Jardine Lloyd Thompson (and its subsidiaries and related entities) (JLT) is committed to the protection of your personal information. JLT is subject to the Australian Privacy Principles (APPs) under the Privacy Act 1988 (and subsequent amendments). The APPs govern the way we collect, use, disclose and secure personal information. They also permit you to access the information we hold about you in order to correct or update it. Such information may be held on JLT’s behalf by its agents or other service providers that we may appoint.
As it is impractical for us to deal with you unless you have identified yourself you are unable to have an option of not identifying yourself or using a pseudonym when dealing with us. Our operational and legal obligations will generally require that you identify yourself to us in order for us to manage your claim and or provide you with our services.
JLT may collect and hold personal information such as your name, age, address, contact details, gender and other information. JLT may also hold and collect sensitive information such as your health information including medical history and reports, occupation and employment details, insurance details and other information relevant to your insurance, risk management, claim management and related needs. JLT will only collect and hold sensitive information if you consent and/or other requirements of the Privacy Act have been met.
Personal information we collect will be used principally for the purpose of approaching the insurance/reinsurance market, placing insurance, claims handling, risk management and premium funding. We may also use your personal information to provide you with information about other products and services that may help you to understand and make decisions about your insurance/reinsurance and risk management needs. Sensitive information (for example health information) may generally only be collected and used if you consent and/or other requirements of the Privacy Act have been met.
Where we receive unsolicited personal information, we will determine whether we would have been permitted to collect the information. If so we will ensure that any relevant APPs will apply to that information. If the information could not have been solicited by us, and the information is not contained in a Commonwealth record, we will destroy or de-identify that information as soon as practicable, but only if it is lawful and reasonable to do so.
We will only hold and use personal information about you that was collected for a particular purpose (the primary purpose) and will not use or disclose the information for another purpose (the secondary purpose) unless you have consented to the use or disclosure of the information; or a permitted exception under the Privacy Act in relation to the use or disclosure of the information applies. If subsection 16B(2) of the Privacy Act applies in relation to the collection of the personal information by JLT we will take such steps as are reasonable in the circumstances to ensure that the information is de-identified before we disclose it. We will not use any personal identifiers issued by a government agency (e.g. Tax file number or Medicare number) as an identifier in our records systems. Should legislation requires us to ask you to provide your tax file number we will only use that number for the purposes permitted by legislation and not as a general means of identifying you.
Where necessary, we may disclose information about you to other JLT Group companies and third parties including but not limited to insurers, re(insurers) and insurance intermediaries, contracted outsource providers, government agents, data collection and verification agencies, loss adjusters and assessors, suppliers, investigators and recovery agents, police, law and credit enforcement bodies and agencies, legal advisors, medical, health and case managers and service providers, actuaries and accountants, contracted advisors and service providers, your employer, other parties as required by law and/or the agent of any of these.
JLT has data quality procedures in place to check that personal information we hold and use about you is accurate, complete and up-to-date. Your personal information is held securely at all times and we take steps to protect it from misuse and loss, and from unauthorised access, modification or disclosure.
We retain most information relating to you for at least 7 years in order to meet legal and business requirements. Once information is no longer required, it will be destroyed in a secure manner.
In the event that of a data breach relating to personal information we hold about you, such as loss of, or unauthorised access to the information, we will take steps to contain and remedy any effects of the breach. We will also assess the risk of harm to you as a result of the breach. Where required under the Privacy (Data Breach Notification) Act 2017, we will notify both you and the Office of the Australian Information Commissioner of the breach.
You have a right to access any personal information that we hold about you on written request, unless one of the exceptions in the APPs applies. A reasonable charge may apply to gain access to information. You will be advised of any charges that may apply when you make a written request. If we decline your request to provide access to your personal information, we will provide the reasons in writing and provide details of how you can access our complaints process.
To assist us in maintaining correct records we ask you to inform us in writing of any changes in your personal information provided to us.
If you establish that information held is not accurate, complete or up to date, then we will take reasonable steps to correct the information unless it is impractical or unlawful to do so. If you establish that information held is not accurate, complete or up to date and we have shared that information with another APP entity, then if you request us to notify those entities we will take reasonable steps to do so unless it is impractical or unlawful to do so.
We may transfer your personal information overseas where necessary for the purposes described above. For example some insurers are based overseas and we need to provide your personal information to them to arrange your cover.
We will only transfer your personal information overseas if:
- we reasonably believe that the foreign country has substantially similar privacy obligations; or
- you consent; or
- we have taken reasonable steps to ensure the recipient will not hold, use or disclose the information in a manner inconsistent with the APPs.
Your personal information may be sent to our administrative processing centre in Mumbai (India) or Kuala Lumpur (Malaysia) and to other JLT Group companies, insurers, reinsurers and other third party service providers (e.g. data storage providers) in the United Kingdom, Singapore, Hong Kong, the United States of America and elsewhere.
When we send information overseas, in some cases we may not be able to take reasonable steps to ensure that overseas providers do not breach the Privacy Act and they may not be subject to the same level of protection or obligations that are offered by the Privacy Act. By proceeding to acquire our services and products you agree that you cannot seek redress under the Privacy Act or against us (to the extent permitted by law) and may not be able to seek redress overseas. If you do not agree to the transfer of your personal information outside Australia, please contact us.
When you provide us with personal information about other individuals, we rely on you to have made them aware that you will or may provide their information to us, the purposes we use it for, the types of third parties we disclose it to and how they can access it (as described in this document). If it is sensitive information we rely on you to have obtained their consent to the above. If you have not done either of these things, you must tell us before you provide the relevant information.
If we give you personal information, you and your representatives must only use it for the purposes we agree to.
Where relevant, you must meet the requirements of the APPs when collecting, using, disclosing and handling personal information on our behalf.
You must also ensure that your agents, employees and contractors meet the above requirements.
We may send you direct marketing communications and information about our products and services that we consider may be of interest to you. If you choose not to receive this information from us, you can opt out by contacting your account executive or our Privacy Officer.
Our websites may use analytics tools provided by third parties to assist in analyzing website traffic and web page usage and collect information such as referring URLs, exit URLs, OS versions, browser versions, browser language, site navigation, IP addresses, cookies, and other user usage information. The information is compiled into statistical reports and is used when structuring and optimizing the website in order to better suit user needs.
If you have any complaints or concerns about privacy matters please advise JLT’s Privacy Officer in writing (contact details below). JLT aims to investigate and respond to any complaints in writing within 30 days, but in some cases it may take longer. If the complaint is not dealt with to your satisfaction you may contact the Office of the Australian Information Commissioner directly (see details below).
Jardine Lloyd Thompson Pty Ltd
Level 37, Grosvenor Place, 225 George Street, Sydney NSW 2000
Phone: +61 2 9290 8000
For further general Privacy information you can contact The Office of the Australian Information Commissioner, or visit their web site on www.oaic.gov.au.