Australia Privacy Policy

In the course of serving you as an individual or as someone associated with a corporation or institution, Morgan Stanley may collect, hold, use and disclose (‘process’) information about individuals which may constitute personal information (including sensitive personal information), under the Australian Federal Privacy Act 1988 (as amended) and other applicable privacy laws and regulations.

Unless advised otherwise, all references to “Morgan Stanley”, “we”, “us” or “our” in this Privacy Policy includes, individually and collectively the following Morgan Stanley entities:

• Morgan Stanley Australia Limited
• Morgan Stanley Australia Securities Limited
• Morgan Stanley Investment Management (Australia) Pty Limited
• Morgan Stanley Wealth Management Australia Pty Ltd.

This Privacy Policy describes:

• What personal information we collect;
• How we collect your personal information;
• What are the purposes for which we use your personal information;
• Monitoring;
• When we disclose your personal information;
• How we protect the security and confidentiality of your personal information;
• Marketing;
• What rights do you have;
• How do we update this Privacy Policy; and
• Enquiries and complaints.

Please read this Privacy Policy carefully to understand how we process your personal information.

You may, in connection with specific products or services offered by Morgan Stanley, be provided with privacy policies or statements that supplement this Privacy Policy.

If you deal with Morgan Stanley as a private client or otherwise in your individual capacity e.g. relating to a trust or investment vehicle established to invest on your behalf, or if you deal with Morgan Stanley in the capacity of an officer, employee, director and or principal of one of our corporate or institutional clients, then typically we collect the following types of personal information about you:

• Personal details, such as name, age, gender, citizenship, occupation and marital status;
• Contact details such as current and previous addresses, telephone, email, in some cases both private and work related contact details;
• Identification documents, such as your passport, copies which may generally include a head and shoulders photograph from, as applicable, your passport or driver’s license, as required by laws and regulations addressing due diligence and related matters;
• A personal identifier such as your Driver’s license number, Tax File Number or Medicare Number etc.;
• Personal details relating to your immediate family members and details relating to any senior political figures (e.g. senior military or government official) to whom you are connected;
• For private clients, extensive financial information, including source of wealth, investment experience and objectives, risk tolerance and, in certain jurisdictions, representations required under applicable law or regulation concerning your financial resources; and
• For employees, data obtained during the recruitment process.

If Morgan Stanley is providing credit to you, we may also collect personal information about you that is credit information, including:

• The fact that you have applied for credit, the credit type, the credit provider and the amount;
• Your credit history with other credit providers, including whether or not you have met obligations to make repayments in the past;
• Default and payment information about you;
• Court proceedings information about you;
• Personal insolvency information about you;
• Publicly available information about you that relates to your creditworthiness that is entered on the National Personal Insolvency Index; and
• An opinion of a credit provider confirming whether or not you have committed a serious credit infringement in relation to consumer credit provided by that provider to you.

Some personal information we collect is ‘sensitive information’. We would normally not collect sensitive information of people requesting our products or services, though we may request it from employees, applicants for employment or individuals wishing to provide services to us. We will only collect sensitive information such as information about your racial or ethnic origin, political opinion, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, sexual orientation or practices, criminal record, genetic information, health information or medical history where it is reasonably necessary for us to receive, process and assess any applications for employment or provision of services and we have your consent (or where we are legally required to do so).

Of course, you are not required to supply any of the personal information that we may request. However, failure to supply any of the personal information that we may request may result in our being unable to open or maintain your account, provide services to you or your company, discuss any other opportunities with you or deal with other matters. While we make every effort to ensure that all information we hold about you is accurate, complete and up to date, you can help us considerably in this regard by promptly notifying us if there are any changes to your personal information. We shall not be responsible for the authenticity of any personal information or sensitive personal information or any losses arising from any inaccurate or deficient personal information or sensitive personal information that you supply to us.

The personal information we collect regarding you come primarily from information that you submit directly to us during the course of your relationship with us. For private clients, we typically obtain personal information about you from the forms and documents used when you apply for an account with us, from your transactions with us, from your access to or use of our products and services, from third parties who provide services to you such as your financial adviser, financial planner, dealer group, accountant or other professional adviser, or from third parties authorised to provide us with such information such as credit reporting bodies, other credit providers or other agencies used for running due diligence checks. For employees or applicants for employment, we typically obtain personal information about you from your resume or job application form, from previous employers or nominated referees, credit reporting bodies and other credit providers or other agencies used for running due diligence checks. For individuals wishing to provide services to us we typically obtain personal information about you from your employer, credit reporting bodies and other credit providers or other agencies used for running due diligence checks.

