Privacy Policy

Privacy_Policy.jpg

Click here to view our Credit Information Policy.

Our Privacy Policy

We respect the privacy of the personal information that is provided to us and this Privacy Policy explains how we handle it.

Our Privacy Policy applies to any personal information you provide to us and any personal information we collect about individuals from other sources. We also have a Credit Information Policy which applies specifically to our handling of personal information collected in connection with a credit application or a credit facility.

Why we collect personal information

We collect personal information to provide the insurance and financial products and services we offer (including without limitation any Commonwealth entity function services) and to manage our rights and obligations in relation to:

  • developing and identifying products and services that may interest you;
  • conducting direct marketing, market research campaigns or customer satisfaction research;
  • developing, establishing and administering alliances and other arrangements with other organisations (including financiers and other insurers) in relation to the promotion, administration and use of our respective products and services;
  • assessing your application for employment and to maintain an employment relationship; or
  • providing assistance to other Commonwealth entities and companies in relation to the operation and administration of financial arrangements and agreements of those Commonwealth entities.

What personal information we collect and hold

General information

The types of personal information we may collect and hold about you includes, but is not limited to:

  • identification information such as your name(s), date of birth, contact details (personal and/or business), address, drivers’ license and passport details, telephone and fax numbers and email address;
  • personal information where you apply for a job with us or during your employment with us (including from background screening providers);
  • personal information provided when you establish a business relationship with us;
    • contact and identification details of any third party that you have authorised to negotiate or provide your personal information on your behalf;
    • any correspondence between you and us.

Sensitive information

In certain circumstances, we may also collect sensitive information about you with consent for example:

  • information about your membership of professional or trade associations;
  • in relation to employees, criminal record information (as part of background screening), or health information including details of medical conditions and dietary requirements.

When the law authorises or requires us to collect information

We may collect information about you because we are required or authorised by law to collect it.  We require your personal information to verify your identity for the purposes of Commonwealth Anti-Money Laundering law.

What we collect via your website activity

Site Visit Data

Our website hosting provider makes a record of your visit and logs the following information for statistical purposes: the user's server address; the user's top-level domain name; the date and time of the site visit; the pages accessed and documents downloaded; the previous site visited and the type of browser used.

This information is collected to facilitate website and system administration.

No attempt will be made to identify users or their browsing activities except in the unlikely event of an investigation, for example, if a law enforcement issues a warrant to inspect our hosting provider's logs.

External sites that are linked to or from our website are not under our control and users should view their privacy policies separately.

Use of “Cookies”

Cookies are used on our website to supplement the site visit data described above.

What is a cookie?

A cookie is a small text file that a website server gives to a browser the first time the user visits the site and updates with each return visit. Cookies can store information such as user name and password and what parts of the site were visited. Accepting a cookie does not give access to your computer nor to your personal information. We use cookies to monitor your use of the website, to observe behaviour, compile aggregate data and provide users with an improved and more effective service. There are two types of cookies: temporary and log cookies. Temporary cookies are required and tell the website server which page to pull up next. Efic's website uses traffic log cookies to show what pages are being used on its site.

How we collect and hold your personal information

We collect personal information in the following ways:

  • directly from you or the individual to whom the information relates, including through our website, by telephone, in person and in paper and electronic documents (including forms or applications) completed and provided to us;
  • through our representatives, advisers and other third parties, including our professional advisers, government including agencies and departments, law enforcement agencies and our partners and contracted service providers;
  • from credit reporting agencies and from financiers, advisers and representatives of the individual to whom the information relates;
  • from our records of Efic products or services to which you (or a related company or entity) have subscribed; and
  • from publicly available sources.

How we store information transmitted electronically

Your information supplied to Efic via our website or other electronic means is held securely and only used and disclosed as set out in this Privacy Policy. However, you should be aware that communications via the internet are not entirely secure and information you send to Efic is not necessarily secure during transmission.

If you are concerned about sending us information over the internet, you may be able to download the relevant form and post it to us or provide it to us in person.

How we use your personal information

We use and disclose personal information for the purpose for which we collect the information (see above).

