MANAGED APPROACH TO RISK AND INSURANCE ACQUISITION PRIVACY POLICY

Managed Approach to Risk and Insurance Acquisition Pty Ltd ACN 615 729 434 (maria, Us, We) respect and value your privacy and is committed to keeping your Personal Information private. The Privacy Act 1988 (Cth) regulates the way in which We collect and use your Personal Information, as well as the circumstances under which We might provide information to third parties. We comply with the Australian Privacy Principles in that regard.

This Privacy Policy outlines how We collect, use, disclose, store and otherwise manage your personal information and is designed to assist you in understanding how We collect and use your Personal Information in connection with our business and the provision and marketing of our services and to assist you in making informed decisions when using our site and our products and services.

How and why We collect your information

We will collect your personal information for a number of reasons, including where it is necessary for Us to provide our services, to maintain contact with you (including as a subscriber), to keep you informed of the services We offer and of current developments, to notify you of events or service offerings, for recruitment and employment and for administration and management purposes.

Generally We will collect personal information directly from you. It may occasionally be necessary for Us to collect your personal information from a third party, or from a publicly available source. We will only collect personal information in that way where you have consented, you would reasonably expect Us to collect personal information in that way, or if it is necessary for the performance of our services.

We may also collect personal information about you from your use of our websites, products or online benchmarks and information you provide to Us through contact mailboxes or through the registration process on our websites or online products.

Information We may collect

“Personal Information” is information that could identify you as an individual, or from which your identity could be reasonably ascertained.

The Personal Information that We collect depends on the services that We undertake.

We may collect Personal Information from the following sources:

  • Subscribers and their staff
  • Customers and their staff
  • Employees including job applicants and potential employees
  • Other individuals who come into contact with Us, including those who use Our website/s, mobile sites and services or other platforms which We may make available

Examples of information that may be collected include name, contact details, date of birth, gender, marital status, occupation or position description and the details of other persons that you might give to Us. Where relevant, We may ask you for other information. In particular, in order to perform our services, it may be necessary for Us to collect bank account or other financial details.

We will not usually seek to collect sensitive information (such as detail of professional memberships, race or ethnic origin, religious beliefs, criminal record, physical or mental health, or sexual orientation) from you. If it is necessary for Us to collect sensitive information, We will obtain your explicit consent to collect and use such information.

When you use our website, information may be collected in the manner described below (see Cookies). Otherwise, the information collected will only be information that you enter into the system or provide to Us.

How do We treat your Personal Information?

We will only use your Personal Information to:

  • Provide the most appropriate services to you
  • Respond to your requests
  • Tell you about products and services that may be offered by maria; and
  • Comply with our legal obligations as auditors and accountants.

We may use your information to market our services, including by email. You will have the opportunity to elect not to receive further marketing information from Us by writing to privacy@mymaria.com.au. We will endeavour to process your request within 21 days. Alternatively, if We have contacted you by email, you may use the unsubscribe function in that email to notify Us that you do not want to receive further marketing information from Us.

We will hold your Personal Information for only as long as is required to fulfil the purposes for which it was collected or as required by law.

We may share your personal information with third parties who We contract to assist Us to provide the services requested by you. Those third parties may include service providers who assist Us in performing our services such as Our service providers or professional advisers. We require that these organisations protect your information in the same way We do. We will never sell your Personal Information.

We may transfer your personal information or it may be accessible to our web host or provider, to fulfil the purposes identified above. We may also store, process or back-up your personal information on computer servers or networks which are located overseas or in “the cloud”, including where services are performed by service providers who are located overseas.

Where your personal information is provided to overseas entities, We will take all necessary steps to ensure that the security of the information is maintained and that it is used consistent with this policy and our obligations under the Privacy Act.

Accuracy of Information

We will use information that is provided by you and may not check the accuracy of the information that you may provide about you or other persons.

If you believe that any personal information which We have collected about you is inaccurate, incomplete or not up-to-date, please contact Us and We will take reasonable steps to correct it in accordance with the requirements of the Privacy Act.

Disclosure or Distribution to Third Parties

We do not provide your Personal Information unless;

  • you consent to disclosure or;
  • it is necessary in order that the services or purposes detailed in this policy can be carried out. This disclosure includes to maria’s related entities and to persons who assist in the delivery of services.

In the event that We allow Personal Information to be able to be accessed by third parties for organisational purposes such as web development or hosting, We will ensure that they maintain your privacy and we may (in our discretion) require those organisations to sign confidentiality agreements.

