We’re committed to safeguarding people’s privacy and the confidentiality of their personal information and are bound by the Australian Privacy Principles set out in the Privacy Act 1988 (Cth) (the Act).
Personal information we collect.
We collect personal information including:
- Name, address, gender, date of birth and contact details;
- Information specific to the product or service you decide to purchase from us;
- Financial details; and
- For employment application, your past employment, residency status and proof of identity and other information from your curriculum vitae or job application submitted to us.
We may also collect “sensitive information”, a subcategory of personal information which includes information about your health. We may be required to collect sensitive information when you make an application for certain insurance.
How we collect your personal information.
Where possible we’ll collect personal information from you directly either through our online services or in writing or over the phone. We’ll obtain consent before collecting sensitive information, such as health information, unless we’re required or permitted by law to collect it without consent.
We may also collect personal information about you from a third party. These parties may include:
- Our agents and service providers such as financial institutions:
- Your agent or representative such as your Insurance Broker or Financial Adviser;
- Third parties who may be arranging insurance cover for a group that you are a part of, such as your employer;
- Your family member who applies for a policy that covers you or is instructed by you to deal with us
- People who are involved in a claim or assist us in assessing, investigating, processing or settling claims such as investigators, assessors, witnesses and medical service providers;
- Law enforcement, dispute resolution, statutory and regulatory bodies; and
- Publicly available sources such as the internet.
Sometimes we may be required to collect sensitive information about you from a third party.
What we do with personal information.
We collect, hold, use and disclose personal information in ways people would reasonably expect and where it is reasonably necessary for our business, including:
- Issuing, administering and managing insurance policies;
- Assessing risk and underwriting insurance;
- Processing claims and taking recovery action;
- Improving our products and services, and the customer experience;
- Handling complaints;
- Working with business partners and insurance intermediaries;
- Data analytics; and
- Assessing applicants’ suitability to work with us.
Disclosing personal information.
We, or our agents, may disclose personal information to:
- Any person authorised by you;
- Our related bodies corporate;
- Other insurers and reinsurers;
- Our distributors and agents;
- Mail houses, records management companies or technology services providers for printing and/or delivery of mail and email, including secure storage and management of our records;
- Health care providers to establish medical status and arrange appropriate treatment and services. In an emergency we may also disclose information to employers and family members;
- Organisations that provide banking or transactional services to facilitate payments to and from us;
- Organisations to assist us improve our products, services and the customer experience;
- Our advisers such as legal, actuary and accounting advisers;
- Business partners and intermediaries who arrange insurance with us;
- Co-insureds to confirm full disclosure has been made to us;
- Your employer, where you are under a group life insurance scheme, noting that sensitive information will only be disclosed with your express consent;
- Dispute resolution organisations such as the Australian Financial Complaints Authority (AFCA);
- Government, law enforcement, statutory, regulatory or enforcement bodies and agencies;
- Service providers that perform data analytics
- Insurance reference bureaus. We may disclose policy and claim information, both of which may be accessible to other members of these bureaus;
- Companies that conduct customer surveys on our behalf; and
- Other parties as required by law
In the case of a claim we may also disclose personal information to:
- Investigators and assessors to investigate and assess claims and related matters;
- Lawyers and recovery agents, to defend actions by third parties, to recover our costs (including amounts owed to us) or to seek a legal opinion;
- Witnesses, to obtain witness statements;
- Experts to provide us with opinions; and
- Other parties to a claim to obtain statements from them, seek recovery or defend an action.
We also collect personal information from these people and organisations.
Disclosure to business partners and intermediaries.
When you buy a policy arranged by one of our business partners or intermediaries, you consent to us providing all of your personal information to that business partner or intermediary, which may include sensitive information and claim information. That business partner or intermediary will also provide us with personal information.
Disclosure to overseas recipients.
We do not store or disclose personal information overseas.
From time to time we may engage a service provider who may store or disclose your personal information overseas. Where this occurs, prior to engaging them we will take all reasonable steps to ensure the service provider stores and discloses personal information only in accordance with Australian Privacy Laws. We currently have the following service providers who store or disclose personal information overseas under limited circumstances:
- Customers who make a complaint about a Consumer Credit Insurance product issued by us and who make the complaint directly via QBE Australia, may have their complaint initially managed by a customer care service located in the Philippines.
