Privacy & Security
The protection and privacy of your personal information is a priority to us. This means handling your personal information in a responsible manner in accordance with the Privacy Act and the Australian Privacy Principles.
Online Security Statement
We take the protection of your personal information very seriously, so we regularly revise and update our security measures to keep your information private and meet industry standards.
Steps we take to protect your personal information
- We encrypt your information as it travels between your computer and our computers. We use a form of Transport Layer Security (TLS) to stop anyone intercepting your information.
- Your personal information is stored on computer systems which are protected by a combination of firewalls, secure logon processes, encryption and intrusion monitoring technologies.
- We use a recognised payment service provider to process any insurance payments you make using this website. This service provider is committed to protecting your personal information on our behalf.
- In certain circumstances we will collect and use your IP address to protect the security of our website.
- We regularly test our websites and infrastructure for vulnerabilities and take action where needed.
- We apply security patches to software provided by vendors.
Steps you can take to protect your personal information
It’s still very important that you take some steps to help keep up security when you’re online:
- Protect your personal information, such as usernames, passwords and policy details, by not allowing anyone to see you entering them, and avoid public Wi-Fi usage.
- Notify us as soon as possible if you become aware of any security breaches.
- Use a strong password for your account. Try to think of something that is easy to remember, but hard to guess, such as a passphrase.
- Change your password regularly and try not to reuse the same password on more than one site.
- Don’t let your browser save your password for our websites.
- Be wary of websites, emails or phone calls that claim to be from us. Please contact us if you are unsure.
- Keep an eye on your accounts and check for any unauthorised transactions.
- Keep your devices up to date with firewall enabled, anti-malware software, anti-virus software and security updates.
How do you make sure you’re going to the right website?
- Always go directly to our website by typing the address www.cgu.com.au rather than following links found in emails or elsewhere online.
Keeping safe with email
- Never disclose personal, financial or debit/credit card information by email. Contact us if you’re unsure of the legitimacy of any email that appears to have come from us.
- We will never ask for sensitive or personal information such as usernames, passwords or policy details if you haven’t asked for our help first.
By helping us with these things, we can both work to make your world a safer place. To report any concerns around the security or privacy of your information please email email@example.com.
Read more at StaySmartOnline, an Australian Government online safety and security website.
Insurance Australia Limited ABN 11 000 016 722 trading as CGU Insurance (CGU) (“We/us/our”)
Last updated on January 2018
You do not have to provide us with your personal information, but if you do not do so we may not be able to provide you with our products or services.
The personal information we collect
We collect the information necessary for us to provide you with the products and services you have requested from us, and to manage your claims.
We will only collect your sensitive information if you have provided us with consent to do so. Where practicable, we will give you the option of interacting with us anonymously.
The personal information we collect and hold generally includes your name, address, date of birth, and contact details (such as your phone number, fax number and/or email address).
However, we may also collect and hold other information required to provide services or assistance to you, including your gender, employment, details of your previous insurances, sensitive information (such as health information and criminal records), claims history, your personal assets and those of your spouse or partner.
How we collect your personal information
We may collect your personal information in various ways, including via telephone, our website, hard copy forms or email. Whenever you choose to deal with us directly, we will where possible collect this information directly from you.
However, there may be occasions when we collect your personal information from someone else. This may include your broker or financial adviser, CGU authorised representatives, other insurers, employers, our distributors, agents or related entities, medical practitioners and rehabilitation providers, another party involved in claim, investigators, family members, anyone you have authorised to deal with us on your behalf, and/or our legal advisers.
