1. Overview
This Policy applies to PassportCard Pty Ltd (we, our and us). We’re committed to good governance, compliance, ethical behaviour, and transparency of operation to ensure we provide the best service to you.
At PassportCard we are committed to managing your information in an open and transparent way and ensuring confidentiality of personal information. We are bound by the Australian Privacy Principles set out in the Privacy Act 1988 (Cth).
2. What Is Personal Information?
Personal Information is information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.’
Sensitive information is information about a person’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association or trade union, sexual orientation or practices, criminal record, health information, genetic or biometric information.
3. Types Of Personal Information We Collect And Hold
We collect a range of personal information necessary for our activities or functions, this may include:
- Name, address and contact details
- Date of birth
- Sensitive information about health
- Details of any property insured
- Details about any journeys insured, and
- Proof of identity.
4. How We Use Personal Information
We collect personal information so that we can:
- Identify the customer and conduct appropriate checks
- Issue, process, administer and manage insurance policies and claims
- Set up and administer the PassportCard
- Manage complaints, the disputes resolution process including referral to the external dispute resolution body
- Take any recovery action
- Gain a better understanding of your insurance needs, to support product research and product enhancement
- Manage the portfolio including data analytics, reporting to insurers and reinsurers
- Market research, conducting competitions, surveys, and promotional activities, and
- To support continuous improvement of our products and services.
5. How We Collect Personal Information
Wherever possible we will collect personal information directly from you over the telephone, in writing, via our online sales portals and emails.
In some circumstances we may collect the personal information from:
- Your agent, such as an insurance broker
- Your representative including individuals who are legally empowered or instructed to purchase insurance on your behalf
- Third parties that you have authorised or instructed to provide information such as any medical practitioner
- Third parties who are involved in the claims assessment process, this may include assessors, investigators, claims managers, witnesses, medical services providers, and your employer
- Law enforcement, statutory and regulatory bodies External dispute resolution bodies
- General public; and
- Publicly available sources.
We will not collect, use or disclosure sensitive information about you unless:
- We are legally required to do so; or
- We need that information for one of our functions or activities and we have your express consent.
Sometimes we may receive unsolicited personal information. If so, we will check whether that the information is reasonably necessary for our functions or activities, and we could have collected directly if we had solicited the information from you. If it is, we will handle this information the same way we do with other information we seek. If not, and it is lawful and reasonable to do so, we will ensure we do the right thing and destroy or de-identify it.
6. How We Hold Personal Information
We hold personal information in different ways, mainly in electronic form but from time to time in paper form. The security of your personal information is important to us, and we take reasonable steps to protect it from misuse, interference and loss, unauthorised access, modification, or disclosure.
Some of the ways we manage the security of personal information includes:
- Limiting access to the business premises
- Confidentiality and Privacy training requirements for our employees
- Record management and retention processes
- Security measures embedded within our IT infrastructure, IT applications and secure online payment facilities to process payments by credit cards
- Limiting employee access to personal information to those specific roles requiring access; and
- Electronic security systems, such as firewalls and data encryption on our websites.
Where personal information is held electronically with third party data storage providers, we rely on contractual arrangements to ensure those providers take appropriate measures to protect that information and restrict the use of the information.
We only keep personal information for as long as it is required for the purposes that it was collected. We are required to keep some personal information for certain periods of time under law. When personal information is no longer required, we will ensure that it is destroyed or de-identified.
7. Who We Disclose Personal Information To
We may disclose your personal information to a range of parties that may include:
- Our related companies including companies in the PassportCard group,
- Our insurers and reinsurers
- Government, law enforcement agency, regulatory or enforcement bodies and agencies as required
- External dispute resolution bodies
- Loss adjustors, assessors, investigators, and recovery agents
- Medical and health service providers including case managers, rehabilitation consultants
- Marketing organisations
- Your employer, and
- Any agent or contractor of any of the third parties listed above.
We will not disclose any sensitive information for any purpose other than the purpose for which it was collected, or directly related to a secondary purpose unless you have provided express consent.
