Information Handling Policy
Effective 18 May 2018.
1. Who We Are
1.1 In this Information Handling Policy, references to ‘we’, ‘our’, ‘us’ and ‘ClearView’ are to ClearView Wealth Limited and its subsidiaries.
2. Your Privacy
2.1 This Policy sets out how we manage your Personal Information. We respect the privacy of any Personal Information we collect about you and are committed to ensuring that this is handled in accordance with the provisions of the Privacy Act 1988, the Australian Privacy Principles, the FSC Life Insurance Code of Practice and any other applicable privacy related laws. This Policy may be updated from time-to-time.
From 25 May 2018, the General Data Protection Regime (GDPR) applies in respect of European Union (EU) countries. If you are an EU-resident, ClearView must comply with the GDPR requirements in relation to managing your personal data (as defined in the GDPR). If you are an EU-resident and you would like more information on the GDPR, please see here and here.
3.1 In this Policy:
Authorised Representative means an Authorised Representative as defined in the Corporations Act 2001.
ClearView Group means ClearView Wealth Limited and all of its subsidiaries.
Credit Representative means a person authorised to engage in specified credit activities on behalf of a credit licensee or registered person under the National Consumer Credit Protection Act 2009 (Cth).
Eligible data breach means unauthorised access to or unauthorised disclosure of personal information and a reasonable person would conclude that the access or disclosure would be likely to result in serious harm to any of the individuals to whom the information relates.
Financial Service means the provision of financial products such as life insurance, superannuation and retirement income, managed investments and financial planning services and financial product advice.
GDPR means the European Union General Data Protection Regulation 2016/679 (as amended from time to time).
Independent Service Provider means someone ClearView enters into an agreement with, to assist with administration or management of a claim by a client on their life insurance policy. This may include, but is not limited to, an independent medical assessor, a rehabilitation provider, an allied health professional, an accountant, an investigator, surveillance operative or claims management service. This excludes reinsurers.
Personal Information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not, and whether recorded in a material form or not.
Sensitive Information means information or an opinion about an individual’s:
- racial or ethnic origin;
- political opinions or membership of a political association;
- religious or philosophical beliefs or affiliations;
- membership of a professional or trade association or trade union;
- sexual orientation or practices; or
- criminal record
that is also Personal Information; or
- health information about an individual;
- genetic information about an individual that is not otherwise health information;
- biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or
- biometric templates.
4. What kind of Personal Information does ClearView Hold?
4.1 The kind of Personal Information we hold may vary depending on our interaction with you. If you apply to be a customer, are currently a customer, or have previously been a customer, the Personal Information we may hold about you may include:
- name, address, gender, marital status, contact details and date of birth;
- payment details such as Auto-Pay and direct debit/credit details;
- records of service contacts such as voice recordings of telephone conversations;
- census and statistical-type information for purposes including product development and risk assessment;
- claims details such as date, amount claimed and amount paid;
- tax file number;
- details of the Financial Service you applied for and details of any financial products you have purchased or invested in (including account details);
- your financial interests and sometimes your financial position;
- occupation and employer details;
- for insurance products – certain medical, family and lifestyle information; and
- credit information.
4.2 Generally, we do not hold Personal Information about non-customers. However, there are some exceptions, including, without limitation:
- those people who have contacted us for information about our Financial Services;
- where we purchase a data list from a third party provider;
- where a customer has provided Personal Information to us about another person which we need to provide our products or services;
those people who have been provided with a Financial Service by one of our Authorised Representatives or Credit Representatives.
4.3 We may also hold Personal Information about persons who have agreed to pay or act on behalf of our customers.
4.4 If you apply for certain Financial Services or make a claim under certain products, we may need to collect Sensitive Information about you. Sensitive Information which we may collect includes, but is not limited to, medical history, health information and information about your profession or trade. We collect, use and disclose Sensitive Information only in accordance with the Privacy Act 1988, the Australian Privacy Principles and this Policy.
5. Collection of Personal Information
How does ClearView collect Personal Information?
5.1 To provide the best Financial Services to suit your needs, we collect Personal Information from you when you:
- contact us in person, by phone or online;
- lodge a claim or complaint;
- decide to seek Financial Services advice; and
- complete a form for one of our products (including electronic applications).
