QIB Group Holdings | Privacy Policy

In this Privacy Policy, ‘we’, ‘us’ and ‘our’ means licenced entities of QIB Group Holdings Pty Ltd ABN 98 163 322 914, including QIB Commercial Pty Ltd, ABN 45 010 723 967, AFSL 244330 and QIB Speciality Pty Ltd ABN 62 067 609 572, AFSL 235 365.

We respect the privacy of your personal information. This Privacy Policy sets out how we collect, store, use and disclose your personal information (including sensitive information) in accordance with the terms below, and applicable Privacy Laws (defined as laws including the Australian Privacy Principles set out in the Privacy Act 1988 (Cth).

What personal information we collect

“Personal information” includes information or an opinion, whether true or not, and whether recorded in a material form or not, about an identified living individual or an individual who is reasonably identifiable (e.g. name and contact details), or data about an individual who can be identified from that data, or from that data and other information to which we have or are likely to have access. As its name suggests, “sensitive information” is a more sensitive subset of personal information, which includes bank account/payment, criminal history, health information, religion, racial/ ethnic origin or sexual orientation. If you are an individual who is either based in or a resident of Australia subject to applicable Privacy Laws, we will not process sensitive information about you unless we have received your express consent to the processing of this information. 

We collect certain types of information about you if you visit our website, authorise your broker or our agent to provide us with your personal information in relation to insurance, or otherwise provide us with your personal information. 

The information we collect and hold generally includes your name and contact information (including telephone numbers and email addresses), information relating to the operation of your business, other reference information and information about other parties that you may conduct, or are interested in conducting, business with. 

If you have requested that we act in a broking capacity for insurance – related services, we may also collect and hold other information required to provide such services to you, including details of your previous insurances and sensitive information (such as bank account(s) and criminal records). 

You may be able to deal with us without identifying yourself (i.e. anonymously or by using a pseudonym) in certain circumstances, such as when making a general inquiry relating to the services we offer. If you wish to do so, please contact us to find out if this is practicable in your circumstances. However, if you do not provide us with the information that we need, we or any of our third party service providers may not be able to provide you with the appropriate services.

How we collect your personal information

We may collect personal information in a number of ways, including: 

  • directly from you via our website, telephone, in writing or email; and/or 
  • indirectly from third parties, if necessary. For example, your employer, our insurance broking businesses may provide us with information about you for the purpose of obtaining our services. We may also obtain personal information from referees, insurers, premium funders and other third party service providers or publicly from available sources. 

By engaging with our insurance broking businesses, you authorise us to contact such third parties for the purposes of providing you with the services that you have requested. 

We also automatically collect certain information when you visit our website, some of which may be capable of personally identifying you. Please see the “Cookies” section below for more details

Our purposes for collecting, holding and using your personal information

We collect and hold your personal information for the purposes of providing our services to you and related purposes. Such purposes include: 

  • providing  our insurance broking businesses’ customers, potential customers and others with our services; 
  • providing  our insurance broking businesses with benefits (including passing on customer enquiries to appropriate brokers or providing brokers with professional indemnity insurance) and facilitating adequate management of such benefits on behalf of  our insurance broking businesses; 
  • helping to develop and identify services that may interest  our insurance broking businesses, their customers, potential customers or others; 
  • conducting market or customer research; 
  • developing, establishing and administering alliances and other arrangements with other organisations in relation to the promotion, administration and use of our services; 
  • telling you about our other service offerings which we believe may be relevant (if you have requested to receive this); 
  • statutory or regulatory reporting; 
  • internal or external audit within our group; and 
  • any other purpose notified to you at the time your personal information is collected. 

Legal basis for using your personal information

We will make sure that we only use your personal information for the purposes set out above and where we are satisfied: 

  • we need to use your personal information to perform a contract or take steps to enter into a contract with you; 
  • we need to use your personal information for our legitimate interest as a commercial organisation. For example, we may collect your personal details so that we can respond to enquiries submitted via our website. In all such cases, we will look after your information at all times in a way that is proportionate and respects your privacy rights and you have a right to object to processing as explained in the “Accuracy, access and correction of your personal information” section of this Privacy Policy below; 
  • we need to use your personal information to comply with a relevant legal or regulatory obligation that we have; or 
  • we have your consent to using your personal information for a particular activity. 

