Online Privacy Policy

Last update: July 8, 2021

The Bank of New York Mellon and its affiliates (collectively “BNY Mellon”) appreciate your concerns about the privacy of personal information that you provide to us through this website (“Site”). Accordingly, we have posted this Online Privacy Statement to explain how we handle such information.



If you do not agree to the terms of this Online Privacy Statement, please do not provide us with any information and do not use the Site. By using the Site and voluntarily providing your personally identifiable information to us, you consent to the collection and use of such personally identifiable information as set forth in this Online Privacy Statement. This Online Privacy Statement applies to this Site. Our online products and services may have different Online Privacy Statements. To view the Online Privacy Statement for specific products and services please click on the Privacy link on that site.



This Privacy Statement is effective as of the date listed above. We may modify this Online Privacy Statement at any time so please check from time to time for such modifications. Any changes to this Online Privacy Statement will be effective as of the date they are posted. If you have specific questions regarding this Online Privacy Statement or any information you have sent via the Site, please do not hesitate to contact us.

Collection and Use of Your Information (including via Cookies)


We use cookies, web beacons and similar technologies (called "Cookies" in this Online Privacy Statement) to track information provided to us by your browser and by our software application when you use the Site. A cookie is a small piece of information that a website stores on the web browser on your device and can later retrieve. "Session" Cookies are temporary and will expire at the end of a browser session; that is, when you leave a website. Session Cookies allow a website to recognize you and carry information as you navigate between pages during a single browser session and allow you to use the website most efficiently. "Persistent” Cookies, in contrast, remain in the Cookie file of your browser even after you leave a website and after the browser is closed. They enable a website to recognize you upon your return, remember your preferences and provide tailored services to you. A cookie will not contain information that will enable us to contact you via telephone, e-mail, or other means.

We, and third party service providers acting on our behalf, use session and persistent Cookies to:

  • Remember preferences that you submit as well as those generated from your usage data and your responses to polls and surveys on our Site;
  • Measure your use of our Site in an effort to improve its quality and enhance your overall experience, including tracking page views, time and date of Site access, and other usage data, and identifying your operating system and browser type (but not other information about your computer or the programs on it) and your general geographic location;
  • Measure the effectiveness of our newsletters and advertising campaigns; and
  • Allow you to share certain information on our Site via social media bookmarking buttons, email or on social networking sites.

The third party service providers mentioned above use any personal information they collect on our behalf solely for the purpose of providing the contracted service to us. They have also agreed to confidentiality restrictions.

Most browsers are initially set to accept Cookies. However, you have the ability to change your browser settings. It may also be possible to configure your browser settings to enable acceptance of specific Cookies or to notify you each time a new Cookie is about to be stored on your device enabling you to decide whether to accept or reject the Cookie. You can also disable Cookies by configuring your browser setting to reject Cookies. Please refer to the help section of your browser for instructions on disabling Cookies. For more information about Cookies, how they work, why they are so useful and how to disable them, you can visit

If you do not wish to accept Cookies from this Site, please either disable them or refrain from using this Site. If Cookies are disabled, it may mean that you experience reduced functionality or will be prevented from using all or part of this Site.

We may use aggregated usage data to track trends and analyze patterns on the Site. You may also voluntarily submit information, including by responding to our online polls and surveys, requesting information from us or asking to be contacted by one of our representatives. If you work for one of our institutional (business) clients, we may obtain your business contact information from your firm. If you register to enter an area of this Site, the Site will recognize who you are and collect all information that you submit (including subscription to emails, etc.). Any information collected about you from this Site may be associated with other identifying information that we have about you.

In addition to the above uses, we may use your information for the purpose of conducting business with you, managing our relationship with you, and advising you of products and services that we believe might be of interest. The information collected also is used to provide a record of communications between BNY Mellon and its Site visitors and to comply with any applicable legal and/or regulatory requirements.

Sharing of Your Information


We do not sell or rent your personally identifiable information to third parties. We share your information only with our (i) affiliates; (ii) service providers that have agreed to confidentiality restrictions and use any personal information they collect on our behalf solely for the purpose of providing the contracted service to us; (iii) as otherwise described herein in order to provide you with our services; and (iv) to comply with all applicable laws, regulations and rules, and requests of law enforcement, regulatory and other governmental agencies. Also, we may share in aggregate, statistical form, non-personal information regarding the visitors to the Site, traffic patterns, and Site usage with our partners, affiliates or advertisers.

