Privacy Statement

1. Summary

RFC Ambrian Group Limited (ABN 98 096 493 588) and its subsidiaries (“RFC Ambrian”) appreciate the importance of its role in handling and storing your personal data. This Privacy Statement explains how RFC Ambrian will manage the personal data which we may collect, use, store and disclose in the course of our  business relationship.

RFC Ambrian’s Privacy Statement has been drafted to comply with the requirements of the privacy legislation in the jurisdictions in which we operate, including but not limited to the Australian Privacy Act 1988 (Cth), Australian Privacy Principles and the EU’s General Data Protection Regulation (GDPR).

If you would like to contact us to discuss any aspect of this Statement, the contact details for RFC Ambrian are listed at the end of this page.

2. The legal basis for data collection and processing

We collect and use your personal data:

  • when it is necessary for the performance of a contract or for pre-contractual negotiation
  • when we are required to do so by law
  • when we have your free and informed consent or
  • when we have other legitimate interests that do not override your personal interests or rights

3. Principles of privacy and data protection

In processing your personal information, we will ensure your data is:

  • processed fairly, lawfully and transparently
  • obtained for specified and lawful purposes, and processed only in relation to those purposes
  • collected and processed only to the degree necessary for the purpose
  • securely destroyed when no longer required
  • recorded accurately and, where necessary, kept up to date
  • not kept for longer than is necessary
  • protected against accidental loss, unauthorized use, disclosure or processing
  • generally processed in the jurisdiction in which it was collected. If data transfer is required to another of our offices, equivalent protections are in place in the alternative jurisdiction

4. The information we collect

Personal data we collect is primarily contact information (eg. name, phone, email address) which enables us to communicate with you.

Other confidential personal information may be collected when it is reasonably necessary for the performance of a corporate financial transaction, the recruitment process, the employee relationship or a variety of other financial dealings.  We will inform you of the intended use of the information at the point we collect it from you (usually by a privacy note on our business documentation or web form).  We will also refer you to this Policy Statement.

To satisfy our legal and/or commercial obligations we may collect and use information such as:

  • date, place of birth and other information used to identify you
  • banking or trading account details
  • membership to organisations and professional bodies
  • employment history and education details
  • driver’s licence or passport details
  • government identifiers such as tax file numbers or National Insurance number

Wherever possible we collect information directly from you via one or more of the following modes:

  • completion of transaction documentation
  • completion of forms
  • an interview or meeting
  • shared business card or
  • any other direct communication with us (email, online, letter, fax, telephone call, videoconference).

We do not buy and sell personal data.

5. Anti-Money Laundering legislation

RFC Ambrian operates in jurisdictions which require it to comply with laws designed to combat money laundering and terrorism financing.  For some transactions we may be required by law to collect and verify particular personal information before we can deliver certain services to you. We are mindful of the apparent intrusiveness of these identification procedures and the staff you deal with would be pleased to discuss any concerns you may have. We may be required to store your personal identifying information for statutorily defined durations.

6. Cross border disclosure

RFC Ambrian operates from offices in Australia and the United Kingdom which may give rise to the need to transfer data between these two jurisdictions.  Such data transfers may only occur in accordance with this Privacy Statement and will be subject to the same administrative and technical controls.

7. Cookie Policy & information collected via our website

RFC Ambrian employs limited use of ‘cookies’ in the operation of its website.  These small text files enable our website to interact with your web browser (on your computer or mobile device) helping us to analyse how our website is used, which countries our website traffic comes from and to assist with providing an efficient user experience to you.

The cookies cannot collect any information stored on your computer or device. Although cookies can identify your IP address, RFC Ambrian has no means of identifying you from this information unless you supply personal details by submitting the information on our contact form. Where you are accessing our online dataroom facilities on this website using log-in information provided, you are responsible for the security of the log-in information and take responsibility to ensure the confidentiality of this information.

8. Security of your personal information

At all times RFC Ambrian will take such steps as are reasonable in the circumstances to protect your data from unauthorised access, unnecessary duplication, modification and disclosure or for uses not consistent with this policy. These measures include having appropriate policies in place, staff training, utilization of passwords and network wide security measures.

It should be noted however that it is impossible to fully guarantee security for communications conducted over the internet. Therefore, you should note that you also have a role to play in maintaining the confidentiality of your personal information such as strong password protection, encryption and physical security of your private data.

The majority of our information, including your personal information may be held on our computer network which is maintained by a third-party specialist IT company which monitors the integrity of our systems and equipment. We also may maintain paper records which are held securely in our offices. When your data is no longer required operationally or by law it will be securely disposed of, deleted, de-identified or put ‘beyond use’.

Compulsory staff training is conducted to ensure staff are familiar with appropriate management of private data and actions to be taken in the case of any data breach.

If a breach occurs the appropriate authority will be notified.  If there is a likely risk to an individual, they too will be notified to enable them to mitigate that risk.

9. Your rights

You have the right to

  • be informed of the reasons we collect your personal information
  • request a copy of your personal data from us
  • request correction or deletion of your personal information
  • ask us to stop processing your information for direct marketing process

Please note that there are some circumstances where we may be restrained by law from providing or correcting your information.  Wherever possible we will advise you of the reasons we cannot comply with your request.

10. Contact information

Please direct requests, enquiries or complaints to the Compliance Officer at one of the offices below or via email at

RFC Ambrian Group Limited (ABN 98 096 493 588)
RFC Ambrian Limited (ABN 59 009 153 888) RFC Ambrian Limited (UK company number 0423075)
Level 34, Grosvenor Place Tower,
225 George Street
Sydney  NSW  2000
Octagon Point
5 Cheapside
London EC2V 6AA
United Kingdom

Privacy Complaints may also be directed to the Information Regulator in each jurisdiction.

The Office of the Australian Information Commissioner:

The Information Commissioner’s Office: