Mitsui Sumitomo Insurance Company Limited (ABN 49 000 525 637) (“MSIA”, “we”, “us” and “our”) is committed to the right to privacy and the protection of personal (including sensitive) information and is bound by the Australian Privacy Principles set out in the Privacy Act 1988.

This Privacy Policy sets out how MSIA collects, holds, uses and discloses personal information of individuals through its business operations in Australia. It also sets out how you may seek access to, and correction of, your personal information and make a privacy complaint. We require our employees and service providers to comply with this Privacy Policy (where required) and the Privacy Act 1988.

By visiting our website, applying for, renewing or using any of our products or services, making a claim or providing us with your personal information, you agree to your personal information being collected, held, used and disclosed by us in accordance with this Privacy Policy.

1. Anonymity

Where it is lawful and practicable to do so, MSIA will give you the option of not identifying yourself or using a pseudonym when entering into transactions with us.

If you would like to transact anonymously or use a pseudonym with MSIA, please contact us and we will determine if we are lawfully and practicably able to engage anonymously with you. We will also provide you with information (if applicable) as to the potential consequences of transacting anonymously with us.

2. Collection of Personal (including Sensitive) Information

MSIA only collects personal information that is needed to assist us in providing an insurance product and/or other services to you. Types of personal information we general collect may include:

• customer information, including name, gender, date of birth, contact details (such as address, phone, fax and email);
• underwriting information required in insurance application forms and any other information required in relation to insured events and claims;
• sensitive information (such as health information or criminal records) where it is relevant to underwriting an insurance policy or processing a claim;
• details of insurance policies you hold or have held; and
• information of prospective employees and employees seconded from our insurance agents, including past employment information, qualifications, information about residency status and proof of identity details.

We will collect personal information mainly from insurance application forms, insurance claim forms, other transaction documents and questionnaire. We may also obtain personal information from phone calls involving questions and consultations, which will be recorded to accurately record their content.

We will collect personal information only by lawful and fair means.

We will not obtain, use, or offer to third parties sensitive information (including health information), except in the following situations:

• when the sensitive information is obtained, used, or provided to a third party to the extent necessary to ensure proper operation of insurance business and with consent from the corresponding person;
• when the sensitive information is obtained, used, or provided to a third party to the extent necessary to pay insurance benefits;
• when sensitive information concerning affiliation to, or membership of, political, religious, or other groups or labor unions, is obtained, used, or provided to a third party to the extent necessary to collect insurance premiums; or
• when required or authorised to do so by law.

When we need to collect personal information, we will, in most cases, collect the information directly from you. When it is unreasonable or impracticable to do so, we may need to collect personal information from third parties. We may collect your personal information from:

• a representative acting on your behalf;
• the policy holder (where you are an insured person and not the policy holder);
• our related companies; and
• other parties with whom we have business arrangements and those who assist us in providing our products and services, including our authorised representatives and agents, intermediaries, other Australian Financial Services Licensees, other insurers, financial institutions, insurance and claims reference agencies, credit agencies, loss assessors, financial and investigative service providers, legal and other professional advisers and hospitals and medical and health professionals.

At or before the time, or if that is not practicable, as soon as practicable after we collect personal information about you, we will take reasonable steps to notify you of matters relevant to the collection (such as purpose of the collection, who we may disclose the information to, how you can access it and seek correction of it, how to make a complaint, etc.) as required under the Australian Privacy Principles or to otherwise ensure you are aware of such matters.

If you choose not to supply the information we request, we may not be able to process your application for insurance, administer your policy, process your claim, accept your expression of interest or application for employment with us or provide you with any services you require from us.

Where we receive your personal information that we do not solicit, we would take reasonable steps to determine whether the information is reasonably necessary for our activities or functions. If it is, we will handle this information in the same manner we do with other information we request from you. If not, we will ensure the information is destroyed or permanently de-identified where it is lawful and reasonable to do so.

3. Purpose of Collection and Use of Personal Information

We may collect and use personal information for the following purposes:

• examination, underwriting, performance (including investigation into insured events and payment of proper insurance benefits), and management of insurance policies;
• marketing and providing our other products and services or those of our related companies (including examination, underwriting, performance and management of insurance policies by the related companies);
• provision of products and services of our business partners, contractors or other entities;
• invoicing, payment and collection of debts;
• insurance/financial product and service R&D, involving market research, data analysis, and questionnaire;
• processing of personal information, in whole or in part, under contract for other companies;
• assessment and processing of employment applications;
• communication and transaction with customers, including maintaining and improving customer services and handling complaints and disputes; and
• compliance with our legal obligations.

4. Use and Disclosure of Personal Information (including overseas disclosure)

MSIA will only use or disclose personal information that you provide to us for the purposes and in the manner you would reasonably expect. We will request your consent for any other purpose.

We may disclose your personal information to:

• a representative acting on your behalf;
• the policy holder (where you are an insured person and not the policy holder);
• our related companies;
• our agents and external service providers who assist us in providing our products and services, including administering insurance policies, investigating insured events, providing printing and mailing services and developing, maintaining and operating our information systems;
• intermediaries, other insurers and reinsurers, financial institutions, insurance and claims reference agencies and credit agencies;
• assessors, third party administrators, emergency assistance providers, retailers, medical providers and travel carriers for the purpose of assisting with any claim;
• our legal and other professional advisers;
• research and development service providers, including customer research organisations;
• other non-life insurance companies to eliminate misconduct in the conclusion of insurance contracts or in the filing of insurance claims;
• our reinsurers;
• Australian Financial Complaints Authority; and
• government, law enforcement or statutory bodies or other parties when required to do so by law.

