Our commitment

Our privacy policy explains how we collect, use, disclose, manage and otherwise protect your personal information. Please note that we treat all information that you provide to us in confidence and will take all reasonable steps to ensure appropriate standards of privacy and security are applied. We treat all personal information in accordance with the provisions of the Privacy Act 1988 (Cth) (Privacy Act), Australian Privacy Principles and registered privacy codes.

Introduction

This privacy policy outlines how we will handle and manage personal information This policy describes how you can access or correct your information how you can contact us, make a compliant or ask further questions about how we handle your personal information. It relates to information covered by the Privacy Act, it is not intended to cover other types of information.

Information we collect

DNR Capital collects personal information that is reasonably necessary for our business functions. We collect and hold personal information from clients, investors, employees, contractors and service providers.
As a financial services organisation we collect your personal information to comply with the ‘Customer Due Diligence’ Requirements of the Anti Money Laundering and Counter Terrorism financing Act 2006 (AML/CTF), which necessitate us obtaining and holding information which personally identifies you and/or contains information or an opinion about you (“personal information”). In addition, our ability to provide you with quality products and financial service(s) is dependent on us obtaining certain personal information about you, We collect the following types of personal information:

• name, residential address, phone number, email address, date of birth, photographic ID and bank account numbers;
• employment details and history;
• details of your current financial circumstances, needs and objectives, including your assets and liabilities (both actual and potential), income, expenditure, insurance and superannuation
• your tax file number;
• records of our interactions with you including your enquiries or complaints.

If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the services you, or they, have requested from us.
We may also collect sensitive personal information, from our investors this may include:

• whether you are a member of any political, professional or trade associations, to verify your occupation or determine whether you are a politically exposed person.

If you are a DNR Capital employee:

• details of any allergies or dietary requirements you have or other medical conditions which you consider important for us to be aware of; and
• criminal record information obtained through our screening processes before you commence, or during the course of, your business or employment relationship with us.

We recommend that you do not provide such information to us unless specifically requested to by us.

Method of collection

We generally collect personal information from you in the following ways:

• Directly from you, either in person, or from documents that you give us, or over the telephone, by email or by your access to our website.
• From third parties, such as your employer, financial adviser, accountant or other professional service provider.
• From publicly available sources, such as ASIC’s databases.

Where we receive unsolicited personal information about you, we will determine within a reasonable period whether we may retain it or are required to destroy or de-identify it and take the appropriate action.

How we use your information

We will only use personal information about you for the purpose for which it was provided to us, including:

• Processing your applications
• establishing your identity;
• administering and managing our products and services including monitoring, auditing and evaluating our products and services;
• providing you with marketing information (with opt-out options) ;
• maintaining our relationship with you;
• complying with any legal or regulatory requirements; and
• handling complaints or enquiries.

We may also:

• anonymise your data for our own purposes including system testing or new product development
• use personal information about you for the prevention and mitigation of fraud or other financial crimes

We do not use or disclose personal information for secondary purposes unless you consent or an exception applies.

Disclosure of your information

We will only disclose personal information for the purposes for which is was collected including:

• to our service providers, who provide services in connection with our products and services (including archival, auditing, accounting, legal, business consulting, data processing, insurance, and identify verification services.)
• To your nominated financial advisers with your permission.
• For the prevention and mitigation of fraud and other financial crimes.
• Superannuation fund trustees, insurance providers, and product issuers for the purpose of giving effect to your financial advice and the recommendations made by your adviser;
• to comply with any legal or regulatory obligations including those under AML/CTF laws or the Corporations Act, 2001 or reasonably arising in connection with legal proceedings
• We may use the personal information collected from you for the purpose of providing you with direct marketing material such as articles that may be of interest to you, however you may, by contacting us by any of the methods detailed below, request not to receive such information and we will give effect to that request. Please allow 2 weeks for your request to be processed;

Electronic verification

To comply with the AML/CTF laws, we may need to verify your identity. With your consent we can do this using electronic verification, which means checking the details you give us against a trusted external data source.

To do this, we share your information with specialised service providers who compare it with records held by organisations such as government databases or credit reporting agencies. If a credit reporting agency is used, it won’t affect your credit score and won’t show up as a credit enquiry on your credit report.

You do not have to agree to electronic verification, if you prefer, we can verify your identity another way.

