AIA Australia Limited (ABN 79 004 837 861 AFSL 230043) is part of the AIA Group. Among the most important assets of AIA Group is the trust and confidence that is placed in AIA companies to properly handle information. Customers expect us to maintain their information accurately, protect against manipulation and errors, secure from theft, and free from unwarranted disclosure. AIA Australia Limited is bound by privacy principles (otherwise known as the Australian Privacy Principles) which apply to private sector organisations under the Privacy Act 1988 (Cth), and other laws which protect your privacy.
Collection of Personal Information – general
We collect Personal Information in a range of circumstances including when you contact or transact with us, make an enquiry, obtain a quote or use or request our products or services, either directly or through your representatives or intermediaries (including without limitation, your financial adviser and the Australian Financial Service Licensee they represent, the distributor of your insurance policy, the trustee or administrator of your superannuation fund, your employer, unions of current and former staff members of ours (including contractors) or anyone acting on your behalf including any other representative or intermediary) (“Representatives”). The types of Personal Information we collect may include your name and contact details (e.g. address, telephone number), identifying information (e.g. date of birth, driver’s licence, passport, birth certificate), email address, residency, demographic and profile information (sex, age, etc.), information provided by you directly or through your Representatives (including but not limited to, information provided in an application, claim or other information submitted in respect of your insurance or prospective insurance), AIA Vitality membership or other product application, or business relationship with us), tax file number, transactional and financial information (including but not limited to your use of cards and other facilities, income, payment and banking information and annual household income), family and beneficiary information, insurance claims information, work, occupation and pastimes, superannuation and membership information, information contained in your social media profiles and some sensitive, lifestyle, health and medical-related information.
In addition to the above, we may also collect Personal Information in specific circumstances applicable to your situation as described below.
Use and disclosure of Personal Information – general
We may exchange your personal information with:
- our Affiliates and/or intermediaries;
- partners (including but not limited to partners used in co-branded activities or business initiatives and entities with which AIA Australia has partnered in relation to the AIA Vitality program);
- accountants and financial institutions you nominate;
- reinsurers, where we reinsure any insurance cover we provide or offer or propose to provide to you;
- any employee, agent, service provider, contractor or third party who provides administrative or other services to AIA Australia or any Affiliates or partners. Those services may include health, insurance and reinsurance, archival, auditing, accounting, customer contact, call centres, legal, business consulting, banking, payment, delivery, data processing, data analysis, information broking, research, investigative, website or technology services, professional advisors, program administrators and partners, statement producers, mail houses, email and print services, advertising agencies, technology, data and email storage and servers, backup and cloud computing providers, and other service providers as may be deemed necessary by AIA Australia from time to time;
- publicly available sources, social media and other blogs, other websites you may visit and virtual communities and networks where people create, share or exchange information;
- your Representatives in respect of your insurance or AIA Vitality membership;
- the trustee or administrator of a superannuation fund and/or your employer;
- health professionals, medical providers and hospitals, dietitians, pharmacists, fitness trainers and rehabilitation providers;
- the policy owner (where you are a life insured who is not the policy owner) and the life insured (where you are the policy owner who is not the life insured);
- any other party with which we have an arrangement for the promotion and sale of products offered or distributed by us; and
AIA Australia may also exchange Personal Information with law enforcement agencies or government authorities and their agents (including those that are based overseas) where exchange is authorised or required by law, or where AIA Australia holds the view that such exchange is necessary to avoid or reduce the impact of action or conduct by such agencies, authorities or their governments that would be adverse to AIA Australia or its customers, to report illegal activity or to co-operate with lawful information requests (where we are authorised by law).