Information about Third Parties

Where you have provided Us with information about third parties, the same privacy considerations will apply to this information as to your own Personal Information. When We receive this information We will assume that you are authorised to provide it to Us. If requested you must notify the person that you have provided their information to Us.

Cookies and web beacons

You do not have to provide Us with any personal information if you are a visitor to Our website and you may choose to remain anonymous or to provide Us with a pseudonym if you do not wish to reveal your identity. However, you should be aware that by remaining anonymous or in providing a pseudonym, you may not be able to access all of our websites, products and services, We may be unable to properly provide services and advice to you or the nature and extent of that advice may be limited. We may also be unable to properly respond to any request, in relation to the dissemination of information to an unknown party.

The use of our website may involve the use of cookies. A cookie is a data file that a website transfers to your hard drive to allow the website to track the pages that you have visited. A cookie only contains information you supply and it cannot access information from your system. We will use this information for the purposes of optimizing the effectiveness of our web services. No personal data is collected by these cookies.

We use Cookies on our website. These are small text files that are placed on your computer when you visit our website. We use Cookies to monitor the traffic to the various pages on our website so that We can improve its relevance to visitors and clients. Most of this information is aggregated and used for statistical purposes. It will generally contain non-personally identifiable information such as your internet provider, date and time, search phrases, or referring websites.

Most browsers are set up to accept cookies. However, if you do not wish to receive any cookies, you may be able to change the settings of your browser to give you greater control over this.

Small graphic images or other web programming code called web beacons (also known as "1x1 GIFs" or "clear GIFs") may be included in Our web and mobile pages and messages. Web beacons may be invisible to you, but any electronic image or other web programming code inserted into a web or mobile page or e-mail can act as a web beacon. Web beacons or similar technologies may be used for a number of purposes, including, without limitation, to count users of Our services, to monitor how users navigate the services and for administrative or web tracking purposes. In contrast to cookies, which are stored on a user’s computer hard drive, clear gifs are embedded invisibly on web pages. We do not tie web beacons to Identifying Information. We use a third-party tracking service that uses cookies to track non-personally identifiable information about visitors to our sites in the aggregate – e.g., usage and volume statistics to enhance and improve our websites.

While We may also collect some information about your use of Our website, much of this information will not be personal as it will not reveal your personal identity.

You may choose to provide Us with personal information in some circumstances when you access or subscribe to Our website, including where you wish to receive Our newsletters, request services, ask Us to respond to queries or correspondence, or apply for work. If you provide Us with someone else’s Personal Information, you should only do so if you have their authority or consent. You should also take reasonable steps to inform them of the matters set out in this Privacy Policy.

Blogs, Forums, and other Social Media

Our website/s may host social media applications or other services that allow you to share information (including personal information) and content with other users (“Social Media Applications”). Any personal information or content that you contribute to any Social Media Applications can be read, collected and used by other users over whom We may have no control. You acknowledge that any contribution by you to Our site, platform or a Social Media Application may amount to publication to the world at large and We are not responsible for any use, misuse or misappropriation by other users of any personal information or content that you contribute to Our site, platform or any Social Media Applications.

Where you provide or contribute any data to Us through Our site, platform or Social Media Application or another of our services, you warrant that the data is accurate at that point in time. Where possible, We will desensitise the data so that it does not contain your Personal Information. You acknowledge that the data may be aggregated or form part of a sample and that the nature of the results or sample may change over time.

Our website may include links to third party websites. If you access those websites (even via a link from our website) you will be subject to their privacy policy and We do not endorse or accept the other website by providing a link to it from our website.

Marketing

We may use your Personal Information to offer you services which We believe may be of interest to you, but We will not do so if you tell Us not to. We may also provide your Personal Information to one of Our related entities if that is necessary to continue to provide Our services to you.

If you do not want to receive marketing offers from Us, please tell Us by emailing privacy@mymaria.com.au. We will ensure each electronic message We send (e.g. by e-mail, SMS etc.) includes a method that enables you to tell Us that you do not want to receive future electronic marketing material.

Security

  • maria requires all staff to keep Personal Information confidential.
  • maria takes all reasonable steps to protect the physical security of information and to prevent unauthorised access such as restricted access to offices or records, maintaining a secure database, passwords, firewalls and encryption.
  • We strive to ensure the security, integrity and privacy of Personal Information submitted to our website/s or platform/s.
  • Unfortunately, no data transmission over the internet can be guaranteed to be totally secure and you acknowledge and accept this risk when accessing and using our website/s and platform/s.
  • We will endeavour to take reasonable commercial steps to protect any Personal Information you provide Us in relation to your use of the website or platform and ensure its security on Our systems.
  • Whilst Our employees and any third parties who provide Services are obliged to respect the confidentially of any Personal Information held by Us, to the extent permitted by law We will not be held responsible for any loss or damage which is directly or indirectly caused by unauthorised access to your Personal Information.
  • Our web servers store the IP address of users that access and use our website. We use IP addresses to assist the diagnosis of problems or support issues with our website and to analyse the usage and traffic of the website. This information is gathered in an aggregated and de-identified format which cannot be attributed to an individual user.

