Innovative Risk Transfer Pty Limited (IRT) adheres to the National Privacy Principles (NPPs) of the Privacy Act 1988 (Cth) which sets standards for the collection, use, disclosure and handling of personal information.
Personal information is essentially information or an opinion about a living individual whose identity is apparent or can reasonably be ascertained from the information or opinion (e.g. a name and address).
How and why we collect personal information
IRT collects personal information during the course of its relationship with you. Collection of information may take place in a number of ways, such as when you complete an application form for a new product or service or at renewal, request a product or service over the internet, telephone or email or contact IRT to lodge a claim.
By supplying personal, sensitive or health information about yourself and/or on behalf of those you represent or by making a claim or otherwise making use of our services which may involve the collection of sensitive or health information from third parties, you will be taken to have given your consent to the collection of that personal, sensitive or health information about you (from you or those third parties).
We collect personal information either directly from the relevant individuals or indirectly from third parties.
For example, an insured may not only provide us with information on themselves for the purpose of obtaining our services but also on other insured’s who they represent. We may also obtain personal information from past insurers, witnesses to claims, health care workers and publicly available sources etc.
IRT collects personal information to be able to provide our various services or to refer you to a specialist associate third party who can provide your desired service. These services include - insurance broking, claims management, risk management consulting, other forms of insurance services (including underwriting).
We also collect this information to help us develop and identify products and services that may interest clients, conduct market or customer satisfaction research, develop, establish and administer alliances and other arrangements with other organisations in relation to the promotion, administration and use of our respective products and services.
How we use and disclose personal information
IRT does not use or disclose personal information for any purpose that is unrelated to our services and that you would not reasonably expect (except with your consent).
We have a duty to maintain the confidentiality of our clients' affairs, including personal information. Our duty of confidentiality applies except where disclosure of your personal information is with your consent or required by law.
We usually disclose personal information to third parties who assist us or are involved in the provision of our services.
For example, in arranging and managing your insurance needs we may provide information to insurers, reinsurers, other insurance intermediaries, insurance reference bureaus, our advisers such as loss adjusters, lawyers and accountants, and others involved in the claims handling process. We may also provide it to purchasers of our business and related IRT companies and associates.
We take reasonable steps to ensure that your personal information is accurate, complete, and up-to-date whenever we collect or use or disclose it.
If the required personal information is not provided, we or any involved third parties may not be able to provide appropriate services.
What we expect of you and third parties we deal with
When you provide us with personal information about other individuals, we rely on you to have made them aware that you will or may provide their information to us, the purposes we use it for, the types of third parties we disclose it to and how they can access it (as described in this document). If it is sensitive information we rely on you to have obtained their consent to this.
If you have not done either of these things, you must tell us before you provide the relevant information.
If we give you personal information, you and your representatives must only use it for the purposes we agree to.
Where relevant, you must meet the requirements of the National Privacy Principles set out in the Privacy Act 1988, when collecting, using, disclosing and handling personal information on our behalf.
You must also ensure that your agents, employees and contractors meet the above requirements.
Sensitive information is defined as including information about someone’s political opinions or membership, professional or trade membership, sexual preferences, criminal records, state of health, religion, racial or ethical origin.
IRT will only collect, use or disclose sensitive or health information with the consent of the person to whom it relates or is required by law.
Security of your personal information
We endeavour to protect any personal information that we hold from misuse and loss, and to protect it from unauthorised access, modification and disclosure.
For example, IRT maintains security over our paper and electronic data stores and premises, such as locks and security systems. We also maintain computer and network security; for example, we use firewalls for enhanced internet safety and other security systems such as user identifiers and passwords to control access to computer systems. In addition to these measures, each of our employees are bound by confidentiality agreement and IRT operates a comprehensive Business Continuity (Disaster Recovery) Plan to protect this information.
Transfer of information overseas
We may transfer your personal information overseas where it is necessary to provide our service. For example, we sometimes use the internet to collect and process information. In addition, some insurers or reinsurers are based overseas and we need to provide your personal information to them to arrange your cover. In most cases, we only do this with your consent.
If we send you any information about services or products, or you do not want us to disclose your personal information to any other organisation (including related bodies corporate) you can opt out by telephoning, faxing or e-mailing us.
How to contact us
We will respond to your query or complaint as soon as possible and will try to resolve any complaint within 5 working days. If this is not possible, we will contact you within that time to let you know how long we estimate that it will take to resolve your complaint. Any unresolved complaints should be referred to the Privacy Commissioner.