We may also use or disclose personal information we collect for secondary purposes that are otherwise permitted under the law, including where:

  • the individual consents;
  • the individual would reasonably expect the use or disclosure, and the secondary purpose is related, or in the case of sensitive information, directly related, to the primary purpose;
  • the use or disclosure is required or authorised by law or court order; or the use or disclosure is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

Who we share your personal information with

We sometimes need to share your personal information with others.

We disclose personal information to third parties located in Australia or overseas where we believe such disclosure is necessary to assist us in providing our products and services or to perform our functions. We may disclose your personal information to:

  • our external advisers (for example, our lawyers, accountants and auditors)
  • other insurers;
  • other financiers;
  • government entities, companies and departments;
  • our business partners and service providers we engage to support or assist us to perform our functions and duties, including for example in connection with our products and services;
  • third parties engaged by Efic for promotional activities or direct marketing purposes with your consent;
  • anyone to whom we are required or authorised to disclose information to, by or under Australian law or a court/tribunal order; and
  • with your consent, other entities.

The parties listed above may in turn disclose your personal information to other parties as referred to within their privacy policies or equivalent.

We may disclose personal information to third parties by electronic means, including via the Internet. Except where you have consented, we limit the use and disclosure of any personal information provided by us to third parties to the purpose for which it was supplied to us and related purposes.

Giving us personal information

If you give us personal information about other individuals, we rely on you to have made them aware:

  • that you will or may provide that information to us;
  • of the purposes for which we use it;
  • of the types of third parties to whom we may disclose it; and
  • of how those individuals may obtain access to personal information relating to them.

Where the personal information is sensitive information, we rely on you to have obtained the relevant individual’s consent to the above. If you have not done these things, you must tell us before you provide the relevant information.

How we store your personal information

The security if your personal information is important to us and we take reasonable steps to protect any personal information we hold from misuse, interference and loss and from unauthorised access, modification or disclosure.

We may store your personal information in different forms, such as in hard copy or in electronic form.  We maintain physical security such as locks and security systems over our premises and paper and electronic data stores. We also maintain security over our computer network. For example, we use firewalls (security measures for the Internet) and other security systems such as user identifiers and passwords to control access to computer systems.

We impose confidentiality obligations on third parties that handle personal information on our behalf.

How you access your personal information

It is important that the personal information which we hold about you is complete, accurate and up-to-date, including so that we can properly conduct business.  As such, we may ask you to tell us of any changes to your personal information while we continue to hold it.

We will, on request (via the contact details set out below), provide you with access to personal information we hold about you subject to exceptions permitted by law. If we cannot, then we will let you know in writing.

How you correct your personal information

We will, on request (via the contact details set out below) correct your personal information if you believe information we hold is out-of-date, inaccurate, incomplete, irrelevant or misleading. Where we cannot correct your personal information we will let you know in writing and on request, take reasonable steps to record a statement on our files that you have a contrary view.

Our response to your requests

We will respond to your request for us to provide access to and/or correct personal information within 30 days without any cost to you. If we cannot respond within this timeframe, we will contact you and provide a reason for the delay and our anticipated timeframe for responding to your request. 

How to opt out of receiving marketing information

If we send you information about products or services that you do not wish to receive, you can inform us that you wish to opt out by contacting us (via the contact details set out below).

How to make a complaint

If you have a complaint about how we handle your personal information, please contact us using the contact details below. Please note that we will ask you to lodge your complaint in writing.  We will endeavour to understand and resolve your complaint as soon as possible, in accordance with our Complaints Mechanism.

If you make a privacy complaint to us and are not satisfied that the matter has been resolved satisfactorily, you can lodge a formal complaint with the Office of the Australian Information Commissioner (OAIC).  Further information about making a privacy complaint to the OAIC is available at: http://www.oaic.gov.au

You are able to make a complaint directly to the OAIC rather than to us. In most cases, however, it is likely that the OAIC would refer you to us, in the first instance, to see if your complaint can be resolved without requiring the involvement of the OAIC.

Changes to this policy

We will review this Privacy Policy from time to time as necessary.

Any amendments will be notified by posting an updated version on our website and will be effective from the date of posting.

How to contact us

If you wish to contact us regarding our handling of your personal information or any of the matters covered in this Privacy Policy, you can contact our Privacy Officer:

  • by post: Level 10, 22 Pitt Street, Sydney NSW 2000
  • by phone: +61 2 8273 5333
  • by email: privacy@efic.gov.au