Privacy Policy

Our Privacy Policy

This Privacy Policy applies to the operations of Epsilon Insurance Broking Services Pty Ltd t/as Epsilon Underwriting Agencies ABN 68 097 402 134 AFSL 245612 (“we” or “us”) and explains how we manage your personal information. We are committed to ensuring your privacy in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles. This Privacy Policy describes our current policies and practices in relation to the handling and use of personal information.

What is Personal & Sensitive Information?

Personal Information is any information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not, including sensitive information; and whether the information or opinion is recorded in a material form or not. Sensitive information is a form of personal information and includes information or opinion about an individual’s racial or ethnic origin, political opinions, membership of a political organisation, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, health information about an individual, genetic information, biometric information or templates.

What information do we collect and how do we use it?

The personal information we generally collect, and hold, for the purposes of providing a product or service to you, may include your name, address, age and/or date of birth, information specific to the insurance product or service which you apply for or which we provide to you, such as details of your property, insurance and claims history. For some of our products and services, we also collect and hold sensitive information, including information or an opinion about your health or a disability, memberships of professional or trade associations and criminal record.

For employment applications, we collect and hold your name, address, contact details, employment history, qualifications and experience, references and names, contact details of your referees and criminal record, as required.

We attempt to limit the collection and use of sensitive information from you unless we are required to do so in order to carry out the services provided to you. However, we do not collect sensitive information without your consent.

How personal information is collected and held

The method by which personal information may be collected will depend on the nature of the insurance products and services being provided. We may collect your personal information in writing, by email, by facsimile, through information submitted via our online services and verbally in person and by telephone. We generally collect your personal information from your nominated insurance broker or you, your other agents and representatives.

In some circumstances, we may obtain your personal information from third parties claiming under your policy, publicly available sources such as the internet, our claim administrators, claim assessors and investigators, expert witnesses, witnesses, medical service providers, law enforcement officers and statutory and regulatory bodies. This will generally be collected to clarify or assess information that you have provided on your proposal or claim form.

Your personal information is held in secure environments including computer systems and databases, paper records and telephone recordings. We may utilise related companies, agents and third-party suppliers for data storage services.

When your Personal Information is no longer needed for the purpose for which it was collected or for any other lawful purpose, we will take reasonable steps to destroy or permanently de-identify it. You may request in writing to us the destruction of your personal information we hold, and we will consider the request and respond within 30 days of such request. However, most Personal Information is or will be stored securely and retained for a minimum of 7 years, in accordance with legal and professional record-keeping requirements.

We also maintain safeguards during the retention and destruction phases to help prevent any unauthorised access, intentional or reckless misuse of your information, in line with our obligations under privacy law.

IP Address and Cookies

We may collect information about your computer, including where available your internet protocol (IP) address, operating system and browser type, for system administration and to report aggregate information. This is statistical data about our users' browsing actions and patterns and does not identify any individual.

For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. By themselves cookies cannot be used to identify any individual or reveal personal information. Cookies contain information that is transferred to your computer's hard drive. They help us to improve our website and to deliver a better and more personalised service. They enable us:

• To estimate our audience size and usage pattern.
• To store information about your preferences, and so allow us to customise our website according to your individual interests.
• To speed up your searches.
• To recognise you when you return to our website.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting, you may be unable to access certain parts of our website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our website.

Why we collect, hold and use your personal information

Epsilon may collect your personal information for the purpose of assessing an application for insurance and, if the application is accepted, to administer and manage the insurance policy and respond to any claim made. We may also use your personal information for the purpose of designing or underwriting new insurance products, for research and analytical purposes, to perform administrative functions (including, for example but not limited to, employment, accounting, risk management and staff training), and to comply with our legal obligations.

All personal information is collected and handled lawfully and with regard to your reasonable expectations of privacy. We take steps to ensure that any use or disclosure of your information does not amount to a serious misuse or loss, or intentional or reckless interference with your privacy, in accordance with our obligations under the Privacy Act.

Where the personal information is sensitive – such as health and medical information – we will also obtain your consent before collecting the information unless we are permitted by law or an exception under the Act applies.

If you do not consent to provide us with the personal information that we request or withdraw your consent to the use and disclosure of your personal information at any stage, this may affect our ability to offer you the products or provide the services that you seek.

Direct Marketing

From time to time, we may use the contact details you have provided, including your email address, to send you direct marketing communications such as general product information, flyers, updates, newsletters, and other information about our services, products, events, or third-party offerings that we consider may be of interest to you. These communications will always identify us as the sender.

We may also ask our related companies to contact you about services or products that may be relevant to you. Email addresses are only collected if you initiate contact with us and are not automatically added to any mailing list.

Where it is within your reasonable expectations given your relationship or previous communications with us, we may send you direct marketing without additional consent sought.

You can opt out of receiving marketing communications at any time by emailing compliance@epsiloninsurance.com. We will action your request promptly within five business days, in accordance with our legal obligations, and will no longer send you these communications.

