Who we are
Our commitment to privacy and responsible use of personal information
The Privacy Act outlines the Australian Privacy Principles, which set the minimum standards for how private sector organisations should collect, use, handle and disclose personal information.
We are bound by, and will abide by, the Australian Privacy Principles and the Privacy Act.
"Personal information" means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- (a) whether the information or opinion is true or not; and
- (b) whether the information or opinion is recorded in a material form or not.
What personal information do we collect and hold?
As a company offering reinsurance products, we collect and hold a range of personal information from and about individuals who are insured under policies issued by our customers (insurance companies). We only collect personal information including sensitive information, from individuals that is necessary for our business functions or activities and in accordance with the provisions of the Privacy Act.
- date of birth;
- employment details;
- income including but not limited to, salary and wages, investments, fee income;
- sources of income;
- citizenship status;
- medical history;
- income amounts and sources;
- financial information including, but not limited to, assets and liabilities;
- individual medical history;
- family medical history;
- claims history;
- pastimes and pursuits;
- travel plans; and
- occupational duties.
How do we collect and hold personal information?
Where it is reasonable and practicable to do so, we collect personal information about an individual directly from the individual and not from third parties. In many circumstances though, in view of our business as a reinsurer, this is not practicable. We could collect personal information from various third parties including:
- insurance companies;
- claims assessors;
- loss adjusters;
- claims managers;
- chief medical officers;
- legal representatives;
- treating medical and health professionals;
- rehabilitation service providers;
- the individual’s employer (if applicable); and
- other General Reinsurance group entities.
At all times, we only collect personal information, including sensitive information, about an individual in accordance with the provisions of the Privacy Act.
We hold personal information electronically in various internal systems and databases including shared drives, email, document management systems and in hard copy.
Why do we collect, hold, use and disclose personal information?
We collect, hold, use and disclose personal information for various purposes associated with our business including:
- to undertake and complete reinsurance transactions;
- risk analysis and reinsurance underwriting;
- management of claims;
- accounting and auditing;
- risk management;
- portfolio analysis;
- complaints management; and
- legal, regulatory and compliance purposes.
To what other organisations do we disclose personal information?
The Australian Privacy Principles allow us, in certain circumstances, to disclose to related entities and to third parties personal information that has been disclosed to us and to our related parties. We may disclose an individual's personal information for the purposes listed above to the following:
- legal representatives and other external advisors,
- other General Reinsurance group entities and related parties;
- third party service providers who we engage to assist us to conduct our business;
- government or regulatory bodies (as required or authorised by law);
- other organisations who in conjunction with us provide goods and services to the individual;
- professional associations or organisations with whom we conduct an affinity relationship;
- any person or organisation which the individual wishes to authorise to act on their behalf or to whom the individual provides consent (we require the individual to notify us of this, in writing); and
- any person or organisation that has information that is necessary for one or more of our business functions or activities.
Where we disclose personal information, we require the receiving parties to adhere to our strict confidentiality requirements for the use and handling personal information and also seek to ensure that they adhere to the Australian Privacy Principles.
We may also disclose personal information to overseas recipients. If personal information is disclosed to overseas recipients, we will require the receiving parties to adhere to the Australian Privacy Principles and to handle the personal information in accordance with the Australian Privacy Principles.
It is not reasonably practicable to list all of the overseas countries to which personal information may be disclosed by us but it is likely that if personal information is so disclosed, such countries could include Germany, New Zealand and the United States of America.
How does an individual access the personal information we hold about the individual?
A reasonable fee may be charged for retrieving and sending an individual their personal information.
There may be circumstances in which we cannot provide individual access to the personal information we hold.
We will provide an individual with reasons for denial of access. We reserve the right to refuse access under the grounds permitted by the Privacy Act.
Correction of personal information
We will take reasonable steps to make sure that personal information we collect, use or disclose is accurate, complete and up-to-date.
If an individual believes that the personal information we hold about the individual is not accurate, complete or up to date, the individual has the right to request that we change the information by contacting our Privacy Officer.
We will attend to each request as quickly as possible.
In order to process any request for access or correction of an individual's personal information, we will need to obtain a minimum level of information from an individual including the following:
- full name;
- date of birth; and
- details of the request including supporting information, evidencing the individual's right to access the data.
Where it is established that personal information in relation to an individual is not accurate, complete or up-to-date, we will take all reasonable steps necessary to correct the personal information so that it is accurate, complete and up-to-date. If we disagree about whether the information is accurate, complete and up-to-date, and the individual requests us to associate with the information a statement claiming that the information is not accurate, complete or up-to-date, we will take all reasonable steps to do so.
If an individual is seeking information on another person's behalf, we will require additional written authorisation from that individual.
Do we collect sensitive information?
As a company offering reinsurance products to our clients, it is often necessary to collect an individual’s sensitive information in order to provide these services. Without the individual’s consent to collect and disclose this information, we would be unable to offer our services to the insurance companies.
Sensitive information includes information or an opinion relating to a person's racial or ethnic origin, political views of memberships, religious beliefs or affiliations, membership of a professional or trade association or trade union, sexual orientation or practices and criminal record. It also includes information about a person's health or medical history.
We will only collect, handle, use and disclose sensitive information about an individual in accordance with the provisions of the Privacy Act.
Outsourcing and contractual arrangements
Privacy training and education
Complaints and disputes
If an individual is not satisfied with how we have dealt with an individual's complaint, the individual may refer the complaint to the Financial Ombudsman Service or the Superannuation Complaints Tribunal whose details are as set out below.
- Financial Ombudsman Service Limited
- GPO Box 3
- Melbourne VIC 3001
- 1300 780 808
- Superannuation Complaints Tribunal
- Locked Bag 3060
- Melbourne VIC 3001
- 1300 884 114
Should an individual require clarification on any particular matter or need further information on any privacy matters, our Privacy Officer can be contacted at the contact details below.
Further information regarding the Privacy Act can be obtained at:
- 1300 363 992 (Hotline for the Office of the Australian Information Commissioner)
How to contact us
All correspondence should be addressed to:
- Privacy Officer
- General Reinsurance Australia
- Level 20, 1 O’Connell St, Sydney, 2000
|Phone||02 8236 6100|
|Fax||02 9222 1525|