Privacy Policy

How Virex Wealth Management collects, uses, stores, and protects your personal information.

Last updated: January 2025 | Version 3.2 | Applies to: virexgroup.com and all Virex Wealth Management services

1. Introduction

Virex Wealth Management Pty Ltd (ABN 43 990 112 973, AFSL 177602) ("Virex", "we", "us", "our") is committed to protecting the privacy of individuals who interact with us. This Privacy Policy explains how we collect, use, disclose, store, and protect personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), the EU General Data Protection Regulation (GDPR) where applicable, the California Consumer Privacy Act (CCPA) where applicable, and other applicable privacy laws in the jurisdictions in which we operate.

By using our website, engaging our services, or providing us with personal information, you consent to the collection, use, and disclosure of your personal information as described in this Privacy Policy.

2. Information We Collect

2.1 Personal Information

We collect personal information that is necessary to provide our financial services and to comply with our legal obligations. This includes:

  • Identity information: full name, date of birth, nationality, passport or driver's licence details
  • Contact information: residential and postal address, email address, telephone numbers
  • Financial information: income, assets, liabilities, investment holdings, superannuation details, tax file numbers, foreign tax identification numbers
  • KYC/AML information: source of wealth declarations, beneficial ownership information, politically exposed person (PEP) status
  • Investment preferences: risk tolerance, investment objectives, time horizon, ethical preferences
  • Communication records: records of meetings, telephone calls, emails, and other correspondence

2.2 Website Information

When you visit our website, we may automatically collect technical information including your IP address, browser type and version, operating system, referring URLs, pages visited, and time spent on pages. This information is collected through cookies and similar technologies. Please refer to our Cookie Policy for full details.

2.3 Sensitive Information

We do not intentionally collect sensitive information (as defined under the Privacy Act) unless it is necessary for the provision of our services and you have provided your consent. If we need to collect sensitive information, we will seek your explicit consent and explain why it is necessary.

3. How We Use Your Information

We use personal information for the following purposes:

  • To provide financial services and investment management in accordance with our AFSL obligations
  • To verify your identity and conduct KYC/AML checks as required by law
  • To assess your suitability for our services and develop appropriate investment strategies
  • To communicate with you about your portfolio, our services, and relevant market developments
  • To comply with our legal and regulatory obligations, including reporting to ASIC, ATO, and other regulators
  • To improve our services and website through analysis of usage patterns
  • To send you market insights and other communications (with your consent)
  • To manage and resolve complaints and disputes

4. Legal Basis for Processing (GDPR)

For individuals in the European Economic Area (EEA), we process personal data on the following legal bases:

  • Contract performance: Processing necessary to provide our financial services
  • Legal obligation: Processing required to comply with applicable laws and regulations
  • Legitimate interests: Processing for our legitimate business interests, where these do not override your rights
  • Consent: Processing based on your explicit consent, which you may withdraw at any time

5. Disclosure of Personal Information

We may disclose your personal information to:

  • Our employees, contractors, and professional advisors who need access to provide our services
  • Custodians, brokers, and other financial service providers involved in managing your portfolio
  • Regulatory authorities including ASIC, ATO, AUSTRAC, and equivalent international regulators
  • Our international offices in Switzerland, United Kingdom, United States, Singapore, and UAE
  • Professional advisors including lawyers, accountants, and tax specialists (with your consent)
  • Technology service providers who assist with our operations (under strict confidentiality obligations)

We do not sell, rent, or trade personal information to third parties for marketing purposes.

6. International Data Transfers

As an international firm with offices in multiple jurisdictions, we may transfer personal information across borders. Where we transfer personal data outside Australia or the EEA, we ensure that appropriate safeguards are in place, including standard contractual clauses, adequacy decisions, or other approved transfer mechanisms. We will inform you of any such transfers and the safeguards in place upon request.

7. Data Retention

We retain personal information for as long as necessary to provide our services and to comply with our legal obligations. Under AFSL requirements, we are required to retain certain records for a minimum of seven years. After the applicable retention period, personal information is securely destroyed or de-identified.

8. Security

We implement appropriate technical and organisational measures to protect personal information against unauthorised access, disclosure, alteration, or destruction. These measures include encryption of data in transit and at rest, access controls and authentication requirements, regular security assessments, staff training on data protection, and incident response procedures. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

9. Your Rights

9.1 Australian Privacy Rights

Under the Australian Privacy Act, you have the right to access personal information we hold about you, request correction of inaccurate information, make a complaint about a breach of the APPs, and opt out of direct marketing communications.

9.2 GDPR Rights (EEA Residents)

If you are located in the EEA, you have additional rights including the right to erasure ("right to be forgotten"), the right to restrict processing, the right to data portability, the right to object to processing, and the right to lodge a complaint with a supervisory authority.

9.3 CCPA Rights (California Residents)

California residents have the right to know what personal information is collected, the right to delete personal information, the right to opt out of the sale of personal information (we do not sell personal information), and the right to non-discrimination for exercising privacy rights.

10. Cookies

Our website uses cookies and similar technologies. Please refer to our Cookie Policy for full details on the types of cookies we use, their purposes, and how to manage your cookie preferences.

11. Contact Us — Privacy Enquiries

For privacy enquiries, requests to access or correct your personal information, or complaints about our handling of personal information, please contact our Privacy Officer:

Privacy Officer
Virex Wealth Management Pty Ltd
100 Capital Circuit, Barton ACT 2600, Australia
Email: privacy@virexgroup.com
Phone: +61 468 040 079

We will respond to all privacy enquiries within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au, or with the relevant supervisory authority in your jurisdiction.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on our website and, where appropriate, by direct communication. The date of the most recent update is shown at the top of this policy.