Your information will be transferred and stored in jurisdictions, including the United States, India and other jurisdictions that may be subject to differing standards of data protection requirements. BNY Mellon will take appropriate steps to ensure that transfers of personally identifiable information are in accordance with applicable law.

BNY Mellon may, in the future, sell or otherwise transfer some or all of its assets to a third party. Your personally identifiable information, technical information about your device or browser and/or other anonymous information we obtain from you via the Site may be disclosed to any potential or actual third party purchasers of such assets and/or may be among those assets transferred.

Third Party Advertisers


We may use third party advertising companies to serve ads on our behalf on other websites across the Internet. In order to measure and track the effectiveness of such ads, these companies typically use Cookies; so a Cookie may be set in the Cookie file of your browser when you click on one of our ads or visit a webpage associated with our ad campaigns. These companies may also use and measure information about your visits to our Site as part of this same process. The information provided to us by these companies about you will be de-identified.  

Third Party Sites


This Site may contain links to third party sites (including social media bookmarking buttons that enable you to share certain content on our Site). Please review the cookie and privacy statements of these third party sites to understand how they may use Cookies and your information. Our Online Privacy Statement does not apply to your use of a third party site.

Security of Personal Information


We utilize reasonable security technologies to protect sensitive information. However, the security of this information depends in part on the security of the computer you use to communicate with us, the security you use to protect User IDs and passwords, and the security provided by your internet access services provider. We are not responsible for the security of your internet access services provider; you should review the security and privacy policies of your internet access services provider carefully. Information that you access via this Site may be stored on your computer during your session for your convenience. If others have access to your computer or your User ID and password, they may be able to access this information. We are not responsible for the security or privacy of information communicated to or from such a computer. Finally, you should keep any correspondence you receive relating to this Site or the Services (including, but not limited to registration information, emails, or any other information) confidential and in a safe place.   

Children's Information (Children’s Online Privacy Protection Act)


We respect the privacy of your children and do not knowingly collect or retain personally identifiable information from children under the age of 13 through this Site.   

Notice to California Users Required by State Law


California residents please visit Privacy Notice for California Residents.

This Online Privacy Statement was last updated on the date listed at the top.


This Privacy Policy applies to information collected by The Bank of New York Mellon, acting through its Australia Branch and its related body corporates that are incorporated in Australia ("BNY Mellon" or "we"). Each entity to which this Privacy Policy applies is listed below:

  • The Bank of New York Mellon, Australia Branch (ARBN 84 084 066 419)
  • BNY Mellon Australia Pty Limited (ACN 113 947 309)
  • BNY Trust (Australia) Registry Limited (ACN 000 334 636)
  • BNY Trust Company of Australia Limited (ACN 050 294 052)
  • BTA Institutional Services Australia Limited (ACN 002 916 396)
  • GT Australia Nominees Limited (ACN 003 646 062)
  • Permanent Custodians Limited (ACN 001426384)
  • Eagle Investment Systems Australia Pty Limited (ACN 604 847 323)

This Privacy Policy outlines how we manage your personal information and safeguard your privacy in relation to that personal information.


At BNY Mellon, we recognise that you are concerned about privacy and the security of your personal information. Your privacy is important to us and we are bound by the Privacy Act 1988 (Cth) (“Privacy Act”) and the Australian Privacy Principles (“APP”). This Privacy Policy sets out our policy on collecting and using personal information that we hold about you.


1. What personal information is collected and held?


BNY Mellon only collects and holds personal information that is reasonably necessary for us to perform our functions. Our functions consist principally of wholesale banking and corporate trustee services such as acting as a trustee for securitised lending programs. If you do not provide the information that we ask, we may not be able to provide the products or services you have requested.


We may collect personal information such as your name, address, phone number or any other information that may be required for identification purposes. We may also collect other information such as details of a loan or security that you have provided to us when we act as the trustee for a lending program.


From time to time, we may also collect personal information about individuals such as company directors or guarantors whom we may deal with. There may be other circumstances where we may collect personal information from contractors who are contracted to perform services for us or persons who apply for employment with us. The information that we collect may include contact details, educational qualifications and information about your past work history.


When we collect personal information from you as required by law, we will use such steps as are reasonable in the circumstances to advise you of this. BNY Mellon only collects personal information by lawful and fair means.


Where we act as a custodian or trustee in relation to a lending program, then we may also collect and hold credit information or credit eligibility information in relation to you.


