Privacy Statement

 

Purpose

We know that how we collect, use, disclose and protect your information is important to you, and we value your trust. That’s why protecting your information and being clear about what we do with it is a vital part of our relationship with you.

The purpose of this Privacy Policy is to inform our clients and any users of our website about how we comply with the requirements of the New Zealand Privacy Act 2020 (“the Privacy Act”) in managing personal information. Please note that when you contact us through our website, you are agreeing to this Privacy Policy. If you do not agree with this Privacy Policy, please call us on 0800 119 465.

What is your personal information, and where do we collect it from?

Personal information is defined in the Privacy Act as information about an identifiable individual (a natural person as opposed to a company or other legal entity). For the purposes of this policy, this is information relating to a member of a Group Insurance scheme.

The types of personal information we collect will vary depending on the nature of your dealings with us but we only collect personal information that is necessary.

We generally collect information directly from you via your emails and paper communications, via phone or video calls with you or from publicly available sources.

In other cases, we collect personal information from:

  • The spouse, partner or family member of the scheme member (provided they are covered by the policy or the information is not deemed to create ‘harm’ under the Privacy Act).

  • As a member of a Group Scheme or a prospective member, we may also collect information from your employer about your membership in the Scheme or your contact details to offer you membership into the scheme. This information will include date of birth and gender, and (in some cases) employment start and end dates, occupation, and level of salary. The release of this information to Primus Brokers is covered by the policies and procedures of the employer.

  • Information provided by the product provider/insurer (applications, claims and approvals).

Health Service providers’ normal practice would be to release information to you as the member, which you may then choose to release to us for the purposes of administrating a claim or review process.

We are not responsible for the privacy or security practices of the other parties and the parties described above (such as your employer, your insurer(s), and your medical advisers) are not covered by this Privacy Policy.

What do we do with your personal information?

Any personal information you provide to us may be used to:

  •  Check whether you are eligible for the product or services offered by us.

  •  Facilitate those services.

  •  Assist you with the administration of your policy, including providing your insurer with information you have asked us to pass on.

  •  Assist you at the point of submitting a claim. 

Who could we disclosure your personal information to?

In certain circumstances, we may disclose your personal information to others outside Primus Brokers, for example:

  • The member (you).

  • The spouse, partner or family member of the scheme member (provided they are covered by the policy or the information is not deemed to create ‘harm’ under the Privacy Act).

  • The owner of the Group scheme (provided the information is not deemed to create ‘harm’ under the Privacy Act – for example, we do not disclose your personal medical information to your employer unless we have obtained your express permission to do so).

  • The product provider/ insurer.

  • External auditors and compliance advisers.

  • Our external disputes resolution service.

  • The regulator.

We may disclosure your personal information to the parties noted above in the following circumstances:

  • When it is necessary to enable us to achieve the purpose that we collected the information for.

  • When you have expressly consented to the disclosure or your consent can be reasonably inferred from the circumstances.

  • When we are required or authorised by law, or where we have a public duty to do so.

  • When we are permitted or required to disclose the information under the Privacy Act 2020.

  • When an external service provider carries out a compliance audit or review in order to ensure that we meet the required industry standards.

How do we store and protect your information?

We take all reasonable steps to make sure your information is secure and to prevent unauthorised disclosure of either hardcopy or electronic records.

We use third party service providers to store and process most of the information we collect. Our two primary sources of storage are Microsoft Azure cloud servers (based in Australia) and a New Zealand cloud-based CRM system (hosted by Microsoft Azure cloud services, based in Australia). We ensure that our cloud-based service providers are subject to appropriate security and information handling arrangements and that the information stored or processed by them remains subject to confidentiality obligations.

What if there is a privacy breach?

We work hard to keep your personal information safe. However, despite applying strict security measures and following industry standards to protect your personal information, there is still a possibility that our security could be breached. If we experience a privacy breach, where there is a loss or unauthorised access or disclosure of your personal information that is likely to cause you serious harm, we will, as soon as we become aware of the breach:

  • Seek to quickly identify and secure the breach to prevent any further breaches and reduce the harm caused.

  • Assess the nature and severity of the breach, including the type of personal information involved and the risk of harm to affected individuals.

  • Advise and involve the appropriate authorities where criminal activity is suspected.

  • Where appropriate, notify any individuals who are affected by the breach (where possible, directly).

  • Where appropriate, put a notice on our website advising our clients of the breach.

  • Notify the Privacy Commissioner, if appropriate.

Right to access, correct and delete personal information

You have the right to request access to, correct and, in some circumstances, delete your personal information. Please contact us on 0800 119 465 or email info@primusbrokers.co.nz

When you contact us with such a request, we will take steps to update or delete your personal information, provide you with access to your personal information, and/or otherwise address your query within a reasonable period after we receive your request. To protect the security of your personal information, you may be required to provide identification before we update or provide you with access to your personal information.

We are only able to delete your personal information to the extent that it is not required to be held by us to satisfy any legal, regulatory, or similar requirements.

There is no fee for requesting that your personal information is corrected or deleted or for us to make corrections or deletions. In processing your request for access to your personal information, a reasonable cost may be charged. This charge covers such things as locating the information and supplying it to you.

There are some circumstances in which we are not required to give you access to your personal information. If we refuse to give you access, or to correct or delete your personal information, we will let you know our reasons, except if the law prevents us from doing so.

If we refuse your request to correct or delete your personal information, you also have the right to request that a statement be associated with your personal information noting that you disagree with its accuracy.

If we refuse your request to access, correct or delete your personal information, we will also provide you with information on how you can complain about the refusal.

What happens if you do not provide us with your information?

If you do not provide information we have requested, you may be unable to obtain or access our services for which the information is required. Please ask us if you are unsure why the information is important and how this might affect you.

Changes to this Privacy Policy

We review this Privacy Policy periodically to keep it current. If the changes are significant, we may advise you directly. Our Privacy Policy will remain available on our website but you may also obtain a copy of the latest version by calling Primus Brokers on 0800 119 465.

Privacy Policy queries and concerns

If you are concerned about how your personal information is being handled or if you feel that we have compromised your privacy in some way, please contact us on 0800 119 465 or via e-mail at info@primusbrokers.co.nz 

We aim to resolve complaints as quickly as possible. We strive to resolve complaints within five working days, but it is possible that some complaints may take longer to address. If your complaint is taking longer, we will let you know what is happening and a date by which you can reasonably expect a response.

If you are not satisfied with our response to any privacy related concern, you may lodge a complaint on the Privacy Office website (www.privacy.org.nz) or send a complaint form to the Privacy Commissioner at: 

Office of the Privacy Commissioner

P O Box 10-094

Wellington 6143, New Zealand

Fax: 04- 474 7595

Email: enquiries@privacy.org.nz

Telephone: 0800 803 909

Website: www.privacy.org.nz