Your personal information may also be collected from the people or organisations mentioned above.

We share personal information of employees of general insurance agencies with other general insurance companies for the purpose of appropriate supervision of general insurance agencies and for the recruitment of staff.

The entities to which we disclose your personal information may be located overseas. The countries in which these related companies or service providers are located may vary from time to time, but include Japan, Spain,France, the United Kingdom, the Philippines, Malaysia and any country to which you have travelled when your claim is under one of our travel insurance policies.

Where personal information is disclosed to third parties, we seek to ensure that this information is held, used and disclosed in accordance with the Privacy Act 1988.

Where we reasonably believe that the use or disclosure of personal information is reasonably necessary for one or more enforcement related activities conducted by or on behalf of an enforcement body, we will make a written note of the use or disclosure.

We will not use a government related identifier (such as a Medicare number) as our reference number for you in our system. We will only use or disclose government identifiers that you provide to us as required or authorised by laws.

5. Use of Credit Information

We will use information on the creditworthiness of individuals provided by credit information organizations (organizations that collect information on the creditworthiness of individuals and that provide us with such information) only to the extent necessary to confirm the creditworthiness of individuals.

6. Request for Access to and Correction of Personal Information

MSIA take reasonable steps to ensure that any personal information collected, used or disclosed by us is accurate, complete, relevant and up-to-date. When you receive policy schedules, renewal notices or any other documents from us, you should check that the stated personal information is correct.

If we hold personal information about you, you can contact us to request access to your personal information at any time. We may charge you a reasonable fee for providing access to that personal information. We will give you access to your personal information in the manner requested by you if it is reasonable and practicable to do so.

If you establish that your personal information held by us is not accurate, complete, relevant or up-to-date or is misleading, you can request us to correct any errors in that information. We will take reasonable steps to correct the information following our investigation as required. We will not charge you to correct your personal information.

Upon your request, we will take reasonable steps to notify a third party of a correction made to your personal information that was previously provided to that party, unless it is impracticable or unlawful to do so.

The Privacy Act 1988 allows us to decline access under certain circumstances. If we refuse to provide you with access or to correct your personal information, we will issue a written notice setting out the reason for our denial of access or refusal to correct such information.

If we refuse to correct the information as requested by you, we will, upon your request, take reasonable steps to associate with the information a statement that you believe the information to be inaccurate, out of date, incomplete, irrelevant or misleading.

Please contact our Privacy Officer for any request for access to, and correction of, the personal information that we hold. MSIA will deal with this matter in a timely manner. We reserve the right to verify the identity of our customer as required.

7. Security of Personal Information

Your personal information is held in secure environments including computer systems, databases, telephone recordings and paper records. We may utilise third party providers for data storage services. We will take reasonable steps to protect any personal information that we hold from misuse, interference and loss, and to protect it from unauthorised access, modification and disclosure. MSIA has internal procedures to ensure the security of information, such as:

• privacy and confidentiality undertakings with all MSIA employees and service providers
• policies on information security, storage and retention
• policies on information usage and disclosures
• security measures for access to our building and computer systems
• identification/authorisation where required.

Where we no longer require your personal information, we will take reasonable steps to destroy or permanently de-identify that information.

8. Opting out of Receiving Marketing Information

We may contact you by phone, mail or email in order to provide you with updated information on our or our related companies’ new products or services. If you do not wish to receive any information of this kind, please contact our Privacy Officer to unsubscribe from the distribution list.

9. Our Website Practice

We use cookie technology on our website to provide information and services to website visitors. Cookies are useful in determining overall traffic patterns through our website. We do not collect personal information5 from cookies or use cookies for marketing purposes. Most web browsers are set to accept cookies. If you do not wish to receive any cookies, you may set your browser to refuse cookies. This may mean you will not be able to take full advantage of the services on our website.

If our website contains links to other websites, these linked sites are not under the control of MSIA and we are not responsible for the conduct of the entities operating these linked sites. Before disclosing your personal information on any other website, we recommend you review the terms and conditions regarding privacy of that site.

10. Contact Information and Privacy Complaints

If you would like more information about how we manage your personal information or wish to request access to or correction of your personal information, please contact our Privacy Officer using the following contact details:

Phone:

02 9222 7600

Email:

Address:

Privacy Officer
Mitsui Sumitomo Insurance Co., Ltd.
Level 26, 135 King Street
Sydney NSW 2000

This Privacy Policy is available on our website. Upon request, we will take reasonable steps as are reasonable in the circumstances to provide you with a copy of the Privacy Policy in a particular form requested by you.

If you would like to make a complaint, please contact our Privacy Officer and provide us with the details of your complaint as well as any supporting evidence. Our objective under all circumstances is to resolve your complaint promptly. A complaint, once received by us, will be acknowledged and handled by MSIA staff with appropriate knowledge of the Privacy Act 1988. We will then provide you with a timely response that, if appropriate, will outline the measures MSIA will take to resolve the complaint.

Should you feel that we have not satisfactorily addressed your complaint, you may also refer it to the Australian Government’s Office of the Australian Information Commissioner (OAIC). The OAIC can be contacted via telephone by calling 1300 363 992 or via its website at https://www.oaic.gov.au/about-us/contact-us

11. Policy Update

MSIA may update this Privacy Policy from time to time for any reason. We encourage any person providing or disclosing personal (including sensitive) information to MSIA to check our Privacy Policy on our website periodically for changes.

This Privacy Policy was last updated in March 2022