Privacy Policy
Version 6.2 – October 2018
Version 6.2 – October 2018
At The Oxley Group (Oxley Insurance Brokers Pty Ltd, ABN 84 234 892 156, Oxley Workers Compensation Solutions Pty Ltd, ABN 14 114 972 422 and Oxley Life Solutions Pty Ltd, ABN 14 108 128 721) we are committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs).
This Privacy Policy applies to personal information collected by us and explains how we collect, use, disclose and handle it as well as your rights to access and correct your personal information and make a complaint for any breach of the APPs.
The Privacy Act defines personal information to mean:
“Information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether recorded in a material form or not.”
“Sensitive information” is a subset of personal information and means:
“Information or opinion about an individual’s racial or ethnic origin, political opinions, membership of a political organisation, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, health information about an individual, genetic information, biometric information or templates.”
The kinds of personal information we collect and hold vary depending on the services we are providing, but generally can include:
The type of sensitive information we may collect generally includes:
We only collect personal information by lawful and fair means and where it is reasonably necessary for, or directly related to, one or more of our functions or activities.
Unless it is unreasonable or impracticable for us to do so, or as provided otherwise under this Privacy Policy, we will collect your information directly from you or your agents.
If we collect details about you from someone else, we will take reasonable steps to make you aware of the collection in accordance with the APPs.
We may obtain personal information indirectly and who it is from can depend on the circumstances. We will usually obtain it from another insured if they arrange a policy which also covers you, related bodies corporate, referrals, your previous insurers or insurance intermediaries, witnesses in relation to claims, health care workers, publicly available sources, premium funders and persons who we enter into business alliances with.
We attempt to limit the collection and use of sensitive information from you unless we are required to do so in order to carry out the services provided to you. However, we do not collect sensitive information without your consent.
We hold the personal information we collect within our own data storage devices or with a third party provider of data storage. We discuss the security of your personal information below.
We collect, hold, use and disclose your personal information where it is reasonably necessary for, or directly related to, one or more of our functions or activities. These will usually include our insurance broking services, insurance intermediary services, funding services, claims management services and risk management and other consulting services including life and life/risk management consulting, superannuation and investment advisory services and to meet any obligations we have at law e.g. identity checks required by the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 and other legislation. We also use it for direct marketing purposes explained in more detail below.
For example, we usually need to collect, hold, use and disclose personal information where:
We do not use or disclose personal information for any purpose that is unrelated to our services and that you would not reasonably expect (except with your consent). We will only use your personal information for the primary purposes for which it was collected or as consented to.
We usually disclose personal information to third parties who assist us or are involved in the provision of our services and your personal information is disclosed to them only in connection with the services we provide to you or with your consent. We may also disclose it for direct marketing purposes explained in more detail below.
The third parties can include our related companies, our agents or contractors, insurers, their agents and others they rely on to provide their services and products (e.g. reinsurers), premium funders, other insurance intermediaries, insurance reference bureaus, loss adjusters or assessors, medical service providers, credit agencies, lawyers and accountants, prospective purchasers of our business and our alliance and other business partners.
These parties are prohibited from using your personal information except for the specific purpose for which we supply it to them and we take such steps as are reasonable to ensure that they are aware of the provisions of this Privacy Policy in relation to your personal information.
We also use personal information to develop, identify and offer products and services that may interest you, conduct market or customer satisfaction research. From time to time we may seek to develop arrangements with other organisations that may be of benefit to you in relation to promotion, administration and use of our respective products and services. See direct marketing explained in more detail further below. We do not use sensitive information to send you direct marketing communications without your express consent.
If we do propose to disclose or use your personal information other than for the purposes listed above, we will first seek your consent prior to such disclosure or use.
If we give third parties (including their agents, employees and contractors) your personal information, we require them to only use it for the purposes we agreed to.
If the required personal information is not provided, we or any involved third parties may not be able to provide appropriate services or products. If you do not provide the required personal information we will explain what the impact will be.
When you provide us with personal information about other individuals, we rely on you to have made them aware that you will or may provide their information to us, how we collect, use, disclose and handle it in accordance with this Privacy Policy and our relevant Privacy Statements. If it is sensitive information we rely on you to have obtained their consent to the above. If you have not done these things, you must tell us before you provide us with the relevant information.
If we give you personal information, you must only use it for the purposes we agreed to.
Unless an exemption applies or we agree otherwise, you must meet the requirements of the Privacy Act, when collecting, using, disclosing and handling personal information on our behalf.
You must also ensure that your agents, employees and contractors meet the above requirements.
We take reasonable steps to ensure that your personal information is safe. We retain personal information in hard copy records and electronically with us or our appointed data storage provider(s). You will appreciate, however, that we cannot guarantee the security of all transmissions of personal information, especially where the internet is involved.
Notwithstanding the above, we endeavour to take all reasonable steps to:
We maintain computer and network security; for example, we use firewalls (security measures for the internet) and other security systems such as user identifiers and passwords to control access to computer systems.
We take reasonable steps to ensure that personal information is current, accurate, up-to-date and complete whenever we collect or use or disclose it.