5.2 If it is reasonable and practicable to do so, we will only collect Personal Information about you from you.
5.3 In many cases, if the Personal Information that we request is not provided, we may not be able to provide the relevant Financial Services or assess an insurance claim.
Collection of Personal Information from other people
5.4 On some occasions we may collect Personal Information about you from another person or entity, for example:
- from our referral and commercial strategic partners;
- from persons such as Authorised Representatives who we authorise to provide Financial Services under our Australian Financial Services Licences or Australian Credit Licence;
- from a person who has been granted a power of attorney or other authority;
- from medical providers or other professional experts in order to provide you with a policy or assess a claim; or
- where you are covered by, or a life insured under a policy that covers more than one person, or is taken out by someone you know.
5.5 If we have collected Personal Information about you from someone else, we will take reasonable steps to ensure that you are or have been made aware of this.
Relatives, Dependents and Other Individuals
5.6 In order to provide some Financial Services such as insurance policies, we may collect Personal Information from you about other individuals, such as your relatives and dependants, including your spouse, partner and children or any other person you wish to nominate as a beneficiary. For example, we collect this when you complete an application form or submit an insurance claim.
5.7 We collect Personal Information about these other individuals with your consent. If your Personal Information has been provided to us by a policyholder and you are over the age of 16 when your Personal Information is provided to us, we assume that the policyholder has your consent to provide us with this information.
5.8 If you are a policyholder and provide us with Personal Information about another person, we expect and assume that you have that person’s consent to provide this information to us.
5.9 If you provide Personal Information to us about another person, you need to ensure that they are aware:
- that you have provided their Personal Information to us;
- of who we are and how they can contact us;
- that they may access the Personal Information that we hold about them;
- of the purposes for which you provided their Personal Information to us;
- that their Personal Information will be handled in accordance with this Policy,
and we recommend that you refer them to this Policy.
6. Use and Disclosure of Personal Information
How does ClearView use my Personal Information?
6.1 We use your Personal Information to provide, manage and administer the Financial Services we provide, to evaluate and pay insurance claims, and to operate an efficient and sustainable business.
6.2 Examples of what we may collect and use your Personal Information for include:
- processing your application;
- processing payments, withdrawals and redemptions;
- investigating and assessing any claim;
- contacting you about matters relating to you, Financial Services provided to you or other services that we provide;
- answering your enquiries;
- meeting internal functions such as administration, accounting and information technology system requirements;
- practicing effective risk management and preventing fraud;
- monitoring price and evaluating products and services;
- conducting marketing, research and statistical analysis;
- resolving complaints, breaches, incidents or litigant matters; and
- conducting customer surveys.
6.3 We do not exchange credit reporting information with any credit reporting bodies.
To whom will ClearView disclose my Personal Information?
We may disclose your Personal Information to other companies or individuals who assist us in supplying our Financial Services or running our business, perform services on our behalf or regulate the Financial Services that we provide, such as:
- any person acting on your behalf, including your financial adviser, executor, trustee and attorney;
- third party assessors of underwriting and claims;
- claims assessment and legal professionals;
- legal, medical or other professionals who provide claims related services and opinions;
- insurers, or product providers to apply for a product, or obtain a quote, on your behalf;
- IT development and maintenance providers;
- accountants, auditors and other service providers we may appoint to ensure the integrity of our operations;
- any organisations involved in providing, managing or administering our products or services such as custodians, external dispute resolution services or mail houses;
- any fund administrator or trustee to which your benefit is being transferred or rolled over,
- regulatory or Government authorities; and
- providers of marketing, research and statistical analysis services.
6.4 If your Personal Information has been collected by us in connection with a life insurance policy, we may disclose this Personal Information to the life insured (where you are the policy owner) and to the policy owner (where you are the life insured or another policy owner under the relevant life insurance policy).
6.5 Where an application for life insurance requires an underwriting decision and the policy owner is different to the life insured, we will not communicate personal medical information about a life insured to a policy owner unless the life insured has given consent for this.
