PBF (Australia) Pty Ltd
ABN 39 521 178 651 | AFSL 301359
Issue date: 31st October 2022
This Policy applies to PBF (Australia) Pty Ltd and all its employees, and contractors. The privacy of your personal information is important to us. We are committed to respecting your right to privacy and protecting your personal information. We are bound by the National Privacy Principles in the Privacy Act 1988 (Cth). Our employees and contractors are trained to respect your privacy in accordance with our standards, policies, and procedures.
About this Privacy Policy
In this Privacy Policy, PBF, we, us, and our means PBF (Australia) Pty Ltd.
This Privacy Policy outlines how we manage your personal information. It also describes generally the sorts of personal information held and for what purposes, and how that information is collected, held, used, and disclosed. Our Privacy Policy applies to all your dealings with us. We encourage you to contact us or check our website regularly for any updates to our Privacy Policy.
Why we collect personal information
We will collect and hold your personal information for the purposes of:
• providing general advice, PBF memberships and claims, and other services to you
• administering memberships and services which includes, answering your requests and managing complaints and disputes, managing claims, and making payments, varying memberships, and services, conducting market research, taking legal action relating to our PBF products and services and managing our relevant membership products
• letting you know about other products and services
• for any purpose for which you have given your consent
Dealing with us anonymously
You can deal with us anonymously where it is lawful and practicable to do so. For example, if you inquire generally about our memberships and services.
If you don’t provide your personal information to us, we may not be able to:
• provide you with the membership or service you want
• manage or administer your membership or service
• determine your eligibility for membership or assess a Member Benefit Payment claim
• personalise your experience with us, or
• let you know about other products or services that might better meet your needs.
Types of personal information we collect
The types of information that we may collect, and hold includes:
• name, contact details (including address, email, phone number), date of birth, height, weight, and gender
• Marital status
• Occupation and place of employment
• information about your interactions with us including complaints
• information required to assess and manage a Member Benefit Payment including medical and other health records
• sensitive information (see ‘Sensitive Information’ section below, and
• any other information we think is necessary for you or others to acquire membership or for us (or our service providers or insurer) to provide services or fulfil our obligations to you.
If you apply for one of our memberships, we will collect your payment information. We will also collect this information if we need to pay you a Membership Benefit Payment.
Sensitive information
Sometimes we need to collect and hold sensitive information about you, for example when are assessing a Member Benefit Payment claim made by you. This will generally include information about your health and spinal cord injury condition.
We will only collect sensitive information that is reasonably necessary for us to perform our functions or activities in advising and dealing with you.
How we collect personal information
We often collect personal information when you engage with us directly. For example, we might collect your personal information when you fill out a form with us, call us, meet with one of our team or use our website. See the ‘Online services’ section below for more information about our collection of personal information online.
Sometimes we collect information about you from other sources that may include:
• medical practitioners or medical facilities
• your relatives, friends, or your agent
• your employer or event co-ordinator
• social media platforms (e.g., if you log in for our services using your social media profile)
If you provide us with personal information about another person, you should obtain their consent to do so, having informed them of this Privacy Policy where appropriate.
Disclosing your personal information
We may disclose your personal information to the organisations described below.
• those involved in providing, managing, or administering any aspect of your membership or service under which you receive or may receive a Member Benefit Payment, doctors and other medical and occupational experts
• medical professionals, medical facilities or health authorities who verify any health information you may provide
• service providers that maintain, review, and develop our business systems, procedures, and technology infrastructure, including testing or upgrading our computer systems
• mailing houses who assist us to communicate with you
• other organisations involved in our normal business practices, including our agents and contractors, as well as our accountants, auditors or lawyers and other external advisers
• Government and regulatory authorities and other organisations, as required or authorised by law, and
• where you have given your consent to disclose your personal information.
Storage and security of your personal information
We store information in different ways, including in paper and electronic form. The security of your personal information is important to us, and we take reasonable steps to protect it from misuse and loss and unauthorised access, modification, or disclosure. Some of the measures that we have adopted are having facilities for the secure storage of personal information, electronic security systems (such as firewalls and data encryption on our website) and having secure access controls for our computer systems.
We may store personal information physically or electronically with third party data storage providers or our service providers. Where we do this, we use contractual arrangements to ensure those providers take appropriate steps to protect that information and restrict the uses to which they can put that information.
It is a legislative requirement that we keep all personal information and records for a period of 7 years. Should you cease to be a member of ours, we will maintain your personal information on (or off) site in a secure manner for 7 years. After this, the information will be destroyed.
Direct marketing and how to opt out
Unless you opt-out we may to the extent permitted by law use or disclose your personal information to let you know about our memberships and services that we believe may be of interest to you.
You can let us know at any time (see ‘Contact Us’) if you wish to opt-out of receiving direct
marketing offers. We will process your request as soon as practicable.
You may also be able to opt-out by following the instructions in particular direct marketing communications.
Job Applicants
If you are applying for a job at PBF, or you are a prospective candidate or referee for a job applicant, we may collect your personal information for recruitment purposes including to assess your suitability for a current or future employment or contractor position.