Cross-border disclosure of personal information

Some recipients of our personal information may be located overseas, including Canada, Malaysia and the United Kingdom. Where this occurs, we require the recipient to take steps to protect personal information against loss, misuse and unauthorised access, modification or disclosure.

In the event that we propose to sell our business we may disclose your personal information to potential purchasers for the purpose of them conducting due diligence investigations. Any such disclosure will be made in confidence and it will be a condition of that disclosure that no personal information will be used or disclosed by them. In the event that a sale of our business is affected, we may transfer your personal information to the purchaser of the business. As a client you will be advised of any such transfer.

Internet users

We use Google Analytics to understand how visitors use our website. This helps us improve your experience. Google Analytics collects information such as pages visited, time spent on the site, and referring websites. It does not identify you personally.
Google may place a cookie in your browser to recognize you on future visits. You can disable cookies in your browser settings if you prefer not to be tracked. For more information, please refer to Google’s Privacy Policy.

Third-Party Links

Our website may contain links to other websites. We are not responsible for the privacy practices or content of those sites. We recommend reviewing their privacy policies before sharing any personal information.

Security

We store personal information securely in paper and electronic formats, including cloud storage. Measure include:

• Lockable storage for paper files
• Controlled access to premises
• Password-protected systems
• Daily data backups stored securely offsite
• Regular reviews of securities practices

If you cease to be a client, we retain your information for 7 years in order to comply with our legal obligations, after which it will be de-identified or destroyed.

Access to your information

You may, request access to your personal information at any time. We may provide you with copies of the information requested, allow you to inspect the information requested or providing you with an accurate summary of the information held. Proof of identity is required. We do not charge for requests but may charge a reasonable fee for complex access.

We may refuse access for legal or administrative reasons ad will provide written reasons for this refusal, unless it is unreasonable to do so. 

Correction of your information

We aim to keep your information accurate and up to date. If you believe it is incorrect, contact us with evidence. If we agree, we will correct it. If we disagree, we will explain why and note your disagreement in our records. We respond to correction requests within 14-30 days. Urgent requests should be clearly marked.

Data breach notification

In compliance with the data breach notification scheme, we have a process in place to investigate data breaches involving personal information. In the event of an ‘eligible data breach’ we ill promptly notify the Office of the Australian Information Commissioner (OAIC) and any affected individuals. Generally speaking, this would be when we have reasonable grounds to believe that there has been unauthorised access or disclosure of personal information, or if that information has been lost in a way that is likely to give rise to unauthorised access or disclosure. Importantly, we are only required to make a notification where there is a likely risk of serious harm as a result of the unauthorised access or disclosure.

Complaints resolution

 If you wish to complain about any breach or potential breach of this privacy policy or the Australian Privacy Principles or a privacy code that applies to us, you should contact us by any of the methods detailed below and request that your complaint be directed to the Privacy Officer. We will respond within 7 days and aim to resolve your complaint promptly. It is our intention to use our best endeavours to resolve any complaint to your satisfaction, however, if you are unhappy with our response, you may contact OAIC at www.oaic.gov.au or call 1300 363 992.
If you have any queries or concerns about our privacy policy or the way we handle your personal information, please contact our Resolutions Officer at:

Postal address:

Head of Risk and Compliance
DNR Capital
GPO Box 3263
Brisbane QLD 4001
Phone: 07 3229 5531
Email: [email protected]

More information

For more information about privacy in general, you can visit the Federal Information Commissioner’s website at www.oaic.gov.au.

Contacting us

If you wish to contact us regarding our handling of your personal information or any of the matters covered in this Privacy Policy, please contact the Chief Executive Officer:

Postal address:

Chief Executive Officer

DNR Capital
GPO Box 3263
Brisbane QLD 4001
Phone: 07 3229 5531
Email: [email protected]

We welcome your questions and any suggestions you may have about our Privacy Policy.

Changes to this Policy

DNR Capital reserves the right to revise or supplement this Privacy Policy from time to time. Any updated version of this Privacy Policy will be posted on our website, www.dnrcapital.com.au and will be effective from the date of posting. You should bookmark and periodically review this page to ensure that you are familiar with the most current version of this Privacy Policy and so you are aware of the way we handle your personal information.

This Privacy Policy was updated in June 2026.