Privacy statement

Summary

It is important to understand how your information is handled in today’s global world. 

Our Privacy Statement details the kind of information we collect, why we need it and how we may use it as part of providing our products and services to you. 

 

Collecting your personal information

The majority of the information we collect is provided by you – like your application, claim details or when we communicate directly with you. 

There are times that we will need to request information about you from a third party, such as a medical professional. This helps us make an informed decision about your claim. 

 

Your information allows us to provide our products and services

We use your information so that we can provide you with our products and services. We also use it for other purposes, such as designing our products and services, telling you about them, or for legal purposes. 

Sometimes we need to share your information with third parties, such as our professional advisors or other organisations who help us provide our products and services.  

 

We only use information we’re allowed to – or if the law requires it  

Whenever you use our products or services you are consenting to us collecting and agreeing to us using your information. 

You can withdraw this consent at any time by contacting us, but if you do we may no longer be able to provide you with our products or services. 

Whenever we work with your information, we comply with the laws of Australia and the laws of other countries that apply to us. 

 

You can manage your personal information 

We are strongly committed to protecting your personal information and your privacy, and to providing a safe and secure web environment for you. 

If at any time, you want to access or correct your personal information held by us, or if you have any concerns, you can contact our Privacy Officer at info@scti.com.au.

To find out more, please read our Privacy Statement below.

 

About this document 

We value the trust you place in us to handle your personal information (including sensitive information) the right way when we provide a product or service to you. 

Southern Cross is bound by the Privacy Act and the APPs. Our Privacy Statement sets out how we will manage and protect your personal information. 

In this document ‘Southern Cross’, ‘we’, ‘our’ or ‘us’ means Southern Cross Benefits Limited ABN 99 133 401 939, AFS License 331058 trading as Southern Cross Travel Insurance.  

In this Privacy Statement: 

You’ and ‘your’ means our customers. If you give us information about another person, please make sure that you have their permission first. ‘You’ and ‘your’ also includes the person:

  • whose name was used to obtain a quote for or purchase one of our products
  • who uses our products and services 
  • who gives us personal information. 

Privacy Act’ or ‘Act’ means the Privacy Act 1988 (Cth).

APP’ or ‘APPs’ means the Australian Privacy Principles.

 

1. Information we collect and hold

So we can provide you with a product or service, we need to collect some of your personal information. 

“Personal information” is information or an opinion about you, or information that can be used to identify who you are.

We may also seek to collect personal information that is regarded as sensitive information or health information where your claim involves a medical event or condition. 

The majority of your personal information is collected from you, such as:  

  • your name, email address, date of birth, contact details and other personal details to set up a policy for you; 
  • personal information of any other person you wish to insure;
  • your travel plans;
  • information about your medical history and the medical history of any other person you wish to insure, including about pre-existing medical conditions;
  • your bank account details so that we may pay your claim;
  • information about the medical history of any person that results in a claim under your policy; and
  • information about claims you make or wish to make under your policy.

We are strongly committed to protecting your personal information and your privacy, and to providing a safe and secure web environment for you. 

We have strict information security policies and procedures in place to protect personal information held by us from misuse, interference, loss, and unauthorised access, modification or disclosure, in accordance with legal requirements. 

When we no longer need your personal information for a purpose for which it may be used or disclosed by us, we will take steps that are reasonable in the circumstances to destroy that information or make sure it is de-identified.


2. Collecting your personal information 

Unless otherwise permitted by law, we will collect your personal information from you directly.

We may also collect personal information (including sensitive information) from the following third parties: 

  • other customers covered by your policy;
  • medical practitioners and health services providers and medical authorities;
  • ‘Southern Cross’ branded businesses and our trusted business partners;
  • intermediaries associated with your policy (such as advisers, agents, brokers and other representatives);
  • other insurers or any insurance data collection service for the purposes of policy or claim verification and/or fraud prevention;
  • third party fraud protection services and their subscribers for the purpose of fraud prevention, investigation or detection;
  • law enforcement agencies, telecommunications and digital partners and agencies, social media and any other service providers to us; or
  • any other person when authorised by you.

Sensitive or health information may only be collected where it is reasonably necessary for, or directly related to, one of our business functions or activities.

If we do not have your consent, we will not collect your sensitive or personal information, except where this is necessary for emergency assistance, is required by law, or is necessary for legal proceedings.

We may collect personal information about you from the main policyholder (where you are not the main policyholder) when it is unreasonable or impracticable to collect that information from you directly.

If you are the main policyholder, you are responsible for making any other people insured under your policy aware that you are disclosing their personal information to us, and of the terms of this Privacy Statement.

When we collect your personal information from a third party, we must take reasonable steps to notify you that we have collected that information and ensure that you have been made aware of certain things as stipulated by the Act, including:

  • our identity and contact details;
  • how you may have access to the information that we have collected about you; and
  • the purpose for which the information has been collected.

Please note that we generally record inbound and outbound telephone calls we have with you for operational and training purposes so that we may effectively and efficiently provide our products and services to you as a large organisation.

Technology is also used to improve your website or digital journey, and data can be used to identify your IP address, record your date and time of visit, the pages you visited and the device and browser you may be using.

We use this for statistical analysis and improving your digital experience, content, quote process and our website. For further information about this, please read our cookies policy.

