error_outline IMPORTANT error_outline
Home / Extra information / Privacy Policy

Privacy policy

Last update: November 2024

Contents

1. Introduction
2. Your Personal Information
3. How we collect your personal information
4. How we collect your sensitive and health information
5. Use, transfer, handling and sharing of your personal information
6. Transferring personal information overseas
7. Protecting your personal information
8. Marketing our products and services
9. Your privacy on the internet and when using mobile devices
10. Your rights
11. Contact us
12. Customers from EEA and UK
 

1. Introduction

Cover-More Group Limited (“Cover-More”) is a travel insurance, medical assistance and data analytics company. It owns Cover-More Insurance Services Pty. Ltd. (ABN 95 003 114 145, AFSL 241713), Freely Insurance Services Pty Ltd (ABN 41 622 132 530), Travel Insurance Partners Pty Ltd (ABN 73 144 049 230, AFSL 360138) and World Travel Protection Pty Ltd (ABN 80 079 071 579). For more information about Cover-More, including a complete list of the companies it owns, please see https://www.covermoregroup.com. In this Privacy Policy (“Policy”), a reference to “we”, “our” or “us” is a reference to Cover-More and the companies it owns.

This Policy outlines how we manage your personal information. It describes generally the type of personal information held and for what purposes, and how, that information is collected, held, used, disclosed and destroyed or de-identified. This Policy is reviewed at least annually and may be amended from time to time by posting the amended version on our website.

Cover-More is committed to the safe and careful use of your personal information. We take reasonable steps to protect any personal or sensitive information you provide to us from misuse, interference, loss, unauthorised access, modification or disclosure. We will always be open and transparent with you about how we handle your personal information.

For further information on privacy in Australia, please visit the website of the Office of the Australian Information Commissioner ("OAIC") at www.oaic.gov.au.

2. Your Personal Information

Personal information is any information able to identify or reasonably identify you. Sensitive information is personal information able to reveal a person’s racial or ethnic origin, political opinions or associations, religion or philosophical beliefs, trade union memberships, genetic and biometric data, data concerning a natural person’s sex life or sexual orientation, health information. Health information is any information related to your state of physical or mental health.

We will only collect, use, store and transfer (“process”) your personal information to assist or enable us to perform one or more of our functions or activities. We only process the personal information we need to provide travel insurance and travel related products and services, including assistance when you travel, and only where such information is adequate, relevant and limited to what is necessary in relation to our functions or activities.

The type of information we process varies depending on the type of product or service we provide to you. For example, the information we will process when you subscribe a travel insurance policy is different to the information we will process if you make a claim on a travel insurance policy or require assistance when travelling or when accessing and using any mobile applications or web portals. This information may include information about a permanent or temporary medical condition that you have or health information in general.

We may collect and hold the following personal information (including sensitive and health information):

  • your name, address, phone number, email and other relevant contact details;
  • your date of birth;
  • your travel plans;
  • information about your medical history and the medical history of any other person you wish to insure;
  • health information, about anyone who requires assistance under their travel insurance policy;
  • information about the medical history of any person that results in a claim that we have to assess;
  • information about claims you make or wish to make under your travel insurance policy;
  • your bank account details so that we may pay your claim;
  • the last eight digits of your credit card so that we may recover any monies payable under the travel insurance provided by the credit card company;
  • other information required to administer the product or services you have requested including determining a claim;
  • any details contained within identity documents provided to us including government identifiers such as a passport number and Medicare card number;
  • the type of medical and non-medical assistance you have been provided by either us, our service providers or your own medical practitioner;
  • employment and income information for cancellation and loss of income claims;
  • background and credit checks (for authorised representatives and suppliers only);
  • IP addresses of computers and mobile devices;
  • information about your computers and mobile devices and your use of them, including the type of browser, or operating system you use, your domain name, access time, referring website addresses and page views;
  • any information contained within our mobile applications, including location and motion sensor data.