Variations

It is possible that We will change Our privacy policy from time to time. Any changes will be posted on Our website or platform. You acknowledge that We work in a dynamic business environment and from time to time it may be necessary to review our privacy policy.

You will always be able to find the current version of our privacy policy on Our website.

How you can access your Information

If you are a client, in most cases you can access your personal information by contacting Us direct. Otherwise, you may contact Us at privacy@mymaria.com.au by email. Requests will be dealt with as quickly as possible and We will endeavour to respond within 21 days.

In some circumstances We may refuse to give you access to personal information and in these circumstances We will explain why (e.g. it may be a conflict of interest to provide the information).

Complaints

In the event that you have a complaint about the manner in which your Personal Information has been used, please refer the complaint to Us. Your complaint will be investigated on an in-house basis by a person not directly involved with your matter. Please email the details of any complaint to privacy@mymaria.com.au.

In the event that you are still not satisfied, We will advise you of further complaint resolution processes which are open to you and which We will follow in order to resolve your complaint.

How to Contact Us

You may request further information about the way We manage your personal information by emailing privacy@mymaria.com.au, by writing to us at Level 1, 125 York Street, Sydney NSW 2000 or by telephone on +61 409 616 257.

CREDIT REPORTING POLICY

maria may also be bound by the credit reporting provisions of the Privacy Act and the Credit Reporting Code registered under the Privacy Act. Where We provide services to you on credit (that is, you will pay for those services after We start providing them to you), We are a credit provider for the purposes of the Privacy Act.

This Credit Reporting Policy describes how We manage credit-related information about individuals (credit information). It does not apply to the collection or use of credit related information about corporations.

We will ensure that all personal information (including credit information) which We handle is managed in accordance with the Privacy Act and other applicable laws protecting privacy. Where We appoint a third party provider to deliver series which require them to handle your personal or credit related information, We will ensure that they handle such information to the same standard which We apply.

Collection of credit information

We may collect, hold and use certain credit related information about you. We will generally only obtain this information from you. We will not collect or exchange information with credit reporting bodies and other credit providers unless you authorise Us to do so. We use credit related information to assist Us in determining whether We will provide or continue to provide services to you on credit and to manage our relationship with you. Credit related information includes your name and contact details, your credit history (including any repayments or late repayments you have made), any credit rating or credit assessment score that We calculate and details of any credit related court proceedings or insolvency applications that relate to you.

We will securely store all credit related information that We collect or hold about you.

Disclosure of credit information

Unless otherwise required by law, We will only disclose your credit related information to third parties in limited circumstances as permitted by the Privacy Act. We may disclose your credit related information to parties that provide credit related services to Us such as debt collectors, credit management agencies and our agents. We may also disclose your credit related information to a third party that you or We request act as a guarantor in relation to any credit provided to you. We may also disclose credit information to credit reporting bodies where there has been a default in payment. We will provide at least 14 days’ notice of our intention to disclose default information to a credit reporting body before making any such disclosure. We will not disclose any credit information to any recipient located outside of Australia.

Other circumstances where We may disclose your credit related information include where required by law or the order of a court or tribunal and where you otherwise expressly consent to the use or disclosure.

Access & corrections

Consistent with our Privacy Policy, you may request access to any credit related information that We hold about you.

If you request that We correct any credit related information that We hold about you, We will endeavour to respond to that request within 21 days (or such longer period as you may agree) and correct any credit related information that We hold about you that We are satisfied is inaccurate, out-of-date, incomplete, irrelevant or misleading.

Complaints

You may complain about any failure by Us to comply with Part IIIA of the Privacy Act or the Credit Reporting Code. If your complaint relates to our failure to provide access to or to correct any credit related information that We hold about you, you may lodge a complaint directly with the Office of the Australian Information Commissioner (for more information, please see www.oaic.gov.au ). If your complaint does not relate to these matters, you must first lodge a complaint with Us in accordance with the procedure set out in our Privacy Policy (above), which sets out how We will deal with such complaints.

A complaint may be lodged by contacting Us at privacy@mymaria.com.au, or in accordance with the contact details provided above.