6.6 In addition to the above, we may also use and disclose your Personal Information for any other purpose for which you have consented, or where we are authorised or required to do so by law.
6.7 In the course of providing you with Financial Services, some of the organisations to which we may disclose your Personal Information may be located outside New South Wales or Australia in countries including New Zealand, South Africa, USA, Canada, member states of the European Union, India, Vietnam, Malaysia, Singapore, Thailand, Sri Lanka, Cambodia, Hong Kong, Japan, the Philippines and Turkey. ClearView may send your Personal Information to them, including through electronic transmission.
6.8 Where Personal Information is disclosed, we require our contractors and service providers to comply with the provisions of the Privacy Act 1988, the Australian Privacy Principles and the FSC Life Insurance Code of Practice.
6.9 Where we disclose your Personal Information to contractors and service providers and we are aware that your Personal Information may be accessed by, or provided to, another party via that contractor or service provider, we will do all that we can reasonably can to ensure that any further party granted access to your Personal Information will comply with the Privacy Act 1988 and the Australian Privacy Principles, and the FSC Life Insurance Code of Practice.
6.10 We do not sell Personal Information to anyone.
6.11 We will not use or disclose Sensitive Information about you for any purpose other than the primary purpose of collection or a directly related secondary purpose unless you have provided us with your consent to such use or disclosure.
When will ClearView use my Personal Information to contact me?
6.12 We will use your Personal Information to contact you about Financial Services that we have provided to you.
6.13 From time to time, we will provide you with information about products and services offered by companies within the ClearView Group and other affiliate organisations that we consider of potential benefit to you and your family. Information may, for example, be communicated through the ClearView Viewpoint magazine. We may share your Personal Information on a confidential basis with companies within the ClearView Group and other affiliate organisations so that they can offer you products and services.
6.14 You can choose not to receive marketing material and we ask that you contact us to exercise this choice. Please understand that there could be a delay of up to 60 days before your request is fully implemented, and we apologise if you receive marketing material in this time. You will find details on how to contact us at the end of this Policy.
What other legislation affects ClearView’s use and disclosure of Personal Information?
6.15 In some circumstances, the collection, use, disclosure and access of Personal Information is governed by specific legislation. Where there is specific legislation, this will generally govern how we use Personal Information despite the provisions of the Privacy Act 1988. For example, for certain Financial Services, we are required to collect your tax file number and provide that information to the Australian Taxation Office.
6.16 EU-residents have slightly different rights in relation to the ‘Use and Disclosure’ of personal data (as defined in the GDPR). If you are an EU-resident and you would like more information, please contact the ClearView Privacy Officer (see section 9 of this Policy for details).
7. Information Security
How does ClearView keep my Personal Information secure and for how long is it kept?
7.1 We take all reasonable steps to ensure that your Personal Information is kept secure and is protected from misuse, loss and unauthorised access, modification and disclosure. From 22 February 2018, we will be required to notify you and the Office of the Australian Information Commissioner (OAIC) if an ‘eligible data breach’ occurs in relation to your personal information that is held by us. A data breach may occur if your personal information is lost or subjected to unauthorised access, modification, disclosure or other misuse or interference, and it is generally notifiable if there is a risk of ‘serious harm’(eg. financial, reputational etc) to you due to the breach.
All data breaches will be assessed in accordance with ClearView’s Data Breach Response Plan.
We retain your Personal Information for as long as we need it to provide the Financial Services you have requested from us and, in some circumstances, to comply with other statutory requirements. As required under privacy law, we will take reasonable steps to permanently de-identify or destroy Personal Information that is no longer needed.
7.2 If you use the secure member sections of our websites we will verify your username and password. Once verified, you will have access to secured content.
Risks of using the internet
7.3 You should be aware that there are inherent security risks in transmitting information through the internet. You should assess these potential risks when deciding whether to use our online services. If you do not wish to transmit information through our website, you may contact ClearView on 132 977.
All browsers allow you to be notified when you receive a cookie and you may elect to either accept it or not. Please note if you do not accept a cookie, this may impact the effectiveness of the website. Further information about cookies and how ClearView uses them is available [here].
