Privacy statement

At CBUS, we respect and take your privacy seriously. We're committed to protecting and keeping your personal information safe.

We understand the importance of protecting your personal information and your right to privacy. We're committed to meeting the requirements of the Australian Privacy Principles which are privacy standards supporting the Privacy Act 1998.

For information about the type of personal information we may collect, ways in which we may collect it and how we may handle or store such information, please read our Privacy Policy (PDF) and our Personal Information Collection Statement (PDF).

United Super Pty Ltd , the Trustee is bound by the principles set out in the Privacy Act 1988 (the Act) and must have a Policy regarding its management, storage and protection of personal and sensitive information collected during the administration and management of the Fund that is publicly available.

Privacy matters at CBUS and this Policy reinforces our commitment to safeguarding and protecting your personal information. This Policy may change from time to time. The latest version is available on the CBUS website. You can request a hardcopy of this Policy free of charge.

What is personal information?

This policy applies to how the Trustee manages the personal information about our current, exited and potential members, employers, and employees. Personal information (which includes sensitive information) is any information or an opinion about a person (whether true or not) which could identify a person.

It includes information such as name, date of birth, address, employment details, or any combination of information that can identify a person.

Sensitive information includes information or an opinion about a person’s health as well as information or opinion about personal attributes such as membership of organisations like trade unions or associations, ethnicity, religious or political beliefs.

Collection of personal information

We collect personal information primarily from the below:

  • members
  • potential members
  • employers
  • potential employers
  • non-members who are claiming a benefit from CBUS (potential beneficiaries) and/or
  • third-party representatives acting on behalf of a member of the Fund.

We may also collect the personal information of employment candidates during the recruitment process and for successful candidates, during their employment with us.

The types of personal information collected by us includes (but is not limited to) your:

  • name and contact details (address, email address, phone number)
  • date of birth
  • financial details and tax file number (TFN)
  • health information
  • beneficiary details.

We will only collect sensitive information of an individual such as health information where that information is reasonably necessary for us to administer a member’s account and manage their superannuation benefits and retirement income.

How do we collect your personal information?

Personal information is collected directly from members and potential members and/or a person acting on behalf of the member or potential member, when you join, via application or claim forms, over the telephone, via our website, our online portal or mobile app, or in person. All telephone conversations are recorded and retained for training, monitoring and legal purposes.

We may collect personal information during workplace site visits or at our offices.

We may also collect personal information from your employer as it relates to your superannuation benefits or contribution payment.

Collection of your personal information from your employer may occur either directly or through your employer’s clearing house, including (but not limited to) your name, date of birth, contact details, TFN and the date you cease employment.

At times we will collect personal information from a third party you would reasonably expect us to collect from, such as an alliance partner, market research companies, our administrator, service providers and other third parties we may use to improve our products and services.

If you apply for increased or different insurance cover, or make a claim, we may be required to collect your personal information (including sensitive information such as health information) either directly from you or other third parties such as your employer, medical and health professionals, and our insurers to assess the claim. If you are a health care provider we may collect your information during the claims process via our insurer, a member or a member’s representative.

We will collect your personal information from you, and your spouse (where relevant) if you choose to receive financial advice and related services from us. The information collected from you may include information relating to your spouse family or potential beneficiaries. If you contact us or log into our online account facility, we will collect personal information from you to confirm your identity.

If you are an Employer, we will collect personal information relating to your main contacts through application forms, employer online portal, clearing house, or directly from you through our Employer Engagement Managers, or onsite coordinators.

If you are an employee of the Trustee, we collect information from you directly or, with your consent, from referees and service providers who assist with background checks. We also collect information throughout your employment relating to leave, training, payroll, emergency contacts, bank details, and other information relevant to managing your employment and career with us.

Use and disclosure of your personal information

If you are a CBUS member (or become a CBUS member) we collect, hold and use your personal information to manage your superannuation and retirement benefits. This includes establishing your membership and insurance cover (if any), properly paying benefits and assisting with the collection of contributions. Similarly, we will collect, hold and use your personal information if you seek financial advice and related services from us.

