Helping clients protect and recover value through proactive cyber risk identification and management, and rapid action in response to a breach.
Helping clients to manage risk and regulatory compliance and respond to incidents of financial crime.
Uncover, analyse and clarify facts at the centre of disputes, frauds and other sensitive commercial matters.
Providing advisory and accelerated implementation services to the public and private sector.
Assists clients to grow, protect and recover value in their real estate portfolios.
Working with organisations to stabilise the business or to recover value on behalf of stakeholders.
We are Asia-Pacific’s trusted advisers in cybersecurity, financial crime, forensic, performance improvement, real estate and restructuring.
Our reach is global with eight offices across Australia, Jakarta and Singapore.
KordaMentha staff are actively engaged in giving back to their communities.
This policy applies to KordaMentha Pty Limited, KordaMentha Real Estate Pty Limited, KordaMentha Pte Limited, KordaMentha Investments Pty Limited and PT KordaMentha and the service lines operated by those corporate entities.
KordaMentha may update this policy from time to time.
The Privacy Act 1988 (Cth) (‘Privacy Act’) and the relevant privacy principles under the Privacy Act regulate how private sector organisations can collect, store, manage, use, disclose and provide access to personal information.
For the purposes of the Privacy Act, personal information is information or an opinion, whether true or not and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.
KordaMentha collects personal information primarily for the purpose of providing our services and conducting our businesses. This may involve collecting personal information from you to:
You are not required to provide your personal information to us. However if you choose not to provide personal information to us where requested (or provide inaccurate or incomplete information), we may not be able to provide services to you or in the case of an external administration, deal with your claim.
KordaMentha will use the personal information for the primary purpose and potentially for a permissible secondary purpose where:
KordaMentha collects personal information such as a person’s name, date of birth, address, telephone number, email address, driver’s licence details, passport details, tax file number, Australian business number, bank account details, investment information and employment information.
In circumstances limited to prospective employees or employees of corporations subject to external administrations, KordaMentha will collect sensitive information such as membership of a professional or trade association, membership of a trade union or a criminal record. In the case of prospective employees, your photo may be taken.
KordaMentha collects personal information by lawful and fair means and not in an unreasonably intrusive way. Generally, KordaMentha will collect this personal information directly from you, for example by requesting that you provide the information when you:
In the case of externally administered companies, this information may come into our possession when appointed as external administrators to a company or an individual in accordance with the Corporations Act or Bankruptcy Act respectively.
There may be other occasions when we collect personal information about you or from other sources, such as from a publicly maintained record or from an information services provider, for example where we are required to verify your identity under anti money laundering legislation.
From time to time we may need to disclose your personal information to a third party.
The types of third parties to which we may disclose personal information include:
Some of the recipients to whom KordaMentha may disclose your personal information may be based overseas. KordaMentha will only disclose your personal information on receipt of your consent. Your personal information may be shared for business related purposes with our related entities, our agents and third party suppliers that are located overseas in Singapore and the Philippines. Such overseas recipients may not be bound by the Privacy Act. On granting your consent, you acknowledge that by consenting to KordaMentha disclosing your personal information to overseas recipients, Australian Privacy Principle 8.1 will not apply to the disclosure. This means that KordaMentha will not be required to take reasonable steps in the circumstances to ensure that the overseas recipient does not breach the Australian Privacy Principles in relation to that personal information and as a result KordaMentha may not be liable under the Privacy Act if the recipient does not act consistently with the Australian Privacy Principles.
Except for the above disclosures, KordaMentha will not sell, rent, trade or otherwise supply to third parties any personal information obtained from you unless you consent.
KordaMentha takes all reasonable steps to protect the personal information we hold about you from misuse and loss and from unauthorised access, modification or disclosure.
KordaMentha has in place a number of data security, information security and other similar security policies and procedures. These policies and procedures are regularly reviewed to ensure they remain current and appropriate.
Under the Privacy Act, you have a right to access or change your personal information that is collected and held by KordaMentha.
If you would like to access or change the personal information KordaMentha holds about you, you can contact KordaMentha and request the relevant change or access. In the first instance, you should contact your KordaMentha contact if you have one. Otherwise, please contact us as outlined below. To change your details, complete this form and provide it, along with the required supporting information, to your KordaMentha contact or via one of the other options.
To action any change or access request, we will need to verify your identity and comply with our other procedures which are in place to prevent unauthorised access to personal information.
We will take all reasonable steps to provide access or make the changes to your personal information within 30 days from your request.
KordaMentha will not normally charge you any fees or costs for access to your personal information. Fees or costs may apply if providing you with access would require us to incur retrieval or other out of pocket costs. We will notify you if any such fees or costs would be payable.
If you believe that KordaMentha has contravened the Privacy Act or have any other privacy complaint regarding KordaMentha, you can make a complaint by contacting our Privacy Compliance Manager (the contact details for our Privacy Compliance Manager are below).
KordaMentha will seek to resolve any privacy complaints and will deal with privacy complaints as quickly as possible and in a respectful and confidential manner.
KordaMentha will investigate any privacy complaint you make and will inform you of the outcome of your complaint following the completion of the investigation.
In the event you are dissatisfied with the outcome of your complaint, you may refer the complaint to the Office of the Australian Information Commissioner.
For further information or enquiries regarding your personal information, please contact the KordaMentha Privacy Compliance Manager at [email protected], on +61 3 8623 3333 or by mail at GPO Box 2985, Melbourne Victoria 3001.