Privacy Policy

General

Sureplan Friendly Society Ltd (referred to in this document as we, us or our) recognises that your privacy is very important and we are committed to protecting the personal information we collect from you. The Privacy Act 1988 (Cth) (Privacy Act), the Australian Privacy Principles (APPs) and registered privacy codes govern the way in which we must manage your personal information and this Privacy Policy (Policy) sets out how we collect, use, disclose and otherwise manage personal information about you.

An individual who provides personal information to us, either directly or through a business partner, distributor or referrer, agent or service provider is given access to this Policy. By providing personal information to us and having access to this Policy an individual consents to us collecting, holding, using and disclosing personal information in accordance with this Policy.

Collection

Types of information collected

We may collect and hold personal information about you, that is, information that can identify you, and is relevant to providing you with the services you are seeking.

The kinds of information we typically collect include name, address, date of birth, age, contact details like phone numbers and email addresses, financial information and employment information to process your premium payments, health information as well as electronic information from your use of our website (see further below).

Sureplan will not disclose, share or sell your personal information to any unauthorised third party, and will only disclose your personal information to parties for the purposes of carrying out the functions outlined above or paying commission to our agents.

Sensitive information

Except as otherwise permitted by law, we only collect sensitive information about you, such as medical and health information, if you consent to the collection of the information and if the information is reasonably necessary for the performance of our functions, as set out below.

Purpose of collection

The personal information that we collect and hold about you, depends on your interaction with us.

Generally, we will collect, use and hold your personal information for the purposes of:

1. assessing your application for membership;
2. communicating with you in the event that your application is accepted;
3. providing you with details regarding Sureplan products and services;
4. assessing any claims that you make;
5. making moneys payable by one of our funds in the event of your death available to the person nominated by you to receive those moneys on behalf of your estate to cover funeral expenses;
6. communicating with the nominee under your policy;
7. using financial or employment details to carry out authorized payment of premiums or contributions, confirmation of new memberships to the signing agent and processing benefit claims;
8. providing you with information about other services that we, our related entities and other organisations that we have affiliations with, offer that may be of interest to you;
9. facilitating our internal business operations, including the fulfilment of any legal requirements;
10. monitoring, auditing, analysing and evaluating our products and services and customer needs with a view to developing new or improved services; and
11. dealing with any complaints or enquiries.

In some instances, Sureplan may ask for personal details in order to comply with relevant legislation, such as the Life Insurance Act 1995, the Corporations Act 2001, or taxation laws to process your application, or provide you with Sureplan’s high standard of service.

We will hold personal information for as long as necessary in order to meet the purposes described in this Policy and as required by law. For example, personal information in connection with policies will be held for the life of the policies.

We will not disclose your personal information for any other purpose unless the individual has provided us with consent. There may be other purposes where we may disclose your personal information other than those mentioned above. We will only do this if it would be reasonably expected of us to do so in the circumstances.

Method of collection

Personal information will generally be collected directly from you through the use of any of our standard forms, over the internet, via email, or through a telephone conversation with you. There may, however, be some instances where personal information about you will be collected indirectly because it is unreasonable or impractical to collect personal information directly from you. For example, by applying for cover, you consent to Sureplan collecting (from third parties including hospitals, other health care providers and funeral homes) sensitive information about you and using it to consider your application for insurance, assessing any claims made by you, and any other related purposes.

We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.

Failure to provide information or consent

If the personal information you provide to us is incomplete or inaccurate or your consent is not given, we may be unable to provide you, or someone else you know, with the services you, or they, are seeking.

Internet users

If you access our website, we may collect additional personal information about you in the form of your IP address and domain name.

Our website uses cookies. The main purpose of cookies is to identify users and to prepare customised web pages for them. Cookies do not identify you personally, but they may link back to a database record about you. We use cookies to monitor usage of our website and to create a personal record of when you visit our website and what pages you view so that we may serve you more effectively.

Our website may contain links to other websites. We are not responsible for the privacy practices of linked websites and linked websites are not subject to our privacy policies and procedures.

Use and disclosure

Generally, we only use or disclose personal information about you for the purposes for which it was collected (as set out above). We may disclose personal information about you to:

1. beneficiaries or nominees of any policy you purchase or hold with us;
2. our related entities to facilitate our and their internal business processes;
3. service providers and agents, who assist us in operating our business, and these service providers may not be required to comply with our Privacy Policy; and
4. our related entities and other organisations with whom we have affiliations so that those organisations may provide you with information about services and various promotions.

In some circumstances, the law may permit or require us to use or disclose personal information for other purposes (for instance where you would reasonably expect us to and the purpose is related to the purpose of collection).

Security

We store your personal information in different ways, including in paper and in electronic form. The security of your personal information is important to us. We take all reasonable measures to ensure that your personal information is stored safely to protect it from misuse, loss, unauthorised access, modification or disclosure, including electronic and physical security measures.

Your personal information will be stored in servers located in Australia for the purposes set out above. We do not currently disclose personal information to overseas recipients.

Access to personal information

You may access the personal information we hold about you, upon making a written request. We will try to acknowledge your request within 14 days of its receipt, and to provide you with access to the information requested within 30 days. We may charge you a reasonable fee for providing access to your personal information (but not for making a request for access).

Sureplan requires that any requests for changes to a member’s record must be in writing and signed by the member. It is imperative that members advise Sureplan of changes to theirs or their nominee’s details promptly.

We may decline a request for access to personal information in circumstances prescribed by the Privacy Act and if we do, we will provide you with a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons).

If, upon receiving access to your personal information or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately. We will take reasonable steps to correct the information so that it is accurate, complete and up to date.

If we refuse to correct your personal information, we will provide you with a written notice that sets out the reason for our refusal (unless it would be unreasonable to provide those reasons) together with information about the mechanisms available to you to make a complaint.

Complaints and Feedback

If you wish to make a complaint about a breach of the Privacy Act, Australian Privacy Principles or a privacy code that applies to us, please contact us as set out below and we will take reasonable steps to investigate the complaint and respond to you. If you are not happy with our response, you may complain directly to the federal Information Commissioner (OAIC), see below.

If you have any queries or concerns about our privacy policy or the way we handle your personal information, please contact our privacy officer at:

Street address: Ground Floor, 133 Leichhardt St, Spring Hill Qld 4000
Email address:
Telephone: 1800 817 105 or 07 3833 3333
Facsimile: 07 3833 3338

If we have not responded to the complaint within 30 days or if you are not satisfied with our response, then you can refer the matter to the OAIC. An individual may make a complaint with the OAIC:

• on the OAIC website by downloading the Privacy Complaint Form, www.oaic.gov.au;
• by phone, 1300 363 992;
• by post, GPO Box 2999 Canberra ACT 2601;
• by fax, 02 9284 9666; or
• by email, enquiries@oaic.gov.au

Acknowledgement and Consent

By applying for membership and purchasing a policy, you consent to the collection, handling, use and disclosure of personal information by us in accordance with this Policy.

More information

For more information about privacy in general, you can visit the OAIC website at www.oaic.gov.au.

Notifiable Data Breaches Scheme

The Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act establishes requirements for entities in responding to data breaches. Entities have data breach notification obligations when a data breach is likely to result in serious harm to any individuals whose personal information is involved in the breach.

We have procedures in place to ensure compliance with the NDB scheme.