Throughout our dealings with you we will take reasonable steps to confirm the details of your personal information we hold and ask you if there are any changes required.
The accuracy of personal information depends largely on the information you provide to us, so we rely on you to:
You are entitled to have access to any personal information relating to you which we possess, except in some exceptional circumstances provided by in law. For example, we may refuse access where the:
Where providing access would reveal evaluative information generated by us in connection with a commercially sensitive decision-making process, we will provide an explanation for the decision rather than direct access to the information.
If we refuse access or to give access in the manner requested by you, we will let you know why in writing and provide you with details about how to make a complaint about the refusal.
If we make a correction to your personal information we may retain a copy of the previous information for our records or as required by law.
If you wish to access your personal information please write to The Privacy Officer, The Oxley Group, PO Box 426 Port Macquarie NSW 2444, privacy@oib.com.au.
In most cases we do not charge for receiving a request for access to personal information or for complying with a correction request.
Any personal information provided to us may be transferred to, and stored at, a destination outside Australia, including but not limited to New Zealand, Singapore, United Kingdom and the United States of America. Details of the countries we disclose to may change from time to time. Personal information may also be processed by staff or by other third parties operating outside Australia who work for us or for one of our suppliers, agents, partners or related companies.
When we send information overseas, in some cases we may not be able to take reasonable steps to ensure that overseas providers do not breach the Privacy Act and they may not be subject to the same level of protection or obligations that are offered by the Act. By proceeding to acquire our services and products you agree that you cannot seek redress under the Act or against us (to the extent permitted by law) and may not be able to seek redress overseas. If you do not agree to the transfer of your personal information outside Australia, please contact us.
In the future we may consider the sale or restructure of our business or the purchase of the business of other Insurance Brokers or financial advisers. In such circumstances it may be necessary for your personal information to be disclosed to permit the parties to assess the sale or restructure proposal for example through a due diligence process. We will only disclose such of your personal information as is necessary for the assessment of any sale or restructure proposal and subject to appropriate procedures to maintain the confidentiality and security of your personal information. In the event that a sale or restructure proceeds, we will advise you accordingly.
We may use your personal information, including any email address you give to us, to provide you with information and to tell you about our products, services or events or any other direct marketing activity (including third party products, services and events which we consider may be of interest to you). Without the limitation just described, if it is within your reasonable expectations that we send you direct marketing communications given the transaction or communication you have had with us, then we may also use your personal information for the purpose of sending you direct marketing communications which we may consider may be of interest to you. We may request our related parties to contact you about services and products that may be of interest to you.
You are able to visit our website without providing any personal information. We will only collect personal information through our websites with your prior knowledge, for example where you submit an enquiry or application online.
Email addresses are only collected if you send us a message and will not be automatically added to a mailing list.
A cookie is a small string of information that a website transfers to your browser for identification purposes. The cookies we use may identify individual users.
If you do have a compliant about privacy we ask that you contact our office first to help us to assist you promptly.
In order to resolve a complaint, we:
If you have a complaint please either email us at privacy@oib.com.au or write to us at 1/145 Horton Street, Port Macquarie NSW 2444, and our Privacy Officer will then attempt to resolve the issue or complaint.
When we make our decision, we will also inform you of your right to take the matter to the Office of the Australian Information Commissioner (OAIC) if you are not satisfied. In addition if you have not received a response from us of any kind to your complaint within 30 days, then you have the right to take the matter to the OAIC (contact details are provided below).
If you are not satisfied with our response, you also have a right to have your privacy complaint determined by the Australian Financial Complaints Authority (AFCA). AFCA provides fair and independent financial services complaint resolution that is free to consumers. AFCA will be able to consider complaints relating to a breach of obligations of the Privacy Act or Consumer Data Framework, providing the complaint falls within AFCA’s jurisdiction. We are bound by AFCA’s determinations once accepted by the complainant. You can contact AFCA by:
Online: www.afca.org.au
Email: info@afca.org.au
Phone: 1800 931 678
Mail: Australian Financial Complaints Authority GPO Box 3 Melbourne VIC 3001
If you would like further details of our Privacy Complaints Handling Procedure, please contact our Privacy Officer using the contact details listed above.
We recommend that you retain this information for future reference.
If you wish to gain access to your personal information, want us to correct or update it, have a complaint about a breach of your privacy, wish to withhold your consent (opt out) of providing consent to any of the uses of your information including receiving offers of products or services from us, or have any other query relating to our Privacy Policy, contact our Privacy Officer during business hours on:
Telephone: (02) 6588 7600
Facsimile: (02) 6584 9855
Email: privacy@oib.com.au
Mail: Attention: Privacy Officer
The Oxley Group
PO Box 426
Port Macquarie NSW 2444
We welcome your questions and comments about privacy.
This Privacy Policy is current from 31 October 2018. In the event that this Privacy Policy or any part thereof is amended or modified in the future, the revised version will be available by contacting our office or on our website.
You can also obtain information on privacy issues in Australia on the Office of the Australian Information Commissioner (“OAIC”) website at www.oaic.gov.au or by contacting the OAIC by email at enquiries@oaic.gov.au or by calling on 1300 363 992.