We are committed to ensuring your privacy in accordance with the Australian Privacy Act 1988 (Cth) (‘the Act’) and the New Zealand Privacy Act 2020 along with any applicable principles. We are also committed to ensuring your privacy in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679, insofar as it applies to our processes and business activities.
What is Personal Information?
‘Personal Information’ is any information or an opinion about an identified individual or an individual who is reasonably identifiable, whether or not the information or opinion is true, and whether or not it is recorded in a material form.
’Sensitive Information’ is a subset of Personal Information which may need to be afforded a higher level of protection. Sensitive Information may include Personal Information and is defined more specifically in the Act, including, amongst other things, health information, criminal history, racial or ethnic origin and sexual orientation.
What Personal Information do we collect, hold and use?
The Personal Information we collect, hold and use generally includes your name and contact information (including telephone numbers and email addresses), information relating to the insured risk, other reference information and information about third parties that you may conduct, or are interested in conducting business with.
As we act as an underwriting agency on behalf of insurers, providing and administering insurance related products and services, we may also collect and hold other Personal Information required to provide and administer such products and services and to assist you, including details of your previous insurances and Sensitive Information.
You may be able to deal with us without identifying yourself (i.e. anonymously or by using a pseudonym) in certain circumstances, such as when making a general inquiry relating to the products and services we offer. If you wish to do so, please contact us to find out if this is practicable in your circumstances.
However, if you do not provide us with the Personal Information and other information that we need, we or any of our third-party providers may not be able to provide you with the appropriate insurance products and services. You may also risk breaching your duty of disclosure or having your policy cancelled pursuant to the Insurance Contracts Act 1984 (Cth) or otherwise.
How we collect your Personal Information
We may collect Personal Information in a number of ways depending on the nature of the insurance products and services being provided and administered, including:
When collecting Personal Information, we will do everything we reasonably can to let you know:
We also automatically collect certain information when you visit our website, some of which may be capable of personally identifying you. Please see the ‘Cookies’ section below for more details.
Our purposes for collecting, holding and using your Personal Information
We collect and hold your Personal Information for the primary purpose of providing and administering our insurance products and services to you. When we collect Personal Information from you the collection statement may provide a more specific or broader purpose. Such purposes for collection may include:
If you are an individual who is either based in or a resident of the European Union or the United Kingdom, we will only collect, use and share your personal data where we are satisfied that we have an appropriate legal basis to do so. We will ensure that we only use your personal data for the purposes set out above and where we are satisfied:
Disclosure of your Personal Information
You authorise us to contact such third parties for the purposes of providing you with the products and services that you have requested.
Disclosure of Personal Information overseas
If we wish to disclose your Personal Information overseas, we will inform you of this and we will take reasonable steps to ensure that the overseas recipient does not breach the applicable privacy principles. We may also gain your consent to disclose your Sensitive Information overseas, if required. If you are an individual who is either based in or a resident of the European Union or the United Kingdom, we will take appropriate steps to ensure that transfers of your personal data are in accordance with applicable legislation and carefully managed to protect your privacy rights. We will also ensure that transfers of your personal data are limited to countries which are either recognised as providing an adequate level of legal protection or where we can be satisfied that alternative arrangements are in place to protect your privacy. To this end:
Direct marketing and how to opt out
When we collect your Personal Information, we may use this information to provide you with information about our other products and services. If you no longer wish to receive such information, or you do not want us to disclose your Personal Information to any other organisation (including any related body corporates), you can opt out by contacting us using our contact details below.
We will not sell or trade your Personal Information for marketing or any other purpose.
Your obligations when you provide Personal Information of others
You must not provide us with Personal Information (including any Sensitive Information) of any other individual (including any of your employees or clients if you are an insurance broker) unless you have the express consent of that individual to do so. If you do provide us with such information about another individual, before doing so you:
If you have not done this, you must tell us before you provide any third-party information.
Your obligations when we provide you with Personal Information
You must also ensure that your agents, employees and contractors meet the above requirements.