 

3. Using and sharing your personal information

We use your information for the following purposes:

  • to consider your eligibility for cover under the policy;
  • to consider the specific terms applying to the policy (including any pre-existing medical conditions);
  • to process your application and administer the policy;
  • to process, investigate and review any claims made and/or paid (including historical claims);
  • to design and develop new products and make changes to existing products;
  • to improve and personalize the customer experience;
  • to assist in system development and training;
  • to prevent, detect and investigate any fraud including where in our reasonable opinion we suspect any fraud;
  • to investigate and resolve complaints including obtaining and providing material to the Australian Financial Complaints Authority (‘AFCA’);
  • to comply with legislative and regulatory requirements and provisions including the General Insurance Code of Practice;
  • to contact you from time to time, including within a reasonable time of you ceasing to be covered by the policy, about products and services offered by us and our business partners;
  • to conduct analysis and research in relation to the above purposes;
  • to assist with the investigation and/or recovery of any claims made and/or paid (including historical claims); or
  • as permitted or required by law.

From time to time, Southern Cross may send you marketing and other information electronically such as by email or text message. If you have provided your email address or mobile phone number, we take this as your implied consent to us doing this. If you wish to withdraw your consent at any time, please contact us.

Unless otherwise permitted by law, we will only disclose to, or share your personal information for the above purposes with people or entities such as:

  • the policyholder or other customers covered on the policy;
  • medical practitioners and/or health services providers; 
  • our emergency assistance service provider;
  • other third parties contracted by us to perform our services, provided any use of your personal information by that third party is limited solely to the relevant service;
  • intermediaries associated with your policy (such as advisers, agents, brokers and other representatives); 
  • our reinsurers and their agents;
  • our actuaries;
  • other ‘Southern Cross’ branded businesses, our trusted business partners and service providers (for example, mailing houses, actuaries, research and insight agencies, investigators, data processing and matching services, data analysis services, data monetization services, information broking services, business consulting services, marketing and research services and information technology services); 
  • other insurers on their specific request or for the purpose of fraud prevention, investigation or detection;
  • third party fraud prevention services and their subscribers for the purposes of fraud prevention, investigation or detection;
  • any other person in accordance with the law; or 
  • any other person when authorised by you or the policyholder. 

All communications from us relating to you, whether or not you are the policyholder, will be sent to the policyholder. 

This means that your personal and health information will always be disclosed to the policyholder, including when you make a claim. 

 

4. Your consent 

By commencing or continuing your relationship with us, you are taken to have consented to the collection and disclosure of your personal information (including sensitive health information) by us from and to third parties as detailed in this Privacy Statement.

You may withdraw this consent at any time simply by notifying us. Depending on the circumstances, this may prevent us from being able to provide services to you.

If you do not provide the information we request or do not consent to us collecting that information from third parties, then depending upon the type of information concerned we may not be able to:

  • process any application for insurance cover or claims; and
  • provide any other services to you such as paying your claim or cancelling your Policy with us. 

5. Securing and managing your personal information  

When personal information is transferred over the internet, we cannot guarantee the transmission is always secure, and it is therefore transferred at your risk.

Once you have provided us with or we have received your information from a third party, we use a range of safeguards to securely store your personal information so that it is protected from unauthorised use, access, modification or disclosure. 

We do our best to ensure that the information about you that we collect, store, use or disclose is accurate, complete and up to date and prompt notification of any changes to your contact details will help us to do this. 

If we do not have your correct contact details, we may not be able to provide you with important information about your policy. 

You are entitled to have access to and request correction of any of your personal information held by us. If you would like to contact us about your information, contact details or the safeguards that we use, please contact us at: info@scti.com.au.

 

6. Sharing your personal information overseas 

When assessing your insurance application, your claim or administering your insurance policy, we may provide your personal information (or sensitive information if reasonably necessary) to business partners and service providers who are located in New Zealand and Australia, but may be located in other geographic areas from time to time. 

When providing you with medical and non-medical assistance, or when authenticating your personal information (or sensitive information if reasonably necessary), we may provide such information to service providers located in the geographic areas in which you have travelled. 

Before sharing your information, we take steps to ensure that our business partners and service providers protect the privacy and security of your information and use it only for the purpose for which it is disclosed by us.

While we are committed to protecting your information, in some cases we may not be able to take reasonable steps to ensure that persons and organisations with whom we do not contract with but to whom we reasonably need to disclose your information, do not breach privacy laws. In these circumstances the level of protection of your information may not be the same as provided for under Australian privacy laws. We will only disclose your information in this manner where it is reasonably necessary to do so. 

You can contact us on info@scti.com.au for details about these persons and organisations.

 

7. Privacy complaints

You should first direct any complaint of an alleged breach of the Privacy Act to our Privacy Officer. Their contact details are as follows:

Email: info@scti.com.au

If you are not satisfied with how we have dealt with the complaint, you may contact the Privacy Commissioner at:

GPO Box 5218,

Sydney,

NSW 1042,

Telephone: 1300 363 992 (local call charge)

Fax: 02 9284 9666

Email: enquiries@oaic.gov.au

The Privacy Commissioner may investigate complaints about acts or practices that constitute an 'interference with privacy' if we do not resolve your concerns.

 

8. Contacting us 

If you have any queries about how we handle your personal and health information, or this Privacy Statement, please contact us: 

Address: Level 44, 2 Park Street, SYDNEY NSW 2000

Telephone: 1800 196 484 (Monday – Friday 8:30am – 5pm AEDT) 

Email: info@scti.com.au

Your information is collected and held by Southern Cross Benefits Limited, Level 1, Te Kupenga, 155 Fanshawe Street, Auckland, 1010, New Zealand. 

This statement may be updated from time to time, without notice.