Privacy Policy

At IBL Limited, we are committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles, including recent amendments strengthening enforcement powers and penalties for privacy breaches. This Privacy Policy describes our current policies and practices in relation to the collection, handling, use and disclosure of personal information. It also deals with how you can complain about a breach of the privacy laws and how you can access the personal information we hold and how to have that information corrected.

Our contact details for all privacy enquiries:

IBL Limited (AFSL 231203)

Level 21, 41 Exhibition Street, Melbourne 3000

Phone: 03 8508 5444

Email: privacy@iblltd.com.au

 

What information do we collect and how do we use it?

Through our trading entities Planned Cover, Focus Underwriting & Tasman Underwriting, and Informed by Planned Cover, we review your insurance requirements and request the information we need to advise you about your insurance needs and the management of your risks. This information may include your name, address, contact details, age and other information relevant to your insurance requirements, premium funding arrangements or claims.

Some personal information we collect may be sensitive, including health and wellbeing information. We only collect sensitive information when it is reasonably necessary for our functions and activities and you have given express consent, or where collection is otherwise permitted under the Privacy Act. Sensitive information is handled with enhanced security controls and access restrictions.

We take reasonable steps to ensure that we only collect, use and disclose personal information that is reasonably necessary for our functions and activities.

We may provide information to insurers or intermediaries we approach on your behalf to enable them to decide whether to insure you and on what terms, or to fund your premium and on what terms.

In connection with these activities, your personal information may be disclosed to insurers, reinsurers, intermediaries and related entities involved in providing insurance, premium funding and reinsurance services. This may include disclosure for underwriting, policy administration, claims management, portfolio reporting, product development, data analytics and related insurance purposes.

Insurers may disclose this information to their reinsurers. Some insurers, reinsurers, intermediaries and related entities may be located outside Australia. Where insurance is arranged with an overseas insurer, your personal information may be disclosed to that insurer to assess your application and determine the terms on which they are prepared to provide insurance. Where practicable, we will inform you of the location of the insurer at the time of arranging your cover.

When you make a claim under your policy, we assist you by collecting information about your claim. Sometimes we also need to collect information about you from others. We may provide this information to your insurer, and to anyone your insurer has appointed to assist it to consider your claim, such as loss adjusters or medical advisers, so the claim can be assessed. This information may also be disclosed to reinsurers and other parties involved in the claims process.

Planned Cover may use your personal information to provide you with information about products, services, events or updates that may be relevant to you. Where permitted by law, recipients to whom we disclose your information may also use it to identify and inform you about products or services that may be of interest to you.

You may opt out of receiving direct marketing communications at any time by using the unsubscribe facility in communications; or contacting us at privacy@iblltd.com.au.

 

What if you don’t provide some information to us?

We can only properly advise you, arrange your insurance, assist with premium funding, or help with a claim if we have all relevant information. You may also be required to provide insurers with information they need to decide whether to provide cover and on what terms. If you provide inaccurate, incomplete or misleading information, we may not be able to provide the products or services you are seeking, and your insurer may reduce or refuse a claim, cancel your policy or treat the policy as if it never existed, where permitted by law.

When do we disclose your information overseas?

If we recommend or arrange insurance through an overseas insurer, we may disclose your personal information to that insurer so they can assess your application and determine whether to provide insurance and on what terms.

Your personal information may also be disclosed to overseas insurers, reinsurers, related entities, policy administration providers and IT systems providers, including providers supported or maintained by organisations in New Zealand, the Philippines and Vietnam. These disclosures may occur as part of global insurance, reinsurance, policy administration and IT support arrangements.

Overseas recipients may not be subject to privacy laws equivalent to the Australian Privacy Act. Where required, we will take reasonable steps to ensure that overseas recipients handle personal information in accordance with Australian privacy laws, or we will seek your informed consent before disclosure.

By engaging our services, you acknowledge and consent to the disclosure of your personal information overseas as described in this policy.

How do we hold and protect your information?

We strive to maintain the reliability, accuracy, completeness, and currency of the personal information we hold and to protect its privacy and security. We keep personal information only for as long as it is reasonably necessary for the purpose for which it was collected, or as required by law.

We may also be required to retain certain personal information for extended periods to comply with legal, regulatory or contractual obligations, including obligations arising from arrangements with insurers or reinsurers. In some cases, this may require retention for a minimum period of 10 years or longer where required.

When personal information is no longer required, we take reasonable steps to securely destroy or de-identify the information in accordance with our data retention and destruction procedures.

We hold the information we collect from you electronically. We ensure that your information is safe by protecting it from unauthorised access, modification, and disclosure. We maintain physical security over our paper and electronic data and premises, by using locks and security systems. We also maintain computer and network security; for example, we use firewalls (security measures for the Internet) and other security systems such as user identifiers and passwords to control access to computer systems where your information is stored.