3. How we collect your personal information

We collect personal information from and on behalf of customers, business partners, suppliers, employers (relating to corporate policies), other insurers and third-party service providers.

We will, if it is reasonable or practicable to do so, collect your personal information directly from you. This may happen when you fill out an application form for travel insurance or request a variation to your travel insurance policy, become one of our representatives, make a claim, request assistance or register to access and use one of our mobile applications or web portals. This may occur over the phone, via email, a website, mobile application or through one of our agents or partners.

In certain circumstances, we collect your personal information from third parties. For example, we may need to collect personal information from your representative (such as a legal guardian), your travel consultant, the primary policy holder, your travel companion (particularly during an emergency when requesting assistance services) or another organisation. If your employer is the applicant on a corporate policy, we may collect your details from your employer.

If you are an authorised representative or third-party service provider, we may obtain information from a credit reporting agency or your agency group head office.

When you interact with our website, mobile applications, Facebook page and other pages that we own and manage, we will automatically collect technical information such as your browsing actions and IP addresses. We collect this information by using cookies and other similar technologies as explained within the relevant section below. In addition, when you enter a competition or promotion on our website, mobile application or on our other Internet pages, we will collect personal information about you only for the specific competition or promotion, and we will not further process such information for different purposes.

If we collect information by means not already explained in this Policy, we will take reasonable steps to inform you.

4. How we collect your sensitive and health information

Your health information, such as pre-existing medical conditions, is generally required to arrange travel insurance and travel related products and services, to make a determination on a claim or to provide you with medical assistance.

If you provide health information to your agent or consultant to provide to us as part of the travel insurance policy application or claims process, we rely on you having provided them with your consent to disclose this information to us. In addition, when you provide personal information, including sensitive information, about other individuals on your travel insurance policy, we rely on you to inform them of the information you are providing, how we will use, hold, collect and disclose this information and on you obtaining their consent.

If we do not have your consent, we will not collect your sensitive personal information. This is subject to some exceptions including where the collection, use and disclosure of the information:

  • is necessary for the provision of emergency assistance;
  • is required by law; or
  • is necessary for the establishment, exercise or defence of a legal claim.

5. Use, transfer, handling and sharing of your personal information

A. To Provide You with Products and Services

We use your personal information to provide you with the relevant products or services you have requested including:

  • assessing your travel insurance application, including your eligibility for discounted travel insurance;
  • identifying you, to manage and administer the product or service;
  • facilitating the purchase of your travel insurance policy;
  • making variations to your travel insurance policy, at your request;
  • assessing and paying a claim;
  • to provide you with assistance when travelling;
  • to provide you with access and use of our mobile applications or web portals; or
  • to provide you with an analysis of your health and lifestyle based on information in your Health Trackers.

When handling claims, we only use the personal information which is relevant to making a decision about the claim.

We may use or disclose your personal information for another purpose that is compatible and directly related to the primary purpose for which it was collected. Otherwise, we will only use your personal information for a secondary purpose if you have consented to that use or disclosure, the use or disclosure is required by law or an enforcement body, to take appropriate action in relation to suspected unlawful activity or serious misconduct, or to provide assistance in a medical emergency.

We use and, in some instances, disclose your personal information when we, or third parties appointed by us, provide the following services:

  • identifying you and other travel insurance policy holders;
  • arranging and managing your travel insurance with us, including payment of your travel insurance policy;
  • assessing an application for a product, including assessing any existing medical conditions;
  • evaluating, managing, processing and paying an insurance claim;
  • recovering monies due by other insurers;
  • evaluating the emergency care and assistance you require;
  • providing medical and non-medical assistance, including settling costs on your behalf;
  • dealing with enquiries or complaints;
  • monitoring and improving the services provided by us and our agents or service providers, the products we provide or our operations;
  • planning, product development and research purposes and to seek feedback on products and services (including those products and services offered by others on our behalf);
  • carrying out market analysis and research and product and pricing analysis and development;
  • enhancing our services for our website visitors;
  • conducting internal investigations in relation to crime and fraud prevention, detection or prosecution;
  • training our staff;
  • to identify and develop products or services that may interest you and market them to you (unless you ask us not to do so);
  • carrying out accreditation or certification activities;
  • processing orders or applications to become a customer for our additional products and services;
  • carrying out credit checks, credit reporting and compliance checks through ASIC on our authorised representatives and suppliers;
  • carrying out debt-recovery functions;
  • managing and authenticating customer data; and
  • providing you with access and use of our mobile applications or web portals.