Disclosure of your personal information

We will disclose your personal information to: 

  • our related companies,  our insurance broking businesses or third parties who help manage our business and provide our services, including our third party service providers, such as payment system operators, IT suppliers, lawyers, accountants, other advisers and financial institutions; 
  • insurers, reinsurers, other insurance intermediaries, insurance reference bureaus and industry bodies; 
  • any other entities notified to you at the time of collection; 
  • a buyer of our assets or shares when we are a seller;  
  • courts, law enforcement, regulators and other government agencies to comply with all applicable laws, regulations and rules; or 
  • requests of courts, law enforcement, regulators and other governmental agencies 

Other than  

a). when required or permitted by law,
b). as specified in this Privacy Policy or
c). where you have provided your express or implied consent, we will not disclose your personal information.  

Nothing in this Privacy Policy prevents us from using and disclosing to others de-personalised aggregated data.

Transfer of personal information overseas

We may disclose your personal information to the following parties: third party service providers, insurers and/or our related companies as they may be processing your personal information either on our behalf or otherwise for one or more of the above-stated purposes. 

Some of the third party service providers to whom we disclose personal information are located in countries outside of your country of residence, for example, Australia, such as Malaysia, the Philippines, Vietnam, the United Kingdom, the European Union and the United States of America. In this regard, unless exempted by applicable Privacy Laws, we will either (a) seek your express or implied consent to do so prior to the transfer of your personal information overseas or (b) we will take reasonable steps to ensure that the overseas recipient does not breach the Privacy Laws applicable in relation to your personal information. Transfer of your personal information will only be made for one or more of the purposes specified in this Privacy Policy. 

When we take reasonable steps, we will ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and transfers are limited to either countries which are recognised as providing an adequate level of legal protection or where we can be satisfied that alternative arrangement are in place to protect your privacy rights. To this end:

  • we ensure transfers within our group of companies will be covered by an agreement entered into by members of our group of companies (an intra-group agreement) which contractually obliges each member to ensure that personal information receives an adequate and consistent level of protection wherever it is transferred within our group of companies. Where we transfer your personal information either outside our group of companies or to third parties who help provide our services, we obtain contractual commitments from them to protect your personal information; or 
  • where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any personal information are disclosed

You have a right to contact us for more information about the safeguards we have put in place (including a copy of relevant contractual commitments) to ensure the adequate protection of your personal information when this is transferred as mentioned above.

Your obligations when you provide personal information of others

ou must not provide us with personal information (including any sensitive information) of any other individual (including any of your employees or customers if you are an insurance broker) unless you have the express or implied consent of that individual to do so. If you do provide us with such information about another individual, before doing so you: 

  • must tell that individual that you will be providing their information to us; and 
  • warrant that you have that individual’s consent to provide their information to us. 

If you have not done this, you must tell us before you provide any third party information.

Your obligations when we provide you with personal information

If we give you, or provide you access to, the personal information of any individual, you must only use it: 

  • for the purposes we have agreed to; and 
  • in compliance with applicable Privacy Laws and this Privacy Policy. 

You must also ensure that your agents, advisers, employees and contractors meet the above requirements.

Accuracy, access and correction of your personal information

We take reasonable steps to ensure that your personal information is accurate, complete and up-to-date whenever we collect, use or disclose it. However, we also rely on you to advise us of any changes to your personal information. All personal information identified as being incorrect is updated in our database and, where applicable and appropriate, on our website. 

Please contact us using our contact details below as soon as possible if there are any changes to your personal information or if you believe the personal information we hold about you is not accurate, complete or up-to-date. 

You can make a request to access your personal information by contacting us using the contact details below. If you make an access request, we will provide you with access to the personal information we hold about you unless otherwise required or permitted by law. We will notify you of the basis for any denial of access to your personal information. 

We may charge a fee where permitted by law, for instance if your request is significant and requires additional resources or costs to us. We may also charge the reasonable cost of third parties who assist us in complying with the access request. 

We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.

Security of your personal information

We take reasonable steps to protect any personal information that we hold from misuse, interference and loss, and from unauthorised access, alteration and disclosure. 

For example, we maintain physical security over our paper and electronic data stores and premises, such as locks and security systems. We also maintain computer and network security. For example, we use firewalls (security measures for the Internet) and other security systems such as user identifiers and passwords to control access to computer systems. 

