Privacy Statement

Your privacy

We’re committed to ensuring our compliance with the Privacy Act 2020 and the Health Information Privacy Code 2020.   We value your privacy and recognise it’s crucial to building and maintaining trust between us. 

Here’s a summary of our company practices to ensure the safe and compliant handling of your personal information.

We collect personal information primarily for the purposes of understanding your insurance requirements and providing you with quality advice about our products and services. 

Other purposes include:

  • Identifying you when you’re doing business with us
  • Setting up, administering, managing and improving our products and services
  • Assessing and investigating claims
  • Complying with our ethical and legal obligations

We collect a broad range of personal information in the course of our general business, typically: name, address, date of birth, gender, contact details, insurance history, details on your insurance needs, medical history, and criminal history. 

Wherever possible, we collect information directly from you.

We begin collecting information when you first request information about or apply for a product, or you begin the claim process.  Over the course of the business relationship, we may request additional personal information.

We collect personal information in a variety of ways: over the phone, meeting with you in person, via email, letter or over the internet if you complete forms on our website.

We record telephone conversations with you for operational purposes such as training, quality assurance and complaint handling.

If we request personal information from you and you do not supply it, we may be unable to provide you with the product or service you require (such as offering you an insurance product or processing a claim under an existing insurance policy).

On some occasions we may collect personal information from a third party in the course of assessing eligibility for an insurance product or assessing an insurance claim under your policy.   

This may occur when collecting the information from you is impractical or where you have consented to us collecting it from someone else.  By completing the application for insurance or making a claim, you consent to Southsure collecting information, including health information, from a third party when required. Regardless of the source of the personal information, we will endeavour to protect the privacy of your information.   

Third parties may include:

  • SBS Bank and/or SBS Bank Group companies if you are an existing customer
  • Where you have appointed an agent to act on your behalf e.g. a lawyer, power of attorney, insurance broker
  • A professional expert such as a medical practitioner
  • Other insurance companies
  • Government departments where we need confirmation of any traffic or criminal conviction history e.g. Ministry of Justice
  • Credit reporting or fraud protection agencies
  • Other persons authorised by you, including any person/s listed on your policy 

We store your information in a variety of ways, including: computer systems or databases; and in hard copy or paper files.

The general purpose for obtaining your personal information is to provide you with the insurance products and services you require. 

Southsure will only use your personal information for the purposes as set out in this Privacy Statement and in accordance with the Information Privacy Principles set out in the Act and the Health Information Privacy Code 2020. 

Other uses of your personal information may include:

  • Helping identify you when you call us so we can avoid disclosing information to a person who is not authorised to receive it
  • Helping prevent or detect fraud or loss
  • Contacting you about a particular service or product
  • Contacting you for research or feedback purposes

We will not sell your personal information to other businesses or companies that are not part of the SBS Bank Group of companies.

Southsure will only disclose your personal information to a third party in accordance with the limitations set out in the Information Privacy Principles of the Privacy Act 2020 and the Health Information Privacy Code 2020, which includes:

  • Where disclosure is required by law; or 
  • Where the disclosure is authorised by you; or
  • Where the disclosure is one of the purposes for which the information was collected

To provide you with products and services and to operate our business, we may disclose your personal information to business partners, suppliers or regulators. 

Where we do disclose this information, the organisations are subject to their own privacy and terms of use. However they must only use the information for the purposes we have asked them to perform. 

Examples of third parties we may disclose your information to:

  • Your agent
  • SBS Bank or the wider SBS Group Companies if you are an existing customer
  • Government or statutory bodies
  • Other insurance companies
  • Reinsurers
  • Southsure’s Consulting Actuary
  • Insurance Claims Register
  • Investigative service providers
  • Legal and other professional advisers 

Southsure maintains strict security measures in order to protect personal information from misuse, loss, unauthorised access, modification or disclosure. 

These measures include:

  • Checking your identity when you call us
  • Using secure passwords for our computer systems, which both protects information and limits information to those who need to use it for their work
  • Storing hard copy files in secure buildings
  • Completing staff training to ensure staff understand the Information Privacy Principles under the Act and the regulations contained in the Health Information Privacy Code 2020

Due to the nature of the internet, Southsure can never totally guarantee the security of information sent using this medium.  You are responsible for the security sent to and held in your email account and the access that others have to the account. If you have concerns about the security of an email please contact us by other means.

Southsure will take reasonable steps to ensure the personal information we collect is accurate, complete and up to date. 

The Act gives you the right to correct any personal information you believe to be incorrect. 

If you believe the information we hold is not accurate or up to date, please contact us.  If we do not agree to correct your personal information in accordance with your request we will advise you of this and attach a note to your information that a correction was sought.  

The Act gives you the right to request access to your personal information held by us.  To ensure we supply the information to the correct individual, please make your request in writing. In accordance with the Act, we will process the request within 20 working days of receipt of the written request.

If an agent acting on your behalf makes a request to see your personal information, it needs to be accompanied by a written authority from you authorising that agent to act on your behalf. 

The Act does outline certain circumstances under which access to all or some of your personal information may be refused.  In such cases, we will give you the reason for not providing that information. 

You can request access to your personal information in three ways:

If you want to report a suspected breach of your privacy, or you do not agree with a decision regarding access to your personal information, please contact us.