Privacy Policy

We understand that maintaining the privacy of personal information that you choose to share with us is important.  We recognise and respect your right to expect that your personal information will be treated properly and confidentially.

Our Privacy Policy below sets out how we collect, store and use personal information and describes how information can be accessed and corrected. Our Privacy Policy is based on our obligations under the Privacy Act 1998 (“the Act”) and the National Privacy Principles (“NPPs”).

When we say “we”, “us” or ‘our” we mean MySuperDIY, One26 Pty Ltd, mba Pty Ltd and associated entities.


Our main purposes for collecting personal information are to facilitate mortgage broking services, financial planning services, financial products or services, insurance policies or related services, and to update our records. At or before the time we collect personal information from you we will take reasonable steps to inform you why we are collecting that personal information, who else we might disclose that personal information to and what may happen if you do not provide personal information to us.

You may be also asked to provide personal information to third parties (such as lenders or other financial product providers) in relation to their particular services and products.  Third parties will have their own privacy guidelines which should be generally consistent with the Act and NPPs.

Use and Disclosure

We are subject to certain legislative and regulatory requirements that necessitate us obtaining and holding detailed information that personally identifies you and/or contains information or an opinion about you. In addition, our ability to provide you with a proper and professional service is dependent on us obtaining certain personal information about you, which may including:

  • details of your financial needs and objectives;
  • details of your current and past financial circumstances, including your assets and liabilities (both actual and potential), income, expenditure, etc.
  • information about your employment history, employment circumstances, family structure, commitments and social security eligibility;
  • details of your investment preferences and aversion or tolerance to risk; and
  • any other relevant information including medical history and/or reports required for the purposes of risk insurance.

We may use the personal information collected from you for the purpose of providing you with direct marketing material such as articles that may be of interest to you. You may, by contacting us by any of the methods detailed in this policy statement, request not to receive such information and we will give effect to that request. Please allow two weeks for your request to be actioned.

We will take all reasonable steps to ensure that paper and electronic records containing personal information are stored in a manner that is only accessible by people who have a genuine “need to know” as well as “right to know”.

We will review, on a regular and ongoing basis, our information security practices to ascertain how ongoing responsibilities can be achieved and maintained.

Data Quality

Pursuant to a range of legislative and related requirements (including the Corporations Act, Life Insurance Code of Practice and Rules of Professional Conduct of the Financial Planning Association of Australia, etc.) we are required to collect sufficient information to ensure appropriate advice can be given in respect of recommendations made to our clients. Similarly, for mortgage broking services, we are required to collect sufficient information to ensure satisfactory assessment of suitability for lending. If you elect not to provide us with the personal information you may be exposed to higher risks in respect of the recommendations made to you, and loans offered to you, and this may affect the adequacy or appropriateness of services given to you.

Data Security

We take reasonable steps to protect the information we retain from misuse, loss and from unauthorised access, modification or disclosure. We will not retain any of your information for any longer than it is required by us, except to satisfy legal requirements. We will destroy or de-identify your personal information when it is no longer required.

We will take all reasonable steps to ensure that paper and electronic records containing personal information are stored in a manner that is only accessible by people who have a genuine “need to know” as well as “right to know”.

We will review, on a regular and ongoing basis, our information security practices to ascertain how ongoing responsibilities can be achieved and maintained.


We may use and disclose personal information for the purposes for which it was provided or secondary purposes in circumstances where you would reasonably expect such use or disclosure.

We may disclose personal information to third parties or external contractors carrying out functions and duties for and on our behalf. It is a condition of our agreement with each of our external contractors that they adopt and adhere to this privacy policy.

The information we collect from you may also be disclosed to third parties if the disclosure is required by or permitted by law, or to professional industry bodies in relation to quality assurance.

In the event that we propose to sell our business we may disclose your personal information to potential purchasers for the purpose of them conducting due diligence investigations. Any such disclosure will be made in confidence and it will be a condition of that disclosure that no personal information will be used or disclosed by them. In the event that a sale of our business is affected, we may transfer your personal information to the purchaser of the business. As a client you will be advised of any such transfer. We require our employees and contractors to perform their duties in a manner that is consistent with our legal responsibilities in relation to privacy.

Access and Correction

You may access the personal information we retain and request corrections. This right of access is subject to some exceptions allowed by law.

We will not provide you access to personal information which would reveal any confidential formulae or the detail of any in-house evaluative decision making process, but may instead provide you with the result of the formulae or process or an explanation of that result.

We reserve the right to charge a fee for searching for and providing access to your personal information. In the event we refuse you access to your personal information, we will provide you with an explanation for that refusal.

We will endeavour to ensure that at all times the personal information about you that we hold is up to date and accurate. The accuracy of the personal information is dependant to a large degree on the information you provide and you should advise us if there are any errors in your personal information.


In some circumstances we are required to collect government identifiers, for example, your Tax File Number. We will not use or disclose this information other than when required to do so by law or, when consented to by you.


You may deal with us anonymously where it is lawful, practicable and reasonable to do so.

Sensitive Information

Without your consent, for example where information is provided by you for insurance and or risk purposes, we will not collect sensitive information about you. Exceptions to this include where the information is required by law, or for the establishment, exercise or defence of a legal claim.

Privacy Complaints

We welcome your feedback and believe that your comments and your genuine concerns about our services and professionalism will help us to improve.

If you have concerns or wish to complain about any breach or potential breach of this privacy policy or the National Privacy Principles, you should contact us directly and request that your complaint be directed to the Privacy Officer. Your complaint will be considered within seven days and responded to accordingly. It is our intention to use our best endeavours to resolve any complaint to your satisfaction.  However, if you are unhappy with our response, you are entitled to contact the Office of the Privacy Commissioner who may investigate your complaint further.