B. Sharing Personal Information for the Provision of our Products and Services to you

We may share your personal information with a third party to fulfil service or product obligations to you, or if it is required or permitted under law or in an emergency situation.

Before discussing with any third party such as a relative or companion the progress of a claim or the medical and non-medical assistance that we provide to you, we will obtain appropriate consent from you, your parent or guardian, power of attorney or executor.

Below are the types of entities we may collect your personal information from and may disclose your personal information to (this is not an exhaustive list):

  • the insurer and any re-insurers;
  • co-insureds on any travel insurance policy, so we may confirm details of the insurance;
  • your travel agent, broker or the consultant who sold you the travel insurance;
  • your employer (if a corporate policy);
  • claims administrators;
  • investigators, in relation to claims;
  • translators, for claims and assistance;
  • goods replacement suppliers to settle your claim;
  • banks and foreign currency providers to settle your claim;
  • payment processing service providers;
  • transportation and accommodation providers;
  • travel consultants and wholesale travel agencies;
  • medical practitioners and specialists;
  • medical providers such as hospitals;
  • emergency assistance providers;
  • security providers and consultants;
  • family members in the event of a medical emergency;
  • witnesses, when making a claim;
  • record management and storage businesses;
  • information technology and system administration providers;
  • companies who perform statistical analysis on our behalf;
  • customer survey businesses and mystery shopping agencies;
  • accreditation or certification organisations;
  • our professional advisors including lawyers, accountants, tax advisors and auditors;
  • debt collection agencies and other parties that assist with debt-recovery functions;
  • police, law enforcement bodies and courts as required or authorised by law;
  • regulatory or government bodies for the purposes of resolving customer complaints or disputes both internally and externally or to comply with any investigation by those bodies;
  • insurance reference bureaus;
  • data retrieval agencies;
  • credit providers or credit reporting agencies (if you are our authorised representative or supplier); and
  • printing, mail and distribution companies.

C. Sharing Personal Information for Analysis Services

To provide you with a more personal experience, such as providing you with products and services that are relevant to you, we may use and disclose your personal information for the purposes of providing, administering, improving and personalising products and services for you. To do this, we may exchange, share and combine personal information (we will only share sensitive information if we get your express consent) that we have collected from you (or disclosed to us). We may share your personal information with our related entities, our business partners and service providers to assist with services such as data processing and matching, data analysis, data monetisation services, information broking, business consulting, and research (“analysis services”). We may use such analysis services to also help us improve our products and services, the way we sell our products and services to you and to help us improve customer experience by understanding purchasing trends, your interests, relevancy of products and services and how you would respond in relation to products, services and offers from us or third-party providers.

Where possible, we carry out the above activities by using anonymous or aggregated information, so that you will not be identifiable from the information. However, where some of these activities involve processing your information without anonymising it, we may need to get your consent. You are free to withdraw such consent at any time by contacting us using the contact details at Section “Contact Us” below.

The business partners and service providers we use to provide us with analysis services will generally be situated in Australia but may be situated in other countries. Before disclosing, exchanging or sharing such information, we take steps to ensure that our business partners and service providers are obliged to protect the privacy and security of your personal information and use it only for the purpose for which we disclosed it.

