Privacy and Your Personal and Sensitive Information
2. Personal Information
“Personal information” is information or an opinion about a person that identifies the person or from which the person’s identity can be reasonably ascertained. “Sensitive information” includes medical and health information about that person.
Genus (“we”, “us” and “our”) is bound by the Privacy Act 1988 (Cth) (Privacy Act), including the 13 APPs which protect personal information. Genus respects your right to privacy and values the trust you place in us to handle your personal and sensitive information. Maintaining the privacy of all personal and sensitive information entrusted to us is paramount.
The Privacy Laws provide individuals with the right not to identify themselves or use a pseudonym when transacting with organisations. When applying for or varying Life insurance, it is not practicable for Genus, as a life insurance policy administrator, to allow a person to remain anonymous or the use of a pseudonym, due to life insurance industry risk selection requirements.
4. Collection of personal information, including sensitive information
Genus only collects personal information that is needed to assist us in providing a service to you and your family/employees on behalf of your insurer. When you provide your personal information to us, you are consenting to its use in accordance with this Policy. Generally we keep a record of:
- Personal information that identifies you, such as your name, date of birth and address, your financial institution details or credit card details, your vocational and your lifestyle pursuits;
- Sensitive information about you including, amongst other things, health information for the purposes of assessing applications and claims under Life insurance products issued by your insurer. We will obtain your consent before we collect sensitive information about you, unless we are otherwise permitted by law to make the collection;
- Information from other service providers we use in the administration and claims management of your Life insurance cover such as medical practitioners, pathologists, and other service providers we utilise for the purposes administering your policy and managing any claim.
We will collect personal information, including sensitive information, directly from you or from your nominated treating doctor or other health provider. If we need to collect personal or sensitive information from third parties (such as the service providers mentioned above), we will ask for your consent to do so.
Genus doesn’t ordinarily return, respond to, or store unsolicited personal information that we receive.
5. Use and disclosure of personal information
Genus will only use or disclose personal information that you provide to us for:
- The purpose of assessing and providing your life insurance cover and managing your policy including any claims, or
- Another purpose which has been disclosed to you, with your consent, or
- If we are required or authorised by law to do so.
Following your consent, we may disclose your personal and sensitive information to the appointed service providers where this information will assist with processing your Life insurance application and any changes you seek to make to it. You can also request that we disclose information to another person on your behalf.
We may also disclose your personal information to our related companies.
6. Cross border disclosure of information
Genus, as part of the NobleOak Group is committed to handling your personal information in accordance with the Privacy Laws and the Australian Privacy Principles. We operate all of our offices in Australia in line with the Australian Privacy Principles and our Australian Privacy compliance framework. Currently all your personal and sensitive information is stored and accessed in Australia. If this changes, we will amend this Policy to detail any overseas countries where data may reside.
Please let us know if you have any queries or objections to such disclosures.
7. Government-related identifiers
Genus will not use Government-related identifiers (such as a Medicare number) as our reference number for you in our systems. We will only use or disclose any government identifier that you provide to us as required (such as to assist with a claim assessment) or where authorised by law.
Genus will take reasonable steps to protect personal information entrusted to us from misuse and loss and from unauthorised access, interference, modification and disclosure. All information entrusted to us will be securely stored in physical and/or electronic form.
Where we no longer require your personal information, we will take reasonable steps to destroy or permanently de-identify that information in accordance with your insurer’s requirements.
Genus has internal procedures which require our people to ensure the safe handling and storage of all private and confidential information including procedures for safe custody and transit of information both inside and outside of Genus.
A data breach occurs when personal information is accessed or disclosed without authorisation or is lost. In the unlikely event that such a breach occurs NobleOak will assess the impact of the breach and if there is the likelihood of any serious harm to you then we will contact you about the breach and advise of the action we have taken including any reporting of the breach to the Australian Government’s Office of the Australian Information Commissioner (OAIC).
9. Access and correction of information we hold about you
Genus is committed to keeping up-to-date records of your personal information. We will take reasonable steps to ensure that any personal information collected, used or disclosed by us is accurate, complete, and up-to-date.
If Genus holds personal information about you on behalf of your insurer, you might request access to that personal information. However, the law allows us to decline access in limited circumstances. We may charge you a reasonable fee for providing you with access to that personal information.
You may request access to your information from Genus at any time and can find out what information we hold about you by contacting the Genus Privacy Officer via email at: email@example.com.
Genus will deal with any access or correction request in a timely manner. If you establish that personal information held by us is not accurate, complete, relevant, up-to-date or is misleading, we will need to satisfactorily identify you first, then we’ll take reasonable steps to correct the information so that it is accurate, complete, relevant, up-to-date, and not misleading. If we refuse to provide you with access or to correct such information, we will provide you with written reasons for our denial of access or refusal to correct your personal information.
10. Direct Marketing
Genus is a policy administrator acting on behalf of your insurer. When you provide contact information to us, you agree to us contacting you in relation to promoting products and services, administering your policy or claim. In doing so, we may provide personal information about you to your insurer, a related company or service provider. If you are unsure where we first obtained your contact information, you may ask us to provide the source of that information. If you do not wish to receive information on other products or services offered by or through us, please contact us.
11. Cookies and website monitoring
Genus may use reports provided by Google Analytics and other service providers to help us understand website traffic and webpage usage. We analyse user activity on the website, such as pages visited, search terms and time spent on the site to help us gain insights about how we can improve the functionality and experience of the website for our site visitors. We also use information provided by third parties such as Google, including Google Analytics Remarketing cookies, for remarketing activities and to improve user experience.
12. EU General Data Protection Regulation (GDPR)
Genus provides administration services for products that are available to Australian residents in Australia only. Accordingly, the Australian Privacy Laws and the APP’s apply to Genus.
Where a Genus client advises us that they are also a citizen of an EU country subject to the GDPR then Genus will update our records about the client’s EU citizenship status and have regard to the specific requirements of OAIC Guidelines in respect of Australian businesses and the EU General Data Protection Regulation. Further details may be obtained from the Genus Privacy Officer at firstname.lastname@example.org
13. Contacting Genus
General privacy enquiries should be directed to the Genus Privacy Officer at:
14. If you have a privacy complaint
Genus takes a best practice approach to addressing privacy complaints. Upon receipt of a complaint, it will be immediately escalated to Genus staff with the appropriate knowledge of the Privacy Act. We will then issue you with a timely response that, if appropriate, will outline the measures that Genus will take to resolve the complaint.
You may make a privacy complaint directly to Genus via:
email@example.com 1300 88 44 88 between 9.00 am and 6.00pm (AEST) GPO Box 2548, Sydney NSW 2001 Genus’ objective in all cases will be to resolve your complaint promptly.
However, if you feel that we have not satisfactorily addressed your complaint, you may also make a complaint to the Australian Government’s Office of the Australian Information Commissioner (OAIC) via the following channels:
Online at: https://www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint or
In writing to: GPO Box 5218 Sydney NSW 2001.
The OAIC can also be contacted via telephone by calling 1300 363 992, faxing 02 9284 9666 or by emailing firstname.lastname@example.org.
Issue date: 25 March 2020
Genus Life Insurance Services Pty Ltd
Level 7, 66 Clarence Street, Sydney NSW 2000
Telephone: 1300 88 44 88