Suncorp Privacy Policy

style
remove-bottom-padding

About Suncorp

At Suncorp, we are committed to protecting your personal information. We are a Trans-Tasman insurer offering a range of insurance products and services, in Australia and New Zealand. Our products and services are offered under various brands. To find out more about our brands, click here.

Suncorp has related companies that are incorporated in New Zealand and carry on business there. For details of the New Zealand privacy regime refer to the Vero Insurance New Zealand Limited Privacy Statement, and the Vero Liability Insurance Limited Privacy Policy.

Our Privacy Policy

In this Privacy Policy, “we”, “us”, “our”, and “Suncorp” means Suncorp Group Limited (ABN 66 145 290 124) and its Australian related companies. For a list of the Australian related companies covered by this Privacy Policy, click here

Our Privacy Policy explains how Suncorp typically handles your personal information, and it provides information about your rights in relation to your personal information that we hold. We tell you this so you can make informed choices about dealing with us.

We will also provide you with a Privacy Statement and other privacy information when we collect personal information from you. This will depend on the type of products or services you choose, or your other dealings with us. These documents should be read together with this Privacy Policy.

We also have Online Terms & Conditions which explain how our websites and other online interactions operate and explain how we manage your privacy when you interact with us online. Links to our Online Terms & Conditions are at the bottom of the landing page for each brand website. You should read them before using the services our websites offer, or when you are directed to do so, such as when you buy a product or service.

What is Personal Information?

‘Personal Information’ means, information or an opinion about an identified person, or a person who is reasonably identifiable, whether the information or opinion is true or not.

Sometimes, we also handle your ‘Sensitive Information’, including:

  • health and genetic information;
  • biometric information;
  • racial or ethnic origin;
  • information about cultural, philosophical, political and religious beliefs and opinions;
  • sexual orientation or practices;
  • membership of a political, professional or trade association (or union); and/or
  • criminal history.

Types of Personal Information we collect and hold

The types of personal information we collect will generally include your name, date of birth, gender, mailing and residential address, telephone number, and email address.

Depending on the products and services we offer you, and the circumstances of your interactions with us, we may also collect:

  • insurance/financial/credit/bankruptcy history;
  • payment information (e.g. credit card and bank account details);
  • education, qualifications or employment information;
  • information about your personal circumstances (e.g. citizenship or residency status, relationship status, any dependents and/or caring responsibilities);
  • information about your interests or hobbies, including memberships of clubs;
  • government related identifiers (e.g. your tax file number or driver’s license number);
  • information about the risk you want to insure (e.g. your vehicle, house, contents, business etc);
  • your communication history with us (e.g. your policy and claim applications, queries or complaints, marketing preferences etc.);
  • hardship information (if you choose to provide it to us); and/or
  • any other personal information which is either required to acquire a product or service or needed during the life of that product or service.

We may also need to collect your sensitive information. Click here to see a list of the types of personal information that are sensitive information.

How we collect your Personal Information

We collect your personal information:

  • directly from you;

    • by using written forms;
    • through contact over the telephone, mobile or other messaging technology;
    • via the internet, including websites and social media; and/or
    • in person-to-person contact (e.g., meetings or providing products and services through our offices, at brand marketing and awareness events or service centres including temporary locations to support a disaster response.)

  • from publicly available sources of information; and/or

  • from other persons or organisations (including related and third parties).

We will combine or link personal information we already know about you to other personal information we collect about you.

Please refer to “Who we share your Personal Information with?”section which details the types of people and organisations we disclose your personal information to.

Why we collect your Personal Information

We collect your personal information to:

  • verify your identity and conduct appropriate checks;
  • understand your requirements and provide you with a product or service;
  • service, maintain and administer customer accounts, insurance policies and claims (for example, the updating of customer contact information);
  • set up, administer, manage, and test our products, services and systems, including the management and administration of underwriting and claims;
  • assess and investigate a claim made by you under one or more of our products;
  • detect, investigate and prevent fraudulent activities;
  • manage, train and develop our employees and representatives;
  • manage and respond to complaints and disputes, and report to dispute resolution bodies; and
  • get a better understanding of you, your needs, your behaviours and how you interact with us, so we can engage in product and service research, development and business strategy including managing the delivery of our services and products via the ways we communicate with you.

