TOP

LOGIN
General Reinsurance Life Australia Privacy Policy (New Zealand)

Who we are

In this Privacy Policy “we”, “our”, and “us” refers to General Reinsurance Life Australia. We offer life and health reinsurance in Australia, New Zealand and other Oceania countries. 

Our commitment to privacy and responsible use of information

  1. We respect rights to privacy and are committed to safeguarding the privacy of our customers and information they share with us.
  2. This policy sets out how we collect, store, use, protect, handle and disclose personal and health information. We will do this in accordance with the Privacy Act 2020 and Health Information Privacy Code 2020.
  3. “Personal information” means information about an identifiable individual. This includes information such as name, date of birth, gender, marital status, email address, details about employment including salaries and employment history, or any other type of information that can identify an individual, either directly or indirectly.
  4. “Health information” means the information or classes of information about an identifiable individual set out in section 4(1) of the Health Information Privacy Code. This includes information such as information about the health of that individual including their medical history, information about any disabilities that individual has or has had, or information about any health services or disability support services that are being provided or have been provided to that individual.
  5. By providing us with personal and health information, whether directly or indirectly, the individual agrees to this Privacy Policy.

What information is collected

  1. As a company offering reinsurance products, we collect and hold a range of personal and health information from and about individuals who are insured under policies issued by our customers (insurance companies). We only collect personal and health information from individuals that is necessary for our business functions or activities and in accordance with the provisions of the Privacy Act and the Health Information Privacy Code.
  2. We may, from time to time, receive and store personal information from third parties either provided to us directly or given to us in other forms. We will receive basic information such as:
    • name;
    • phone number;
    • address;
    • email address;
    • date of birth.
    This will be used only to send information, provide updates and process the product that is necessary to carry out our business functions or activities.
  3. We may also collect additional personal and health information at other times either directly or indirectly, including but not limited to:
    • employment details;
    • income including but not limited to, salary and wages, investments, fee income;
    • sources of income;
    • citizenship status;
    • financial information including, but not limited to, assets and liabilities;
    • individual medical history;
    • family medical history;
    • claims history;
    • pastimes and pursuits;
    • lifestyle;
    • travel plans;
    • occupational duties;
    • feedback; and
    • information about personal or business affairs.

How we collect information

  1. Where it is reasonable and practicable to do so, we collect personal and health information about an individual directly from the individual and not from third parties.

    In many circumstances though, in view of our business as a reinsurer, this is not practicable. We may collect personal and health information indirectly from various third parties (whether based in New Zealand or overseas) including:
    • insurance companies;
    • claims assessors;
    • loss adjusters;
    • investigators;
    • claims managers;
    • chief medical officers;
    • legal representatives;
    • accountants;
    • treating medical and health professionals;
    • rehabilitation service providers;
    • the individual’s employer (if applicable); and
    • other General Reinsurance group entities.
    If such information is not provided to us, we may not be able to provide your insurer with the reinsurance services they have requested and this may affect the insurer’s ability to provide you with the relevant insurance.

    If we do collect such information identified above, we will not use it for any other purpose and hold it in accordance with the Privacy Act and the Health Information Privacy Code.

How we use information

  1. We may collect, hold, use and disclose personal and health information collected from individuals, whether directly or indirectly, for various purposes associated with our business, including:

    • to undertake and complete reinsurance transactions;
    • risk analysis and reinsurance underwriting;
    • management of claims;
    • accounting and auditing;
    • risk management;
    • portfolio analysis;
    • complaints management; and
    • legal, regulatory and compliance purposes.

    If personal and health information is withheld, it may not be possible for us to provide our products and services.

  2. If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal and health information, and non-personal and non-health information contained in those databases.

How we disclose information

  1. We may disclose personal or health information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, legal proceedings or in response to a law enforcement agency request.
  2. We may disclose an individual’s personal or health information to the following:
    • auditors;
    • legal representatives and other external advisors;
    • other General Reinsurance group entities and related parties;
    • third party service providers who we engage to assist us to conduct our business;
    • government or regulatory bodies (as required or authorised by law);
    • other organisations who in conjunction with us provide goods and services to the individual;
    • professional associations or organisations with whom we conduct an affinity relationship;
    • any person or organisation which the individual wishes to authorise to act on their behalf or to whom the individual provides consent (we require the individual to notify us of this, in writing); and
    • any person or organisation that has information that is necessary for one or more of our business functions or activities.
  3. We will comply with all our legal obligations when we disclose an individual’s personal or health information including our obligations under the Privacy Act and Health Information Privacy Code if we do disclose personal and health information to a third party.
  4. Where we disclose personal or health information, we require the receiving parties to adhere to our strict confidentiality requirements for the use and handling of personal or health information and also seek to ensure that they adhere to the Privacy Act and the Health Information Privacy Code.
  5. We may also disclose personal or health information to overseas recipients, including General Reinsurance group entities with locations in Canada, China, European Union, Hong Kong, India, Australia, Singapore, South Africa, the United Kingdom and the United States. If personal or health information is disclosed to overseas recipients, we will require the receiving parties to adhere to and handle the personal Information in accordance with the Privacy Act and the Health Information Privacy Code.

