Privacy and Spam Policy
Carollo Horton and Associates Pty Ltd is committed to providing you with the highest levels of client service. We recognise that your privacy is very important to you. We bound by the Australian Privacy Principles under the Privacy Act 1988. Our aim is to both support and ensure that we comply with these principles. Further information on privacy in Australia may be obtained by visiting the website of the Office of the Federal Privacy Commissioner at http://www.privacy.gov.au
Carollo Horton and Associates Pty Ltd is required to meet particular legislative and regulatory requirements. In order to provide a comprehensive insurance broking service to you, we are required to collect certain personal information from you.
- Providing you with the relevant product or service
- Managing and administering the product or service
- Protecting against fraud
Your Personal Information
As an insurance broking organisation we are subject to certain legislative and regulatory requirements which necessitate us to obtain personal information about you, including Privacy Amendment (Enhancing Privacy Protection) Act 2012and Corporations Act 2001. Detailed below is some of the information you are required to provide:
- your name, date of birth, current addresses, telephone/mobile/fax numbers, e-mail address;
- information regarding your dependents and family commitments
- Your occupation, employment history, details family commitments, social security eligibility, health information or other information the organisation considers necessary.
- your financial needs and objectives;
- your assets and liabilities (current and future), income, expenses; and
- Your insurance details.
How We Collect Personal Information
Carollo Horton and Associates Pty Ltd collects personal information in a number of ways, including:
- directly from you, when you attend a face-to face interview;
- directly from you, when you provide information through a data collection form;
- directly from you, when you provide information by phone;
- directly from you via an email or the internet; and
- Directly from insurance companies and other product issuers once authorisation has been provided by you. You have a right to refuse us authorisation to collect information from a third party.
How We Use Your Personal Information
The information in this document details how we comply with the Privacy Act including:
- What is the purpose?
- Who is my information disclosed to?
- What law requires collection?
- What are the consequences?
Primarily, your personal information is used in order to provide comprehensive and/or limited insurance services to you. We may also use the information that is related to the primary purpose and it is reasonable for you to expect the information to be disclosed.
It is a legislative requirement that we keep all personal information and records for a period of 7 years. Should you cease to be a client of ours, we will maintain your personal information on or off site in a secure manner for 7 years. After this, the information will be destroyed in a secured manner.
Ensure Your Personal Information Is Correct
Carollo Horton and Associates Pty Ltd takes all reasonable precautions to ensure that the personal information we collect, use and disclose is accurate, complete and up-to-date. To ensure we can maintain this level of accuracy and completeness, we recommend that you:
- inform us of any errors in your personal information as soon as possible; and
- Update us with any changes to your personal information as soon as possible.
Access to Your Personal Information
You have a right to access your personal information, subject to certain exceptions allowed by law. We ask that you provide your request for access in writing (for security reasons) and we will provide you with access to that personal information. Access to the requested personal information may include:
- providing you with copies;
- providing you with the opportunity for inspection; or
- Providing you with a summary.
If charges are applicable in providing access to you, we will disclose these charges to you prior to providing you with the information.
Some exceptions exist where we will not provide you with access to your personal information if:
- providing access would pose a serious threat to the life or health of a person;
- providing access would have an unreasonable impact on the privacy of others;
- the request for access is frivolous or vexatious;
- the information is related to existing or anticipated legal proceedings between us and would not be discoverable in those proceedings;
- providing access would reveal our intentions in relation to negotiations with you in such a way as to prejudice those negotiations;
- providing access would be unlawful;
- denying access is required or authorised by or under law;
- Providing access would be likely to prejudice certain operations by or on behalf of an enforcement body or an enforcement body requests that access not be provided on the grounds of national security.
Should we refuse you access to your personal information, we will provide you with a written explanation for that refusal.
Using Government Identifiers
Although in certain circumstances we are required to collect government identifiers, such as your tax file number, Medicare number or pension card number, we do not use or disclose this information other than when required or authorised by law or unless you have voluntarily consented to disclose this information to any third party.
Dealing with us anonymously
You can deal with us anonymously where it is lawful and practicable to do so. For example, if you telephone requesting our postal address.
Your sensitive information
Without your consent we will not collect information about you that reveals your racial or ethnic origin, political opinions, religious or philosophical beliefs or affiliations, membership of professional or trade association, membership of a trade union, details of health, disability, sexual orientation, or criminal record.
This is subject to some exceptions including:
- the collection is required by law; and
- When the information is necessary for the establishment, exercise or defence of a legal claim.
Personal Information will be treated as confidential information and sensitive information will be treated highly confidential.
We will acknowledge receipt of your complaint within 1 working day. We will then investigate the complaint and respond to you within 30 calendar days. Some complex matters may require an extension to thoroughly investigate the complaint and bring it to resolution. We will notify you if this is applicable.
