Life CCC Privacy Statement

Life CCC ’, ‘we’, ‘us’ or ‘our’ refers to the Life Code Compliance Committee (Life CCC).

About the Life CCC

The Life CCC is established and constituted in accordance with the Life Insurance Code of Practice (Code). The Code is the life insurance industry’s commitment to mandatory customer service standards. The life insurance industry has voluntarily developed the Life Code to protect you, the customer. The Council of Australian Life Insurers (CALI) promotes the Life Code to customers through its members. CALI is responsible for the development of the Code, including the Charter of the Life CCC (Charter).

The Life CCC is responsible for the independent administration and enforcement of the Code and our key functions include:

  • providing guidance on compliance with the Code to Code Subscribers and other interested persons, to the extent to which such matters of compliance are within the Life CCC’s jurisdiction;
  • investigating and determining allegations from any person of breaches of the Code;
  • monitoring compliance with the Code, including;
  • requesting Code Subscribers and/or the Administrator to provide access to information, documents and systems, which the Life CCC considers necessary to discharge its functions;
  • conducting own-motion enquiries, audits of Code Subscribers’ Code compliance and “shadow shopping”;
  • requesting Code Subscribers to lodge an annual return reporting on their compliance with the Code;
  • provision of periodic recommendations to CALI on;
  • training and other activities necessary to assist Code Subscribers to meet the requirements of the Code;
  • improvements to be made to the Code to facilitate the objectives of the Code; and
  • publishing information and making presentations on the Life CCC’s activities, including preparation of an Annual Report and an annual Industry Data Report.

We provide information to individuals about our functions and activities as well as information about the investigations or inquiries that we are undertaking that may assist the individual.

In order that we can carry out our function and perform our activities, we work with third parties that include:

  • parties who may refer allegations of Code breaches – consumers and their legal representatives;
  • the Australian Financial Complaints Authority (AFCA) – in relation to systemic issues, referrals, consent recording and monitoring activity;
  • Code Subscribers – being registered life insurance companies issuing Life Insurance Policies, covered under membership of CALI and any other industry participant, which adopts the Code by entering into a formal agreement with the CALI and the Life CCC to be bound by the Code); and
  • other stakeholders such as CALI , regulators and technology and data companies.

Our work with third parties may involve sharing personal information and this Statement sets out how and when we share that information.

Our Commitment

We are bound by the Privacy and Confidentiality obligations that are set out under the Code and the Charter, and abide by the Privacy Act 1988 (including the Australian Privacy Principles, and Mandatory Data Breach Notification) which sets out the principles for the appropriate handling of personal information that we collect, use, disclose and store.

We are committed to handling all personal information carefully, responsibly and securely ensuring that we manage personal information in an open and transparent way.

Notification of our Privacy Statement.

When we collect personal information about an individual, we will, notify the individual of our privacy statement by:

  • Publishing the privacy statement on the Life CCC website; and
  • Providing a copy of the privacy statement on request.

Personal Information (PI)

Is defined as “information or an opinion, whether true or not, in a material form or not, about an identified individual or an individual who is reasonably identifiable.  Common examples include; name, address, email address, date of birth, tax file number, or bank account details.

The personal information we collect and hold

We will only collect personal information that is reasonably necessary for one or more of our functions or activities.  Most of the personal information we collect will be collected directly from Code subscribers or the individual and may include their full name, address, telephone numbers, email, date of birth, gender, and information about life insurance policies and claims that are the subject of an allegation under the Code.

We may also collect personal information about the individual that is publicly available – for example, on social media or available from public registers e.g. Australian Securities and Investments Commission (ASIC), Australian Business Register (ABR). We will only collect this information if it is impractical to collect it directly from the individual, or when we’re permitted to do so.

Sensitive information

Individuals, their representatives or Code Subscribers may provide us with sensitive personal information which may include health or medical information about an individual, where the information is reasonably necessary for us to undertake one or more of our functions or activities.

We ensure that individuals have always provided explicit consent to the collection and distribution of their sensitive information.

Consent

Is defined as any consent that we require from an individual to enable us to carry out our functions or activities, and collect, use or share, personal or sensitive information of the individual. Such consent will be recorded in AFCA’s case management system through the case actions ‘Authority Statement’ (where the telephone authority statement has been read) and ‘Authority Form’ (where a physical declaration has been made).

When we get information we didn’t ask for

Sometimes we may receive personal information that we haven’t asked for. If we think this information is needed, we will keep it securely; otherwise, we will take reasonable steps to destroy or de-identify it as soon as practicable.

Anonymity and pseudonymity

When dealing with us, individuals may choose not to identify themselves or want to use a pseudonym. This may prevent us from being able to carry out some or all of the functions for which personal information is required, including investigating an allegation, or where certain personal information has not been provided.

How we use personal information

We may use personal information for the functions and activities that are concerned with:

  • investigating and determining allegations from any individual concerning allegations of code breaches by a code subscriber;
  • monitoring subscriber’s compliance with the Code;
  • initiating Inquiries into subscribers’ compliance with the Code;
  • monitoring aspects of the Code that have been referred by AFCA and CALI;
  • complying with legal and regulatory obligations;
  • if otherwise permitted or required by law; or
  • for another purpose, only with the individuals informed consent, unless it has been withdrawn.

How we share personal information

We only share personal information as described above with third parties for the functions and activities described in the previous paragraph.

We may also share personal information with third parties if permitted or required by law.  Sharing personal information with a third party for any other purpose will only be done with the prior consent of the individual in the manner set out above.

Outside of Australia

The personal information of our employees, systems and most of the third parties we share information with are located in Australia, but some of this personal information might be stored in “cloud” solutions or otherwise in locations overseas.

We will not disclose personal information to third parties, overseas, unless we have informed consent from the individual.

Keeping personal information we hold safe

Whether on paper or electronically, we will take all reasonable steps to secure and protect the personal information we hold.

When the personal information is no longer required, we will take reasonable steps to destroy, delete or de-identify it.

Your right of access to personal information we hold

Any individual wishing to gain access to personal information about themselves, should write to us (details below) setting out whether you would like access to all or just a particular part of your personal information. We will acknowledge receipt of your request within 5 working days and provide the information requested, where appropriate, within a reasonable time.

In line with our commitment to protect your privacy, we may ask you to verify your request.

You may ask us to delete personal information we hold about you and your organisation and we will take reasonable steps to do so, following completion of any relevant investigation.

Accuracy of personal information

If you think that personal information we hold about you is inaccurate, please contact us at [email protected] and we will correct any identified inaccuracies or let you know why we cannot do so.

Complaints and inquiries

If you have a complaint about the way we handle personal information, please contact us and we will respond as soon as possible to resolve the issue. We also welcome any questions and comments you may have about our privacy practices.

Contacting Life CCC

The contact details for these purposes are as follows:

General Manager, Codes

Life CCC

P.O. Box 14240 Melbourne VIC 8001

Telephone: 1800 931 678 (ask for the Code Compliance and Monitoring team)

Email: [email protected]

Changes to this Privacy Statement

This Privacy Statement is effective as of 31 August 2019.

Any changes or amendments will apply to all the information we hold at the time of the update. We will post the updated Privacy Statement on our website and we encourage you to check this page from time to time.