8. Overseas Disclosure
We may hold and disclose personal information overseas, these locations may include Israel and countries within the European Union. We implement reasonable measures to ensure that an overseas recipient of personal information does not breach the privacy laws in Australia.
Where personal information has been disclosed overseas there may be a possibility the recipient may be required to disclose it under foreign law, which is not considered to be a breach under the Privacy Act.
9. What Happens If Personal Information Is Not Disclosed
If we ask for personal information and it is not given to us, we may not be able to:
- Provide you with any or all the features and benefits of our products and services
- Determine the amount of any premiums and associated fees, and
- Complete the assessment and determination of any claims.
10. Corrections And Access
We endeavor to ensure that personal information that we collect, use, or disclose is accurate, complete, up-to-date, and relevant for the purposes for which it was collected. Should you believe the personal information we hold is inaccurate, out of date, incomplete, irrelevant, or misleading please contact our Privacy Officer. Any corrections will be made within 30 days of a request, or such longer period as agreed with you. Should we be unable to assist with correction of personal information we will let you know in writing.
Should you customer wish to access personal information held please contact the Privacy Officer, there is no charge for requesting access, however we may require you to meet our reasonable costs should large amounts of material require collating and photocopying.
Privacy laws provide for specific circumstances where access may be refused, for example, where such access may encroach on the privacy of others. Should access be refused we will provide you a response in writing.
11. Marketing & Personal Information
When you provide us with personal information you consent to its collection and use for marketing purposes unless you advise us otherwise. Marketing may be in the form of mail, SMS, email, telephone or online about news, special offers, products and services.
You can unsubscribe or contact us to change your marketing preferences at any time.
To carry out marketing we may disclose your personal information to others that provide us with specialised data matching, trending or analytical services, as well as general marketing services.
We, and other people who provide us with marketing services, may combine the personal information collected from you, with the information we, or our related companies, or our service providers already hold.
12. Website, Data Tracking And Emails
Our websites rely on “cookies” to provide a number of services to you. A cookie is a small text file placed on your computer by our webserver. Cookies are generally used only to facilitate access to secure areas of our websites. We may also derive general information from cookies with respect to our website and app such as:
- Statistics relating to the number of website visits
- Details of the websites visited prior to our website
- Previous visits to our website
- Pages visited, pages downloaded, and time spent on each website, and
- Server addresses and IP addresses
You can choose if and how cookies will be accepted by configuring preferences and options in your internet browser.
If we communicate electronically, we retain the content and associated data of any emails that are sent to us if we believe we have a requirement to do so. All emails may be monitored for security issues and quality assurance.
We will handle any personal information that is collected using our websites, data tracking or via email in accordance with this Privacy Policy.
13. Dealing With Us Anonymously Or Using A Pseudonym
The Australian Privacy regime provides the option of individuals dealing with us anonymously or by using a pseudonym, unless we are required by law, or a court/tribunal to identify you, or it is impracticable to support you without identifying you.
14. Making Complaints
Should you have a complaint about the way we collect, hold, use, or disclose your personal information or a privacy related issue, please use our complaints process so we can help. The complaints handling process will allow us to resolve your complaint efficiently and effectively.
If we are unable to resolve the complaint, you can request a review by the Australia Financial Complaints Authority (AFCA) or the Office of the Australian Information Commissioner (OAIC).
Australian Financial Complaints Authority (AFCA)
AFCA has authority to hear certain disputes contact
Telephone: 1800 931 678
Mail: Australian Financial Complaints Authority
GPO Box 3
Melbourne VIC 3001
Email: info@afca.com.au
The Office of the Australian Information Commissioner (OAIC)
Telephone: 1300 363 992
Mail: Office of Australia Information
Commissioner GPO Box 5218
Sydney NSW 2001
Email: enquiries@oaic.gov.au
15. Changes To The PassportCard Privacy Policy
This Policy may change at any time we will post updated policies on our website. Any changes will be effective on the date that they are published on the website.