1. POLICY STATEMENT

This policy is designed to provide information on how we will deal with the privacy of individuals and the personal data that we hold about them during our day-to-day business.

2. WHO IS COVERED BY THIS POLICY?

This policy applies to all individuals whom we may deal with on a day to day basis. This may include people we are providing a service to, those using any of our websites, employees or other individuals with whom we may do business with.

3. OBJECTIVES

• To provide a robust privacy policy that can be used across all levels of the business;
• The policy should provide individuals with details of what information we may collect about them and give them confidence in how we will use the information both internally and externally; and
• To comply with legal requirements including privacy laws within Australia.

4. PRIVACY POLICY - USING YOUR PERSONAL INFORMATION (PRIVACY POLICY)

4.1. INTRODUCTION

The Innovation Group Limited and its subsidiaries (referred to as the “Company”, “we”, “us”, “our”) manages critical incidents in the car and home on behalf of the world’s leading insurers, brokers and fleet managers, together with warranty and service plan provision for many automotive manufacturers globally, and as a result of the services it provides may have a requirement to process personal information about you. The Company is fully committed to protecting your personal information and recognises its responsibility to keep any information about you safe and secure at all times. The Company will only process personal data in accordance with The Privacy Act 1988 (the “Act”) and adhere to the principles contained within the Act.

This privacy policy explains the following:

• The types of information we may collect about you whether through our group websites or through other means such as services that we offer, claims that we are dealing with, telephone calls, emails, as well as claims investigations, witness statements, employment records or other third party connections in our business dealings with you;
• How the information about you is used;
• When we may use your details to contact you; and
• Whether your information will be shared with anyone else.

4.2. WHAT INFORMATION DO WE COLLECT ABOUT YOU?

In order to provide our group services we may need to collect certain personal data about you. The data processed will depend on your relationship with us (such as client policy holder, third party policy holder, witness, claimant, website user, appointed representative, employee or other person relating to our business).

Personal information collected about you and your dependents may include:

• General Information – such as your name, address, email, telephone numbers, marital status, date of birth, policy and claim information, vehicle licence numbers, etc.
• Identification Information – such as insurance policy number, passport details, driving licence etc.
• Financial Information – such as bank details, credit history, credit score & other financial information.
• Medical & health status – such as injuries sustained, medical condition etc. (Only if required as part of the claim information)
• Other sensitive information – in some rare instances we may receive some sensitive information about your religious beliefs, political opinions, trade union membership, family medical history, criminal record, civil litigation history in the process of preventing and investigating fraud. We may also obtain sensitive information if you voluntarily provide it to us though the course the business that we carry out.
• Telephone recordings & CCTV footage – telephone calls with you will often be recorded for staff training purposes and to assist in the investigation and prevention of fraud. If you visit our premises you may also be recorded by CCTV cameras.
• The data we collect will only be relevant to the service you require and by submitting these details to us you will enable us to carry out this service for you efficiently and effectively.

4.3. HOW WILL WE USE THE INFORMATION?

We will only use your information for the purposes of the business we carry out with you. This may include:

• Contacting you to provide updates and collect further information as part of our business with you;
• Providing a service to you;
• Make decisions regarding your insurance and assistance services such as claim assessment, processing & settling, managing disputes etc;
• Provide an improved service to you through use of call monitoring & recorded phone calls;
• Complaint handling;
• Investigate and prevent fraud & money laundering;
• Internal reporting and monitoring;
• Employment; and
• Any other requirement we may have as part of our business with you.

4.4. DO WE SHARE YOUR INFORMATION / PERSONAL DATA?

Innovation Group will only share personal information when it is necessary to perform our business and may include:

• Our Group Companies – The Company consists of a group of companies offering business process services and software solutions to the insurance, fleet, automotive and property industries. As a result the Company may need to share your information with other group entities to provide the best service possible to you.
• Our Service Partners – In order to provide a service to you we may use other service providers such as repairers, contractors, recovery agents, external engineers, lawyers, rental companies, claim investigators, construction consultants, and other outsourced service providers that may need to assist us with our business.
• Other third parties – We may share personal information with other third parties such as fire, police, ambulance services, credit reference agencies, fraud prevention agencies and any other third party that may be involved in an incident or a claim that we are dealing with.

4.5. YOUR RIGHTS

We will take appropriate steps to ensure that your information is safe and secure at all times. This will include physical security of our offices, technical security of our IT systems and ensuring that any paperwork we hold about you is stored securely.

We will always process your personal data fairly and lawfully and for the specified purpose of our business dealings.

We will ensure that the data that we hold is relevant, not excessive and will not be held any longer than is necessary.

You have the right to request a copy of the information that we hold about you or request that your personal information is updated it at any time. If you would like a copy of the information we hold about you or you have reason to believe that the information we hold about you is no longer safe or you would your information updated, please contact us:

Risk and Compliance Manager

Email: au.riskandcompliance@ig-weu-tst-marketing.azurewebsites.net

Phone: 1300 742 366

In any instances where the Company uses third party service providers we will ensure that they are carefully selected and use the appropriate measures to protect your personal data at all times.

4.6. OTHER INFORMATION WE MAY COLLECT

Internet Browser – certain analytical data is collected by most websites to help them understand browsing habits of users. This may include collection of IP address, operating system type, geographic area or user, time of use, type of browser, pages visited and many more. This information is very generic and is only used to monitor site usage levels and trends.

Cookies – are text files containing small amounts of information which are downloaded to your personal computer, mobile or other device when you use a website. Cookies are then sent back to the originating website on each subsequent visit, or any other website that recognises the cookie. Cookies are used to try and improve your browsing experience by remembering your preferences, letting you navigate more efficiently and can also help to ensure that any advert you see online are more relevant to you and your interests.

4.7. THIRD PARTY WEBSITES

Our websites may contain links to third party websites which are outside of our control and are not covered by this policy. For use of these websites please refer to the privacy policy that should be contained within these sites.

The inclusion of a link on the website does not imply our endorsement of that site or the policies that are contained within it.

4.8. CUSTOMER FEEDBACK AND COMPLAINTS

Our websites may contain links to third party websites which are outside of our control and are not covered by this policy. For use of these websites please refer to the privacy policy that should be contained within these sites.

The inclusion of a link on the website does not imply our endorsement of that site or the policies that are contained within it.

4.9. CHANGES TO PRIVACY POLICY

We review this policy regularly and reserve the right to update it at any time.

5. RESPONSIBILITY FOR THE SUCCESS OF THIS POLICY

Staff are invited to comment on this policy and suggest ways in which it might be improved. Comments, suggestions and queries should be addressed via the Information Security Committee by emailing: Info@ig-weu-tst-marketing.azurewebsites.net

6. REVIEW

This policy is reviewed regularly and in case of influencing changes to ensure it remains appropriate for the business and our ability to serve our customers.