Private Policy

Bacena Fund Management Pty Ltd
ACN 31 677 797 947 | AFSL 563430

Introduction

Bacena Fund Management Pty Ltd (“we”, “us”, “our”) is committed to protecting the privacy of personal information and managing it in an open and transparent manner.

This Privacy Policy explains how we collect, hold, use and disclose personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This Policy reflects recent legislative updates, including:

  • Privacy and Other Legislation Amendment Act 2024 (Cth)
  • AML/CTF Amendment Act 2024 (Cth)
  • OAIC guidance and regulatory developments to April 2026

Personal Information We Collect & Hold

Bacena Fund Management Pty Ltd (“Bacena,” “we,” “us,” “our”) collects only personal information that is reasonably necessary for one or more of our functions or activities, consistent with the data minimisation principle under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

The kinds of personal information we collect and hold include:

  • Full legal name
  • Date of birth
  • Residential and postal address
  • Email address and telephone numbers
  • Government-issued identity document information (for Customer Due Diligence under AML/CTF law)
  • Source of funds and source of wealth information
  • Beneficial ownership and control information
  • Financial and credit information relevant to loan applications or investment eligibility
  • Technical and device data collected via digital platforms, to the extent necessary to operate and secure those platforms

We do not collect sensitive information (such as health, biometric or racial information) unless you consent and it is reasonably necessary for our functions, or where collection is required or authorised by Australian law (including AML/CTF law) or a court or tribunal order.

How We Hold Personal Information

Personal information is held in secure electronic systems and, where applicable, in hard copy records. We take reasonable technical and organisational steps to protect it from misuse, interference, loss, unauthorised access, modification and disclosure — including encryption at rest and in transit, multi-factor authentication, access controls, staff training, and contractual obligations on third-party service providers.

Personal information that is no longer required and is not subject to a legal retention obligation will be de-identified or securely destroyed.

How We Collect Personal Information

We collect personal information only by lawful and fair means, and wherever reasonably practicable, directly from the individual concerned. We collect personal information when:

  • You complete our loan application or investor registration form
  • You provide information by telephone, email or in person
  • You interact with our website or digital platforms
  • We obtain credit reports through credit agencies
  • We conduct third party checks in the course of due diligence
  • We carry out initial or ongoing Customer Due Diligence under the AML/CTF Act (as amended by the AML/CTF Amendment Act 2024)
  • Technical or device data is automatically collected via digital platforms to operate and secure those platforms

Purpose of Collection, Use & Disclosure

We collect, hold, use and disclose personal information for the following purposes:

  • Assessing eligibility for our lending products or investment opportunities
  • Providing, managing and administering those products and services
  • Protecting against fraud, crime or other harmful activity
  • Complying with our legal and regulatory obligations, including AML/CTF requirements under the AML/CTF Act (as amended)
  • Communicating with introducers, brokers, valuers and other professional service providers in connection with a transaction
  • Managing outsourced arrangements with technology service providers
  • Any other purpose disclosed at the time of collection or to which you subsequently consent

Use & Disclosure of Personal Information

Where we hold personal information collected for a particular purpose (the primary purpose), we will not use or disclose it for a secondary purpose unless:

  • You have consented to the secondary use or disclosure
  • You would reasonably expect the secondary use and it is related to the primary purpose
  • Use or disclosure is required or authorised by law
  • A permitted general situation exists under the Privacy Act
  • It is reasonably necessary for enforcement-related activities (in which case we will keep a written record)

We may disclose your personal information to our professional advisers; credit agencies and reporting bodies; government regulators including AUSTRAC, ASIC and the OAIC; technology service providers subject to data processing agreements; and introducers, brokers and other parties involved in the origination or management of loans — to the extent necessary for the relevant transaction or regulatory requirement.

We do not sell personal information to third parties, nor use it for direct marketing without your express consent.

AML/CTF Obligations

Bacena Fund Management is a reporting entity under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) (“AML/CTF Act”), as amended by the AML/CTF Amendment Act 2024. Collection of personal information for AML/CTF compliance is authorised by Australian law and constitutes a lawful purpose under APP 3.