How we use your personal information
We only use your personal information for the purpose for which it was provided to us, related purposes as set out in this Policy and as permitted by law. Such purposes include:
- responding to your enquiries;
- providing you with the assistance you requested of us, our products and services (for example, processing requests for quotes, applications for insurance, underwriting and pricing policies, issuing you with a policy, managing claims, processing payments, etc);
- maintaining/administering your account and policies and processing payments you have authorised;
- processing your survey or questionnaire responses for the purpose(s) notified in the survey or questionnaire (if you have chosen to participate in such);
- for market research so that we can better understand our customers' needs and tailor our future products and services accordingly;
- providing you with marketing information regarding other products and services (of ours or of a third party) which we believe may be of interest to you if you opt-in to receive such information;
- quality assurance and training purposes; and
- any other purposes identified at the time of collecting your information.
However, we will only use your sensitive personal information for the purposes for which it was initially collected, other related purposes as set out in this Policy or purposes to which you otherwise consent.
If you are not a customer; for example, if you are a medical practitioner, investigator, expert, claimant or other third party), your information will only be used for the specific purpose or claim for which it was provided to us, unless you have consented to other uses.
How we disclose your personal information
Where appropriate we will disclose your information to our related entities and third parties who provide services to us or on our behalf, including:
- insurance advisers (such as CGU authorised representatives and insurance brokers);
- mailing houses and marketing companies;
- insurance reference bureaux, underwriters and re-insurers (and their representatives);
- other insurance providers;
- any credit providers that have security over your property;
- in the case of some claims (or likely claims), assessors, investigators, your employer, medical practitioners, rehabilitation and other health providers;
- our external IT service providers, infrastructure and other third party service providers;
- government bodies, regulators, law enforcement agencies and any other parties where required by law; and
- our related entities so that they can also offer you products and services if you have opted-in to receive such information.
We will only disclose your sensitive information for the purposes for which it was initially collected as set out in this Policy, other directly related purposes or purposes to which you otherwise consent.
For workers compensation insurance in Victoria and New South Wales, personal information (including sensitive information) that is collected, will not be used or disclosed to others for direct marketing, customer or market research purposes unless the information is collected for the purpose of meeting (directly or indirectly) an obligation under the Victorian or New South Wales contractual obligations and the use or disclosure is necessary to meet (directly or indirectly) such an obligation.
If you have a worker’s compensation claim in New South Wales or Victoria, we will not disclose your personal or sensitive information outside of Australia when it is collected in connection with an injury/condition to which the workers compensation claim relates.
Security of your personal information
We take reasonable steps (including any measures required by law) to ensure your information is protected and secure. For any insurance payments you make via our websites, we use a recognised payment service provider that is required to take reasonable steps to protect your information.
We also take reasonable precautions to ensure that any information you provide to us through our websites is transferred securely from our servers to our mainframe computers, including through use of Secure Sockets Layer (SSL) protocols.
However, no data protection and security measures are completely secure. Despite all the measures we have put in place, we cannot guarantee the security of your information, particularly in relation to transmissions over the internet.
Accordingly, any information which you transmit to us is transmitted at your own risk. You must take care to ensure you protect your information (for example, by protecting your usernames and passwords, policy details, etc) and you should notify us as soon as possible after you become aware of any security breaches
Accuracy, access and correction
We take reasonable steps to ensure the information we collect and hold about you is accurate, complete and up-to-date. However, we rely on you to advise us of any changes to your information or corrections required to the information we hold about you.
Please let us know as soon as possible if there are any changes to your information or if you believe the information we hold about you is not accurate, complete or up-to-date.
We will, on request, provide you with access to the information we hold about you unless otherwise required or permitted by law. We will notify you of the basis for any denial to access your information. We may ask you to complete a ‘Personal Information Access Request Form’ which can be found on this webpage and may charge you a service fee for retrieving and sending the information to you.
What if you have a complaint?
We will refer your complaint to our Customer Feedback Team who will investigate the issue and determine the steps we will undertake to resolve your complaint. We will contact you if we require any additional information from you and will notify you in writing of the determination made.
If you are not satisfied with our determination, you can contact us to discuss your concerns or complain to the Office of the Australian Information Commissioner via www.oaic.gov.au
How to contact us
Toll free line Monday to Friday on 1800 801 241 or on 13 24 81
While overseas +61 3 9601 8222