Australian Unity has been around for more than 175 years and our focus is still the same: to serve and enhance the wellbeing of our members, customers and communities. We want to help people thrive by helping you to create a bright future with our health, wealth and living services.
We understand that your privacy is important to you. At Australian Unity we have a long history of handing the personal information (including sensitive information and credit-related information) of our customers, with integrity and confidentiality.
Australian Unity cares about protecting the privacy and security of your personal information and we value your ongoing trust in us to protect this information.
We will protect the personal information of our members and customers under the Privacy Act 1988 (Cth) (Privacy Act), Privacy (Credit Reporting) Code 2014, and other applicable laws in relation to the handling of personal information (Privacy Laws).
Which entities does this Policy cover?
Australian Unity Limited and its subsidiaries are subject to the same standards in relation to the handling of personal information, regardless of which services they provide. Australian Unity Limited businesses include our dental centres, wealth, financial planning, mortgage broking services, bank, general insurance, private health insurance, trustee services and independent and assisted living businesses and its subsidiaries include but are not limited to:
- Australian Unity Health Limited
- Australian Unity Bank Limited
- Lifeplan Australian Friendly Society Limited
- Australian Unity Retirement Living Services Limited
The credit reporting provisions in this Policy apply specifically to Australian Unity Bank Limited because it provides consumer credit products and services to its retail banking customers, and handles credit-related information.
About this policy and your privacy
This policy sets out how Australian Unity handles your personal information. It explains how we can collect, use, hold and disclose this information.
It also contains information about how you can access the information we hold about you, how you can ask us to correct your information, or make a complaint about how we have managed your information.
We will also provide you with more information about how we handle your information when you fill out an application or make a claim or receive the terms and conditions, so you should read these documents thoroughly.
Some helpful definitions:
Throughout this Policy, we use terms that have a specific meaning, either under Privacy laws and Codes.
- “Personal Information” includes any information or opinion that can identify somebody, such as your name, address, date of birth, telephone numbers, or driver’s license number.
- ”Sensitive information” is personal information that is given a higher level of protection under the Privacy Act. It includes information about a person’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliation, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record, health information and genetic information.
What personal information do we collect?
Personal information we collect
The personal information we may collect about you will depend on the type of product or service you receive from us. We will also collect personal information from you to manage your accounts and services.
Some of the information may include:
- Identifying and contact information such as name, date of birth, address, telephone number, email address and social media platform user name
- demographic information, such as age and gender
- financial information such as banking, payment and contribution details
- government issued identifiers such as Tax File Number, Medicare and Driver’s License numbers
- transaction information such as records of service contacts, reasons for applying for a product or service, photographs, video and audio recordings of contacts
- registration to programs offered by Australian Unity or its partners
- website usage
- any other personal information needed or required by law such as the Anti-Money Laundering and Counter Terrorist Financing Act 2006 (Cth) (AML/CTF Act).
Sensitive information we collect
We will not collect sensitive information about you unless:
- we need the information for one of our functions or activities and have your consent;
- For example: we may collect health information (including clinical) and claims information; or, if you want to vary your repayments for a credit product because you are experiencing financial difficulties (financial hardship), information about your personal circumstances.
- we are legally required to collect this information; or
- the collection is necessary to prevent or lessen a serious and imminent threat to the life or health of an individual, and it is unreasonable or impracticable to obtain the individual’s consent to the collection, use or disclosure (such as if the individual is physically or legally incapable of giving or communicating consent to the collection, use or disclosure).
Credit-related information we collect
If you apply for credit, or give a guarantee, or have a credit product with Australian Unity Bank Limited, we collect credit-related information relevant to your application. We also collect credit-information for ongoing management of your account.
Some of the information we collect is:
- the type of credit product you want, and how much you want to borrow
- financial information, such as: employment, income, expenses, and savings;
- information from a credit report from a credit reporting body
- how you have managed the repayment obligations on other credit products with us, and other financial institutions
- details about any bankruptcies, insolvencies, or other credit-related court proceedings.
How do we collect your personal information?
In most cases, we collect personal information directly from you when you apply for a product or service, use our websites or mobile or tablet applications or social media, talk to us, provide us with feedback, make a complaint, visit one of our offices or branches or register for an Australian Unity program.
