Privacy Policy
Partners Last updated: 24 June 2026
1. Introduction
Carter Partners is committed to protecting your personal information and handling it in line with the
Privacy Act 1988 (Cth) and the Australian Privacy Principles.
This Privacy Policy explains how we collect, use, store, disclose and protect personal information,
including information used to verify your identity.
A current version of this Policy is always available on our website at www.carterpartners.com.au.
2. What Personal Information We Collect
• Full name
• Date and place of birth
• Residential or business address
• Email address and phone number
• Government-issued identification details, such as driver licence, passport, Medicare card
or other ID document numbers
• Biometric information, such as a facial image or short video used to verify your identity
• Information about the services we provide to you and any related transactions
• Any other information you choose to provide to us
We only collect personal information that is reasonably necessary to carry out our business
activities.
3. Why We Collect Your Personal Information
We collect, use and disclose your personal information to:
• Verify your identity
• Provide and manage our services to you
• Communicate with you about your account with us
• Meet our legal and regulatory obligations, including anti-money laundering and counter-
terrorism financing (AML/CTF) requirements
• Detect and prevent fraud, and keep our systems secure
• Improve our services
4. Identity Verification and Government Data Matching (DVS)
To verify your identity, we may use electronic identity verification services, including the Australian
Government's Document Verification Service (DVS).
Where you have consented, your name, date of birth and identity document details will be securely
sent to the relevant Commonwealth or State authority that issued your document. This may include
passport offices, driver licence authorities, the Department of Home Affairs, Births Deaths and
Marriages, or other authorised record holders.
These authorities check whether the details you have provided match the records they hold.
We do not receive a copy of your government records.The authority returns a match result only,
confirming whether your details match (yes or no).
This process may be carried out through accredited identity verification providers, including APLYiD
(APLYiD Pty Ltd, ABN 36 632 866 794) and its sub-providers.
More information about the DVS is available at idmatch.gov.au.
5. Biometric Information
As part of identity verification, we may collect biometric information, such as a facial image or a
short video of you holding your ID.
Biometric information may be used to:
• Confirm that you are a real person and physically present
• Match your image to the photograph on your identification document
• Reduce the risk of fraud and identity theft
Biometric information is treated as sensitive information under the Privacy Act. We only use it for
identity verification and related compliance purposes, and only with your consent.
6. Consent to Collection and Identity Verification
By providing your personal information and completing the identity verification process, you
consent to:
• The collection, use and disclosure of your personal information for identity verification,
AML/CTF and related compliance purposes
• The collection and use of biometric information, such as a facial image or video, for identity
verification
• Your information being checked against records held by Commonwealth and State
authorities through the DVS
• Your information being shared with our authorised identity verification providers, including
APLYiD
Your consent is voluntary. You can withdraw your consent at any time by contacting us using the
details in section 13.
If you do not consent, or do not provide the information we need, we may not be able to verify your
identity electronically. In that case, we may need to verify your identity in another way, or we may
not be able to provide our services to you.
7. Disclosure of Personal Information
We may disclose your personal information to:
• Identity verification providers, including APLYiD and its authorised sub-providers
• Commonwealth and State authorities and official record holders, through the DVS
• Our employees and authorised representatives, on a need-to-know basis
• Our professional advisers, such as lawyers, accountants and auditors
• Trusted technology and service providers that help us operate our business
• Regulators, law enforcement or other third parties where required or authorised by law
We do not sell your personal information.
8. Overseas Disclosure
Some of our service providers may store or process personal information outside Australia.
Where this happens, we take reasonable steps to ensure that your personal information is handled
in line with the Australian Privacy Principles, including through contractual protections with our
providers.
9. Data Security and Storage
We take reasonable steps to protect your personal information from misuse, interference, loss, and
unauthorised access, modification or disclosure.
These steps include secure systems, access controls, and encryption in transit and at rest where
appropriate.
We retain personal information only for as long as we need it for the purposes set out in this Policy,
or as required by law. When we no longer need your information, we securely delete or de-identify
it.
10. Access and Correction
You have the right to ask for access to the personal information we hold about you, and to ask us to
correct it if it is inaccurate, incomplete or out of date.
To make a request, please contact us using the details in section 13. We will respond within a
reasonable time.
11. Third-Party Integrations
Our website, systems and services may integrate with or use third-party platforms, applications
and service providers to help us operate our business and provide our services. These may include
customer relationship management (CRM) systems, marketing platforms, payment processors,
digital signature providers, analytics tools, social media platforms and other technology providers.
Where you interact with these third-party services, your information may be collected, processed or
stored by those providers in accordance with their own privacy policies and terms of use. While we
take reasonable steps to engage reputable service providers, we are not responsible for the privacy
practices of third-party platforms.
We may disclose personal information to these providers where it is reasonably necessary for them
to perform services on our behalf. We take reasonable steps to ensure that third-party providers
handling personal information are subject to appropriate privacy and security obligations
consistent with applicable Australian privacy laws.
12. Direct Marketing
From time to time, we may use your contact details to send you information about our services that
we think may be of interest to you.
You can opt out of marketing communications at any time by using the unsubscribe link in our
messages, or by contacting us using the details in section 13.
13. Privacy Complaints
If you have a complaint about how we have handled your personal information, please contact us
first using the details in section 13.
We will acknowledge your complaint, investigate it, and respond to you within a reasonable time.
If you are not satisfied with our response, you can contact the Office of the Australian Information
Commissioner (OAIC) at oaic.gov.au.
14. Contact Details
If you have any questions about this Policy, or want to exercise any of your privacy rights, please contact us:
15. Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or in the law.
The latest version will always be available on our website. Where changes are significant, we will let you know.