PRIVACY POLICY

Introduction
InterRISK Australia Pty Ltd (InterRISK) respects the privacy of personal information that it collects and is committed to managing that information responsibly. From 21 December 2001, we are bound by the Privacy Act 1988 (Cth). It sets out standards to be met in the collection, use, disclosure and handling of personal information.

This Privacy Policy outlines how we manage personal information. It applies to any personal information you provide to InterRISK and any personal information we collect, use, disclose or handle about individuals from other sources. It does not apply to our employee records which are not subject to the Act. Any updates of our Privacy Policy can be accessed via our website or by contacting one of our offices.

Information collection
We will only collect and hold personal information that is necessary for us to have to attend to your insurance, risk management and related needs. This will include such information as your name, age, address, contact details, gender, employment, income, health and medical history, insurance and claims history, information about the subject matter of the insurance, credit card details and other relevant information. We generally collect personal information directly from the relevant individual but in some cases we may collect it indirectly from a third party. We will only collect sensitive information if you consent or other requirements under the Privacy Act have been met.

Information use & disclosure
We only use and disclose your personal information in accordance with the terms of the Privacy Act. We use the personal information collected principally for the purpose of assessing and advising you on your insurance needs, approaching the insurance/reinsurance market and placing your insurance, handling insurance claims or for risk management. This may include identifying and providing you with information about other products or services that may help you to understand and make decisions about your insurance, risk management and related needs.

Where necessary, we may disclose information about you to third parties. For example, information may be provided to insurers, reinsurers, insurance intermediaries, service providers, finance providers, consultants, advisers and agents. If you are proposing for insurance or renewing insurance, relevant or material information must be disclosed to the insurer under your legal duty of disclosure (for this purpose a special Duty of Disclosure notice will be provided to you).

We have a duty to maintain the confidentiality of our clients' affairs, including personal information. Our duty of confidentiality applies except where disclosure of personal information is with our client's consent or compelled by law.

Keeping information accurate
We endeavour to ensure that information we hold about you is accurate, complete and up-to-date whenever we collect, use or disclose it. We will provide you with copies of insurance policies, schedules, benefit statements, renewal notices and invoices that show many of the items of primary information that we hold, and give you the opportunity to identify any incorrect information. It is therefore important that you check these insurance documents carefully. In some instances, you (or another party on your behalf) will be asked to complete insurance declarations annually to update information.

To assist us to keep your personal information accurate and up-to-date, please also advise us of any changes as they occur.

• confidentiality requirements on our employees
• policies on document storage security
• security measures for access to our systems
• only providing access once proper identification has been given
• controlling access to our premises

Openness
This Privacy Policy sets out how we manage your personal information and protect your privacy. Should you require further information in relation to the sort of personal information we hold and our management of this information, please contact our Privacy Officer, identified at the end of this document.

Access & correction
You have a right to access any personal information that we hold about you on written request, unless precluded by the Privacy Act. If we do not provide you with access, we will provide you with reasons for the refusal. If you determine that the information we hold about you is incorrect, we will take reasonable steps to correct the information.

Should you require access to your personal information please contact your account executive or our Privacy Officer. You may be required to provide suitable identification to enable us to protect the security and privacy of your personal information.

Transfer of information overseas
We may transfer your personal information overseas where it is necessary for the purposes described above. For example, some insurers are based overseas and we need to provide your personal information to them to arrange your cover.

Dealing with us anonymously
Our operational and legal obligations will generally require that you identify yourself to us in order for us to provide insurance broking and risk management services to or on your behalf.

Opting out of receiving Marketing Information - If we send you any information about services or products, or you do not want us to disclose your personal information to any other organisation (including related bodies corporate) you can opt out by contacting your InterRISK representative.

Complaints or concerns
If you have any complaints or concerns about privacy matters, please advise our Privacy Officer in writing as follows:

C/- The Privacy Officer
InterRISK Australia Pty Ltd
Level 1, 7 Macquarie Place
SYDNEY NSW 2000
Telephone: (02) 9346 8050