Sometimes we may collect information about you from other sources including:
- a person you have authorised to act on your behalf such as an agent or a family member
- a person covered under your private health insurance cover
- a person such as a spouse, parent or dependent seeking financial planning services
- a nominated beneficiary, a plan guardian or a nominated student of an investment bond
- credit reporting bodies if we request a report about your credit history and other credit providers
- other related entities so we can better manager our relationship with you
- organisations that we have an arrangement with to jointly offer or promote products or services to you
- marketing companies if we acquire contact information to tell people about our products and services that may be of interest to them; and
- brokers or parties who may introduce you to us such as a recruitment firm or referral partner
- referees that you provide us as a prospective employee
- publicly available records including phone directories, websites or the electoral roll.
Where you have given us personal information about another person, e.g. a person you have authorised to act on your behalf, we expect you to tell those people that you have given us their information, and to tell them about this Policy.
Credit-related information we collect from others
If you apply for credit or give a guarantee or have a credit product with Australian Unity Bank Limited, we collect personal information and credit-related information about you from third parties, such as:
- any referees that you provide
- your employer
- credit providers
- third party service providers including credit reporting bodies
Have you been a victim of fraud?
Credit reporting bodies collect credit information about individuals which they provide as credit reports to credit providers (e.g. Australian Unity Bank Limited), and others in the credit industry to assist them in managing credit risk, collecting debts and other activities.
You can also ask a credit reporting body, through contact details on their website, not to use or disclose your personal information if you believe on reasonable grounds that you have been or are likely to be a victim of fraud, including identity fraud.
When we get information we didn’t ask for?
Do we collect information electronically?
Whenever anyone visits our website, online member services, mobile or tablet applications. we collect data about their visit using ‘cookies’ to obtain information about how our website is being used. Until you log into our website, any browsing you do on our website is anonymous.
We collect information about what our customers preferences and behaviours are. This is used to help us administer and enhance:
- the performance of our system
- the content of the website
- the services we offer to you monitor web traffic, so we can make sure the website is available during peak periods.
We also monitor web traffic, so we can make sure the website is available during peak periods.
When you log on to our one of our online services we will ask for information to identify you. We will also use the 'cookies' for security purposes.
Our website also includes a number of calculators, which may require you to enter your personal details. You may change the settings on your browser to reject cookies; however doing so might prevent you from accessing the secured pages of our website.
Our websites contain links to other sites, which are not subject to our privacy policies and procedures. You will need to review those websites directly to ascertain their particular privacy policies and practices.
What if you don’t want to provide your personal information?
You may choose not to disclose your personal information to us but it may limit our ability to deal with you, provide you with products and services or let you know about other products and services that might better suit your needs.
How do we use personal information?
We use your personal information to provide you with products and services (including third party products and services) you’ve applied for, to manage your account, and improve the service you receive. We also use this information to comply with our legal obligations.
This includes to:
- identify you
- assess your eligibility for a product or service
- provide and manage a product or service, including assisting you to complete online applications that are not completed, answering your enquiries, and complaints
- protect your accounts by identifying and investigating suspected fraud or other criminal activity
- tell you about other products and services that may be of interest to you;
- help us develop insights and conduct data analysis to improve the delivery of products, services, enhance our customer relationships and to effectively manage risks
- managing our rights and obligations regarding external payment systems
- understand your interests and preferences so we can tailor our products and services, including digital content
- improve the service we provide to you by identifying training and development opportunities for our employees and representatives
- meet our obligations or as authorised under applicable laws (such as the Anti-Money Laundering and Counter-Terrorism Financing Act)
- where you opt in, to help us to develop health programs for our health insurance members to treat a specific illness or condition or to offer services (e.g. in-home rehabilitation services)
Credit-related information we use
When you apply for a credit product, or act as guarantor for a person applying for a credit product, we collect information about you from credit reports provided by credit reporting bodies. We use this information, along with other credit-related information we have collected from you, to assess your application.
How we use your information to bring you new products and services
We may use your personal information to tell you about other products or services we think might benefit you. We may contact you in relation these products and services by a number of means, including by:
- social media
- advertising through our website
We respect the rights of our customers to choose the material they want to receive and how they wish to receive it, including by electronic means. You can therefore choose to receive only the materials you want or opt-out of receiving marketing information from us by calling 13 29 39.
Who do we disclose information to and why?
We may share your personal information within the Australian Unity Group. This enables us to provide you with information about other products and services within the group, and to offer a streamlined customer-experience between businesses within the group.
We may also provide your personal information to selected third parties outside the Australian Unity Group to assist us to provide you with products and services, deliver technology or other support for our business systems, refer us to new customers, or assist us with marketing and data analysis.