Personal information collected for AML/CTF purposes may include full legal name; date of birth; residential address; government-issued identity documents; source of funds and wealth information; and beneficial ownership details. Such records are retained for the periods required by the AML/CTF Act — generally seven years from the end of the relevant business relationship or transaction.

Cross-Border Disclosure of Personal Information

Bacena Fund Management currently only discloses personal information to recipients located in Australia. We are not likely to disclose personal information to overseas recipients in the ordinary course of our business.

If disclosure to an overseas recipient becomes necessary, we will first take reasonable steps to ensure the recipient does not breach the Australian Privacy Principles, and will document an assessment of their privacy and data protection practices. We will update this Policy if our cross-border disclosure practices change.

Notifiable Data Breaches

Under the Notifiable Data Breaches scheme (Part IIIC of the Privacy Act 1988 (Cth)), we are required to notify the OAIC and affected individuals of any eligible data breach — that is, a breach likely to result in serious harm to any individual whose personal information is involved.

If we become aware of a suspected eligible data breach, we will promptly assess the breach, notify the OAIC and affected individuals as required, and take steps to contain and remediate the breach. Completed Notifiable Data Breach Forms are retained by our Compliance Officer for seven years.

 

Your Rights

ACCESS

You have the right to request access to personal information we hold about you. We will respond within 30 days and provide access in a form you request where it is reasonable and practicable to do so. We do not charge for making an access request, though we may charge a reasonable fee for providing access in certain circumstances.

CORRECTION

If you believe that personal information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, you may request correction. We will take reasonable steps to correct the information and, where we have disclosed it to third parties, notify them of the correction.

ANONYMITY & PSEUDONYMITY

Where lawful and practicable, you may interact with us anonymously or using a pseudonym. However, given our AML/CTF and other regulatory obligations, it is generally not practicable for us to deal with individuals anonymously in the context of lending or investment activities.

STATUTORY PRIVACY TORT

The statutory tort for serious invasions of privacy under Part IIIB of the Privacy Act 1988 (Cth) is in force as of 10 June 2025. If you believe you have suffered a serious invasion of privacy as a result of our conduct, you may be entitled to bring a private action independently of, or in addition to, lodging a complaint with the OAIC.

Privacy Complaints

We take privacy complaints seriously and offer a free internal complaint resolution process to all individuals.

STEP 1 — CONTACT US DIRECTLY

Please contact our Compliance Officer in the first instance using the details below. We will acknowledge your complaint in writing and provide a substantive response within 30 days.

STEP 2 — ESCALATE TO THE OAIC

If you are not satisfied with our response, or your complaint is not resolved within 30 days, you may refer the matter to the Office of the Australian Information Commissioner (OAIC):

OAIC

GPO Box 5218, Sydney NSW 2001

Phone: 1300 363 992

Email: enquiries@oaic.gov.au

Web: oaic.gov.au

Privacy Tort Claim

Individuals may also bring a private action under the statutory tort for serious invasions of privacy (in force 10 June 2025), independently of any OAIC complaint process. We recommend seeking independent legal advice if you intend to pursue this avenue.

Contact Us

For any privacy enquiries, access or correction requests, or complaints, please contact our Compliance Officer. This Policy is available free of charge. If you require it in an alternative format, please contact us and we will take reasonable steps to accommodate your request.

Bacena Fund Management — Compliance

Email: Enquiries@bacena.com

Phone: 1300 000 009

Post: Elkhorn Centre West
29 Elkhorn Avenue
Surfers Paradise QLD 4217

POLICY INFORMATION

Version: 3 (April 2026)

Supersedes: Versions 1 & 2

Review Cycle: Every 6 months

Next Review: October 2026

Governing Law: Privacy Act 1988 (Cth)

At Bacena, our commitment is grounded in discipline, responsibility and long-term partnership. We approach capital stewardship with care, recognising the trust placed in us by our investors.

We are committed to rigorous analysis, thoughtful risk management and structured execution across market cycles. Rather than pursuing short-term momentum, we focus on preserving capital, managing downside risk and generating consistent, uncorrelated outcomes over time.

We commit to transparency in our decision-making, accountability in our actions and alignment in our interests. Through measured judgement and independent thinking, we aim to build enduring value with integrity and conviction.

Call 1300 000 009 Email Enquiry Contact Bacena