We also collect personal information when we monitor or record our communications with you or through use of certain technology as detailed further below.

We, our associated firms and/or other persons acting on our or their behalf may process and use your personal information to:

• Administer and operate services in accordance with the customer documents, (including authorising or confirming transactions and for billing purposes);
• In the course of the operational support and development of our businesses;
• To carry out credit, money laundering and conflict checks and for fraud prevention purposes, (and this may include consideration of information regarding political affiliations and criminal offences committed or alleged to have been committed);
• Marketing products, services and offers to you (including in relation to other banking, insurance and investment products);
• To exercise and defend our legal rights;
• In order to comply with legal and regulatory obligations and requests anywhere in the world, (including reporting to and being audited by national and international regulatory, enforcement or exchange bodies and complying with court orders). For example we may be required under applicable Australian law, rules or regulations to collect certain personal information in order to open accounts (e.g. the Anti-Money Laundering and Counter Terrorism Financing Act 2006 (Cth), the Corporations Act 2001 (Cth) or the ASIC Market Integrity Rules);
• For recruitment purposes, to confirm your references and educational background and to consider your suitability for any current or future recruitment requirements;
• For internal training purposes;
• For improving, supporting and enhancing our products and services;
• For any other legitimate business purposes; and
• As otherwise permitted under any applicable law or regulation.

We, our associated firms and/or other persons acting on our or their behalf record or monitor communications, (including email, instant messaging, facsimile, telephone (including mobile phones issued by us) and other electronic communications), with you or your agent(s) to the extent permissible under the applicable law for legitimate business purposes or for purposes permitted by law from time to time, including without limitation:

• To safe guard against the unauthorised and unlawful processing or misuse of our data and that of our employees, clients and vendors;
• Establishing the existence of facts (e.g., keeping records of transactions);
• Ascertaining compliance with regulatory or self-regulatory practices or procedures which relate to Morgan Stanley;
• Preventing or detecting crime;
• Investigating or detecting unauthorised use of our systems and other materials (e.g., monitoring to ensure compliance with our policies and procedures and to evaluate the quality of customer service);
• Ensuring the effective operation of our telecommunications (including telephones, email and internet) systems;
• For security or health and safety purposes; or
• For support and administration purposes.

You should know that:

• Morgan Stanley does not sell, rent, trade your personal information; and
• Morgan Stanley does not disclose your personal information, except as described in this Privacy Policy.

Our processing and use of your personal information, for the purposes specified in this Privacy Policy, may include disclosure of your personal information:

• Between us and our associated firms, a list of which may be referred to in the corporate website of Morgan Stanley http://www.morganstanley.com/contact-us;
• To vendors or other persons processing your personal information on our or their behalf or otherwise providing us or them with professional or other services such as:
  • Mailhouse (statement production and mail related services);
  • Administration services (data entry, documentation, account maintenance, settlement and payment);
  • Reporting platforms (wrap and other reporting platforms for the administration of your account);
  • Broker and financial planning services (financial planning, account and commission administration);
  • Fund Managers (administration of your investments/accounts);
  • Market research (product development and planning); and
  • Professional advisers (assistance with administration of your investments);
• To settlement agents, overseas banks or exchange or clearing houses to whom we disclose in the course of providing products and services to you;
• To credit reporting, fraud prevention and other similar agencies, and other financial institutions, with whom information is shared for credit and money laundering checking and fraud prevention purposes;
• To persons to whom we assign or novate our rights or obligations;
• To prospective seller or buyer in the event that we sell or buy any business or assets or if all or substantially all of our assets are acquired by a third party, in which case personal information held by it about its customers will be one of the transferred assets;
• Also to national and international regulatory, enforcement or exchange bodies or courts anywhere in the world as required by applicable law or regulations anywhere in the world or at their request; and
• To any third party to whom you authorise us to disclose it.

These disclosures may involve overseas storage and other overseas transfer, processing and use of your personal information, and disclosure to these third parties, including in or to countries or territories which do not offer the same level of protection of personal information as may be enjoyed within Australia. Without limiting the foregoing, your data may be disclosed by us to our associated firms and vendors which conduct operational, technology and customer service functions in China, Hong Kong, Hungary, India, Japan, Singapore, United Kingdom and the United States of America.

Disclosures about your credit to credit reporting bodies may include:

• Your personal details and contact details (as referred to above) and other identity details such driver’s licence number;
• The fact that you have applied for credit; and
• The fact that we are a credit provider to you, the credit type, and the amount.