If we don’t obtain the personal information, we are seeking from you we may not be able to process your application for a role or let you know of new career opportunities in your field of experience.
We may collect your information from, and/or disclose your information to, other organisations for any purposes for which we use your information. Where your personal information is disclosed, we will seek to ensure that the information is held, used, or disclosed consistently with the Privacy Act and any other applicable privacy laws and codes.
The types of organisations we may disclose your information to include:
• those involved in managing, validating, or administering your application and employment.
• employment agencies, referees, counsellors, and assessment agencies.
• organisations that conduct background checks or monitor employee conduct.
• law enforcement agencies and your current, previous, and prospective employers; and
• organisations involved in maintaining, reviewing, and developing our business systems, procedures and infrastructure including testing or upgrading our computer systems.
We may also disclose your information:
• to your representatives including your legal advisers.
• as required or authorised by law, for example, to government or regulatory bodies (in some instances these regulatory bodies may be overseas); and
• where you have given your consent.
Keeping your personal information accurate and current
Please contact us if your details have changed or if you think there is something incorrect with the information, we hold about you.
We’ll try to accommodate your updating of information requests where we can. If we can’t, then we’ll let you know in writing. If you disagree, you may ask us to make a note of your requested correction with the information.
Gaining access to your personal information
You can gain access to your personal information. This is subject to some exceptions allowed by law. Should we refuse you access to your personal information, we will provide you with a written explanation for that refusal. If we decline your request for access, we will tell you why in writing. If you have concerns, you may complain. See ‘Resolving your privacy concerns’ below.
To request access to your personal information, please contact our Chief Executive Officer (see ‘Contact Us’ below). We may charge you a small fee to cover our costs when giving you access, but we’ll always check with you first.
Online Services
When you use our website, email communications, social media profiles and other online services (together, ‘Online Services’), we may collect information about your location or activity including information accessed, IP address, telephone number, device identifiers, social media profile information and whether you’ve accessed third party sites.
We take care to ensure that the personal information you give us online is protected. For example, our website may have electronic security systems in place, including the use of firewalls and data encryption. User identifiers, passwords or other access codes may also be used to control access to your personal information.
We may use cookies. Cookies are small data files that are downloaded from our online platforms and stored on your computer when you visit our Sites. The cookie helps us to maintain the continuity of your browsing session and remember your details and preferences when you return. Your computer’s web browser will allow you to configure your computer to refuse to accept cookies. You can also delete cookies from your computer’s hard drive at any time. See allaboutcookies.org for instructions on deleting and rejecting cookies for many common browsers.
Some of our Online Services may allow you to submit content (such as feedback and comments on our products and services) for public sharing. If you choose to do this, your content may be viewed by other users of the Online Services and may be stored and disseminated on an ongoing basis by search engines and other third parties, even after you remove the content or set it to “private”. We may use your content submitted for publication for promotional purposes or any other purpose.
We may use technology such beacons, tags, scripts, and tracking pixels to collect, store and use anonymous data about how you use our website / mobile technology. This includes your server address, the date and time of your visit, the pages and links accessed, the type of browser used and other information about your browsing activities. This data is used to increase functionality and can also enable us to display information and content that is tailored to our understanding of your interests. This information alone cannot be used to discover your identity.
You may be able to access external websites by clicking on links we have provided. Those other websites are not subject to our privacy standards, policies, and procedures. You will need to contact or review those websites directly to ascertain their privacy standards, policies, and procedures.
Notifying you of certain data breaches
A data breach occurs when personal information held by us is lost or subjected to unauthorised access or disclosure. If we suspect or know of a data breach, we will take immediate steps to limit any further access or distribution of the affected personal information or the possible compromise of other information.
When we have reasonable grounds to believe that a data breach is likely to result in serious harm – for example identity theft, significant financial loss or threats to physical safety we will notify individuals at likely risk as soon as practicable and make recommendations about the steps they should take in response to the data breach. We will also notify the Office of the Australian Information Commissioner.
Notifications will be made using our usual method of communicating with you such as by a telephone call, email, SMS, physical mail, social media post, or in-person conversation. If we are unable to contact you, (or your nominated intermediary) by any of the above methods we will publish a statement on the front page of our website and place a public notice on our reception desk.
Resolving your privacy concerns
If you have any issues you wish to raise with us or would like to discuss any issues about our Privacy Policy, please contact our Chief Executive Officer(CEO). Our CEO will investigate the issue and determine the steps we will undertake to resolve your complaint. We will contact you if we require any additional information from you and will notify you in writing within 30 days of the determination of our CEO.
Online: https://www.pbf.asn.au//make-a-complaint/
Email: [email protected]
Phone: 1800 809 780
Mail: Chief Executive Officer PBF (Australia) Pty Ltd, PO Box 538, Floreat WA 6014
If you are not satisfied with the outcome of your complaint, you are entitled to contact the Office of the Australian Information Commissioner.
Online: www.oaic.gov.au
Phone: 1300 363 992
Mail: Director of Complaints, Office of the Australian Information Commissioner GPO Box 5218, Sydney NSW 2001