Some of the third parties to whom we may disclose Personal Information, including but not limited to our reinsurers, Affiliates, service providers and partners used in our activities and business initiatives, may be located in other countries and you agree that while they will often be subject to confidentiality or privacy obligations, they may not always follow the particular requirements of Australian privacy laws and by providing Personal Information to us or your Representatives, submitting or continuing with your claim, or otherwise interacting or continuing your relationship with us, you confirm that you agree and consent to, and acknowledge that, Australian Privacy Principle 8.1 (which relates to cross-border disclosures) will not apply to the disclosure, we will not be accountable for those overseas parties under the Privacy Act and you may not be able to seek redress under the Privacy Act. The countries may include:
- the United States;
- Canada, including to our third party service provider who assists us to investigate, manage and prevent suspected improper conduct such as fraud;
- South Africa;
- the United Kingdom;
- members of the European Union
- Bermuda; and
- Hong Kong, Singapore, Malaysia, Philippines and other the countries in which AIA Group companies operate (see http://www.aia.com.au/en/individual/about-aia.html),including to our Affiliates, AIA Vitality Company Limited, and their respective service providers, Affiliates and business partners;
- and in each case to third party providers with offices or servers located there. We are also subject to a range of legal and regulatory obligations which may require us to impose contractual privacy controls on overseas parties handling Personal Information on our behalf.
Please also see below for information about how we keep your Personal Information secure.
In addition to the above, we may also collect, use and disclose your Personal Information in specific circumstances applicable to your situation as described below.
Our customers (including potential and former customers)
We collect, use and disclose your Personal Information for purposes including, but not limited to, processing your application (including for insurance, AIA Vitality membership or other product application), for underwriting purposes, the assessment and processing of claims and any other administration relevant to any policy issued by AIA Australia, administration of the AIA Vitality program or other programs / initiatives, reinsurance, conducting research and development relevant to our products and services, statistical, prudential, actuarial and reporting purposes, and other purposes we notify to you. We may exchange your Personal Information with your Representatives for the purposes outlined in this policy. We may at times permit your Representatives to provide, access, receive, review and update the Personal Information about you in respect of your application, claim, insurance or AIA Vitality membership with us over the telephone, email or online.
AIA Vitality members (including former and potential AIA Vitality members)
We collect, use and disclose your Personal Information for purposes including, but not limited to, assessing and/or processing your AIA Vitality membership application, registration and activation, communicating with you, your Representative and/or the policy owner of your policy regarding your AIA Vitality membership (including without limitation by disclosing Personal Information such as lifestyle, health and medical information that relates to your AIA Vitality membership and other information such as your AIA Vitality status, membership number, whether you have completed certain activities, tests and/or assessments of the AIA Vitality program, whether you have purchased and/or used certain devices and/or accessories, your engagement in the AIA Vitality Program or whether you have visited or used certain AIA Vitality partners to earn AIA Vitality points), administration of your AIA Vitality membership, provision of health and wellbeing activities, tests and assessments (including to assess results against previous activities, tests and assessments) and benefits including discounts, cashbacks and rewards, payments relevant to your AIA Vitality membership, and conducting research, analysis and development relevant to your engagement in the AIA Vitality Program, products and services offered by us, our Affiliates and partners of the AIA Vitality program, facilitating your use of the Website and other purposes we notify to you.
If you also own or are insured under any of our insurance products, and provide medical and health related information to us in relation to your AIA Vitality membership, we will take steps to ensure this information is kept separate from the underwriting and claims departments of AIA Australia who are responsible for any future underwriting or claims decisions. Under no circumstances will AIA Australia be deemed to have knowledge of any AIA Vitality-related information in respect of its underwriting and claims functions. In accordance with your statutory duty of disclosure, you are still therefore obliged to disclose any of this information to the extent it may be relevant in the event of any future application for insurance cover (including increased or varied cover) or changes to existing insurance cover with AIA Australia.
If you are also an employee of AIA Australia, Personal Information you provide solely as part of your AIA Vitality membership will be accessed by personnel of AIA Australia and third parties for the purpose of administering the AIA Vitality program and as otherwise set out in this policy. Where practicable, access to AIA Vitality-related Personal Information will be limited to those personnel who are directly or indirectly involved with the AIA Vitality program. AIA Vitality-related Personal Information will not be used in making decisions relating to your employment with AIA Australia (including hiring decisions).
