We are committed to protecting your privacy and confidentiality in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and it is one of our prime concerns that any personal or sensitive information you provide to us is not used for any other purpose than that intended and expected by you. This Privacy Policy describes our current policies and practices in relation to the handling and use of personal information.

What information do we collect, hold and how do we use it?

We will collect personal information for primary purposes, which are relevant to providing and administrating our financial products and services. To enable us to provide advice on and arrange financial services, we collect the information needed by ourselves to ensure appropriate advice to you and information required by product suppliers. We will usually provide some or all of this information to our product suppliers. Some of these companies may be located outside Australia. When a claim is made under an insurance policy, to enable us to assist in the claim process, we and our representatives and those of the insurer (including loss adjusters, investigators, medical advisers and lawyers) collect information about the claim, some of which may be personal information. We may collect the information from you or from third parties. We provide this information to the insurer and or their agents and those appointed to assist you in making a claim. Again this information may be passed on to your underwriters and reinsurers. We may use your personal information internally to help us improve our services and help resolve any problems.

What if you don’t provide some information to us?

We can only apply for and arrange financial service products if we have all relevant information. The insurance laws also require insureds to provide all the information required by the end insurer to help them decide whether to insure you and on what terms. Credit Providers also require specific information to help them assess any credit applications that we may facilitate on your behalf.

How do we hold and protect your information?

We hold the information we collect from you in our computer systems. We ensure that your information is safe by following the usual security procedures expected by our clients and in accordance with the guidelines issued by the Office of Australian Information Commissioner (OAIC).

Will we disclose the information we collect to anyone?

We may disclose information to: 

➢ Financial institutions, other Australian Financial Service Licensees, Insurers, underwriters, underwriting agencies, wholesale brokers and reinsurers (for the purpose of seeking recovery from them or to assist them to assess insurance risks); 

➢ Premium funders / Credit providers for the purposes of gaining quotations on and arranging funding of your insurance premiums / financial investments. 

➢ An investigator, assessor, State or Federal Health Authorities, lawyers, accountants, medical practitioners, hospitals or other professional advisors (for the purposes of investigating or assessing your claim); 

➢ A lawyer or recovery agent (for the purpose of defending an action by a third party against you or for the purpose of recovery costs including your excess); 

➢ Contractors who supply services to us, e.g. to handle mailings on our behalf. 

➢ An immediate family member; 

➢ Other companies in the event of a corporate sale, merger, reorganisation, dissolution or similar event

However, we will do our best to ensure that they protect the information in the same way that we do. We may provide this information to others if we are required to do so by law or under some unusual other circumstances which the Privacy Act permits. We do not sell, trade, or rent personal information to others.

How can you access, check, update or change your information?

Upon receipt of your written request from you and enough information to allow us to identify the information, we will disclose to you the personal information we hold about you. We will also correct, amend or delete any personal information that we agree is inaccurate. If you wish to access or correct your personal information please request to speak with the Privacy Officer, through the chat interface on our website or via mail: GPO Box 248, Sydney, NSW, 2001; email: We do not charge for receiving a request for access to personal information or for complying with a correction request. We do however reserve the right to charge you for all reasonable costs and outgoings specifically incurred in meeting your request for information.

Your consent 

By asking us to provide you with our financial services, you consent to the collection and use of the information you have provided to us for the purposes described above.

Complaints about privacy

Should you have a complaint regarding a breach of privacy please contact our Complaints Officer via mail: GPO Box 248, Sydney, NSW, 2001; email:; who will handle the matter in accordance with our formal complaints handling procedures. Your complaint can be lodged over the phone, via mail or email or you may wish to make an appointment with our Complaints Officer at a convenient time and location. We will do all that is reasonable in the circumstances to address your complaint. 

