Privacy Policy

1. Scope of Application and basic principles

This statement applies to Personal Information collected by Rapid Solutions Holdings Pty Ltd, ("the Group") and its subsidiaries. The Group’s broking services under Rapid Brokers Pty Ltd operate as an authorised representative of Ausure Pty Ltd and as such utilise its recommended Privacy Policy and disclosure to clients. The Group and its subsidiaries comply with requirements of the Privacy Act 1988 (Cth) which includes the Australian Privacy Principles (APPs), and where applicable, State or Territory legislation in relation to health information.

The Group will only collect, use or disclose your Personal Information in accordance with the Act and this Privacy Policy.

The Group is committed to protecting the privacy of your Personal Information and would like to inform you of when we save which data and how we use such data. The Group and its subsidiaries are bound by the Australian Privacy Principles (“APP”) set out in the Privacy Act 1988 (Commonwealth) (the "Act"). The Group will only collect, use or disclose your Personal Information in accordance with the Act and this Privacy Policy.

Personal Information is information or an opinion, recorded in a material form or otherwise, whether true or not, about an individual whose identity is apparent or can reasonably be ascertained from the information or opinion.

Sensitive Personal Information includes health information and information about a person's race, ethnic origin, political opinions, membership of political, professional or trade associations, religious or philosophical beliefs, sexual preferences, criminal history, biometric information used for automated biometric verification or identification and biometric templates.

The Group will only collect Personal Information from you that is necessary for the Group to perform its functions and activities or if legally obliged to do so. We use personal information to provide insurance services, including policy processing, underwriting, payment of claims and other activities relating to our business.

 

2. Personal Information Collected, Held, Used and Disclosed

The Group collects personal information from you in a number of ways and depending on the services you require:

  • Telephone enquiries made by you or us;
  • Policy proposal or application forms for our services;
  • Website (including the use of cookies, on-line chat functionality and third party advertising technologies); and
  • Email enquiries made by you or us.

The types of information may include, but are not limited to the following: 

  • (a) name and date of birth;
  • (b) contact details, including telephone number, address, email address and fax number (if applicable);
  • (c) information relevant to your application for any insurance policy (if applicable) including, without limitation, claims history, industry licences or qualifications;
  • (d) information relevant to you making a claim (if applicable) including your policy number, details and dates of relevant inspections and treatments, name and address of the claimant, details of the claimant's allegations and your response to those allegations;
  • (e) bank account or credit card details for payments; and
  • (f) information about the Services you require from us.

The Group takes all reasonable steps to protect your Personal Information it holds from misuse and loss and from unauthorised access, modification and disclosure. These steps may include password protection for electronic files, securing paper files in locked cabinets and physical access restrictions. The Group may provide staff training in relation to the methods we use to protect your Personal Information.

When your Personal Information is no longer required by the Group for the purpose for which the information was collected, the Group will take reasonable steps to destroy or permanently de-identify your Personal Information by deleting electronic files or destroying paper records in a secure manner including shredding the paper record.

 

3. Guidelines for Personal Information

The Group will only collect information from you by lawful and fair means with your consent and not in an unreasonably intrusive way. While the Group will normally collect Personal Information directly from you, it may also collect your Personal Information indirectly through marketing agents or through a Related Body Corporate or subsidiary.

You may contact the Group anonymously, however if you do so and do not disclose Personal Information requested by the Group, it may not be able to provide you with all or part of the Services. The Group requires a duty of disclosure from clients to enable it to determine whether to insure a client or not. Without requested Personal Information, such a decision, advice or information may not be able to be provided.

If you provide information to the Group about someone else (such as one of your employees or someone with whom you have had dealings) you must ensure that you have advised the third party of the terms of our Privacy Policy. You must ensure that you are entitled to disclose that information to us and that, without taking any further steps required by privacy laws, the Group may collect and use such information for the purpose for which it has been collected.

We may send you direct marketing using your personal information advising you about our services. You can contact us to opt out of any direct marketing free of charge.

When you visit a website or mobile app of the Group or its subsidiaries, we will only collect your Personal Information when you choose to provide it. For example by setting up a company profile, an account or purchasing any report writing services. You may visit the Group or its subsidiary websites and mobile app anonymously. Statistical information is collected each time you visit Group websites and the mobile app to enable us to calculate such things as the number of site visitors and time and duration of site visits. This information is collected for the purpose of evaluating the performance of the website and mobile app. No individual website user is identified however website visits may be tracked via cookies if cookies are enabled by you. However you may set your browser to refuse cookies.

