1. We respect your privacy
We are Lawcover Insurance Pty Limited (ABN 15 095 082 509) of Level 13, 383 Kent Street, Sydney, New South Wales (“Lawcover”, “we”, “us”, “our”).
We are committed to protecting your privacy. This policy sets out our approach to managing personal information, including the kinds of personal information we collect and hold, why we collect, hold, use and disclose your personal information, and how we do so.
In this policy, “you” and “your” include our current and potential policyholders, customers and users of our website, claimants under an insurance policy issued or arranged by us, people who apply for jobs with us, our contractors, service providers and suppliers.
2. What kinds of personal information do we collect and hold?
We will only collect personal information if we need to, and only in accordance with the Privacy Act 1988 (Cth).
The kinds of personal information that we collect and hold include:
3. Do we collect sensitive information?
In limited circumstances, we collect sensitive information about you, such as information about your health, political opinions, association memberships or criminal history. We will only collect and hold such information where it is relevant to a claim or a complaint, or an employment or service provider arrangement that we have in place or are considering.
4. Why do we collect and hold your personal information?
We collect and hold your personal information for the following purposes:
From time to time we may also use your personal information to assess and improve our products and services, or to provide you with news or offers about products and services that may be of interest to you. The products and services that we may offer to you will relate to our core activities, as described in this section.
5. Can you refuse to provide personal information, remain anonymous or withdraw your consent?
If you do not provide personal information requested by us, or you wish to be anonymous or use a pseudonym, we may not be able to provide you with insurance terms, process your claim, provide you with risk management or other practice support or educational services, or engage with you. However, we will review complaints that are made to us on an anonymous basis.
If at any time you no longer wish to receive information from us, including about optional products and services, please notify us.
6. How do we collect the personal information?
We collect personal information from you directly if it is practicable. We also collect information from people who we believe are authorised to act on your behalf, such as a principal, director or employee of a law practice or business, or a lawyer or agent representing or assisting you, or a consultant engaged by us with your consent.
We also receive your personal information from the Law Society that issues your practicing certificate and insurers with whom you have been insured.
We collect personal information by telephone, email, via our website and by written letter or document.
When you give us personal information about other individuals, we rely on you to have obtained their consent prior to doing so where required, and to inform them of how we might use their information.
7. How do we store your personal information?
We store your personal information in electronic or written form, including on our premises, on our own data storage services, and with third party providers, including by using cloud-based storage solutions. We generally store personal information in Australia only, though we sometimes send personal information outside Australia, and personal information may sometimes be accessed by our service providers from outside Australia, as explained in the next section.
We use data protection techniques whenever we store information electronically,and when storing personal information in hard copy form in secure facilities. Our information systems and files are kept secured from unauthorised access and our employees, contractors and service providers are required to comply with privacy and data protection requirements. We also conduct audits to review and check compliance with our procedures.
If we no longer need personal information that we hold about you for any purpose described in this Policy, or we receive information that we have not requested and do not need, and we are not required by law to retain such information, then we will take steps that are reasonable in the circumstances to destroy the information or to ensure that the information is de-identified.
If we reasonably believe that an “eligible data breach” has occurred, we will let you know, and we will report it to the Office of the Australian Information Commissioner (OAIC). An “eligible data breach” is unauthorised access to or disclosure of your personal information, or loss of information where unauthorised access or disclosure of your personal information is likely, and where a reasonable person would determine that you are likely to be seriously harmed.
8. When will we share your personal information with others?
We disclose your personal information to contractors and service providers if necessary for the purposes described above, including the following persons:
We will not sell, rent, trade or otherwise disclose to third parties any of your personal information without your consent, unless we are required by law or under a court or tribunal order, or if a permitted general situation exists under the Privacy Act 1988 (Cth), such in relation to a legal claim, for the purpose of an alternative dispute resolution process, to prevent a threat to a person’s health or safety, or for an enforcement-related activity.
9. Will we send your personal information outside Australia?
It may be necessary for us to disclose your personal information to a person outside Australia. This may occur where underwriting and/or claims-related information is required by our insurers, reinsurers or brokers who are located outside Australia (such as in UK, USA, France, Singapore, Germany and Switzerland).
In some cases, our IT providers and our research consultants and survey providers may access your personal information held by us, from their location outside Australia (such as from New Zealand, India or USA).
10. When can you access and correct your personal information held by us?
We will take reasonable steps to ensure that personal information we collect, use or disclose is accurate, up to date, complete and relevant for the purpose.
You are entitled to access your personal information held by us, subject to any privilege or legal restriction or exemption. If it is reasonable and practicable to do so, we will give you access to your personal information in the manner requested by you. We may apply a reasonable charge to cover the cost of providing your personal information to you.
If you believe that personal information held by us about you is inaccurate, out of date, incomplete, irrelevant, misleading or not required to be held by us, please let us know. We will take reasonable steps to correct the personal information or destroy it if appropriate, or otherwise provide an explanation to you.
11. How can you make a complaint?
If you would like to complain about a privacy breach relating to us, or our management of your personal information, please contact us.
We will respond to your complaint within fifteen (15) business days of receiving it. If you are not satisfied with the response, you may refer your complaint to the Lawcover Chief Executive Officer for further review.
12. How can you contact us?
If you would like more information on how we manage personal information, or if you have a request or a complaint, you can contact our Privacy Officer by:
(02) 9264 8855
Lawcover Insurance Pty Limited
For more information about the Privacy Act 1988 (Cth), including the Australian Privacy Principles, you may wish to visit the website of the OAIC at www.oaic.gov.au.