D. Minors’ Personal Information

We also process the types of personal information listed at Section 2 above, as they may apply, of individuals under 18 years of age in order to provide them with our services and products and for the other purposes listed above. Personal information of minors is disclosed by minors’ parents or guardians and we do not collect personal information directly from minors. We recognise that minors’ privacy rights merit specific protection and we have put in place appropriate organisational measures to ensure that we obtain at all times appropriate consent from minors’ parents or guardians. For further information on how we process minors’ personal information, please do not hesitate to contact us using the contact details at Section “Contact Us” below.

E. Marketing

We may use personal information to send you material about our other products or services and our business partners’ products and services (as more specifically described in “Marketing our products and services” below), provided you have consented to such use.

When we are provided with the results of our analysis services, we, our business partners or service providers may provide marketing communications and targeted advertising to you on an ongoing basis by telephone, electronic messages (e.g. email), digital services (e.g. through Apps) and other means. These communications may relate to the products and services we or our related entities offer, our business partners offer, or other products and services which may be of interest and relevant to you.

You are free to withdraw such consent at any time by contacting us using the contact details at Section “Contact Us” below or via the unsubscribe function in all our email, text marketing communications or mobile applications messaging.

6. Transferring personal information overseas

By purchasing a travel insurance policy through us, you are consenting to us sending your personal information to overseas parties, if required, to provide you with medical and non-medical assistance, receive travel and risk intelligence alerts, or to progress and assess your claim. The countries we typically disclose your personal information to under these circumstances are generally located in the geographic regions you travelled whilst covered by your travel insurance policy or our products and services.

We may also need to disclose information to service providers who are located overseas who assist us by managing and authenticating some customer data or by seeking feedback from our customers to help us improve our products and services. Which service providers we use are and where they are located may change from time to time. You can contact us for details.

When assessing your claim, we may refer to information provided by our third party medical and non-medical assistance providers, which may include our related entities, located in the geographic regions you have travelled. We may also use related entities to process and assess your travel insurance application or claim and to administer your travel insurance policy. These related entities may be based in Australia or overseas, including in Canada, India, Ireland, New Zealand, United Kingdom, Malaysia, Switzerland, United Kingdom and the USA. We or our related entities may enter into outsourcing arrangements (such as payment processing services) to countries other than those listed above.

Any overseas transfer of information as described above will be conducted in compliance with the international data transfer restrictions that apply under any applicable law. We take legally required steps under any applicable law to ensure that adequate safeguards are in place to always protect your information in accordance with this Privacy Policy. You may contact us for more information about the safeguards that we have put in place in this respect.

7. Protecting your personal information

We take reasonable steps to securely store your personal information so that it is protected from unauthorised use, access, modification or disclosure. We store personal information in different ways, including in paper and electronic form, on our premises and our data centres, and our service providers’ premises, cloud storage and data centres (which include IT service providers and document storage and management providers) usually located in Australia.

We maintain administrative, technical, and physical safeguards for the protection of personal information. Our security measures include:

Administrative safeguards

  • Access to your personal information is restricted to authorised personnel who have a legitimate need to know based on his or her job. Where an employee no longer requires access, that employee's access is revoked. We impose similar restrictions on third-party contractors who process personal information on our behalf.
  • Only allowing access if the employee seeking access has satisfied our identification requirements, such as a security check on the commencement of a call.
  • Confidentiality requirements for our employees and suppliers.
  • Secure document storage.
  • Training and education is provided to all employees in the handling of personal information.

Technical safeguards

  • Our security environment is certified annually by multiple cyber security, payment card and financial industry standards audits (ISO, PCI, SOC).
  • We employ security measures for systems access.
  • Third parties who provide services and have access to personal information agree to implement privacy and security practices that meet our requirements.
  • Personal information provided on computer servers is secured in a restricted and controlled network environment.
  • Annual training and certification provide for all employees handling personal information.