How we store information

  1. We take all reasonable steps to make sure your personal and health information is kept safe from loss, unauthorised access, modification or disclosure and/or misuse, in accordance with our obligations under the Privacy Act and Health Information Privacy Code. We may store your personal and health information overseas.
  2. We hold personal and health information electronically in various internal systems and databases including shared drives, email, document management systems and in hard copy. We have reasonable security measures in place to secure the personal and health information including firewalls, protection against malware and secure logon procedures. We also maintain reasonable security procedures for holding physical information, including electronic building entry and storage procedures.
  3. All contractual arrangements with third parties (whether located within or outside of New Zealand) impose appropriate privacy and confidentiality obligations on those third parties to ensure that personal and health information that we impart is kept secure and in accordance with our obligations under the Privacy Act and Health Information Privacy Code.

Access to information

  1. An individual has the right to request details of personal and health information that we hold about them. We will attend to a request as soon as is reasonably practicable after receiving the request and in accordance with our obligations under the Privacy Act and Health Information Privacy Code. If the individual would like a copy of the information which we hold about them they should contact our Privacy Officer. (See section “How to contact us” for contact details).
  2. A reasonable fee may be charged for retrieving and sending an individual their personal or health information.
  3. There may also be circumstances in which we cannot provide individual access to the personal and health information we hold. We reserve the right to refuse to provide information that we hold, in certain circumstances set out in the Privacy Act and Health Information Privacy Code or any other applicable law. If we refuse to provide information, we will give you reasons.
  4. If an individual is seeking information on another person’s behalf, we will require additional written authorisation from that individual.

Correction of information

  1. We will take reasonable steps to make sure that personal and health information we collect, store, handle, use or disclose is accurate, complete, up-to-date, relevant and not misleading.
  2. If any individual believes that any information we hold on them is inaccurate, out of date, incomplete, irrelevant or misleading, they have the right to request that we change the information by contacting our Privacy Officer. We will attend to each request as soon as is reasonably practicable after receiving the request and in accordance with our obligations under the Privacy Act and Health Information Privacy Code.
  3. In order to process any request for access or correction of an individual’s personal or health information, we will need to obtain a minimum level of information from an individual including the following:
    • full name;
    • date of birth; and
    • details of the request including supporting information, evidencing the individual’s right to access the data.
  4. Where it is established that personal and health information in relation to an individual is inaccurate, out of date, incomplete, irrelevant or misleading, we will take all reasonable steps necessary to correct the information so that it is accurate, complete, up-to-date, relevant and not misleading. If we disagree about whether the information is accurate, complete, up-to-date, relevant and not misleading, and the individual requests us to associate with the information a statement claiming that the information is inaccurate, out of date, incomplete, irrelevant or misleading, we will take all reasonable steps to do so.

Complaints

  1. If an individual believes that their privacy has been interfered with, including if they disagree with our reasons for withholding information from them, or believes that we have not complied with an obligation under the Privacy Act or breached the Health Information Privacy Code, the individual can make a complaint to our Privacy Officer or the Office of the New Zealand Privacy Commissioner
  2. If the complaint is made to our Privacy Officer, we will promptly acknowledge and investigate complaints in accordance with our obligations under the Privacy Act and the Health Information Privacy Code. The Privacy Officer’s contact details are provided at the end of this Privacy Policy.
  3. If an individual is not satisfied with how we have dealt with an individual’s complaint after it has been through our internal process, then the individual may refer the complaint to the Office of the New Zealand Privacy Commissioner via their website here.

Further Information

  1. Further information regarding the Privacy Act and the Health Information Privacy Code can be obtained through the Office of the Privacy Commissioner on their website.
  2. The Office of the Privacy Commissioner can be contacted as follows:
    • 0800 803 909
    • enquiries@privacy.org.nz
    • https://www.privacy.org.nz/news/contact-us/

How to contact us

All correspondence relating to privacy matters should be addressed to:

  • Privacy Officer
  • General Reinsurance Life Australia
  • Level 20, 1 O’Connell Street
  • Sydney, 2000
  • New South Wales
  • Australia
  • Phone +61 2 8236 6148
    EmailPrivacyANZ@genre.com
      

This policy was last updated on 11 June 2025 and is current at the present time.