We have included and additional statement about our practices in relation to credit information and credit eligibility information in the Schedule to this Privacy Policy.


2. How personal information is collected and held

BNY Mellon collects your personal information in a number of ways including:

  • directly from you, such as when you provide the information by phone, email or in an application form for a job vacancy at BNY Mellon or when you deal with us as a key contact or employee of a wholesale client;
  • from other persons involved in trusts for which we act as a trustee or custodian (for example managers and originators involved in a lending program);
  • from other BNY Mellon group companies.

Where we collect information from other persons about you, we will take such steps as are reasonable in the circumstances to let you know that we hold personal information about you (for example by asking that any loan application form includes a statement about us collecting your information).


We may hold information in our own right, or in a more limited capacity as the trustee of a trust.


Where we hold information as a trustee, this means we may be subject to obligations only to use and disclose that personal information for the purposes of the relevant trust. It also means that the relevant manager that manages the operations of the trust on a day to day basis will also hold personal information. When we accept appointment to act as a trustee, we require the relevant manager to comply with the law relating to privacy when they deal with your personal information.


3. What if you do not provide certain information?


If you provide us with an incomplete application, we may not be able to provide you with the product or service until the application is complete.


If you do not provide us with all relevant identity verification documents, or adequately satisfy electronic identity verification requirements, we may not be able to provide you, or continue to provide you with the product or service.


In particular as a provider of financial and credit service and products in Australia we have obligations under the Anti-money Laundering and Counter-Terrorism Financing Act 2006 (Cth) to collect certain information about persons to whom we provide our services (including account signatories, directors and beneficial owners). If we do not collect this information we may not be permitted by law to provide those services.


4. Use and disclosure of your personal information


BNY Mellon may use or disclose your personal information for the primary purpose of providing the products and/or services requested, as well as for related purposes such as:

  • to verify your identity or transactions which you may enter into with us;
  • to administer and manage the provision of our products and services;
  • to respond to queries, complaints or to provide you with our general customer services;
  • to provide you with offers of other BNY Mellon products or services;
  • to comply with laws and regulatory requirements including complying with any request made by a governmental authority in connection with legal proceedings or the prevention or detection of fraud and crime;
  • to comply with BNY Mellon's risk management policies and procedures;
  • perform trustee services or act as a custodian;
  • conducting due diligence as part of a pre-employment screening or client on boarding; or
  • to train our staff.

We will not, however, use your personal information other than for:

  • a purpose made known to you;
  • a purpose you would reasonably expect;
  • a purpose required or permitted by law; or
  • a purpose otherwise authorised by you.

Depending on the circumstances, the types of people to whom we may disclose personal information include;

  • our related bodies corporate (including other entities to which this Privacy Policy applies);
  • our professional advisors and consultants such as lawyers and auditors;
  • our insurers;
  • other persons involved in a trust where we act as trustee or custodian (including financial institutions, originators or persons providing finance); or
  • service providers.

5. Use of service providers


Your personal information may be disclosed to third parties in order to issue or provide you the product or service that you requested, when we have outsourced certain functions associated with such product or services and as required or permitted by law. Only information necessary for the service provider to carry out their function will be provided and will be subject to confidentiality clauses in the relevant services agreement.


6. Changes to personal information


Changes to your personal information can happen from time-to-time and we ask that you keep us informed of any changes by notifying us in writing. We may also ask you to review, confirm and advise of us changes to your personal information.


7. Storage and security of information


BNY Mellon stores personal information in a combination of computer storage facilities, paper-based files and other records. We will take reasonable steps to protect personal information from loss, misuse, unauthorised access, modification or disclosure.


We will also ensure that any service providers (including managers or trusts) that we deal with also take such steps.


Where BNY Mellon is aware of reasonable grounds to believe there has been unauthorised access to, unauthorised disclosure of, or a loss of personal information that BNY Mellon holds, and is likely to result in serious harm to persons concerned in the personal information accessed, disclosed and/or lost, then a notification to the persons concerned and Office of the Australian Information Commissioner (“OAIC”) might be required pursuant to the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth). Such disclosure would include a description of the data breach and the kinds of information concerned, but would not include the personal information.


8. Access and correction


The APP give you a right to access the personal information that we hold about you (subject to some exceptions). You can contact our Privacy Officer (details below) to make a request. Generally, BNY Mellon will provide you with access within a reasonable time frame, to your personal information that we hold, unless a particular exception applies, such as where:

  • it would be unlawful to provide the information;
  • providing access would be likely to prejudice an investigation of possible unlawful activity;
  • it would pose a serious and imminent threat to the life or health of any individual; or
  • the request is frivolous or vexatious.