The Privacy Statement you receive when we collect your personal information may contain other reasons why we collect, hold, use and disclose your personal information depending on the product or service you buy from us, the brand that you do business with or your other dealings with us.

Sometimes we are required to collect your personal information to comply with our legal obligations. The Privacy Statement will also give you further details about the legislation that may apply to the collection of your personal information.

How we use and disclose your Personal Information

We use and disclose your personal information for the reasons we collected it.

Please refer to “Why we collect your Personal Information” section to understand these reasons.

We may use and disclose your personal information for a secondary reason if it is related to a reason we collected it, and if you would reasonably expect us to use or disclose your personal information for that secondary reason.

In the case of sensitive information, any secondary use or disclosure will be directly related to the reason we collected it.

There are some other reasons we may use, hold and disclose your personal information including where:

  • you have expressly or impliedly consented;
  • we reasonably believe that the use or disclosure is reasonably necessary for an enforcement activity conducted by or on behalf of an enforcement body; and/or
  • we are required or authorised by law to disclose your personal information, for example, to a Court in response to a subpoena, or to the Australian Taxation Office, Centrelink, and the Australian Transaction Reports and Analysis Centre (AUSTRAC).

Direct Marketing

We may collect, use and disclose your personal information to keep you up to date with the range of products and services available from Suncorp which we think may be of interest to you.

We may contact you by various means, including mail, SMS, telephone, email, and through internet-based direct marketing. This includes targeted online advertising on websites and social media, and online behavioural marketing. To do this, we may share your personal information with third-party marketing and data-matching service providers, who may combine it with information they already hold about you to serve you with more relevant advertising about our products and services.

Refer to your Privacy Statement for more specific information about how Suncorp will use your personal information for direct marketing and for ways to contact us if you want to update or change your marketing preferences. Our marketing communications also include information on how to change your marketing preferences.

Disclosing your Personal Information overseas

We may disclose and hold your personal information with people and organisation who are located or operate outside Australia. We do this for the same purposes as outlined in “Why we collect your personal information”. The countries where our service providers may be located will vary from time to time. Click here to see our current list of countries.

These countries may not have privacy or data protection laws that are similar to Australian law. For this reason, we take reasonable steps to ensure that people and organisations that we disclose your personal information to, outside Australia:

  • treat your personal information in accordance with Australian privacy law; and
  • Use and/or disclose your personal information only for the reason it was disclosed to them.

Sometimes, we will need to disclose your personal information to countries not on our list. This will be on an ad hoc or case-by-case basis and only for the reason we collected your personal information or for a secondary reason that is allowed as outlined in How we use and disclose your Personal Information.

If your personal information is disclosed or held in a country overseas, it is possible that it may be further disclosed it to comply with a foreign law.

Overseas Countries List

—    Brazil —    Ireland —    Singapore
—    Canada —    Israel —    South Africa
—    Czech Republic —    Japan —    South Korea
—    Denmark —    Netherlands —    Sweden
—    Finland —    New Zealand —    Switzerland
—    France —    Norway —    United Arab Emirates
—    Germany —    Philippines —    United States of America
—    India —    Poland —    United Kingdom
color-grey
options
w-50
false
false
options
w-50

Who we share your Personal Information with

We may disclose your personal information to others depending on the reason why we collected it, the relationship you have with us and the products and services you have chosen.

This may include disclosure to:

  • other related companies within the Suncorp Group;

  • former Suncorp companies while within Suncorp’s technology infrastructure;

  • any of Suncorp’s joint ventures where authorised or required;

  • Third parties that we have contracted with to help us carry out our business activities and functions, such as:

    • information technology providers,
    • administration or business management services and auditors;
    • marketing agencies and other marketing service providers;
    • claims management service providers;
    • print/mail/digital service providers;
    • imaging and document management services
    • investigators and claims or insurance reference services, loss adjusters and assessors;
    • assessors, suppliers, repairers, builders and engineers;
    • other insurers and reinsurers; and
    • debt collection and credit reporting agencies;

