Privacy and Data Protection Policy
Arch Underwriting at Lloyd’s (Australia) Pty Ltd (“AUALA”) is a proud supporter of the intent of the Privacy Act 1988 as amended by the Privacy Amendment (Notifiable Data Breaches) Act 2017. OUR aim is to provide the highest service to OUR Australian Policyholders, and to that end, have developed the following procedures for the fair handling of personal information.
Why WE collect personal information
WE collect personal information in order to provide you with insurance and insurance related services. Only information necessary for the completion of the above services, AUALA business, or related activities will be collected. This includes information necessary to consider the risk, administer the insurance, assess a claim and determine competitive and appropriate premiums.
WE may also sometimes collect personal information for the development of better products and services, and for conducting marketing and customer service research. WE may sometimes share this information with OUR related companies in order to serve you better.
WE usually collect identifying information such as your name, address, contact telephone numbers and email addresses. If you are applying for a product WE may offer, WE may also need to collect specific information that will enable US to supply that product to you. WE will collect and store this information in a manner that allows US to assist you in the future.
Some products or services may require US to collect ‘sensitive information’, which may include (but is not limited to) your membership of associations, health data, and criminal records. WE will only collect this type of information where necessary to provide OUR services to you and in accordance with the Privacy Act 1988.
If you do not agree to provide US with the information WE request, WE may not be able to offer you the product or services you seek.
How WE collect personal information
Collection can take place through websites (from data input directly or through cookies and other web analytic tools), email, by telephone or in writing. WE collect it directly from you unless you have consented to collection from someone other than you, it is unreasonable or impracticable for US to do so or the law permits US to.
If you provide US with personal information about another person, you must only do so with their consent and agree to make them aware of this privacy notice.
Who WE disclose your Personal Information to
Your personal information will only be disclosed to third parties where the disclosure is reasonably required in order to carry out AUALA’s business or activities, unless you have authorised otherwise, or if required by law.
The third parties include: OUR related companies and OUR representatives who provide services for US, other insurers and reinsurers, OUR claim management partner(s), your agents, OUR legal, accounting and other professional advisers, data warehouses and consultants, investigators, loss assessors and adjusters, other parties WE may be able to claim or recover against, and anyone else appointed by US to review, and handle complaints or disputes, and any other parties where permitted or required by law.
Security of your personal information
WE will endeavour to protect your personal information from misuse, loss, unauthorised access, modification or disclosure. WE maintain physical security over OUR paper and electronic data stores and premises, by means such as locks and security systems. WE also maintain computer and network security. For example, WE use firewalls (security measures for the Internet) and other security systems such as user identifiers and passwords, to control access to computer systems where personal information is stored.
WE may need to transfer your personal information overseas in order to properly carry out OUR business. The countries in which these recipients of your personal information are located will depend on the types of services WE provide to you, the location of the reinsurer and the location of other services providers. WE are unable to identify this location until such time as the services have been provided and this may be subject to change whilst the services are being provided.
In all cases WE will take reasonable steps to ensure all entities to whom WE transfer your personal information comply with the Privacy Act 1988 including ensuring appropriate security measures are taken by those entities to protect your personal information from unauthorised access and use.
Accuracy of and access to your personal information
WE will take reasonable steps to ensure that the personal information you provide is accurate, complete and up to date, whenever it is used, collected or disclosed. You are entitled to access your personal information if you wish and request correction if required. WE may request reasonable costs from you to cover retrieving this information.
If WE send you any information about services or products, or you do not want US to disclose your personal information to any other organisation you can opt out by contacting US by telephone on 02 8284 8400.
Notifiable Data Breach
If WE identify a breach or suspected breach of your personal information WE will make an assessment expeditiously and within 30 days to determine if a breach has occurred that is likely to cause you serious harm, an “eligible data breach”. If an eligible data breach is identified WE will notify you and the Australian Information Commissioner of the breach as soon as practicable. WE will also provide you with recommendations of the steps you should take in response to the breach. When making contact with you, WE will use the usual method of communication. If WE cannot contact you, WE will place a notice on OUR website.
Complaints regarding the handling of your personal information
If you are dissatisfied about how WE have handled your personal information you have the right to make a complaint about the matter.
In the first instance, please raise your complaint with AUALA by either writing to US at Arch Underwriting at Lloyd’s (Australia) Pty Ltd, Suites 4.01 & 4.02, Level 4, 68 York Street Sydney NSW 2000 or by telephone 02 8284 8400 or email firstname.lastname@example.org. WE will investigate the matters raised by you and respond directly to you within 30 days.
If you are dissatisfied with OUR response, you should refer the matter to the Office of the Australian Information Commissioner:
GPO Box 5218, Sydney NSW 2001.
Phone toll free: 1300 363 992
TTY: 133 677 then ask for 1300 363 992