Collecting your personal information is limited to what is reasonably necessary to carry out the functions and activities of Cerno. The relationship you have with Cerno determines the type of personal information collected and may include:

• Name
• Title
• Contact details
• Date of birth
• Signature
• Details on entities through which you invest
• Bank account details
• Taxation Identification Number

Cerno will not collect or monitor any personal information without your consent.

In most cases, and wherever possible, Cerno will only collect personal information provided by you. Information is collected through:

• Our online enquiry form
• Our investor application forms
• Directly from you, either in writing or verbally

Where unsolicited personal information is received by Cerno, we will ascertain whether this information could have reasonably been obtained in the normal course of events. If it is established that Cerno could not ordinarily have collected this information and it is reasonable and lawful to do so, Cerno will destroy this information.

In some circumstances we may be provided with information by third parties.  In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.

Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification or disclosure.

When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Information. However, most of the Personal Information is or will be stored in client files which will be kept by us for a minimum of 7 years.

Cerno collects personal information about you primarily:

• To contact you regarding the products and services you request
• To provide you with the information you request
• To satisfy ‘Know Your Client’ obligations under the Anti Money Laundering/Counter Terrorism Funding Act before transactions are processed
• To administer your investment
• To respond to your complaints
• To provide you with a targeted advertising campaign in your selected area of interest
• To send out Cerno newsletters

Cerno is committed to protecting your personal information from misuse, unauthorised access or unauthorised disclosure.

• Employees of the Cerno group are bound by confidentiality obligations
• Our information technology systems are password, firewall and virus protected to ensure the integrity of our systems that hold your information
• All areas that hold physical copies of your information are protected by electronic access cards or lock-and-key, have key locked cabinets and are limited to specific staff
• Service providers who hold your personal information are contractually required to hold information in accordance with the Privacy Act and Cerno obtains periodic confirmation of adequate information security management

Personal information held by Cerno may be shared with third parties in the normal course of conducting our business.

Cerno is committed to safeguarding your information. When sharing personal information we take reasonable steps to protect the privacy of information disclosed. This is achieved by requiring the recipient to comply with the Privacy Act in our contractual arrangements.

Cerno uses third party companies when performing bulk mail marketing activities. As a result, personal information (name and email address) collected by Cerno is provided to them. These companies use servicers in the United States and other parts of the world.

The personal information we provide is owned by Cerno and will not be used for any other purpose except Cerno marketing.

The Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF Act) is aimed at addressing money laundering in Australia and the threat to national security caused by terrorism. This legislation requires Cerno to collect identification information from investors into our investment products. We are also required to verify your identity from original or certified copies or perform electronic verification.

The legislation requires us to monitor transactions to identify any suspicious activity within any of our investments.

To maintain compliance under the AML/CTF Act, Cerno may, in our absolute discretion, without notice to you, disclose or otherwise report details of any activity, or proposed activity (including any personal information) to the relevant reporting body.

Guided by the Notifiable Data Breaches Scheme, Cerno will promptly notify you if we become aware of or have reasonable grounds to believe that your Personal Information held by us has been lost or subjected to unauthorised access or disclosure which is likely to result in serious harm.

Cerno will notify you within 30 days from when the determination has been made that the breach may cause serious harm. Cerno will also notify the Australian information Commissioner of the data breach.

Our assessment and escalation of data breaches will follow Cerno’s Data Breach Response Plan.

You have the right to access your personal information, and may request this information to be corrected or updated.

If you wish to make a request to review your personal information, please contact Cerno using the contact details provided.

Should you have a need to complain about a possible breach of privacy, or how Cerno has administered your personal information, please contact us via the details below. Alternatively, you could address your complaint to The Compliance Officer, GPO Box 2594, Sydney NSW 2001.

Should you wish to contact Cerno to assist you with any enquiries, please use any of the following options:

Phone: +61 2 8245 6500

Fax: +61 2 9231 4222

Mail: GPO Box 2594 Sydney NSW 2001

Email: info@cerno.com.au