Physical safeguards

  • Third-party contractors who process personal information on our behalf agree to meet our physical safeguard requirements.
  • Employing physical and electronic means such as alarms and cameras to protect against unauthorised access to buildings.
  • Effectively and securely destroying data no longer needed, for example, by shredding or pulping in the case of paper records.
  • Our security procedures and policies are audited on a regular basis to ensure they are updated in accordance with current legal requirements and current levels of security technology.

While we have security measures in place to protect your personal information, data transmission over the internet is not absolutely secure. As a result, while we strive to protect your personal information, we cannot warrant or ensure the security of any information you transmit to us or we transmit on your behalf, or to you, in the course of providing services over the internet.

8. Marketing our products and services

We may from time to time provide you with information about other products, services and offers. If you do not wish to receive this information, or wish to know the source of the information, please contact us using the contact details at Section “Contact Us” below. You can change your mind about receiving information about our products and services at any time, by contacting us or using the opt-out process on our offers or promotional communication.

Please note we will still need to send you essential information about your travel insurance policy, travel alerts, and claim documentation.

If you enter a competition, we collect your personal information in order to conduct the competition and may, for this purpose, disclose such personal information to third parties, including, but not limited to, prize suppliers and as required, to Australian regulatory authorities. With your consent, we may use your name, likeness, image and voice (including video, film and recording of the same) and entry content submitted in any media for the purpose of promoting a competition (including any outcome) on the Cover-More website or social medial channels, and promoting any products manufactured, distributed or supplied by or related to Cover-More.

We do not sell your personal information, and we do not sell or pass on mailing lists to any third parties.

9. Your privacy on the internet and when using mobile devices

Cookies

We use cookies in several different ways and some of our cookies collect information which can personally identify you.

A cookie is a small, text-based file used frequently on some websites and portals. A cookie is designed to assist and streamline the exchange of information between your computer's browser and our computer systems. We may use some cookies to collect information about the use of our websites and mobile applications. The information collected includes where visitors connect from, what version of browser they use and their path through the website and mobile applications. It helps us to provide personalised features and keeps our content fresh and relevant.

If you are our current or former customer, we may use a special cookie that identifies you. We may use the cookie to collect the website and browser information referred to above and may combine that information with your customer history and other personal information we hold about you. We may use and disclose the combined information to perform analysis services and send you marketing communications and targeted advertising as described in this Policy, as well as use and disclose it for other purposes described in this Policy.

If you do not want information collected through the use of cookies, you can configure your cookie preferences and options through your internet browser.

Web beacons

Our web pages may contain electronic images, known as web beacons or spotlight tags. These enable us to count users who have visited certain pages of our website. Web beacons and spotlight tags are not used by us to access your personal information, but are simply a tool we use to analyse, in aggregate, which web pages customers view.

Links to other websites

Our websites and mobile applications may contain links to websites that are not ours. Whilst such links are provided for your convenience, you should be aware that the information handling practices of the linked websites might not be the same as ours.

Location information

With your consent, we may collect information about your physical location when you use our mobile applications for browsing our products and services or when you request or purchase products or services. When we have location information, we use this to tailor our services to you and others. If you have 'background location' turned on, our mobile application will, from time to time, tell us about your device's location even if you are not directly interacting with the application. You may stop the collection of this information at any time by changing the settings on your mobile device. Some features of our mobile applications may no longer function if you do so.

Native Applications on Mobile Devices

Some features of our mobile applications may require access to certain native applications on your mobile device, such as the camera, photo album and the address book applications. If you decide to use these features, we will ask you for your consent prior to accessing the applications and collecting associated information. You may revoke your consent at any time by changing the settings on your device.

Push Notifications

With your consent, we may send push notifications or alerts to your mobile device. You can deactivate these notifications or alerts at any time by changing the notification settings on your mobile device or within our mobile applications.

Device Information means information about the device which may (but does not necessarily) include: Device Geolocation Data, mobile advertising identifier, device type (e.g., tablet, smartphone), operating system (e.g., iOS, Android), app name or identifier, IP address, network provider, mobile carrier, mobile browser type (e.g., Firefox, Chrome), timestamp, time zone, information about the speed, bearing, orientation, and altitude of a device, or other device identifying information, including cross-device information.