We may use your personal information for direct marketing (such as targeted emails or phone campaigns), and research purposes relating to your CBUS products and services. Research is undertaken to help us improve and enhance our product and services we offer and provide you.

If you do not wish for this to occur, you may contact us or log into your member online portal to opt out at any time. You will still receive any regulatory disclosure, such as disclosure relating to changes in your products, and annual statements.

We collect, hold, disclose and use your TFN for approved purposes*.

If you are acting on behalf of a CBUS member we will collect, hold and use your personal information to confirm your authority to act for the member.

If you are not a CBUS member and are eligible to be paid a benefit (for instance, if you are eligible to receive a death benefit as a beneficiary) we collect, hold and use your personal information to properly assess your claim and pay you.

We collect personal and sensitive information of members from health care providers with their consent in order to assess claims for disability and death benefits as well as for dealing with complaints. In doing this we may also collect the personal information of the health care provider.

Personal information you provide via our online account facility is collected, held and used to carry out your requests regarding your membership.

If you are an Employer, we collect information in order to manage member benefits relating to your employees and to provide support for employers to assist their employees in regard to their CBUS membership and contributions. Information is also collected from potential employers in regard to offerings available through CBUS. This information is used to facilitate discussions and negotiations with these potential employers.

If you are an employee of the Trustee, or have applied for a role with us, the information collected is used for managing your employment and career with us, or your job application, respectively.

Under the Superannuation Industry (Supervision) Act 1993 (Cth), Cbus is authorised to collect your TFN, which will only be used for lawful purposes. These purposes may change in the future as a result of legislative change. Your TFN may be shared with another super provider, when your benefits are being transferred, unless you request in writing that your TFN is not shared.

Disclosure to third parties or service providers

We may disclose or share your personal information to these third parties or service providers:

  • our administrator and other third parties they have engaged to assist in providing administration services on behalf of the Fund
  • our current insurance provider for the purpose of determining insurance cover, underwriting or during the claims process. We may also disclose your personal information to our insurance broker in managing insurance arrangements.
  • our debt collection service provider Industry Funds Credit Control, to assist in the recovery of outstanding contributions
  • appointed service providers we need to deal with when undertaking advice monitoring activities, marketing activities, member data analysis, competitions and research
  • other superannuation fund trustees and administrators if you transfer your super to another fund
  • online data verification service providers
  • mail houses to send you information about your account via mail, SMS and email
  • web hosting companies, web application developers and other technology service providers
  • service providers administering the CBUS Self Managed investment option
  • independent consultants, actuaries, auditors, investigators and lawyers for auditing and legal purposes
  • your legal representative or other advisers such as financial representatives authorised to act on your behalf, and if required or authorised by law to regulators, tribunals (such as Australian Financial Complaints Authority (AFCA)) or courts when dealing with a dispute
  • entities that are specified in emergency declarations or eligible data breach declarations under the Privacy Act
  • if you are a member, to your employer to assist in the payment of superannuation contributions to your CBUS account
  • referees and employment screening service providers when considering your application for employment with the Trustee
  • persons that you may either have a personal relationship with such as a family member or friend (where authority is provided over the phone for that specific call or in writing through a third party authority form) 
  • with your consent, we may provide your name and email address to The New Daily, in regard to the provision of a news subscription service
  • the Financial Advice Association Australia (FAAA) if you consent to participate in the referral program for the provision of comprehensive personal financial advice.

In accordance with the Construction and Building Unions Superannuation Trust Deed, to assist in obtaining payment of contributions by your employer, we may also disclose your personal information to sponsoring organisations or affiliated unions for the purpose of assisting members in determining whether your employer has complied with their obligations to pay superannuation contributions on your behalf.

Information is provided in response to a specific request and the information disclosed relates only to payment of contributions by your employer. Members can opt out at any time should they not wish for their personal information to be disclosed for this purpose.