However, data protection measures are never completely secure and, despite the measures we have put in place, we cannot guarantee the security of your personal information. You must take care to ensure you protect your personal information (for example, by protecting any usernames and passwords). You should notify us as soon as possible if you become aware of any security breaches. We will where required by applicable Privacy Law, as soon as reasonably possible, notify you of material security breach concerning your personal information.

Links to third party sites

Our website may contain links to other third party websites. We do not endorse or otherwise accept responsibility for the content or privacy practices of those websites or any products or services offered on them. We recommend that you check the privacy policies of these third party websites to find out how these third parties may collect and deal with your personal information.

Cookies

Like many website operators, we may use standard technology called cookies on our website. Cookies are small data files that are downloaded onto your computer when you visit a particular website. Cookies help provide additional functionality to the site or to help us analyse site usage more accurately. For instance, our server may set a cookie that keeps you from having to enter a password more than once during a visit to one of our sites. In all cases in which cookies are used, the cookie will not collect personal information except with your consent. You can disable cookies by turning them off in your browser; however, our website may not function properly if you do so. 

If you follow a link from our website to another website, please be aware that the owner of the other website will have their own privacy and cookie policies for their site. We recommend you read their policies, as we are not responsible or liable for what happens at their website. 

You can adjust the settings in your web browser to determine whether sites can set cookies on your device. If you’ve visited this site before, there may be previously set cookies on your computer. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.aboutcookies.org or www.allaboutcookies.org. 

You may opt out of being tracked by Google Analytics across all websites by following the guidance outlined in their website. 

Direct marketing and how to opt out

hen we collect your personal information, e.g., via email, post, SMS, app notification, telephone or targeted online advertisements, we may use your personal information to send you direct marketing communications about our insurance products or our related services. We limit direct marketing to a reasonable and proportionate level, and to send you communications which we believe may be of interest to you, based on the information we have about you. Our processing of your personal data for direct marketing purposes is based on our legitimate interests, but where opt-in consent is required by law, we may seek your consent where applicable. If you no longer wish to receive such information, or you do not want us to disclose your personal information to any other organisation (including  our insurance broking businesses or any other related companies), you can opt out by following the opt-out links in electronic communications, de-activating the push notification or alert to your mobile phone, or contacting us using our contact details below.

Administration of personal information

You may refuse or withdraw your consent for the collection, use and/or disclosure of your personal information in our possession by giving us reasonable notice so long as there are no legal or contractual restrictions preventing you from doing so. If you withdraw your consent for us to use your personal information for your insurance matters, this will affect our ability to provide you with the products and services that you asked for or have with us. 

If the purpose for which your personal information is collected is no longer served by the retention of such data, or when the retention is no longer necessary for any other legal or business purpose, we will ensure that the hard copy of your personal information will be completely destroyed and electronic personal information as much as possible.

Updates of Privacy Policy

We reserve the right to amend our Privacy Policy from time to time to ensure we properly manage and process your personal data. Any amended Privacy Policy will be posted on our website.

How to make a complaint

If you wish to make a complaint about a breach of this Privacy Policy or any breach of applicable privacy laws, you can contact us using the contact details below. You will need to provide us with sufficient details regarding your complaint together with any supporting evidence and information. 

We will refer your complaint to our Privacy Officer who will investigate the issue and determine the steps that we will undertake to resolve your complaint. We will contact you if we require any additional information from you and will notify you in writing of the outcome of the investigation. We will try to resolve any complaint within 14 working days in Brisbane. If this is not possible, you will be contacted within that time to let you know how long it should take us to resolve your complaint. 

If you are not satisfied with our determination, you can contact us to discuss your concerns or complain to the relevant local data protection supervisory authority (i.e., your place of habitual residence, place of work or place of alleged infringement). This is the Australian Privacy Commissioner in Australia (at www.oaic.gov.au). 

How to contact us

If you wish to gain access to your personal information, want us to correct or update it, have a complaint about a breach of your privacy or any other query relating to our Privacy Policy, please contact our Privacy Officer during business hours (8:30am – 5:00pm) in Brisbane on:

The Privacy Officer

Telephone: +61 7 4167 4218 
Email: Compliance.Support@qibgroup.com.au  

Alternatively, you can contact us via:

QIB Group Holdings Pty Ltd

GPO Box 2921 Brisbane QLD 4001
Telephone: 07 4167 4212 

For further information on privacy, please visit:
in Australia, the Office of the Australian Information Commissioner at http://www.oaic.gov.au/

Created: May 2024