IMPORTANT LEGAL NOTICE

We are committed to protecting your privacy. This policy outlines the information we collect from you, how we use this information and your rights in relation to it.

We are committed to managing personal information in accordance with the Australian Privacy Principles under the Privacy Act 1988 (Cth), the General Data Protection Regulation (EU) 2016 / 679 (GDPR) and in accordance with other applicable privacy laws.

By accepting this Privacy Policy, you consent to us collecting, using and disclosing your Personal Information in accordance with the terms of this policy.

Effective Date: 15 January 2020

WHO IS GUARDIAN GOLD?

When we refer to ‘Guardian Gold’, ‘we’ and ‘us’, we refer to Guardian Gold Pty Ltd (ACN 141 508 223) trading as Guardian Gold and its related bodies corporate (Guardian Gold). We are based at our office in Melbourne, Australia.

WHAT PERSONAL INFORMATION DO WE COLLECT?

When you contact us through our web enquiry service, we may collect the following information from you:

• Your name;
• Email address;
• Phone number; and
• Details of the nature of your enquiry.

If you are a candidate for employment, we may collect additional information that is relevant to your employment such as work and education history.

We may also collect information automatically when you visit our website, for example what type of device and browser you are using, as well as your location. We use cookies on our website, which will be explained in further detail below.

If you create an account for the provision of goods or services, then we collect additional information such as:

• Your name;
• Email address;
• Phone number;
• Your payment details;
• Photo identification;
• Proof of residential address;
• Date of birth;
• Postal address; and
• Proof of identity information pursuant to our legal obligations as explained in further detail below.

We also collect your personal data (such as proof of identity information) when you attend our premises.

WHY DO WE STORE YOUR PERSONAL INFORMATION?

We collect information primarily to allow you to receive our services and use our website.

Some of the reasons we store your information include to:

• create and manage your account
• enable you to make an enquiry on our website
• record data and analytics that allow us to improve our website
• respond to data requests from you and to fulfil our commitments to data storage and freedom of information under the relevant governing agreements and regulations stated above
• fulfil our reporting obligations to any relevant tax and regulatory bodies
• properly perform our obligations to you in providing any goods or services
• maintain accounts records, tracing and verification in accordance with our security procedures
• comply with our obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth), including but not limited to identity verification requirements
• recruit for Guardian Gold

While most of our data in relation to you comes from collecting it directly from yourself, we may from time-to-time work with third parties who assist us in our business. Your data is protected by their relevant privacy policies and we take steps to ensure that any data we collect is in line with relevant legislation and best practice.

WHEN DO WE COLLECT YOUR PERSONAL INFORMATION?

We collect your personal information when you visit our website, when you attend our premises, when you use our services and when you interact with us via phone, email or in person.

Examples of when we collect your personal information include:

• When you create an account;
• When you attend our premises;
• When you provide us with personal information through the web enquiry service;
• When you visit our website;
• When we process payments in exchange for any goods or services;
• When you contact us via phone, email, letter or in person; and
• If you are a candidate for employment, when you complete forms as part of your employment application.

WHAT HAPPENS WHEN WE’RE UNABLE TO COLLECT YOUR PERSONAL INFORMATION?

If we are unable to collect your personal information, we may not be able to fulfil our obligations to you including providing our services. Your experience when interacting with us may be delayed or not as efficient as you would like.

HOW DO WE STORE YOUR PERSONAL INFORMATION?

We take every effort to store your personal information safely. We may hold your personal information either in electronic or hard copy form. When we store information electronically, this may be on our computer systems, databases, software programs, internet servers and hosted internet solutions. We take every effort to keep your information safe in accordance with relevant government regulation and requirements. Our servers, computer systems and internet hosting are protected through necessary security systems including physical locks, firewalls, security systems and passwords.

HOW WE SHARE YOUR DATA

We do not sell your personal information to third parties. However, we may share some of your data with our third-party partners in the provision of the agreed services with your consent. When this is done, our partners are obligated to only use your data for the reasons agreed with us and have committed to not misuse or sell your data in any way. Your personal data may be shared to the following partners:

• Our employees, contractors or service providers in the instance that this is necessary to provide services to you;
• Our business advisors including accountants, lawyers and other business professionals where reasonably required for them to fulfil their obligations to us; or
• If required by law to any person or body authorised by such law.
• Trulioo online verification ID check for account opening: https://www.trulioo.com/

Your personal information may be disclosed to third parties if disclosure is required by law. If we sell our business, or we have a change in control, your personal information will be disclosed and transferred to the new owner/controller for that purpose.

We do not sell or otherwise disclose your personal information for marketing purposes unless you have specifically consented to such marketing.

We are not liable for any loss, damage or claim arising out of a third party’s use of your personal information where we were authorised by you or law to provide that third party with your personal information.

HOW YOU MAY ACCESS YOUR PERSONAL INFORMATION?