Device Geolocation Data means precise geolocation data from or about a Consumer’s device, which may be expressed by latitude-longitude coordinates obtained through GPS tools, WiFi data, cell tower triangulation or other techniques, and linked to a mobile advertising ID.

10. Your Rights

A. Your legal rights

Under certain circumstances, you have rights under data protection laws in relation to our processing of your personal information:

  • Right to request access to your personal information. You have the right to request a copy of the personal information we hold about you, together with any other information concerning our processing of your personal information. Access to the requested information may also include providing you with the opportunity for inspection of the documentation at our premises or providing you with a summary.
  • Right to request correction of your personal information. You have the right to request that any inaccurate information we hold about you is corrected, or if we have incomplete information you may request that we update the information so that it is complete. We will correct personal information if you are able to demonstrate, or if we discover, that the information is incorrect.
  • Right to request erasure of your personal information. You have the right to request us to delete personal information we hold about you, however as some information may be required to be retained by certain legislation, we may be unable to action your request.
  • Right to request restriction of processing your personal information. You have the right to request that we no longer process your personal information for specific purposes, or to object to our processing of your personal information for specific purposes.
  • Right to request an electronic transfer of your personal information (data portability). You have the right to request us to furnish you, or a third party, with a copy of your personal information in a structured, commonly used machine-readable format.

B. Exercising your legal rights

In order to exercise any of the above rights, please contact us using the contact details set out within Section “Contact Us” below. In some cases, we may be able to deal with your request over the telephone.

C. Resolving your privacy issues

Please contact us if you have concerns about the way we have handled your personal information, feel we breached the Australian Privacy Principles, or would like to discuss any issues about this Policy. You can speak directly to our staff and they will do their best to resolve your issue. We also have a complaints process including external dispute resolution and a privacy officer who can be contacted (see “Contact Us”).

We will deal with any complaint by investigating it and providing a response to you within a reasonable time, provided that we have all necessary information and have completed any investigation required. In some cases, we may need to ask you to put your complaint in writing so that we are sure that we understand it, and may also need to ask you for further information or to verify your identity. We will attempt to confirm as appropriate and necessary your understanding of the conduct relevant to the complaint and what you expect as an outcome. We will treat your complaint confidentially and respond to you within a reasonable time, usually in writing.

If you are dissatisfied with the outcome, please contact us. You may also take your complaint to the Office of the Australian Information Commissioner. The contact details for the OAIC are available from the OAIC’s website at www.oaic.gov.au.

D. Your travel consultant and your personal information

We require our agents and partners to handle your personal information in a manner consistent with this Policy. If you authorised your travel consultant to arrange your travel insurance, we rely on you having provided your travel consultant with your consent if you would like us to share information about your claim or existing medical condition assessment with them. You may choose to deal directly with us if you prefer not to provide them with information about existing medical conditions and health related matters included in your claim.

11. Contact us

Customer Service
Email: [email protected]
Phone: 1300 72 88 22

or

Privacy Officer
Cover-More Insurance Services Pty. Ltd.
Private Bag 913, North Sydney, NSW 2059
Email: [email protected]

12. Customers from EEA and UK

EEA

If you are located in the European Economic Area (“EEA”) and you are unhappy with our processing of your personal data, you also have the right to lodge a complaint with your national Data Protection Authority. Please refer to this link below for contact details of your national Data Protection Authority and local information on how to lodge a complaint by selecting the appropriate website and section: https://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm

UK

If you are located in the United Kingdom and you are unhappy with our processing of your personal data, you also have the right to lodge a complaint with your national Information Commissioner’s Office (“ICO”). Details of how to lodge a complaint can be found on the ICO website www.ico.org.uk by selecting the appropriate section, or by writing to the ICO at: Information Commissioner's Office Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF.