Privacy Policy

At Canopy Insurance, we are committed to protecting your privacy and maintaining the confidentiality of the personal information you provide us in accordance with the Privacy Act 1988 (Cth) (‘the Act’) and the Australian Privacy Principals (APPs).

This privacy policy sets out how we collect, store, use and disclose your personal information (including sensitive information). It also details our complaints procedure and how you can access the personal information we hold about you.

In this document the terms “Canopy Insurance”, “we”, “our” or “us” refer to Canopy Insurance Pty Ltd (ABN 28664242406) who is a Corporate Authorised Representative (AR No. 1301345) of Windsor Income Protection Pty Ltd (ACN 147905888 | ABN 56104714171 | AFSL No. 400598).

Your Consent

By providing us with your personal information, you consent to us collecting, storing, using and disclosing your personal information as set out in this policy.

What is Personal Information?

‘Personal Information’ is information or opinion about an individual whose identity is apparent or can easily be ascertained from the information or opinion.

‘Sensitive Information’ is a form of Personal Information, it may include information or an opinion about an individual's racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, or criminal record.  It also includes health information.

What Personal Information do we collect, hold and use?

When we arrange insurance or manage a claim on your behalf, we may collect personal information from you.  We will, if it is reasonable or practicable to do so, collect your personal information from you.  In some cases, we will collect your personal information from other parties, such as employers, superannuation funds, associations/unions insurance brokers, doctors, health professionals or government agencies. You can choose not to provide us with some of the details or all of your personal information, but this may affect our ability to provide the cover, administer the insurance or assess and manage a claim.

Personal information collected may include your name, date of birth, gender, postal and email address, telephone number, Medicare number, bank account details, taxation information, information obtained from any questionnaire which we may ask you to complete, health fund number, previous employment history, occupational health history and medical records or other information we consider necessary to provide our services to you.

Why do we collect Personal Information?

We will collect personal information for the primary purposes of arranging insurance, managing a claim or a customer complaint. We and our representatives (including our service providers) collect information about your insurance requirements, claim or complaint details, some of which may be personal information.

We provide this personal Information to other parties such as insurers, underwriting agencies and those appointed to assist us in arranging insurance or processing a claim.

How we collect Personal Information

We may collect personal information about you or other individuals directly or via other parties in several ways including:

  • our website or online forms

  • by telephone

  • in writing, including hard copy forms

  • by email

How we will use this Personal Information

We use personal information arrange insurance and to manage claims. In doing so, we may use personal information to:

  • Arrange insurance requirements

  • Investigate and assess claims

  • Contact You about any matters relating to a claim

  • Answer enquiries and /or process any approved payments

  • Report or obtain information from regulatory authorities (i.e. ATO, Medicare, Centrelink or the Department of Health and Aged Care)

We will not sell, trade or rent your personal information to others.

Disclosure of your Personal Information

We will only disclose your personal information where it is required or reasonable to provide a service to you. Where appropriate, we will disclose your personal information to any other parties as defined above or any other entities as notified to you at the time of collection.

You authorise us to contact such other parties for the purposes of providing you with the services that you have requested.

Other than when required or permitted by law, as specified in this Privacy Policy or where you have provided your consent, we will not disclose your personal information for any other purpose.

Disclosure of your Personal Information overseas

Some of the other parties may be located outside of Australia such as the United Kingdom and Europe. In all instances where Personal Information may be disclosed to third parties who may be located overseas, we will take reasonable measures to ensure that the overseas recipient holds and uses your personal information in accordance with the consent provided by you and in accordance with our obligations under the Act and the APPs.

Your obligations when you provide Personal Information of others

If you provide Personal Information about another individual to us, you have their authority to do so and you have made them aware that you will or may provide their personal information to us, the types of other parties we may provide it to, the relevant purposes we and the other parties we disclose it to will use it for, and how they can access it. If you have not done or will not do either of these things, you must tell us before you provide the relevant information.

If we provide you with personal information, you and your representatives must only use it for the purposes we have agreed to. Where relevant, you must meet the requirements of the APPs when you collect, use, and handle personal information on our behalf.

You must also ensure that your agents, employees, and contractors meet all of these requirements.

Accuracy of your Personal Information

We aim to ensure that your personal information we collect is accurate, complete and up to date.  If you believe your personal information is not accurate, complete or up to date, please contact us. We do not charge to update your personal information.

Gaining access to your Personal Information

You may make a request to access your personal information, we will provide you with access to the personal information we hold about you, unless otherwise required or permitted by law within a reasonable time after the request is made.

Security of your Personal Information

We take reasonable steps to protect any personal information that we hold from misuse, interference and loss, and from unauthorised access, alteration and disclosure. All our staff are trained in privacy procedures and it is a condition of their employment that they comply.

We hold the information we collect from you in our computer system and in our hard copy files. We maintain physical security over our paper and electronic data and premises, by using locks and security systems. We also maintain computer and network security; for example, we use firewalls (security measures for the Internet) and other security systems such as user identifiers and passwords to control access to computer systems where your information is stored.

However, data protection measures are never completely secure and, despite the measure we have put in place, we cannot guarantee the security of your personal information. You must take care to ensure you protect your personal information (for example, by protecting any usernames and passwords). You should notify us as soon as possible if you become aware of any security breaches.

We use service providers that maintain your data offsite to enable us to work and provide our services to you. Our service providers adhere to data security requirements and hold data security certifications.

How long do we retain your Personal Information?

We keep personal information only for as long as is reasonably necessary for the purpose for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements.

Marketing and Surveys

We may use your Personal Information to contact You through direct marketing, sharing events, special offers or articles that We believe may be of interest to You.

We may use Your Personal Information to contact You to conduct a survey to gain feedback on how We may improve Our group business or services. These results may be shared with third parties and any data would be de-identified. All survey requests are voluntary and by completing them, You have provided Your consent for Us to use the results as described. Occasionally We may use these results in a manner different to what is described above, in these instances We would inform You and obtain Your consent beforehand.

You may opt-out at any time if You do not wish receive marketing material or participate in surveys.

How to make a complaint

If you wish to make a complaint about how we have treated your personal information, please contact our office. Any complaint in writing, by email or in person will be referred immediately to our Privacy Officer who will investigate the issue and determine the steps that we will undertake to resolve your complaint.

We will acknowledge receipt of your complaint within 1 business day and do our utmost to resolve the complaint to your satisfaction within 10 business days.

If you are not satisfied with our determination, you can contact us to discuss your concerns or complain to the Australian Privacy Commissioner via www.oaic.gov.au.

Updating this Privacy Policy

We may make changes to this policy as a result of operational or legislative changes. When changes are made to this policy the updated policy will be uploaded to our website and the effective date updated accordingly.

Dealing with us anonymously

You may be able to deal with us without identifying yourself (i.e. anonymously or by using a pseudonym) in certain circumstances, such as when making a general enquiry of us. If you wish to do so, please contact us to find out if this is practicable in your circumstances. However, if you do not provide us with all your personal information it may affect our services to you.

How to contact us

If you have a query relating to our privacy policy, please contact our Privacy Officer during business hours (Mon-Fri, 9am - 5pm) at the details below:

Privacy Officer

Effective Date: 05/12/2024