Protecting Your Privacy

This policy applies to Kwala Pty Ltd ACN 644 816 295, Cache Investment Management Pty Ltd ACN 624 306 430) and Cache IM Holdings Pty Ltd ACN 624 289 989 (collectively, we, us, our or ourselves).

It sets out how we handle and protect your personal information.

1. Collection and use of personal information

What is personal information?

Personal information is any information or opinion about an identified individual, or an individual who can reasonably be identified, whether or not it is true and whether or not it is recorded.

The types of personal information we collect may include your name, date of birth, contact details (including your address, email and phone number), financial and banking information (including institutions and account numbers), transaction data (including information about purchases or receipts), insurance and credit history and tax file number (TFN).

Why do we collect and use personal information?

The personal information we collect about you will depend on the circumstance in which it is collected.

We may collect and use your personal information during the course of our relationship with you by collecting it:

- directly from you (such as by email, phone, through the website or on our mobile application)

- when you ask us to provide you information, products or services

- to identify you and investigate and protect against fraud and unlawful activity

- to contact you or provide financial services to you

- to understand you better, your needs, your behaviours and how you interact with us. With a better understanding of our customers, we can develop and improve our products and services and make better business decisions

- to manage complaints and disputes and report to dispute resolution bodies

- to manage, train and develop our employees and representatives

- to process transactions made using cards or accounts linked to your account

- to comply with laws which apply to us (including anti-money laundering and counter-terrorism financing laws), assist regulatory authorities and protect our lawful interests, and

- subject to our legal obligations and your request to opt-out, to provide you with promotional and marketing information about financial products and services, along with retail (we may also share your personal information with our joint promotion partners for this purpose).

What about sensitive information?

Sensitive information is personal information about a person’s racial or ethnic origin, political opinion, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, genetic information or health information.
We will not collect this kind of information unless we need it and we have asked for your consent (or we are otherwise legally permitted).

Do you need to allow us to collect your personal information?

You don’t have to allow us to collect your personal information, but if you don’t we may not be able to deliver all our services to you effectively, or at all.

2. Disclosure of personal information

Disclosure amongst ourselves

We will share your personal information amongst ourselves and our service providers. It is important that our team can talk to each other with all relevant information.

Who do we share personal information with?

We may also disclose your personal information to, or collect your personal information from:

- businesses that help us provide our products and services, such as trustees, fraud prevention, identity verification, administrators, custodians, auditors, banks (and card processors), insurance, marketing, print/mail/digital service providers, advertising, valuation, technology and data processing

- your executor, administrator, trustee, guardian or attorney

- your agents, such as financial or legal advisers, or person with power of attorney

- people who may invest in or advise us or our investors

- clubs, associations, member loyalty or rewards programs and other industry relevant organisations

- any other organisation or person, where you have asked them to provide your personal information to us or asked us to obtain personal information from them

- dispute resolution bodies

- government and law enforcement agencies or regulators, including courts and tribunals, and

- (in the case of collecting personal information only) publicly available sources of information and social media or other virtual communities or networks where people create, share or exchange information.

We may also share your personal information:

- as required or permitted by any law, including:

(a) Anti-Money Laundering and Counter-Terrorism Financing Act 2006
(b) Autonomous Sanctions Act 2011
(c) Corporations Act 2001
(d) Australian Securities and Investments Commission Act 2001
(e) Income Tax Assessment Act 1936, Income Tax Assessment Act 1997 and Tax Administration Act 1953
(f) A New Tax System (Goods and Services Tax) Act 1999, and
(g) any associated regulations

as those laws are amended or replaced, or

- with your express or implied consent.

We take all reasonable steps to ensure that these organizations are bound by confidentiality and privacy obligations with respect to the protection of your personal information.

Disclosure outside of Australia

In the conduct of our business we may transfer and disclose personal information to overseas recipients, including the United States of America and the United Kingdom. From time to time, we may need to disclose your personal information to, and collect your personal information from, other countries not on this list.

3. Accessing and correcting your personal information

You may ask us for access to, or correction of, your personal information held by us. If we do not agree to any such request, we will provide you a reason.

There is no fee for asking for access to your personal information, correction of your personal information or for asking us to make any corrections to your personal information.

Where we consider it appropriate, we might charge a fee to cover the time we spend finding and putting together the information you request. If there’s a fee, we will let you know in advance so you can choose if you want to continue.

4. Website and technology

We collect non-personal information about users of our website, including how the website is used and other information such as browser type, operating system and IP addresses to help us manage and improve our website.

We store information that we collect through cookies, log files, and/or third party site traffic software to create profiles of users generally.

We won’t ask you to supply personal information publicly over Facebook, Twitter, LinkedIn, or any other social media platform.

Let’s talk about ‘cookies’

A “cookie” is a small text file on your internet browser which is accessed each time you visit a website. We use cookies to help provide more personalised services to returning users and obtain more information about how our website is being used. For example, cookies allow us to better estimate the number of unique visitors of our website and their traffic patterns.

Cookies in no way give us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.

Information provided by email

We may keep copies of emails that we send and receive where we consider it necessary to do so. Your email address will only be used for the purpose for which is was provided. It will not be added to any mailing lists or used for any other purpose without your consent.

We cannot guarantee that email transmissions are secure. If you have any concern about the security of the contents of your email or any other transaction over the internet or on an app, then you should consider contacting us by other means.

Third party links

Our website may contain links to third party websites and this policy does not apply to those websites. If you wish to find out how any third parties handle your personal information, you will need to obtain a copy of their privacy policy.

5. Security

We are committed to ensuring that your information is secure. We take reasonable efforts to ensure that up-to-date security measures are used on our website and other systems to protect your personal information. However, we cannot guarantee that any information transmitted via the internet by us, or you, is entirely secure.

We may hold your personal information in:
- computer systems
- electronic databases
- digital records
- telephone recordings, and
- hard copy or paper files.

These storage systems may be managed or administered internally or they could be managed by our third party service providers.

We have put in place physical, electronic and managerial procedures to safeguard and secure the information we collect.

6. Data retention

We take reasonable steps to destroy or permanently de-identify any personal information when we no longer need it.

7. Marketing

We may use your information to provide you information about products and services offered by us or by third parties including online, by mail or email, telephone, SMS or through our app. We may also provide your details to other organisations for specific marketing purposes. We may also use targeted marketing, data and audience matching and market segmentation to improve advertising relevance to you.

You may opt out at any time if you no longer wish to receive marketing information by sending us a request by email at support@kwalainvest, or by “unsubscribing” from email marketing messages.

8. Contacting us and complaints

If you have any feedback, questions or concerns about how we handle your personal information or this policy, please contact our Privacy Officer at:

Privacy Officer
‘Canonbar’ Waverley Rd, Gundy NSW 2337

We care about your privacy and take your privacy concerns seriously. We will usually ask that you put your request to us in writing. Where you express concerns that we have interfered with your privacy we will respond to let you know who will be handling your matter and provide a response within 30 days.

If you are not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC) online at or by writing to GPO Box 5218, Sydney NSW 2001. For more information visit the OAIC’s website or contact them by telephone: 1300 363 992 or email:

As we operate in the financial services industry, you can also lodge a complaint with the Australian Financial Complaints Authority (AFCA) online at or by writing to GPO Box 3, Melbourne VIC 3001. For more information visit the AFCA website or contact them by telephone: 1800 931 678 or email:

9. Changes to this policy

We may make changes to this policy at any time, without notice. An up-to-date version of this policy will be available on our website.

Certified B Corporation