At Scott Winton, we are committed to protecting your privacy and confidentiality in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and to the extent applicable, the EU General Data Protection Regulations. It is one of our prime concerns that any personal or sensitive information you provide to us is not used for any other purpose than that intended and expected by you.  

‘Personal Information’ is defined in the Privacy Act as any information or an opinion (whether or not true) about an identified individual, or an individual who is reasonably identifiable.

This Privacy Policy describes our current policies and practices in relation to the handling and use of your personal information.

What information do we collect and how do we use it?

How we use your personal information

We will collect your personal information primarily for the purposes of providing to you and administrating our financial products and services, and to provide related advice to you. When a claim is made under an insurance policy, we may also collect your personal information and use this information to enable us to assist in the claim process.

In connection with the above uses, we may also need to share your personal information with third parties, such as insurance companies and other entities provide support to us or the insurance companies as part of our services.

Where you have requested that we provide you with information or materials about our products or services, we may use your personal information to send you requested product information and promotional material and to enable us to manage your ongoing requirements, e.g. renewals, and our relationship with you, e.g. invoicing, client surveys etc.

We may also use your personal information internally to help us improve our services and help resolve any problems.

We may also use personal information you have provided to us for the purposes of notifying you about new services and special offers, events or articles related to our products and services, which we think will be of interest to you (or where we have your consent to do so).  

We may send you regular updates by email or by post on insurance matters. If you would rather not receive this information or do not wish to receive it electronically, you can opt out by emailing or writing to us, or by following the opt out details on any electronic communication we provide.

What information we may collect

We will primarily collect your personal information from you, however where it is unreasonable or impracticable for us to collect your information directly from you, or where you have provided your consent, we may collection personal information about you from third parties. We may also collect personal information about you from third parties where this is permitted by law.

The kinds of personal information we may collect about you include general identification information such as your name, email address, other contact information (such as your address or telephone number), date of birth, and any other information required for any of our financial products and services.

For some of our financial products and services, it may be necessary for us to collect ‘sensitive information’, such as your health information, information about your religious beliefs or membership of associations or your criminal record. We will only collect this information where this is necessary to provide our products and services to you, and in accordance with the requirements of the Privacy Act.   

What if you don’t provide some information to us?

You are not required to provide us with any personal information, however we can only apply for and arrange financial service products as part of our services if we have all relevant information. If we cannot collect certain personal information about you, we may not be able to provide you with our products or services.

For example, the insurance laws require insureds to provide all the information required by the end insurer to help them decide whether to insure you and on what terms. Credit Providers also require specific information to help them assess any credit applications that we may facilitate on your behalf.

You may also request to engage with us using a pseudonym or whilst remaining completely anonymous. If you chose to remain anonymous or use a pseudonym, we may be limited in our ability to engage with you, and we may not be able to offer you the products or services you seek.

How do we hold and protect your information?

We hold the information we collect from you in our computer system and in our hard copy files. We ensure that your information is safe by following the usual security procedures expected by our clients and in accordance with the guidelines issued by the Office of Australian Information Commissioner (OAIC).

We also follow the Notifiable Data Breach obligations imposed by the Privacy Act.

Will we disclose the information we collect to anyone?

We may disclose information to:

• Financial institutions, other Australian Financial Service Licensees, Insurers, underwriters, underwriting agencies, wholesale brokers and reinsurers (for the purpose of seeking recovery from them or to assist them to assess insurance risks);
  ‍
• Premium funders / credit providers for the purposes of gaining quotations on and arranging funding of your insurance premiums / financial investments;

• An investigator, assessor, State or Federal Health Authorities, lawyers, accountants, medical practitioners, hospitals or other professional advisors (for the purposes of investigating or assessing your claim);

• A lawyer or recovery agent (for the purpose of defending an action by a third party against you or for the purpose of recovery costs including your excess);

• Contractors who supply services to us, e.g. to handle mailings on our behalf;

• Any of your immediate family members, where this is necessary in connection with our services;

• To our related companies, where this is necessary in connection with our services; and

• Other companies in the event of a corporate sale, merger, reorganisation, dissolution or similar event.

However, we will do our best to ensure that any entity or third party we disclose your personal information to will take steps to protect the information in the same way that we do.  

We may also provide this information to others if we are required to do so by law or in circumstances required or permitted under the Privacy Act. We do not sell, trade, or rent personal information to others.

How can you access, check, update or change your information?

We will take reasonable steps to ensure that the personal information you provide us is accurate, complete and up to date.

Upon receipt of your written request, and provided you give us enough information to allow us to identify the information and your entitlement to the information, we will disclose to you the personal information we hold about you.  

We will also correct, amend or delete any personal information that we agree is inaccurate. If you wish to access or correct your personal information please write to the Privacy Officer, C/- our office.

We do not charge for receiving a request for access to personal information or for complying with a correction request. We do however reserve the right to charge you for all reasonable costs and outgoings specifically incurred in meeting your request for information.