  • customer, product, business or strategic research and development organisations;

  • data warehouses, strategic learning organisations, data partners, analytic consultants;

  • social media and other virtual communities and networks where people create or exchange information;

  • clubs, associations, member loyalty or rewards program providers and other industry relevant organisations;

  • any intermediaries, including your agent, adviser, a broker, a representative or person acting on your behalf, other Australian Financial Services Licensees or our authorised representatives, advisers and our agents;

  • co-insureds, claimants or witnesses;

  • accounting or finance professionals and advisers;

  • an employer, trustee or custodian associated with membership of a life insurance policy;

  • government, statutory or regulatory bodies and enforcement bodies;

  • policy or product holders or others who are authorised or noted on the policy as having a legal interest, including where you are an insured person but not the policy or product holder;

  • in the case of a relationship with a corporate partner such as a bank or a credit union, the corporate partner and any new incoming insurer;

  • the Australian Financial Complaints Authority (AFCA), the Office of the Australian Information Commissioner (OAIC) or any other regulator or external dispute resolution body;

  • legal and any other professional advisers and consultants;

  • hospitals, medical, health or wellbeing professionals; and

  • Any other organisation or person where you have asked them to provide your personal information to us or ask us to obtain personal information from them (e.g., your partner, spouse, parent or guardian).

How we secure and protect your Personal Information?

We secure and protect your personal information using both technical and organisational measures.

We hold your personal information in:

  • computer systems;
  • electronic databases;
  • digital records;
  • telephone recordings; and
  • in hard copy or paper files.

These storage mechanisms may be managed or administered internally by Suncorp, or they could be managed by a third-party storage provider with whom Suncorp has a contractual relationship and be either managed locally and/or overseas.

We will take all reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure.

The ways we do this include:

  • limiting physical access to our premises;

  • restricting electronic and physical access to personal information we hold;

  • having in place stand-by systems and information backups to deal with major business interruptions;

  • maintaining technology security products;

  • requiring any third-party providers to have acceptable security measures to keep your personal information secure;

  • destroying or de-identifying personal information pursuant to the law and our record retention policies;

    • appointing a Privacy Officer responsible for overseeing privacy compliance;
    • managing privacy incidents and reportable data breach responses, and advising on privacy risks and obligations; and
    • conducting privacy impact assessments (PIAs) for new projects, systems and third-party arrangements involving personal information.

We maintain industry standard technology and procedures in respect of our information management and provision of online services. Suncorp has an ongoing program of review and enhancement of its security measures, including information management policies, processes and procedures, and technology reviews such as software, virus protection and fire wall settings. Suncorp’s systems and information technology infrastructure are regularly audited both by internal and external experts and regulatory bodies as required.

Suncorp employs strong encryption techniques and the use of firewalls similar to other financial institutions and internet transaction systems globally. If you make a transaction involving the submission of personal information over the internet to Suncorp using one of our online forms, then Suncorp employs encryption technology. Once Suncorp has received your personal information, it is stored and protected by a range of security controls, including firewalls, user identification requirements and audit trails.

Suncorp trains its employees and representatives in their privacy obligations, applies confidentiality obligations and provides authorised people with user identifiers, passwords or other access codes to control access to your personal information.

Website and other data tracking

Our websites utilise cookies and other related technologies to enhance your browsing experience and provide various services. Suncorp collects, holds and uses information via these technologies to maintain and improve website operations, customise your experience based on preferences, and personalise advertising relevance, including through arrangements with third parties.

For details on our cookie and data practices, including the types of cookies and other related technologies we use and how to manage your preferences, please refer to our Cookie & Data Policy available on the Suncorp Website. You can also find more information in our Online Terms & Conditions at the bottom of the landing page for each brand website.

What if you’re not a Suncorp customer?

You may not be a customer of ours, but you may interact with Suncorp. You could be a claimant under our insured’s policy, a witness to an accident or a spouse or family member of a customer. You may also interact with Suncorp by using our brand websites, entering a competition or commenting via social media.