Who we may disclose your personal information to and why

Your personal information will only be disclosed to third parties where the disclosure is reasonably required to provide you with insurance and insurance related services and to conduct our business, or for any of the purposes outlined in this Privacy Policy. Personal information for the purposes outlined above may be shared on a confidential basis with our related entities, insurers, reinsurers, agents and service providers, including anyone we or your insurer has appointed to assist us or your insurer to consider your claim, for example loss adjusters, investigators, lawyers, medical professionals, repairers and suppliers, your employer, other insureds and interested parties under your insurance, external data storage providers, our advisors, statutory and regulatory bodies.

Disclosure to overseas recipients

In some instances, our service providers and related companies to which we disclose personal information may be located overseas. The countries in which these service providers and related companies are located may vary from time to time, but include Singapore, Switzerland, United States of America, United Kingdom and the European Union.

Where personal information has been disclosed to an overseas recipient, there is a possibility that in certain cases that recipient may be required to disclose it under a foreign law. Where this occurs, such disclosure is not a breach of the Act.

Our insurers and other third parties who are located in Australia may also disclose your personal information overseas in accordance with the provisions of their privacy policies.

Where you apply for employment with us, we may disclose your personal information to related companies, agents and service providers, and to insurers and reinsurers who may be located in Singapore, Switzerland, United States of America, United Kingdom and the European Union.

Your consent

By asking us to provide you with insurance and insurance related services, you voluntarily consent to the collection, use and disclosure (including overseas disclosure) of the personal information you have provided to us for the purposes described in this Privacy Policy.

By applying for employment with us, you consent to the collection, use and disclosure of the personal information you have provided to us for the purposes described in this Privacy Policy.

In providing your consent, you also acknowledge that Epsilon has implemented reasonable safeguards to avoid any serious, intentional or reckless invasions of your privacy, consistent with current privacy laws.

Your consent remains valid for the duration of your insurance relationship with us unless withdrawn in writing. You may withdraw consent at any time, subject to legal and contractual obligations.

Personal information about others

Where you provide personal information about others, you represent to us that you have made them aware that you will do so, the types of third parties we may disclose it to, the purposes we and such third parties use it for, how they can access it and how complaints about privacy may be made. Where you provide sensitive information about others, you represent to us that you have obtained their consent on these matters. If you have not and will not do so, you must tell us before you provide us with another’s sensitive information.

Accessing and seeking correction of your personal information

We will take reasonable steps to ensure that the personal information we hold about you is accurate, complete, relevant, and up-to-date and is not misleading when it is collected, used or disclosed. You may contact us to request access to your personal information that we hold at any time and request us to correct any errors in that information. When making a request to access your personal information, we will carry out a verification process in order to determine that your information is not accessed by other individuals.

How we store your personal information

We store your personal information in our computer systems, data bases and in paper records and take reasonable precautions to ensure the security of all personal information is adequate to protect it from being used or disclosed for any other purposes other than the provision of our insurance products and services.

We maintain physical security over our paper and electronic data stores and premises by using locks and security systems. We also maintain computer and network security by utilising firewalls, encryption, user identifiers, multifactor authentication (MFA)and passwords to control access to computer systems where your personal information is stored.

We maintain controls to prevent the intentional or reckless misuse of personal information. Our employees are routinely trained on their privacy obligations, and we have internal procedures to detect and respond to inappropriate access, use or disclosure of your information.

How to contact us or make a complaint

If you would like more information about how we manage your personal information, wish to request access to or correction of your personal information, please contact our Privacy Officer, using the ‘How to Contact Us and Opt Out Rights’ details set out at the end of this Policy.

If you are not satisfied with our response, you may be able to refer the matter to the Australian Financial Complaints Authority, subject to its Terms of Reference, or to the Office of the Australian Information Commissioner who can be contacted on:

Australian Financial Complaints Authority

GPO Box 3
Melbourne VIC 3001
Phone: 1300 931 678
http://www.afca.org.au

Office of the Australian Information Commissioner

GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992
http://www.oaic.gov.au

We take all complaints seriously, especially those concerning potential serious invasions of privacy. We will assess any claim involving alleged intentional or reckless misuse of your personal information in line with the applicable laws and our duty of care.

Updating this Privacy Policy

We may make changes to this Privacy Policy from time to time for any reason. The revised version will be available at our office or on our website.

How to contact us and opt out rights

If you wish to gain access to your personal information, want us to correct or update it, have a complaint about a breach of your privacy, wish to withdraw your consent to any of the uses of your information including receiving offers of products and/or services from us, or have any other query relating to our Privacy Policy, please contact us on:

Privacy Officer

Epsilon Insurance Broking Services Pty Ltd

Suite 1303, Level 13, 1 Market Street,

Sydney NSW 2000

Phone: +61 2 9299 3466

Email: compliance@epsiloninsurance.com