The OAIC can investigate privacy complaints from individuals about our business if we are specifically caught by the Privacy Act 1988 (Privacy Act). We also comply with the Notifiable Data Breach obligations imposed by the Privacy Act. Before a client can lodge a complaint with the OAIC, they will generally need to complain directly to ourselves and allow 30 days for it to respond. If they do not receive a response within 30 days, or they are dissatisfied with our response, they may then complain to the OAIC

Complaints to the OAIC must be made in writing. Further information on the complaints process is available for clients wishing to complain regarding a Privacy Breach at

Information sent overseas

In certain situations it is likely that some or all of the Personal Information that you provide to us may be disclosed to businesses that operate overseas. This would only occur where the product provider / intermediary is based overseas – e.g. Lloyds of London syndicates or brokers and other overseas based insurers and intermediaries or in situations where we utilise “Cloud Computing” services that are situated outside Australia. In all such cases, unless we expressly inform you and obtain your consent to the contrary, we commit to making reasonable enquiries to ensure that these organisations comply with their local privacy legislation where such legislation is comparable to the Australian legislation and to comply with the key components of Australian Privacy legislation in cases where their local legislation is considered inadequate or non-existent.

Information Regarding Your Data Protection Rights Under General Data Protection Regulation (GDPR)

For the purpose of this Privacy Policy, we are a Data Controller of your personal information. 

If you are from the European Economic Area (EEA), our legal basis for collecting and using your personal information, as described in this Privacy Policy, depends on the information we collect and the specific context in which we collect it. We may process your personal information because: 

➢ We need to perform a contract with you 

➢ You have given us permission to do so 

➢ The processing is in our legitimate interests and it's not overridden by your rights 

➢ For payment processing purposes 

➢ To comply with the law 

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. In certain circumstances, you have the following data protection rights: 

➢ The right to access, update or to delete the personal information we have on you 

➢ The right of rectification 

➢ The right to object 

➢ The right of restriction 

➢ The right to data portability 

➢ The right to withdraw consent 

Please note that we may ask you to verify your identity before responding to such requests. 

You have the right to complain to a Data Protection Authority about our collection and use of your personal information. For more information, please contact your local data protection authority in the European Economic Area (EEA).

Website privacy issues

Anonymous Data 

We use technology to collect anonymous information about the use of our website(s)/application, for example when you browse our website(s)/use any of our applications, we may amongst other things, log your server address, the date and time of your visit, the pages and links accessed and the type of browser used. We only use this information for statistical purposes and to improve the content and functionality of our website, to better understand our clients and markets and to improve our services.


Cookies In order to collect data we may use “cookies”. Cookies are small pieces of information which are sent to your browser and stored on your computer’s hard drive. Sometimes they identify users where the website(s)/applications requires information to be retained from one page to the next. This is purely to increase the functionality of the website(s)/applications. Cookies by themselves cannot be used to discover the identity of the user. Cookies do not damage your computer and you can set your browser to notify you when you receive a cookie so that you can decide if you want to accept it.

Web/application beacons 

Our website(s)/applications may contain electronic images, known as beacons or spotlight tags. These enable us to count users who have visited certain parts of the website(s)/applications. These beacons and spotlight tags are not used by us to access your Personal Information, they are simply a tool we use to analyse which content is viewed

Payments processors 

We provide paid products and/or services on our Website(s) / applications. In that case, we use third party services for payment processing (e.g. payment processors). We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy. These payment processors adhere to the standards set by PCI-DSS as managed by the PCI Security Standards Council.


Our Website(s) / applications may allow visitors to submit information via forms (including but not limited to Quotes and Claim Forms.. The information submitted via the forms may not be encrypted. Should you be concerned about the confidentiality of any information provided by any forms please do not hesitate to lodge this information with us via phone or email. We may also use your contact information that you supply to us on our website(s)/applications to send you requested product information and promotional material and to enable us to better manage our relationship with you. We may also notify you via direct marketing about new services and special offers, events or articles we think will be of interest to you. We may send you regular updates by email or by post on insurance matters. If you would rather not receive this information or do not wish to receive it electronically, email or write to us. We may also use your information internally to help us improve our services and help resolve any problems.