We will collect, use and disclose your personal information in accordance with this Privacy Policy and any Privacy Statement you may receive when you interact with us. Please see our Online Terms & Conditions at the bottom of the landing page for each brand website for more information about interacting with us online.

What if you don’t provide us with your Personal Information?

You do not always have to provide us with personal information when interacting with us. However, if we can’t collect certain personal information about you, we may not be able to provide you with the products, services or assistance you require.

There are some limited cases where you can deal with us without giving us your real name or without identifying yourself at all (pseudonymity and anonymity), such as if you are only looking for general information about one of our products or services.

Accessing or correcting your Personal Information

You are entitled to contact us via your usual channel to request access to or correction of the personal information we hold about you.

When you contact us, we will need to confirm your identity. We may be able to provide you with the personal information you need or to correct our records, within our normal business processes. If we cannot, we will commence the privacy access request process.

There is no charge for requesting access to or correction of your personal information, but we may charge you a reasonable amount to cover the cost of retrieving, copying and sending out information. We will respond to your request in a reasonable time, usually within 30 days of receiving your request. If we need more time, we’ll tell you in writing and tell you why more time is needed.

If we refuse to give you access or to correct your information, we’ll write to let you know why. You can ask us to include a statement with your personal information that says that you believe it’s inaccurate, out of date or incomplete.

What if you have a privacy complaint?

If you think we have not handled your personal information correctly, please contact us. If you make a complaint, we’ll investigate and provide you with an outcome in accordance with the Suncorp Group Complaints Management Policy. We will keep you updated on the progress of your complaint.

If you are not happy the outcome of your privacy complaint, you can take your complaint to the Office of the Australian Information Commissioner (OAIC).

The Australian Financial Complaints Authority (AFCA) has authority to hear certain disputes. Contact AFCA to confirm if they can help you.

Changes and getting a copy of the Policy

We may change our Privacy Policy from time to time. When we make changes, we will re-publish our Privacy Policy. By continuing to deal with us, you accept this Privacy Policy as it applies from time to time.

If you would like to download a copy of this Privacy Policy, please click here. You can also contact us for a copy of this Privacy Policy.

Suncorp entities covered by this Policy

  • AAI Limited (ABN 48 005 297 807)
  • Australian Pensioners Insurance Agency Pty Limited (ABN 14 099 650 996)
  • MTA Insurance Pty Ltd (ABN 35 070 583 701)
  • Platform Coventures Pty Ltd (82 626 829 623)
  • Platform Ventures Pty Ltd (35 626 745 177)
  • Shannons Pty Limited (ABN 91 099 692 636)
  • Suncorp Corporate Services Pty Limited 69 074 966 466
  • Suncorp Group Limited (ABN 66 145 290 124)
  • Suncorp Legal Pty Ltd (ACN 050 238 572)
  • Suncorp Staff Pty Ltd (ABN 31 010 869 726)
  • Suncorp Wealth Services Pty Ltd (ABN 94 000 015 949)
color-grey
options
w-50

Changes and getting a copy of the Policy

We encourage you to review and check our websites regularly for any updates to this Privacy Policy.

We will publish the updated version on this website and by continuing to deal with us, you accept this Privacy Policy as it applies from time to time.

If you would like a copy of this Privacy Policy, please contact us.

color-grey
style
add-top-padding
options
w-50
false
false
false
false
Suncorp Group Privacy Policy
false
/content/dam/assets/documents/suncorpgroup/suncorp-group-privacy-policy.pdf
Download

Supporting material

false
false
false
false
Suncorp Company and Brand Information
false
/content/dam/assets/documents/suncorpgroup/suncorp-company-and-brand-information.pdf
Download
Countries Disclosure 2025
false
/content/dam/assets/documents/suncorpgroup/countries-disclosure-list.pdf
Download
Suncorp Privacy Contact Information
false
/content/dam/assets/documents/suncorpgroup/privacy-contact-information-by-brand.pdf
Download
Past Documents

Suncorp Group Privacy Policy - May 2025

Suncorp Company and Brand Information - Feb 2025

Countries Disclosure 2025

Suncorp Privacy Contact Information - March 2025

style
remove-bottom-padding