Accuracy, Access and Correction of your Personal Information
We take reasonable steps to ensure that your Personal Information is accurate, complete and up to date whenever we collect, use or disclose it. However, we also rely on you to advise us of any changes to your Personal Information. All Personal Information identified as being incorrect is updated in our database.
Please contact us using our contact details below as soon as possible if there are any changes to your Personal Information or if you believe the Personal Information we hold about you is not accurate or complete. We may refuse to correct Personal Information if the correction would not improve the accuracy, completeness, relevance or would make the information misleading. If we refuse to correct your Personal Information, we will record that a request was made and advise you why the request was refused.
You can make a request to access your Personal Information by contacting us using the contact details below. If you make an access request, we will provide you with access to the Personal Information we hold about you, unless otherwise required or permitted by law, within a reasonable time after the request is made. We will notify you of the basis for any denial of access to your Personal Information. No fee will be charged for an access request. However, we may charge the reasonable cost of complying with the access request, such costs notified to you before they are incurred.
Security of your Personal Information
We take reasonable steps to protect any Personal Information that we hold from misuse, interference and loss and from unauthorised access, alteration and disclosure.
For example, we maintain physical security over our paper and electronic data stores and premises, such as locks and security systems. We also maintain computer and network security. For example, we use firewalls (security measures for the Internet) and other security systems such as user identifiers and passwords to control access to computer systems.
However, data protection measures are never completely secure and despite the measure we have put in place, we cannot guarantee the security of your Personal Information. You must take care to ensure you protect your Personal Information (for example, by protecting any usernames and passwords). You should notify us as soon as possible if you become aware of any security breaches.
How long do we retain your Personal Information?
Links to third party sites
Our website may contain links to other third-party websites. We do not endorse or otherwise accept responsibility for the content or privacy practices of those websites or any products or services offered on them. We recommend that you check the privacy policies of these third-party websites to find out how these third parties may collect and deal with your Personal Information.
Like many website operators, we may use standard technology called cookies on our website. Cookies are small data files that are downloaded onto your computer when you visit a particular website. Cookies help provide additional functionality to the site or to help us analyse site usage more accurately. For instance, our server may set a cookie that keeps you from having to enter a password more than once during a visit to one of our sites. In all cases in which cookies are used, the cookie will not collect Personal Information except with your consent. You can disable cookies by turning them off in your browser; however our website may not function properly if you do so.
Your Rights under the GDPR
If you are an individual who is either based in or a resident of the European Union or the United Kingdom, subject to applicable data privacy laws, we will not process sensitive data about you unless we have received your explicit consent to the processing of this information.
If you are an individual who is either based in or a resident of the European Union or the United Kingdom, you also have the right to:
How to make a complaint
If you wish to make a complaint about how we have handled your Personal Information, you can lodge a complaint by using the contact details below. You will need to provide us with sufficient details regarding your complaint together with any supporting evidence and information.
We will refer your complaint to our Privacy Officer who will investigate the issue and determine the steps that we will undertake to resolve your complaint. We will contact you if we require any additional information and will notify you in writing of the outcome of the investigation. We will try to resolve any complaint within 14 business days. If this is not possible, you will be contacted within that time to let you know how long it is likely to take us to resolve your complaint.
If you are not satisfied with our determination, you can contact us to discuss your concerns or complain to:
We may make changes to this policy as a result of operational or legislative changes. When changes are made to this policy, the updated policy will be uploaded to our website and the effective date updated accordingly.
How to contact us
Alternatively, you can contact us via:
QUS Pty Ltd
Suite 2 Level 17
215 Adelaide Street
Brisbane QLD 4000
PO Box 10552
Brisbane Adelaide Street QLD 4000
In Australia, for further information on privacy, visit the Australian Government Office, Office of The Australian Information Commissioner website.
In New Zealand, for further information on privacy, visit the New Zealand Privacy Commissioner website.
Effective Date: 1 December 2020