If a request for access would divulge a commercially sensitive decision-making process, then BNY Mellon may provide an explanation rather than direct access to the information.


If your request relates to information about a trust or lending program for which we act as a custodian or trustee, we may not hold all of the information about you that is relevant to that trust or lending program. The relevant manager of that trust with whom you deal with on a day to day basis may hold more information than we do. We may need to refer your request to the relevant manager to respond to your request. You may prefer to make your application directly to the relevant manager. For example, for a lending program, the manager is the person that you have day to day contact for the administration of your loan. If you are not sure who the manager is, we can provide you with the details of that manager to assist you in an access request.


We will respond to your request within a reasonable period. Before granting you access we may ask you for proof of your identity or any authorisation that you hold to obtain access.


9. Correction


You may also seek correction of the personal information that we hold about you. You may do so by contacting the Privacy Officer below.


If you are able to establish personal information that BNY Mellon holds is inaccurate, incomplete or out-of-date, then we will amend it. If you and BNY Mellon disagree about the accuracy, completeness or currency of our records, then you have the right to request that we note your disagreement on those records under the Australian Privacy Principles.


As with access requests, if the information that we hold about you is in relation to a trust of lending program then the relevant manager of that program may hold more information than we do. We may need to refer your request to the manager. You are free to make your correction request directly to that manager if you prefer.


10. Identifiers


BNY Mellon does not use any government-issued identifiers (such as Tax File Numbers) for use as its own identifier.


11. Anonymity


Given legal requirements on financial institutions to identify their customers, we would be unable to allow you to transact with us on the basis of anonymity. However, access to the BNY Mellon public website, and some other interactions with us may be done anonymously and you may make general enquiries about our products and services on an anonymous basis if you so choose.


12. Cross-border disclosure of personal information


BNY Mellon may transfer personal information to related body corporates and unaffiliated service providers in locations beyond Australia (including, but not limited to, the United States, India, the United Kingdom, Brussels, and other members of the European Union) in the course of storing that information and when using or disclosing it for one of the purposes referred to above. When transferring personal information to foreign jurisdictions, BNY Mellon will only do so where the recipient is subject to binding requirements similar to those in Australia or where we are satisfied that the recipient will not use the personal information except in a manner that is consistent with our obligations under the Privacy Act.


13. Openness and changes to this Privacy Policy


This Privacy Policy sets out BNY Mellon's policies on the management of personal information and is subject to change from time to time. For example, there may be a change in the law or its interpretation or we may change the way that we carry on our business. We will seek to update this Privacy Policy in a timely manner should a change occur.


The last date on which this policy was updated was 4 February 2019.


14. Contacting us and complaints


If you would like more information about how we manage your personal information, please contact us on +61 2 9260 6019, or write to us at the following address:


BNY Mellon
Privacy Officer
Level 2, 1 Bligh Street
Sydney NSW 2000

If you wish to raise any concerns about any breach or potential breach of your privacy under this Privacy Policy or the APP, please contact our Privacy Officer and we will make every effort to resolve your complaint internally.


We will use our best endeavours to respond and resolve any complaint to your reasonable satisfaction. If you are unhappy with our response, you may lodge a complaint with the OAIC, please contact the OAIC's hotline service on 1300 363 992. Further information may also be available from the OAIC website


You may wish to consider putting a complaint to us in writing. This will help us understand your complaint and may assist you if you wish to take your complaint further (for example by going to the OAIC).


If your complaint relates to a breach of privacy in relation to a lending program or trust you may wish to take your complaint directly to the relevant manager. You may also have rights to take your complaint to an external dispute resolution scheme where credit is involved. This may depend on the particular lending scheme in question. Your loan documents, the manager's website or the manager will have more information about external dispute resolution options that may be available to you.


Use of our web site


Please refer to the following website page of information about use of our website and cookies.


Residents of foreign countries


If you are a resident of a country other than Australia, you may have other rights in relation to privacy and data protection according to the legislation of that country.


If you are a resident of the European Economic Area (the EEA), the General Data Protection Regulation will confer rights to you in relation to your personal information. These rights include the right to access, rectify/erase and restrict the processing and use of your personal information. Please refer to the following website page for a privacy notice which applies to you if you are a resident of the EEA and which provides further information about those rights.