The Group does not generally collect Sensitive Personal Information. We will not collect Sensitive Personal Information about you without your consent or as otherwise required or permitted by law. Furthermore, the Group will not adopt, use or disclose an identifier assigned to you by any other organisation (for example a tax file number or any other unique identifying number or sequence) except to the extent required or permitted by law.

If the Group receives unsolicited personal information and it determines it would not have collected such information if it solicited it, as soon as practical and if lawful, it will destroy the personal information.

 

4. Use and Disclosure of Personal Information

The Group will not use or disclose your Personal Information except in accordance with this section. If the Group uses or discloses your Personal Information then, to the extent required by law, it will ensure that:

(a) you have consented to the use of your Personal Information. For example;

  • Using cookies and third Party Advertising technologies to tailor advertising that we believe would be of interest to you;
  • Enable and use website functionality; and
  • Marketing activities if you opt in;

(b) the use or disclosure is required or authorised by or under law; or

(c) the use or disclosure is otherwise required or permitted by law (for example, as a necessary part of an investigation of suspected unlawful activity).

The Group may need to disclose your Personal Information to the following entities:

  • a Related Body Corporate or subsidiary;
  • its Employees, Agents and suppliers;
  • its consultants and professional advisers;
  • its insurance providers including, without limitation, Pacific International Insurance Pty Limited, its New Zealand office and its reinsurance counterparties;
  • Government and law enforcement agencies;
  • a potential acquirer of the Group or its issued shares or an investor of the Group; and
  • debt collection services.

You consent to the Group disclosing your Personal Information to the above persons. Where the Group discloses your Personal Information to these parties, it will use all reasonable endeavours to ensure these parties comply with the terms of this Privacy Policy.

We may also use your Personal Information to send promotional material to enable us to manage your ongoing requirements and our relationship with you. This may include occasional notification of new services, special offers, events or articles on insurance matter we think will be of interest to you. If you would rather not receive such communication you can opt out via the contact options in section 8.

We currently use the following marketing and analytics features on our website.

  • Web chat platform
  • Facebook pixel, and
  • Integrated services that require Google Analytics to collect data via advertising cookies and anonymous identifiers

We use these features to:

  • Manage our relationship with you
  • Identify and tell you about other products and services that we think may be of interest to you, and
  • Administer our products and services.

Whilst we believe these features are beneficial to you when interacting with Rapid Solutions, you may wish to disable the Google features. You can do so via the following link https://tools.google.com/dlpage/gaoptout/.

We may also collect, use and exchange information with third parties in line with this policy and as permitted by law, including third parties such as brokers, agents, insurance companies, reinsurance intermediaries and other companies who provide services for us in connection with our company operations.

 

5. Access and Correction of Personal Information

You may request access to your Personal Information at any time. Prior to giving you this information the Group will take steps necessary to determine your identity. The Group will provide you with access to your own Personal Information wherever possible and within a reasonable time, except to the extent that:

  • (a) providing access would pose a serious and imminent threat to the life or health of any individual;
  • (b) providing access would have an unreasonable impact upon the privacy of other individuals;
  • (c) the request for the information is frivolous or vexatious;
  • (d) the information relates to existing or anticipated legal proceedings between the Group and you and the information would not be accessible by the process of discovery in those proceedings;
  • (e) providing access would reveal our intentions in relation to negotiations with you in such a way so as to prejudice those negotiations;
  • (f) providing access would be unlawful;
  • (g) denying access is required or authorised under law;
  • (h) providing access would be likely to prejudice:
  • (i) an investigation of possible unlawful activity or misconduct;
  • (j) the prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of law involving a penalty or sanction or other prescribed law;
  • (k) one or more enforcement related activities conducted by, or on behalf of, an enforcement body, performing lawful security activities in relation to the matter; and
  • (l) information generated by the Group in connection with a commercially sensitive decision making process.

In circumstances where information is withheld in connection of a commercially sensitive matter, the Group may give you an explanation for the commercially sensitive decision rather than direct access to the information.

The Group will not charge you for providing access to your Personal Information if you wish to inspect a file. However if you want a photocopy of your Personal Information it may charge you reasonable photocopying charges.

If the Group does not provide you with access to your Personal Information because of any of the reasons set out above, it will give you a reason for the refusal or consider whether the use of mutually agreed intermediaries will allow sufficient access to meet the needs of both parties. If you are unhappy with the decision you can take the matter further by contacting the Privacy Officer.