You have the right to access your personal information stored by us at any time. Please email onlinesales@guardian-gold.com.au to make this request. Please note that it may take us a few days to collate all the personal information we have stored.

You have the right to be informed about how your personal information is being used and we will strive to update you when our privacy policy changes. You may also contact us at any time to ask questions about your personal information, or to update your details at onlinesales@guardian-gold.com.au

HOW LONG DO WE STORE YOUR PERSONAL INFORMATION?

We retain your personal information for as long as is needed for us to fulfil our obligations to you, for example to provide services. We may also need to store your personal information to comply with any tax or governing bodies. When we no longer need to store your data for these reasons, we will either delete or sufficiently anonymise this. Please note that we may have a legal obligation to retain copies of your information in certain circumstances for a particular period of time.

DO WE DISCLOSE YOUR PERSONAL INFORMATION OVERSEAS?

Guardian Gold is based in Australia so the majority of our service providers are Australian based. However, we may from time to time collaborate with overseas partners. We only ever disclose your personal information outside the jurisdiction it was collected where we are permitted to do so under applicable privacy laws. This means that we have taken all necessary steps to keep your information safe as per the relevant privacy regulations.

CHANGES TO OUR POLICIES

We may make changes to this policy from time to time. Our current policy will be available on our website or a hard copy may be provided to you upon request. If you continue to use our services after any update to this policy, you agree to the terms of the updated policy and consent to the use of personal information in accordance with the updated policy.

RESIDENTS IN THE EUROPEAN ECONOMIC AREA

The same privacy policy also pertains to residents of the European Economic Area in compliance with the GDPR.

If you are a resident of the European Economic Area you are protected by specific regulation set out in the GDPR which includes the following:

• You have the right to access your personal information at any time and enquire to exactly what information we are holding about you.
• You have the right to rectify or change your personal information at any time.
• You have the right to request deletion of your personal data at any time unless we are required to hold your data for legal or regulatory reasons.
• You also have the right to restrict whatever personal information we hold on you.
• You have the right to request the transfer of your data to a relevant third party.
• You have the right to object to your personal information being used in a way that you do not like and request that we stop doing so. We will fulfil your request unless there is a legal or regulatory reason not to.
• You have the right to make a privacy complaint if you feel we are misusing your data. We will respond in the same way as we will for residents of any other country as set out in this privacy policy.

COOKIES AND WEB BROWSING

Like many websites, we use cookies to personalise and streamline your browsing experience with us. This is because we want to provide you with the best and easiest experience possible when you’re using our site.

What types of cookies do we use?

 Performance cookies

We require certain types of cookies in order for our website to operate.

Analytical cookies

We like to know how many users are on our site at any time, as well as where they are visiting from and which pages they visit. This allows us to create content that best suits your needs.

Targeting cookies

These cookies allow us to see your user journey, so we can make this simple and easy for you. This allows us to customise your experience and our marketing activities, so they are relevant for you.

What can you do to control your cookies?

You have the choice to customise your use of cookies through your browser, for example Firefox, Google Chrome or Internet Explorer. You can set your cookies as either prompted or refused. Please note that if you deactivate your cookies, you may have difficulty using our website or services correctly.

Some of the websites that let you control what information is collected about you are:

youronlinechoices.com.au

allaboutcookies.org

youronlinechoices.com

UNSOLICITED PHONE CALLS OR EMAILS

Guardian Gold will only contact existing customers in relation to an existing account or enquiry made with Guardian Vaults Melbourne, Guardian Vaults Sydney or Guardian Gold.

Any communication from Guardian Gold via email will only ever be made from an authorised email user from Guardian Vaults or Guardian Gold and will only ever carry the suffix:

@guardianvaults.com.au; or

@guardian-gold.com.au

Should you receive an email stating it is from Guardian Vaults or Guardian Gold but the email comes from another email address, or if you suspect a phone call you received may be suspicious, please inform us by writing or by phone immediately and do not respond to that communication.

Our websites are:

www.guardianvaults.com.au

www.guardian-gold.com.au

PRIVACY COMPLAINTS

If you believe we have breached our privacy rights at any time, please send us an email at compliance@guardianvaults.com.au so our privacy office can investigate and respond to you. All such enquiries or complaints will be taken seriously and handled with impartiality and discretion. If you wish to submit a complaint, please provide us with all relevant details such as the date and time of the incident or communication, the circumstances surrounding the event and your concerns about what was said or done.

If you have complained about something that is not covered in the relevant privacy laws, we will explain why we are unable to take further action. Please allow a few days for us to investigate and respond to any privacy complaints.

If you have any other questions, please feel free to contact us at: Email: compliance@guardianvaults.com.au Mail: The Privacy Officer, Guardian Gold Pty Ltd, 100 William Street, Melbourne, VIC, 3000, Australia