To protect your personal information we select service providers that we expect to comply with applicable Privacy Laws and to only use the personal information we disclose to them for the specific role we ask them to perform.
We also have contracts in place which set out the terms we expect our service providers to comply with, which include compliance with privacy and other Australian laws. Before, and during the contract, we may ask for information to satisfy ourselves that they can, and are complying with the terms of the contract.
For example, we may disclose personal information outside of the Australian Unity Group to:
- your representatives (including your legal adviser, accountant, mortgage broker, financial adviser, executor, administrator, guardian, trustee, funeral director (for funeral bonds), attorney or family member
- the holder of a health insurance policy (including sensitive and health information about benefits claimed under the membership unless you have requested that we not disclose this information)
- insurers and re-insurers
- authorised representatives and credit representatives who sell or arrange products and services on our behalf
- hospital and other health service providers, including to provide you with clinical services for a specific condition, such as in-home rehabilitation services
- financial services organisations, including banks, superannuation funds, stockbrokers, custodians, fund managers and contracted service providers
- payment systems operators (for example, merchants receiving card payments)
- our contracted service providers, agents and contractors (for example, mailing houses, technology service providers and cloud storage providers)
- other organisations, who we partner with to offer or provide products or services to you, or who provide analytical or marketing services to assist us improve the delivery of products, services, enhance our customer relationships and effectively manage risks
- our professional advisors such as financial advisers, legal advisers and auditors
- fraud bureaus or other organisations to identify, investigate or prevent fraud or other misconduct
- debt collectors
- external dispute resolution schemes
- regulatory bodies, government agencies and law enforcement bodies in any jurisdiction
We may also disclose your information to others where:
- we are required or authorised by law or where we have a public duty to do so; or
- you have expressly consented to the disclosure or the consent may be reasonably inferred from the circumstances.
Credit related information
When you apply for a credit product, or act as guarantor for a person applying for a credit product, we collect information about you from credit reports provided by credit reporting bodies.
To obtain a credit report we provide information to the credit reporting body:
- that identifies you
- the type of account you are applying for
- the amount you are applying for
- whether your credit is opened and closed
We may also provide information about the way in which you manage your account, such as:
- whether you make your repayments on time
- if you fail to make repayments
- you default on your obligations to repay your credit contract
- if you commit a serious infringement, such as fraudulent behaviour, or deliberately not making your repayments
Home loan customers
Do we disclose information overseas?
We may disclose your personal information to service providers located overseas (such as the United States, Canada, the United Kingdom, Ireland, India, Japan and the Netherlands).
When we do disclose or store information overseas we take reasonable steps to ensure that your information is provided with the same level of protection as it is within Australia.
We do this by only engaging with third parties located in a country which we believe has similar privacy laws to Australia, or by ensuring the third party is able to provide the same level of protection consistent with our Privacy Laws. We also have contracts in place which set out the terms we expect them to comply with, which include compliance with privacy and other Australian laws. Before, and during the contract, we may ask for information to satisfy ourselves that they can, and are complying with the terms of the contract.
Where you ask us to disclose information to an overseas recipient, we may not take the above steps in relation to the management of your information.
How do we hold and protect your information?
We will store most of the information we hold about you electronically. We store some of your information in secure data centres that are located in Australia and some with selected service providers (including cloud service providers) who may store your information outside Australia. Some information we hold about you will be stored in paper files.
We use a range of physical, electronic and other security measures to protect the security, confidentiality and integrity of the personal information we hold including:
- information security such as passwords to control access to computer systems
- privacy training for our employees so that they know how to keep your information safe and secure
- physical security such as locks and security systems, over our paper and electronic data stores and premises
- access management controls, to prevent unauthorised people accessing our systems
- firewalls, and intrusion detection software- security measures for our website and computer systems
- we also have in place processes designed to identify you when you deal with us by phone, online or face to face.
These processes are designed to ensure we only disclose your information to you, or someone properly authorised by you.
Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure, for example, if you feel that the security of any account you have with us has been compromised, please contact us immediately on 13 29 39.
What you can do to protect your information?
You need to keep your access details like your user name, password and PIN confidential and not share them or leave them somewhere that’s easy for others to access or find. Do not allow others to use your credentials and do not use words that are easily guessed e.g. “password123!”.
Where you allow others to use your credentials or where your credentials are used by others, we will assume that they are you.
Let us know immediately if you believe that there has been an unauthorised access to your information or use of your credentials.