We may collect your Personal Information from, and exchange your Personal Information with, your Representatives, AIA Vitality partners or other providers of health and wellbeing checks and assessments (including but not limited to, dietitians, pharmacists and trainers) and benefits (including but not limited to discounts, cashbacks and rewards) under the AIA Vitality program, AIA Vitality Company Limited (incorporated in Hong Kong) and Discovery Holdings Limited (incorporated in South Africa) and the Affiliates and third parties service providers of these entities. We may also copy your Representatives in email communications sent to you in respect of your AIA Vitality membership and the AIA Vitality program. Where you are a life insured who is not the policy owner, we may also at times provide and exchange Personal Information about you to the policy owner of the eligible insurance policy under which you are insured or provide and exchange Personal Information about the policy owner of the eligible insurance policy to you, the life insured. We may at times permit your Representatives to provide, access, receive, review and update the Personal information about you in respect of your insurance or AIA Vitality membership with us over the telephone, email or online.
Our staff (current and former, including contractors)
We collect, use and disclose your Personal Information for all purposes relating to your current or former employment or engagement including, but not limited to, assessing your suitability, engagement, training, disciplining, payroll, superannuation, health and safety, administration, insurance (including WorkCover) and staff management purposes, AIA Vitality membership, internal and external publications and other purposes that we may notify to you. We may exchange your Personal Information with law enforcement and background checking or employment screening agencies and educational or vocational organisations to verify your qualifications and whether you have a criminal record in certain circumstances, our distributors and clients, your health service providers, your Representatives (including unions) and our service providers including providers of online services, recruitment, payroll, banking, staff benefits, staff rewards and share programs, surveillance and training services.
We may also collect, use, disclose or exchange other types of Personal Information and may conduct or engage background checking or employment screening agencies to conduct other checks under applicable AIA Australia and AIA Group policies and in certain circumstances, we may exchange the results of background checks and employment screening information with our distributors and clients for the purposes of assessing your suitability for employment or engagement.
We collect Personal Information as part of your job application including your qualifications, experience, professional memberships, achievements and work history.
We collect, use and disclose your Personal Information for purposes including, but not limited to, assessing your application, assessing you for a position or positions with us or our Affiliates, assessing your suitability (including whether you are suitable to progress to each stage of the recruitment process for a position), storing your information for future job opportunities and other purposes we notify to you.
We may exchange your Personal Information with our Affiliates, recruitment agencies, online service providers, organisations that conduct competency or psychometric tests, referees, current and previous employers, law enforcement and background checking or employment screening agencies and educational or vocational organisations to verify your application details and whether you have a criminal record in certain circumstances.
We may also collect, use, disclose or exchange other types of Personal Information and may conduct or engage background checking or employment screening agencies to conduct other checks under applicable AIA Australia and AIA Group policies.
Our Website and emails
If you visit our Website to read, browse, sync, upload or download information, our system may record information such as the date and time of your visit to the Website, the pages accessed and any information uploaded, downloaded or synced. This information is used for purposes including statistical, reporting and website administration and maintenance purposes and to help us better manage, analyse and develop our Websites, communications and products.
Like many other websites, our Website may use ‘cookies’ from time to time. A cookie is a piece of information that allows our system to identify and interact more effectively with your device. The cookie helps us to maintain the continuity of your browsing session and remember your details and preferences when you return. You can configure your web browser software to reject cookies however some parts of our website may not have full functionality in that case.
You can find more details in the privacy policies for the services we use, including information on how to opt-out of certain conduct.
If you are considering sending us any other Personal Information through our Website or other electronic means, please be aware that the information may be insecure in transit, particularly where no encryption is used (e.g. email, standard HTTP). We are subject to laws requiring us to protect the security of Personal Information once it comes into our possession.
The Website may contain links to other sites. We recommend that you carefully read and familiarise yourself with all relevant terms and conditions, privacy practices, policies and guidelines of those sites (as amended from time to time) and select the privacy and security settings that you are comfortable with. We are not responsible for the consent, security, privacy practices, policies or guidelines of those sites.
