The most up-to-date infrastructure, technical people, and technology are all present in our safe delivery centre to ensure that our working environment is completely dependable and secure for the data of our clients. Our group companies have ISO certification, which ensures that our facilities and IT infrastructure comply with global standards for information security management. We never hire third party contractors to complete any work.
To enter our offices, one must use access cards and biometric scanners. Entry to the office and processing centre is restricted to authorised individuals only. It is forbidden to bring physical documents, books, or other equipment into the processing centre. The entire office is under Camera surveillance. All PC’s are desktops running a ‘dumb terminal system’ and save and store data on the PC is disabled, CD Rom and other drives (USB) have been removed. Printers and scanners are also not available within the processing centre.
Internet use is severely controlled as websites are required to be added to a “whitelist” before they can be accessed. Personal emails cannot be accessed by employees from the workplace, and business emails cannot transfer information outside the office. IP Authentication is used on our intranet, internal portals, software, and websites to ensure that no one outside of our office premises may access these records. Our internal software is secured by a password that has a strength measurement. Moreover, passwords must be updated frequently. All terminals include screen snapshots and are regularly audited to ensure staff are following security guidelines.
Firewalls, antivirus software, intrusion detection software, and prevention systems are installed on our terminals and servers to minimize exploits or attacks. Our security software is kept updated at all times and when required. In our organisation, every Computer has an auto-lock feature to prevent them from being left unlocked. Wireless connections are not permitted within any of our back-office.
We shall take the following steps if a data breach is likely to cause substantial harm:
