This document describes how Insurance Council of Australia Limited ABN 50 005 617 318 (the ICA) complies with the requirements of the Privacy Act 1988 (Cth) (Privacy Act), including the Australian Privacy Principles, and any other applicable privacy laws in Australia in respect of the website www.insurancecouncil.com.au (Website).
What kinds of personal information does the ICA collect and hold?
The kinds of personal information that the ICA collects and holds include contact details, employment history, educational qualifications, complaint details, photographs, audio and video recordings and other information that is relevant to its functions or activities.
The ICA may also collect, hold, use and disclose some sensitive information about individuals as set out in the section entitled Sensitive information (below).
The information collected is normally limited to the minimum information required to establish and maintain routine communications with individuals in the course of the ICA's activities.
How does the ICA collect and hold personal information?
The ICA usually collects personal information directly from individuals through their use of the Website and when they contact the ICA by telephone, in person or otherwise in writing in connection with the ICA's services, functions or activities.
The ICA only collects personal information for purposes directly related to its functions or activities, including:
a. processing and dealing with inquiries from individuals about the ICA, the insurance industry, its member companies or other information provided by the ICA and providing general information in response to inquiries;
b. collecting submissions and views regarding the political, social, business, regulatory and economic environment in Australia;
c. processing membership applications;
d. arranging, promoting and hosting of events by the ICA;
e. direct marketing of its services to individuals;
f. distributing registration materials for events, confirming registration, receiving speakers' papers and other presentations, providing conference papers and notices of other ICA or ICA supported events;
g. hosting blogs or forums on the Website;
h. dealing with queries and responses relating to disasters and catastrophes;
i. providing information in respect of its activities and those of its members to individuals;
j. processing and dealing with information received from the public to help combat insurance fraud;
k. taking photographs, video and audio recordings of attendees at ICA events and publishing these on the Website or elsewhere;
l. receiving and processing applications for prospective employment or contracting opportunities at the ICA;
m. other purposes relating to the ICA's objectives; and
n. for Policy Committees and Working Groups - to distribute agendas and notes of meetings, discussion papers, draft submissions or technical questionnaires.
The ICA collects individuals' personal information (such as contact details, employment details, marital status and dietary requirements) through its agents, who collect such information on behalf of the ICA, when registering individuals for the ICA's events or providing other services to the ICA in connection with its functions and activities.
The ICA also collects individuals' personal information, which may include sensitive information from third parties who report suspected insurance fraud to the ICA.
If the ICA is not provided with information that it requests in connection with the above activities, it may not be able to provide its services to the relevant individual.
The ICA may collect, hold, use and disclose sensitive information about individuals such as mental and physical health, disability, racial or ethnic origin, criminal convictions or religious or political affiliation, either directly from the individuals or from third parties in connection with processing and dealing with information received from the public to help combat insurance fraud.
The ICA may also collect, hold and use sensitive information about individuals directly from individuals when they contact the ICA in connection with its functions and activities. However, any such collection is with the consent of such individuals. Any such sensitive information is only retained on an aggregated basis by the ICA and the individuals are not identifiable.
The ICA uses "cookies" on the Website. A cookie is a small amount of information which is transferred to the hard drive of your computer and which can identify your web browser but not you. Individuals can disable their web browsers from accepting cookies. If you do so, you can still access the Website, but not all services may be available.
Dealing anonymously or pseudonymously with the ICA
Individuals may deal with the ICA on an anonymous basis or using a pseudonym when making general inquiries to the ICA. However, the ICA may require certain contact details from individuals to respond to inquiries.
If the ICA solicits submissions or comments from individuals, or if the ICA hosts a blog or forum on the Website, individuals may use a pseudonym for publication with the submission. However, the ICA will require that the individual provide his or her name and contact details confidentially to the ICA.
Individuals can contact the ICA on an anonymous basis to report a suspected insurance fraud. However, if there is a reward offered by the ICA or any third parties for the provision of information in respect of any insurance fraud, the individual may not receive the reward from the relevant party if the individual does not provide his or her personal information.
How the ICA holds, uses and discloses personal information
The ICA holds personal information in a secure online database. It may also hold electronic copies of documents containing personal information (e.g. queries, complaints, CVs, membership application forms and other relevant documents) in a secure online database.
Where it holds personal information electronically, such information can only be accessed by authorised ICA staff using personal accredited passwords.
The keeping of personal information in hard copy is not encouraged by the ICA. Information is held in hard copy only for a reasonable time as necessary and stored securely. All ICA premises are protected by security access.
The ICA only holds and uses personal information for purposes directly related to its functions or activities or for the purposes for which the information was originally collected or otherwise in accordance with the Australian Privacy Principles.
Disclosure of personal information
The ICA may disclose personal information provided to it, to the following third parties:
a. members of the ICA, such as insurance companies, to process queries or complaints received by the ICA from individuals;
b. conference organisers;
c. Federal, State or Territory police authorities and agencies;
d. members of the ICA's Policy Committees and Working Groups;
e. media organisations and agencies and other third parties for the purpose of dissemination and publication of photographs and audio and video recordings made by the ICA, or its agents, at events;
f. the ICA's staff for the purposes of their work responsibilities; and
g. other third parties providing law enforcement or administrative services.
The disclosure of personal information in the circumstances outlined in sections (a), (c) and (g) above may include the disclosure of sensitive information.
The ICA's Policy Committees are comprised of representatives of the ICA's member companies and the ICA's staff and executives. Members of Policy Committees are nominated by the controlling officers of the ICA's members or by the ICA as relevant. Working Groups may be established by the ICA from time to time to assist the ICA in addressing contemporary industry issues. Some of the ICA's Committees and Working Groups may have representatives from organisations that are not members of the ICA.
The ICA does not generally disclose personal information to overseas recipients and will only do so in accordance with the Australian Privacy Principles.
Accessing and correcting personal information held by the ICA
Individuals may access personal information about them that is held by the ICA, and may make or seek changes to that information, by contacting the ICA on 02 9253 5100.
If the ICA does not agree to provide access to personal information or to amend or annotate the information we hold about an individual, the relevant individual may seek a review of the ICA's decision.
If the ICA does not agree to make requested changes to personal information, an individual may make a statement about the requested changes and the ICA will attach the statement to the individual's record.
Individuals can send written complaints about a breach of the Australian Privacy Principles in relation to their personal information to The Privacy Officer, Insurance Council of Australia, Level 4, 56 Pitt Street, Sydney NSW 2000. Complaints will be reviewed by our Privacy Officer and a response will usually be provided within 30 days of receipt of the complaint by the ICA.
For more information about making a complaint, please contact the ICA on 02 9253 5100.
If an individual believes that his or her complaint has not been satisfactorily addressed by the ICA, after following the procedure set out above, he or she can make a complaint to the Office of the Information Commissioner (OAIC). The OAIC's contact details are available on its website.