- our name;
- your email address;
- your profile picture and other photos;
- usernames, aliases, pseudonyms or login IDs;
- your telephone number;
- your postcode / suburb / state of residence;
- your mailing address;
- your company name, job title and industry;
- your gender;
- other information contained in your profile such as your education, relationship status, sexual preference, religious views, political views and links to online properties and other social media accounts;
- comments you make or submit and any responses to such comments (including our responses and the responses of any other person or through a competition, giveaway, event or activity run by us or one of our Affiliates or partners); and
- information about your interactions with us on social media platforms, including the date and time of your visit, which parts of our social media pages you visited and what information or material you viewed or downloaded. This information is used for statistical, reporting, administrative and maintenance purposes.
We recommend that, before using social media to interact with us, you carefully read and familiarise yourself with:
You may choose to communicate or interact with us (to ask general enquiry type questions) anonymously or by using a pseudonym. Please be aware that this may reduce our ability to interact with you. In some circumstances we are often governed by strict regulations that require us to know who we’re dealing with. In general, we won’t be able to deal with you anonymously or where you are using a pseudonym when:
- it is impracticable; or
- we are required or authorised by law to deal with you personally.
We take reasonable steps to protect Personal Information from misuse, interference and loss including by implementing physical, technical and administrative security standards to secure and protect your Personal Information from unauthorised access, modification or disclosure. Steps we take can include, but are not limited to, implementing and imposing:
- confidentiality requirements on our employees and other representatives, as well as third parties;
- policies on document storage security;
- security measures for access to our systems;
- identification procedures prior to providing access to information;
- control on access to our premises; and
- website protection security measures.
Retention / Destruction
When all of our legal obligations to retain your information have expired, or we no longer need your information for a purpose permitted under law, we will take such steps as are reasonable to destroy or de-identify it.
Accessing and updating your Personal Information
You have the right to access the Personal Information we hold about you, and can request the correction of your Personal Information if it is inaccurate, incomplete or out of date. Requests for access or correction should be directed to our Compliance Manager (see ‘Contact us’ below). We may also, at our discretion, permit your Representatives to access the Personal Information we hold about you and request its correction if it is inaccurate, incomplete and out of date.
Please note that in relation to Personal Information provided via social media, we can only provide access to or correct information held by us. You must direct requests for access to or correction of personal information held by the social media platform provider directly to the relevant platform provider.
We will generally respond to requests for access as soon as possible or at least within 14 days. If a request is straightforward, we will often grant access within 14 days or, if the request is more complicated, within 30 days. We may need to verify your identity before providing access.
In some circumstances, AIA Australia may not permit access to your Personal Information where, for example, such access would be unlawful or denying access is authorised by law. In these cases, AIA Australia will provide you with written reasons for a denial of access or refusal to correct Personal Information. If you disagree with our refusal to correct your Personal Information, you can ask us to append an explanatory note to the information.
If you have any questions or concerns about your Personal Information, please contact our Compliance Manager as set out below:
The Compliance Manager
AIA Australia Limited
PO Box 6111
Melbourne VIC 3004
Phone 1800 333 613
AIA Australia has established an internal dispute resolution process for handling customer complaints (including matters involving compliance with privacy laws). This dispute resolution mechanism is designed to be fair and timely to all parties and is free of charge. If you have a complaint about AIA Australia's handling of your Personal Information, you should submit it in writing to the Compliance Manager at the address specified above AIA Australia’s Internal Dispute Resolution Committee will handle any escalated complaints that cannot be addressed at an operational level. AIA Australia aims to resolve your complaint within 45 days of receipt.
If you are a current or former employee or contractor of ours, any complaint about company compliance with privacy laws will be handled in the manner described in the applicable Human Resources policy or procedure where available.
If your complaint is not resolved to your satisfaction by our internal dispute resolution process, you may take your complaint to the:
Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992
Last Updated 11 December 2015
AIA Australia Limited ABN 79 004 837 861 AFSL 230043
Copyright © 2016, AIA Group Limited and its subsidiaries. All rights reserved.
Confidential and proprietary information.