Your consent

We may also collect your personal information for additional purposes, or disclose it to additional parties, where we have your consent.

Complaints about privacy

Should you have a query or a complaint regarding a breach of privacy or how we handle your personal information, please contact our Complaints Officer: on 03 8598 9411 or info@scottwinton.com.au. Our Complaints Officer will handle the matter in accordance with our formal complaints handling procedures.

Your complaint can be lodged over the phone, via mail or email or you may wish to make an appointment with our Complaints Officer at a convenient time and location. We will do all that is reasonable in the circumstances to address your complaint, and respond within 30 days of receiving your complaint.

If you are not satisfied with our handling of your complaint, you may also notify the OAIC of your complaint. The OAIC can investigate privacy complaints from individuals about our business if we are specifically caught by the Privacy Act.  

Further information on the complaints process is available for clients wishing to complain regarding a Privacy Breach at www.oaic.gov.au

Information sent overseas

In certain situations, in order to provide you with our products and services we may need to disclose your personal information to a recipient who is located outside of Australia (such as where an insurer is located overseas, or a supplier of services to us or an insurer is located overseas) – for example, Lloyds of London syndicates or brokers and other overseas based insurers and intermediaries or in situations where we utilise “Cloud Computing” services that are situated outside Australia.

The locations we need to disclose your personal information to will depend on the nature of the products or services we are providing in a particular situation (and this may be subject to change over time), however such locations may include the United Kingdom, Singapore, or countries located within Europe, the Middle East and/or North America.

In all such cases, unless we expressly inform you and obtain your consent to the contrary, we commit to making reasonable enquiries to ensure that these organisations comply with their local privacy legislation where such legislation is comparable to the Australian legislation and to comply with the key components of Australian Privacy legislation in cases where their local legislation is considered inadequate or non-existent.

Website Privacy Issues

Anonymous Data

We use technology to collect anonymous information about the use of our website, for example when you browse our website our service provider may log your server address, the date and time of your visit, the pages and links accessed and the type of browser used. It does not identify you personally and we only use this information for statistical purposes and to improve the content and functionality of our website, to better understand our clients and markets and to improve our services.

Cookies

In order to collect this anonymous data we may use “cookies”. Cookies are small pieces of information which are sent to your browser and stored on your computer’s hard drive. Sometimes they identify users where the website requires information to be retained from one page to the next. This is purely to increase the functionality of the site. Cookies by themselves cannot be used to discover the identity of the user. Cookies do not damage your computer and you can set your browser to notify you when you receive a cookie so that you can decide if you want to accept it. Once you leave the site, the cookie is destroyed and no personal or other information about you is stored.

Forms

Our Website may allow visitors to submit information via Self-Service forms (Quotes, Claim Forms, Employment and Contact request). The information submitted via the Forms may not be encrypted. Should you be concerned about the confidentiality of any information provided by any Self Service forms please do not hesitate to lodge this information with us via phone or email.

General data protection regulation (GDPR) for the European union (EU)

We will comply with the principles of data protection set out in the GDPR for the purpose of fairness, transparency and lawful data collection and use.

We process your personal information as a Processor and/or to the extent that we are a Controller as defined in the GDPR.

We must establish a lawful basis for processing your personal information. The legal basis for which we collect your personal information depends on the data that we collect and how we use it.

We will only collect your personal information with your express consent for a specific purpose and any data collected will be to the extent necessary and not excessive for its purposes. We will keep your data safe and secure.

We will also process your Personal Information if it is necessary for our legitimate interests, or to fulfill a contractual or legal obligation.

We process your personal information if it is necessary to protect your life or in a medical situation, it is necessary to carry out a public function, a task of public interest or if the function has a clear basis in law.

We do not collect or process any personal information from you that is considered “Sensitive Personal Information” relating to your sexual orientation or ethnic origin unless we have your explicit consent, or if it is being collected subject to and in accordance with the GDPR.

You must not provide us with your personal information if you are under the age of sixteen without the consent of your parent or someone who has parental authority for you. We do not knowingly collect or process the personal information of children.

Your rights under the GDPR

If you are an individual residing in the EU, you have certain rights as to how your personal information is obtained and used. We comply with your rights under the GDPR as to how your personal information is used and controlled if you are an individual residing in the EU.

Except as otherwise provided in the GDPR, you have the following rights:

• To be informed how your personal information is being used;
• Access your personal information (we will provide you a free copy of it);
• To correct your personal information if it is inaccurate or incomplete;
• To delete your personal information (also known as the “right to be forgotten”);
• To restrict processing of your personal information;
• To retain and reuse your personal information for your own purposes.
• To object to your personal information being used; and
• To object against automated decision making and profiling. Please contact our Complaints Officer at any time to exercise your rights under the GDPR. We may ask you to verify your identity before acting on your requests.

Tell us what you think

We welcome your questions and comments about privacy. If you have any concerns or complaints, please contact our Privacy Officer; on 03 8598 9411 or email info@scottwinton.com.au.