You can also keep up to date with security information. You can find information at: Scamwatch
is a website run by the Australian Competition and Consumer Commission (ACCC). It provides information to consumers about scams.
ASIC’s moneysmart site provides consumers with information to manage their rel="noopener noreferrer" finances.
Where we no longer need your information, because we no longer need to keep it for a business purpose and the legal retention period for keeping this information has passed, we will either destroy or de-identify this information.
How we will handle a data breach
In the event of any loss, or unauthorised access or disclosure of your personal information that is likely to result in serious harm to you, we will investigate and notify you and the Office of the Australian Information Commissioner as soon as practicable, under Australian Privacy law.
Accessing your personal information
You can request access to the personal information we hold about you by calling 13 29 39 or writing to us. Your request should include a detailed description of the information required. We will need to verify your identify before giving you access.
We will try to provide you with the information you asked for within 30 days. We will keep you updated as to the progress of your request.
What happens if we cannot provide you access to information?
In some cases, we can refuse access or only give you access to certain information (such as if this access may interfere with the privacy of other individuals or if this access may reveal commercially sensitive information). If we are unable to provide you with access to your information, we will inform you of the reasons why.
Correcting your information
If you believe that the information we hold about you is inaccurate, incomplete or out-of-date, please contact us by logging on to our website or phoning us on 13 29 39.
If we disagree with the request for correction, we write to you to let you know why we do not agree.
Correction of credit-related information
If you believe that incorrect information was provided to us by a credit reporting body, or information we have provided to a credit reporting body is incorrect, we will contact the credit reporting body and other credit providers, to investigate the accuracy of your information.
This can take up to 30 days. If we need longer we will let you know why. We will also tell you when we correct the information.
If we do not agree that the information is incorrect we will write to you to tell you why, and tell you what you can do if you are not satisfied with our response.
Resolving your privacy concerns
If you need to resolve an issue or make a complaint about how we manage your personal information, you should contact us first and let us respond to your complaint. If you are not satisfied with our response there are other steps you can take.
1. Get in touch with us directly
Contact us directly on 13 29 39 or email us through the website www.australianunity.com.au/contact-us
2. Escalate your complaint to the Complaints Team
If you are not satisfied with our response ask to speak to our Complaints Team
3. Contact Australian Unity’s Privacy Officer
Group Privacy Officer
(Prior to 1 June 2019)
Australian Unity Limited
Level 14, 114 Albert Road
South Melbourne VIC 3205
(From 1 June 2019)
Australian Unity Limited
Level 15, 271 Spring Street
Melbourne VIC 3000
4. Contact an external body
If you have followed these steps and are not happy with the outcome you can contact external bodies:
If it is regarding personal information or credit-related information:
Office of the Australian Information Commissioner
GPO Box 5218, Sydney, NSW, 2001
Phone: 1300 363 992
Fax: +61 2 9284 9666
If you are an Australian Unity banking customer you can also contact:
Australian Financial Complaints Authority (AFCA)
GPO Box 3, Melbourne Vic 3001
Phone: 1800 931 678
Website: www.afca.org.au (you can make a complaint online)
Refusal of credit applications
We may refuse an application for consumer credit made by you individually or with other applicants.
Our refusal may be based on credit eligibility information obtained from a credit reporting body about you, another applicant or another person proposed as guarantor. If this occurs, we will give you written notice that the application has been refused on the basis of that information. We will tell you the name and contact details of the relevant credit reporting body and other relevant information.
Changes and getting a copy of the Policy
Credit eligibility information
means information that has been obtained from a credit reporting body, or that has been derived from that information, that is about an individual's credit worthiness.
means personal information that includes the following:
- information about an individual, like their name and address, that we may use to identify that individual;
- information about an individual's current or terminated consumer credit accounts and an individual's repayment history;
- the type and amount of credit applied for in any previous consumer or commercial credit applications to any credit provider, where that credit provider has requested information;
- information about an individual from a credit reporting body;
- information about consumer credit payments overdue for at least 60 days and for which collection action has started;
- advice that payments that were previously notified to a credit reporting body as overdue are no longer overdue;
- information about new credit arrangements an individual may have made with a credit provider, in relation to consumer credit currently or previously held, to deal with any defaults or serious credit infringements by that individual;
- information about court judgments which relate to credit that an individual has obtained or applied for;
- information about an individual on the National Personal Insolvency Index;
- publicly available information about an individual's credit worthiness; and
- an opinion of a credit provider that an individual has committed a serious credit infringement of credit provided by that credit provider.
means credit information, credit eligibility information and related information.