Credit reporting bodies/due diligence agencies that we disclose information to include:

• Dun & Bradstreet (Australia) Pty. Ltd (Australia) – Morgan Stanley Wealth Management clients
• Blue Umbrella Limited (Hong Kong, India and Japan) – employees and vendor staff

Each of these credit reporting bodies is required to have a privacy policy which explains how it will manage your personal information.

Morgan Stanley maintains appropriate physical, technical and procedural safeguards to protect any information that you provide to us from accidental or unauthorised loss, misuse, damage, modification, access or disclosure.

Morgan Stanley has established a global Information Security Office, which leads efforts to:

• Safeguard the confidentiality and privacy of information resources;
• Properly classify information resources;
• Anonymise or destroy your personal information where we no longer require it;
• Meet legal and regulatory obligations concerning the protection of information resources;
• Implement and maintain information security policies and procedures;
• Integrate protection of information resources into the process lifecycles of the business;
• Educate those working for or on behalf of Morgan Stanley on Information Security policies and responsibilities; and
• Authenticate users and limit access to information resources based on authorisation that has been granted.

Third parties who process your personal information on our behalf are required to adhere to appropriate security standards to protect such information against unauthorised access, destruction or loss.

You can help us to protect your privacy by observing our security requirements and contacting us immediately if your contact details change. In addition you are required to keep any passwords and access codes confidential and secure at all times. This means that you should not disclose your passwords or access details to any other person. You should contact Morgan Stanley immediately if you believe that your passwords or access codes may have been disclosed to any other person.

As part of Morgan Stanley’s service to you, Morgan Stanley may use personal information we have collected about you to identify a product or service that may benefit you. Morgan Stanley may contact you from time to time to tell you about new or existing products and services. Morgan Stanley may also disclose your personal information to its associated firms to enable them or Morgan Stanley to tell you about a product or service.

Example of products and services which Morgan Stanley may inform you about are as follows:

• Securities, insurance and investment products including deposits, life insurance, superannuation and investment funds;
• Broking services including securities transactions and margin lending; and
• Other products or services relevant to finance or investment.

You may opt out from receiving marketing information at any time by contacting your Morgan Stanley representative (e.g. for private clients your Morgan Stanley financial adviser) or if you do not know who your representative is then by contacting Morgan Stanley using the contact details for enquiries and complaints below.

If you wish to access a copy of your personal information or you wish to modify any personal information which we hold about you, or you want us to cease processing any of your personal information held by us, subject to applicable law, you can do so by written request to the applicable Privacy Officer or other named contact at the address set out below.

In the case of a request for access to personal information, we reserve the right to charge an appropriate fee. If a fee is chargeable we will advise you of the likely fee in advance. You may be required to supply a valid means of identification as a security precaution to assist us in preventing the unauthorised disclosure of your personal information. We will process your request within the time provided by applicable law.

We may change or update portions of this Privacy Policy to reflect changes in our practices and or applicable law and regulation. Please check this Privacy Policy from time to time so you are aware of any changes or updates to the Privacy Policy, which may be indicated by a change in the effective date noted at the beginning of the Privacy Policy.

If you have any questions about privacy related issues or wish to complain about a breach of the Australian Privacy Principles by Morgan Stanley, please contact us on the details below.

If you make a complaint about a breach of the Australian Privacy Principles by Morgan Stanley, Morgan Stanley will respond as soon as possible to let you know who is responsible for managing your complaint. Morgan Stanley will investigate the complaint and will respond within 30 days. If further investigation is required, it will be carried out and then you will be notified of a proposed remedy. This will be confirmed to you in writing.

Morgan Stanley will investigate your complaint and where necessary will consult with other credit providers or credit reporting bodies about your complaint.

If you do not receive a response from us within 30 days or your complaint is not resolved within that time to your satisfaction, you may apply to the Office of the Australian Information Commissioner (OAIC) to have your complaint heard and determined or you may apply to an external dispute resolution service.

We will investigate any complaint and will notify you of the making of a decision in relation to your complaint as soon as is practicable after it has been made.

For all privacy related enquiries/complaints (with the exception of Morgan Stanley Wealth Management related enquiries/complaints):

Mail:	Asia Privacy and Data Protection Counsel, Legal and Compliance Division, Morgan Stanley Asia (Singapore) Pte., 23 Church Street, #16-01 Capital Square, Singapore 049481
Email:	dataprotection@morganstanley.com

For Morgan Stanley Wealth Management privacy related enquiries/complaints:

Mail:	Privacy Officer, Morgan Stanley Wealth Management, PO Box 5345, Sydney NSW 2001
Call:	1800 008 161 (tollfree in Australia) +61 2 9775 2600 (outside Australia)
Email:	auprivacyofficer@morganstanley.com