Spam is a generic term used to describe electronic ‘junk mail’- unwanted messages sent to a person’s email account or mobile phone. In Australia, spam is defined as ‘unsolicited commercial electronic messages’.
‘Electronic messaging’ covers emails, instant messaging, SMS and other mobile phone messaging, but not cover normal voice-to-voice communication by telephone.
From time to time, we may provide you with direct marketing material. This will include articles and newsletters that may be of interest to you. If, at any time, you do not wish to receive this information any further, you may contact us with this request. We will endeavour to meet your request within 2 weeks. We maintain a Register for those individuals not wanting direct marketing material.
If you provide inaccurate or incomplete information we may not be able to provide you with the products or services you are seeking.
When We Disclose Your Personal Information*
In line with modern business practices common to many financial institutions and to meet your specific needs we may disclose your personal information to the organisations described below.
The Corporations Act 2001 has provided the Australian Securities and Investments Commission with the authority to inspect certain personal information that is kept on our files about you.
For the purposes set out above, we may disclose your personal information to organisations outside Carollo Horton and Associates Pty Ltd. The organisations to which we disclose information may include:
- insurance providers and other product providers in order to manage or administer your product or service;
- compliance consultants to ensure that our representatives are meeting our compliance standards;
- contractors or temporary staff to handle workloads during peak periods;
- mailing houses;
- insurance reference bureaus and loss adjusters
- your professional advisers, including your solicitor or accountant as authorised by you;
- information technology service providers to maintain, review and develop our business systems, procedures and infrastructure including testing or upgrading our computer systems;
- Government and regulatory authorities and other organisations, as required or authorised by law, for example, to government or regulatory bodies for the purposes related to public health or safety, the prevention or detection of unlawful activities or to protect public revenue.
- another authorised representative of Carollo Horton and Associates Pty Ltd if necessary;
- a potential purchaser/organisation involved in the proposed sale of our business for the purpose of due diligence, corporate re-organisation and transfer or all or part of the assets of our business.
- Product planning and development advisers
- Where you have given your consent including your legal advisers
- a new owner of our business that will require the transfer of your personal information
In addition, our employees and the outsourcing companies/contractors are obliged to respect the confidentiality of any personal information held by Carollo Horton and Associates Pty Ltd.
Carollo Horton and Associates Pty Ltd takes its obligations to protect your information seriously, this includes when we operate throughout Australia and overseas, as part of our operations some uses and disclosures of your information may occur outside your State or Territory and/or outside of Australia. In some circumstances we may need to obtain your consent before this occurs.
In the event of that we propose to sell the business, we may disclose your personal information to potential purchasers for the purpose of them conducting due diligence investigations. Disclosure will be made in confidence and it will be a condition of that disclosure that no personal information will be used or disclosed by them.
How We Store and Secure Your Personal Information
We keep your personal information in your client file. These files are accessible to authorised personnel only and are appropriately secured out of hours.
Your personal information may also be held on our computer database which is not cloud based. All computer-based information is protected through the use of access passwords. Data is backed up regularly and stored securely off site. Other measures taken are:
- Confidentiality requirements for our employees
- Security measures for systems access
- Providing a discreet environment for confidential discussions
Personal information will be treated as confidential information and sensitive information will be treated highly confidential.
Carollo Horton and Associates Pty Ltd complies with the provisions of the Spam Act when sending commercial electronic messages.
Equally importantly, Carollo Horton and Associates Pty Ltd makes sure that our practices are in accordance with the Australian Privacy Principles in all activities where they deal with personal information. Personal information includes our clients contact details.
Internal Procedure for dealing with complaints
The three key steps Carollo Horton and Associates Pty Ltd follows:
- Consent – Only commercial electronic messages are sent with the addressee’s consent – either express or inferred consent.
- Identify – Electronic messages will include clear and accurate information about the person and the Carollo Horton and Associates Pty Ltd that is responsible for sending the commercial electronic message.
- Unsubscribe – We ensure that a functional unsubscribe facility is included in all our commercial electronic messages and deal with unsubscribe requests promptly.
Consented to such communications
Commercial messages will only be sent to you when you have given consent. This may be express consent – a direct indication that it is okay to send the message, or messages of that nature or inferred consent based on our business or other relationship with you and your conduct.
Comply with the law regarding viral messages
Carollo Horton and Associates Pty Ltd ensures that Commercial Communications that include a Forwarding Facility contain a clear recommendation that the Recipient should only forward the Commercial Communication to persons with whom they have a relationship, where that relationship means that person could be said to have consented to receiving Commercial Communications.
Comply with the age sensitive content of commercial communication
Where the content of a Commercial Communications seeks to promote or inspire interaction with a product, service or event that is age sensitive, Carollo Horton and Associates Pty Ltd takes reasonable steps to ensure that such content is sent to Recipients who are legally entitled to use or participate in the product service or event
Dated: September 2021