Disclosure overseas

In some circumstances, personal information collected by the Trustee may be accessed by employees based overseas (subject to approval), disclosed to service providers or stored in data centres located overseas, including:

  • where they may be connected to the administration of member accounts
  • where they may provide benefits associated with member accounts.

Information that may be disclosed or stored could include your name, date of birth, address, employment details, financial information, gender or medical details in respect of your CBUS membership or your employment with us.

Some of the services provided by our service providers (or their subcontractors) such as administration or insurance, or systems used may be performed or stored by organisations located in Germany, India, Japan, Philippines, United Kingdom, Ireland, Canada, United States of America and New Zealand.

We will take all reasonable steps to ensure that any overseas disclosures and storage are made in a secure manner and that your information is protected.

Internet, online portals and mobile app

If you visit our public websites, information will be collected which does not identify you. That information is related to your internet service provider, the date and time of visit and the pages visited.

Our websites will also collect cookies during your visit. A ‘cookie’ is a piece of data stored on a computer tied to information about the user.

We use cookies on the secure (HTTPS) and unsecured (HTTP) sites to obtain information regarding the use of the CBUS website. By using our websites you agree to our use of technology of this type.

You can configure your preferences and options in your browser to reject all cookies, however this means you will be unable to view secure pages that require authentication, such as our online portal.

If you use any of our online portals, information about your identity, including identity verification systems, and other personal information is collected, stored and securely transferred between the Trustee office, our administrator and our insurer where appropriate.

How is your personal information stored and protected?

The Trustee takes reasonable steps to ensure that personal information relating to members, employers and employees is stored and transferred securely in accordance with Australian Privacy Principle 11 and Australian Prudential Regulation Authority (APRA) Prudential Standard CPS 234 Information Security.

Personal information is stored across a number of systems within the Fund and with Third Party Service providers, such as our administrator. Appropriate due diligence of third parties is undertaken as part of third party security risk assessments. When information is transferred between parties, we ensure appropriate security transfer protocols are in place.

Original application and claim forms you submit to us are held at our administrator’s secure document storage facility. We hold and retain member information and documentation in accordance with legal requirements relevant to superannuation.

Personal information you transmit to, or receive from the CBUS websites or email is stored in a secure environment by service providers appointed by the Trustee. This includes online applications, which collect personal information.

Access to your information, whether personal or sensitive is restricted to staff who require the information to administer your account and provide services to you. We embed security measures such as passwords, multifactor authentication (MFA), and rolebased access controls are implemented to safeguard the information stored in our systems.

Despite these and other security measures, we have also taken precautions to ensure we are prepared to respond appropriately in the event of any loss of or unauthorised access to or disclosure of personal information.

This may include containing the incident, remediating the incident, notifying you, APRA and/or the Office of the Australian Information Commissioner (OAIC) (also known as the Privacy Commissioner) as required and updating security protections.

We may also be required to report relevant incidents to the Australian Cyber Security Centre.

How do you access and update your personal information?

You have the right to request access to the information we hold about you. If your personal information is inaccurate, you have the right to request to have the information corrected. Requests for access to your information or requests for your information to be corrected should be made to CBUS:

  • by phoning 1300 361 784
  • by emailing cbusenq@cbussuper.com.au
  • in writing to CBUS Super, Locked Bag 5056
    PARRAMATTA NSW 2124

How can you make a complaint?

If you believe that we have breached your privacy, you can make a complaint to our Privacy Officer.

The Privacy Officer will investigate your complaint. We will endeavour to provide a written response to your complaint within 30 days of receipt. However, where a matter requires detailed investigation, a response could take longer than 30 days. We will advise you if this is the case. 

If you are not satisfied with the Trustee’s internal complaints process or have not received a response within 30 days, you can complain to the Information Commissioner. Complaints can be raised with the OAIC in writing via mail, or via the Privacy Complaints form available at the OAIC’s website. Find out more about our complaints process.

If you are not satisfied with the Trustee’s internal complaints process or have not received a response within 30 days, you can complain to the Information Commissioner. Complaints can be raised with the OAIC in writing via mail, or via the Privacy Complaints form available at the OAIC’s website.