Schedule to Privacy Policy - Additional statements with respect to credit information and credit eligibility information


What credit information and credit eligibility information do we collect and hold?


Credit information and credit eligibility information are particular types of personal information that are subject to separate regulation under the Privacy Act. This statement applies in respect of these categories of information.


We may collect, hold, use or disclose credit information and credit eligibility about individuals.


This is usually only in relation to a lending program where we have agreed to act as the trustee. Depending on the particular program or the circumstances this may include information that you have provided in your loan application, information about that has been obtained from a credit reporting body (this is sometimes called credit eligibility information), information about your obligations under the loan and whether or not you are meeting your obligations under a loan.


Credit eligibility information may include identification information, information about your current liabilities, repayment history or defaults (each in respect of consumer credit) and other information (including publicly available sources like court proceedings or personal insolvency information) that a credit reporting body is entitled to disclose to a credit provider. We do not usually derive information from credit eligibility information although we may hold information that a loan manager has derived from credit eligibility information such as a credit score.


We may not hold all of these types of information. Sometimes we will only hold basic categories of this type of information (with more detailed information being held only by the relevant loan manager).


We will require that relevant loan managers manage this information in accordance with the requirements of law. This includes the specific provisions of the Privacy Act that deal with credit information and credit eligibility information. It also includes any provisions of the Privacy (Credit Reporting) Code 2014 (“Credit Reporting Code”) that may apply to that information.


How you can find out about credit reporting bodies with credit information may be exchanged?


The extent to which we or a loan manager may hold credit eligibility information or exchange credit information with a credit reporting body will vary according to the type of loan, the particular lending program or the particular circumstances.


We will ask the relevant loan managers to take reasonable steps to advise you about the involvement of a credit reporting body. This information may be available in your loan documents, your loan application form or from your loan manager. We suggest that you contact your loan manager in the first instance if you have any questions (for example if you wish to contact the relevant credit reporting body to see its privacy policy or to request access to or correct of information that the credit reporting body holds about you).


Why do we use or disclose this information?


We only use or disclose credit information or credit eligibility information about you for the purposes of the lending program to which it relates. This may include use and disclosure that is for the purposes of considering loan suitability and for the administration and enforcement of loans.


Request for access and correction


You may make a request to access or correct credit information or credit eligibility information that we hold (if any) about you by using the contact details for our Privacy Officer (see our Privacy Policy). We will always ask you to provide evidence of your identity before we grant you access to credit eligibility information.


We will normally need to consult with the loan manager to consider your requests. Alternatively you may wish to make an access or correction request directly to the loan manager. Often this will be a quicker and more effective way of making a request for access and correction because the loan manager will usually hold more information than us.


You may have different rights than those contained in the APP in relation to access to or correction of credit eligibility information. For example where you request a correction to credit information we may be required to consult with another interested party (such as a credit reporting body or another credit provider) to consider your request. We may also have obligations to advise previous recipients of the information about a correction that we make. You also have a specific right to appoint a person to seek access credit eligibility information on your behalf.


We will comply with any higher standards or requirements that are applicable for access to or correction of credit eligibility information (including any requirements contained in the Credit Reporting Code). For example in most cases we will try to respond to your request within 30 days.


We will advise you if we cannot agree to your request for access or correction.




You may make a complaint to us if you consider that we have not complied with our obligations under any applicable law relating to credit information or credit eligibility information (including any provisions of the Credit Reporting Code that apply to us). Please see our general Privacy Policy about how to make complaints.


Cross border disclosure


The Australia Branch of BNY Mellon is an international bank which carries on business in Australia. We may transfer personal information to our home office or related bodies corporate and service providers in locations beyond Australia (including, but not limited to, the United States, India, the United Kingdom, Brussels, and other members of the European Union) in the course of storing that information and when using or disclosing it for one of the purposes referred to above. We may be required by law to disclose some personal information to regulatory authorities in those jurisdictions.


Where we disclose information to an overseas recipient we will take such steps as are reasonable to ensure that:


(a) any related body corporate that is located overseas will not use or disclose that information except in circumstances where we would be entitled to use or disclose it (or for a purpose that is permitted by law); and


(b) where the disclosure is made to assist in assessing or management of credit the credit eligibility information is only used or disclosed by that person for such purposes.


We will also take reasonable steps to ensure that the overseas recipient does not breach the provisions of the APP to the extent that they apply to us in relation to the information.