- Our reinsurer transmits member level information (which includes a policyholder’s name, date of birth and address) to their Head Office in Germany, where it is held for 30 days and then deleted.
Where personal information has been disclosed overseas, there’s a possibility the recipient may be required to disclose it under a foreign law. Where this occurs, such disclosure isn’t a breach of the Act.
How personal information is held.
We hold personal information in secure systems, databases and paper records. We may use related bodies corporate, agents and third party suppliers for data storage.
Any personal information provided over the internet is held securely and not retained on our web servers. We use service providers and secure online payment facilities to process payments by credit card. Card details can’t be accessed through the internet after a payment has been processed.
How we protect your personal information.
We take all reasonable steps to protect your personal information (including sensitive information) from misuse, loss and unauthorised access, modification or disclosure. These include:
- Using appropriate information technology and processes;
- Restricting access to your personal information to our employees and those who perform services for us who need your personal information to do what we have engaged them to do;
- Protecting paper documents from unauthorised access or use through security systems we deploy over our physical premises;
- Using computer and network security systems with appropriate firewalls, encryption technology and passwords for the protection of electronic files;
- Securely destroying or “de-identifying” personal information if we no longer require it subject to our legal obligations to keep some information for certain prescribed periods; and
- Requesting certain personal information from you to verify your identify when you wish to discuss any issues relating to the products and services we provide to you.
Whilst we take all reasonable measures to ensure the security of information you submit to us via the internet.
If we don’t receive personal information.
We may not be able to do provide our products or services if we’re not given all of the personal information we’ve asked for. This includes not issuing policies and not processing claims.
Dealing with us anonymously.
There are some circumstances where you can deal with us anonymously, including if they’re only looking for general information about one of our products or services, or a quote.
Website and app tracking.
When you visit our website we may collect information about your visit to assist us to measure and improve our website and the products and services we provide. Information is collected using “cookies” which are small information files placed on the computer of a web user during a visit to our website. For information on disabling these cookies, please go to the privacy settings section within your browser.
We also utilise other technologies similar to cookies, including those which are embedded into or which accompany emails sent by us or on our behalf.
Information we collect.
The information we collect includes:
- Details of visits to our websites or use of our apps and the browser used;
- Details of websites visited before visiting our website;
- Pages visited, time spent on them and documents viewed and download;
- Visits made to our websites before;
- Whether you used a search engine to find us;
- Preferences; and
- Server address/IP address.
What we use this information for.
We use information collected to:
- Assist in the use our online services and understand needs;
- Collect and analyse statistical information;
- Enhance and tailor website functionality and the customer experience;
- Investigate security incidents;
- Learn about emails sent, including if they were opened and what’s been done with them;
- Manage our servers and websites;
- Market our products and services and continue to improve them; and
- Evaluate the effectiveness of our advertising.
Cookies are necessary to allow our website and the user’s computer to interact effectively and enhance security.
By accessing our websites or using our apps you agree to cookies being stored in your browser or device. Browsers may be able to be configured to accept or reject cookies, or to notify when a cookie is being sent. The ‘help’ function on your browser will provide details on how to change configurations.
The functionality of our website may be affected if cookies are blocked or rejected.
We share information from cookies and other technologies with our third-party service providers, including Google Analytics. The information collected can be combined with other information, allowing us or those third parties to identify users at an individual level, their behaviours, activity and needs.
Some of our websites present content and functionality provided by third parties which we don’t control. We’ll take reasonable steps to tell you before you use them, but you should consult the privacy policies of the third party providers as well.
For more information about cookies.
For further information about cookies, including how to see what cookies have been set, how to manage and delete them or how to manage browser settings visit www.allaboutcookies.org.
Access, corrections and complaints.
Our aim is to always have accurate, complete, up-to-date and relevant personal information.
If you would like to seek access to, or revise, your personal information, or feel that the information we currently have on record is incorrect or incomplete, please contact the Privacy Officer using the following contact details:
|R1741 Royal Exchange,
|Phone:||1300 54 33 66|
You may also elect to contact the Office of the Australian Information Commissioner if you have a complaint about the way we handle your personal information at:
|GPO Box 5218
Sydney NSW 2001
|Phone:||1300 363 992|
|Date prepared:||26 November 2018|
|Date effective:||26 November 2018|