7.5 EU-residents have slightly different rights in relation to the ‘Information Security’. In particular, in relation to cookies. If you are an EU-resident and you would like more information, please contact ClearView’s Privacy Officer (see section 9 of this Policy for details).
8. Access and Correction
Can I access my Personal Information?
8.1 You can ask us for access to Personal Information that we hold about you at any time. To do so, please call ClearView on 132 977 and ask for a Request for Personal Information Form which will be sent to you to complete.
8.2 You can access the information that we rely on in assessing your application for life insurance cover, your claim or your complaint. You can also access the reports from Independent Service Providers that we have relied on in assessing your application for insurance cover, or your claim. To do so, please call ClearView on 132 977.
8.3 We are committed to handling your request properly and promptly, so all requests for access are handled in our head office. If your request to access your personal information is in relation to a complaint you have made to us, we will respond to your request within 10 business days, as required by the FSC Life Insurance Code of Practice and the Insurance in Superannuation Code (refer to section 8.7 below).
8.4 We will provide you with access to Personal Information held about you except to the extent that we are permitted to refuse access in accordance with the Privacy Act 1988, and the Australian Privacy Principles. If we refuse to provide you with access to some information, we will provide you with our reasons in writing for doing so.
8.5 In special circumstances we may decline to provide access to or disclose information to you, such as:
- where information is protected from disclosure by law, including the Privacy Act 1988;
- where we reasonably determine that the information should be provided directly by us to your doctor;
- where the release of the information may be prejudicial to us in relation to a dispute about your insurance cover or your claim, or in relation to your complaint; or
- where we reasonably believe that the information is commercial-in-confidence.
8.6 If we decline to provide access to or disclose information to you:
- we will not do so unreasonably;
- we will give you a schedule of the documents we have declined to provide and give you reasons for doing so; and
- we will provide details of our Complaints process.
8.7 If we cannot comply with a timeframe for providing information to you required by the FSC Life Insurance Code of Practice or the Insurance in Superannuation Code due to the fact that we are waiting for permission from a third party to release information to you, we will advise you of this before the end of the timeframe.
8.8 If you request any of your life insurance policy documentation from us, we will provide this to you promptly and in an electronic form if you request, subject to any process for releasing policy documentation that we are required to carry out by law.
8.9 There is no charge for making a request for access or for obtaining a document containing a summary of the following Personal Information that we hold about you:
- name, address and birth date;
- contact details;
- level of cover;
- details of products held;
- date of joining; and
- bank account details.
8.10 We may charge a reasonable fee for access to any other Personal Information. Such charge will be restricted to our reasonable costs of providing the Personal Information that you have requested (for example, the cost of photocopying, document retrieval, labour and delivery to you).
Correction of Personal Information
8.11 We will correct any Personal Information that we hold about you if we become aware that it is inaccurate, incomplete, out of date, irrelevant or misleading.
8.12 If you believe that the Personal Information we hold about you is inaccurate, incomplete, out of date, irrelevant or misleading, you can ask us to correct it and we will take reasonable steps to do so. If we disagree about any information being inaccurate, incomplete or out of date and you ask us to do so, we will take reasonable steps to include a note on your record that you believe that such information is inaccurate, incomplete or out of date.
9. Enquiries and Complaints
How do I make an enquiry or complaint about privacy?
9.1 You can make an enquiry or a complaint about our handling of your Personal Information at any time by contacting our Privacy Officer. We may ask you to complete a Request for Personal Information Form or to set your enquiry or concern out in writing to assist us in undertaking an investigation and providing you with a response. We will respond to your enquiry or complaint within a reasonable period of time.
9.2 Our Privacy Officer can be contacted as follows:
ClearView Privacy Officer: firstname.lastname@example.org
The Privacy Officer
GPO Box 4232 – Reply Paid
Sydney NSW 2001
Phone 1800 265 744
9.3 In the event the Privacy Officer is unable to resolve your enquiry or the enquiry has not been satisfactorily addressed you may lodge a complaint with the Information Commissioner. The Information Commissioner can be contacted by:
Phone: 1300 363 992
10. Updates to the Policy
10.1 The most current version of this Policy can be obtained from our website at: www.clearview.com.au.