The Group will take all reasonable steps to ensure your Personal Information it collects, uses or discloses is accurate, complete and up to date. These steps include updating your Personal Information when the Group is advised by you that your Personal Information has changed and at other times as are necessary. If the Personal Information the Group holds about you is not accurate, complete or up-to-date, we will correct your Personal Information to ensure that your personal information is correct within a reasonable time. To correct or update your Personal Information you can contact the Group via the options in section 8

 

6. Resolving Privacy Issues or Concerns

If you have any questions relating to this Privacy Policy or you believe we have failed to maintain the privacy of your Personal Information as per this policy or APP guidelines, please contact the Group’s Privacy Officer as outlined in section 8. The Privacy Officer will address your concerns promptly in line with the Breach of Privacy Procedures to ensure an independent and transparent process is undertaken when responding to complaints or concerns from clients.

 

7. Disclosing Personal Information to Overseas Recipients

As the Group’s insurance underwriter, (Pacific International Insurance Pty Limited (PIIPL) also has operations in New Zealand, your Personal Information may be disclosed and held there. PIIPL may also be required to disclose your personal information to its reinsurers as part of providing your service. The Group will not disclose your Personal Information to any other foreign entity that is not subject to a comparable information privacy scheme, except with your consent or as otherwise required or permitted by law.

If personal information is transferred to countries outside Australia that do not have legislation similar to the Privacy Act, we will take steps to ensure that adequate measures are taken by our clients to protect the personal information before it is transferred.

 

8. Privacy Officer and Contact Details

The Group’s office and Privacy Officer can be contact via the below options:

Address: PO BOX 550 KOTARA NSW 2289

Telephone: 1300 309 169

Email: insurance@rapidsolutions.com.au

Fax: 02 4954 3660

 

9. Breach of Privacy Procedures

A breach of privacy occurs where there has been unauthorised access to, or unauthorised disclosure of, personal information about one or more individuals

AND this event could allow serious harm to an individual:

  • Financial harm that could allow identity theft or fraud (e.g. Loss of financial data, credit card information, etc.)
  • Any other harm that, if the information was disclosed, could be deemed sensitive by that person and may subject them to discriminatory treatment, humiliation or damage to their reputation (e.g. health and other private information)
  • Harm may be physical, psychological, emotional, economic and financial harm, as well as serious harm to reputation 

What happens after a breach?

If a breach occurs we must, within 30 days of any breach or data loss, notify all affected customers and the Government Privacy Commissioner and disclose the information involved. We must also advise the affected customers what they should do to protect themselves.

The Breach of Privacy procedure sets out the process that the Group will undertake in order to address any complaints made regarding breaches of the Privacy Act 1988 and State or Territory legislation in relation to health information.

A person may make a complaint if they have concerns about how we have dealt with their personal information. For example, this could include complaints about our collection, retention, use or disclosure of their personal information.

Process for addressing complaints regarding a breach should be completed within 30 days unless there are exceptional circumstances and based on the following steps:

  1. Receive complaint and refer immediately to the Privacy Officer
  2. Acknowledge complaint: the Privacy Officer will acknowledge complaint in writing within 3 business days and confirm:

    a. The complaints process

    b. The contact person and details

    c. The expected timeframes

    d. Confirmation of the complaint being made and

    e. Requesting any further information that may be required from the complainant

  3. Investigate complaint: the Privacy Officer will investigate or appoint an investigator to look into the complaint. The investigator must be a person who has no direct involvement in the subject matter. The purpose of the investigation is to reach a fair and independent view of the issues raised with the aim to resolve the complaint.
  4. Respond and resolve complaint: The Privacy Officer will advise the complainant in writing of the outcome of the investigation, including whether it was found there was a breach of Australian privacy law, and the proposed resolution.

If it is found there was a breach, the steps for resolving the complaint include, in consultation with the complainant:

  • a. Offering an apology
  • b. Explaining how we will develop or amend our policy/procedure
  • c. Training/education for employees where appropriate.

If there is no breach, the reason for that finding is to be provided in writing to the complainant, including specifying the relevant parts of the applicable legislation on which the finding is based.

If the Privacy Officer is unable to communicate the decision and outcome within the 30 business days, the Privacy Officer must make the complainant aware of the circumstances.

Breaches of the Privacy Act will be reported to the RSH Board.

Complaints where the Complainant remains dissatisfied with the response will be escalated to the CEO and the Board Risk Committee to adjudicate on the matter.

All final written responses must set out that if the complainant is not satisfied with the response, a complaint may be made to the Office of the Australian Information Commissioner at:

GPO Box 5218, Sydney NSW 2001

Ph: 02 9284 9666

Email: enquiries@oaic.gov.au