Notifiable Data Breaches

IBL takes data security seriously. In the event of a data breach that is likely to result in serious harm to individuals, we will comply with the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988 (Cth).

Where required, we will:

  • Notify affected individuals as soon as practicable, including recommendations about the steps to take in response to the data breach;
  • Notify the Office of the Australian Information Commissioner (OAIC); and
  • Provide information about the nature of the breach, the information involved, and steps individuals can take to reduce potential harm.

We maintain internal procedures to prepare, identify, assess, contain, remediate and recover from data breaches.

Will we disclose the information we collect to anyone?

We do not sell, trade or rent your personal information to others.

We may disclose your personal information to service providers and other third parties who assist us in providing our services, including contractors, external data storage providers, claims service providers, legal advisers, experts, IT service providers and the insurance-related recipients described in sections 1 and 3.

We may also disclose your personal information in connection with a corporate sale, merger, reorganisation, dissolution or similar event, where required or permitted by law, or where you have consented to the disclosure.

We take reasonable steps to ensure that third parties who handle your personal information do so in accordance with applicable privacy laws and appropriate confidentiality obligations.

How can you check, update or change the information we are holding?

You may request access to the personal information we hold about you, or ask us to correct it if you believe it is inaccurate, irrelevant, out of date or incomplete. To make a request, please write to our Privacy Manager at the address noted above and provide enough information for us to identify you and locate the relevant information.

We do not charge you for making an access or correction request. However, if responding to an access request is complex or time-consuming, we may charge a reasonable fee for providing access and will confirm this with you before proceeding.

In limited circumstances, we may refuse access to your information or refuse a correction request. If we do, we will tell you as soon as practicable and explain the reasons for our decision.

What happens if you want to complain?

If you have concerns about how we have collected or handled your personal information, or whether we have complied with the Privacy Act or this Privacy Policy, please write to our Privacy Manager at the address noted above.

We will consider your complaint through our Internal Dispute Resolution Process. We will acknowledge your complaint within 24 hours and aim to provide a decision within 30 days. If we need more time to investigate, we will work with you to agree an appropriate timeframe.

If we cannot resolve your complaint, we will provide you with information about how you may refer the matter to the Office of the Australian Information Commissioner (OAIC).

Your consent

By asking us to assist with your insurance needs, you consent to the collection and use of the information you have provided to us for the purposes described above. This consent applies to the collection, use and disclosure of your information as described in this Privacy Policy, including the overseas disclosures described in section 3.If Australian privacy laws introduce additional individual rights or obligations, we will comply with those requirements and update this Privacy Policy accordingly.

Website information and content

The information on our websites is general in nature and does not cover all aspects of the law or the relevant subject matter. You should seek professional advice before taking action based on information on our websites.

To the extent permitted by law, we do not warrant that website content is accurate, complete, current, suitable for any particular purpose, or free from errors, interruptions, viruses or other defects. We are not liable for any loss, damage or injury arising from the use of, or inability to use, our websites or website content, except to the extent liability cannot be excluded by law. We may update or modify website content from time to time.

Anonymous website data and cookies

We use technology to collect anonymous information about the use of our websites. For example, our service provider may log your server address, the date and time of your visit, the pages and links accessed, and the type of browser used. This information does not identify you personally and is used for statistical purposes, to improve our websites and services, and to better understand our clients and markets.
We may use cookies to collect this anonymous data and improve website functionality. Cookies are small pieces of information sent to your browser and stored on your computer’s hard drive. You can set your browser to notify you when you receive a cookie so you can decide whether to accept it.

Online forms

Our websites may allow visitors to submit information through self-service forms. Information submitted through these forms is encrypted in transit using HTTPS/TLS. Form submissions are delivered to internal staff mailboxes by email, which is encrypted in transit using TLS and encrypted at rest within our email service.

Where personal information is collected through our websites, we take reasonable steps to protect it from misuse, interference and loss, and from unauthorised access, modification or disclosure.

Website communications and marketing

We may use information collected through our websites to send you requested product information or promotional material, manage your ongoing requirements, including renewals, invoicing and client surveys, maintain our relationship with you, improve our services and help resolve any problems.

We may occasionally contact you about services, special offers, events or articles we think may be of interest to you. You may opt out of receiving direct marketing communications at any time by using the unsubscribe facility in communications; or contacting us at privacy@iblltd.com.au.

Staff training

In accordance with our Binding Authority Agreements with capacity providers, all IBL staff are required to complete annual Australian Privacy Law training.

Tell us what you think

We welcome your questions and comments about privacy. If you have any concerns or complaints, please contact our Privacy Manager on the details listed above.