Thank you for using 360 Leisure Travel Pty Ltd (ReadySet Insurance). Your privacy is important to us and we are committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) (Privacy Act), which includes the Australian Privacy Principles (APPs) and any related privacy codes.
This Policy outlines how we collect, use, disclose and store your personal information and lets you know how you can access that information. This Policy applies to our obligations when handling information in Australia.
Please read this Policy carefully and contact us using the details below if you have questions.
When we provide goods or services to you, we may require your personal information in order to provide those goods and services to you. We rely on APP 3.2, as the collection of your personal information is reasonably necessary to perform our functions and activities.
Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.
In limited circumstances, we will rely on your consent to us collecting, using, storing and disclosing your sensitive information in accordance with this Policy or as required or permitted by law.
Sensitive information is information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, or trade union, sexual orientation or practices, criminal record, health information about an individual, genetic information about an individual that is not otherwise health information, biometric information that is to be used for the purpose of automated biometric verification or biometric identification, or biometric templates.
We will generally obtain consent from the owner of the sensitive information to collect their personal information. Consent can be provided in writing; however, sometimes it may be provided orally or may be implied through a person’s conduct. We endeavour to only ask for your sensitive information if it is reasonably necessary for the activities that you are seeking to be involved in.
There may be certain instances where we do not need to request your consent to collect sensitive information. This may be where:
We also may collect children’s information, including sensitive information of children, where they are recipients of our goods and services.
Where we collect children’s personal information and sensitive information, where necessary, we will obtain the consent of the relevant parent or guardian, as the circumstances may require.
We may collect the following type of personal information about you, depending on the services we are providing to you:
| Information collected | Why we collect it | How we collect it |
|---|---|---|
| About our users | ||
| • Your name, email address and phone number. • Date of birth. • Gender. • Your nationality and which countries you hold citizenship of. • Insurance history. • Your health information. • Your criminal history. • Your political opinions or membership (where applicable). • Your device ID, device type and information, geo-location information, Internet Protocol (IP) address, standard web log information browser session data, device and network information, statistics on page views, acquisition sources, search queries, browsing behaviour and information gathered through internet cookies. • Information contained in any communications between you and us. | • For the purpose for which the personal information was originally collected. • To identify and interact with you. • To perform administrative and operational functions. • To comply with any legal requirements, including any purpose authorised or required by an Australian law, court or tribunal, including AML/CTF requirements. • For any other purpose for which you give your consent. | Directly from you when you: • use our services, including arranging insurance, or when a claim is made; • interact or share personal information with us via our platforms and social media; and • communicate with us. Through our third-party service providers. |
| About visitors to our website or other instances where you interact with us | ||
| • Information you have provided in communications we have with you. • Information about your access and use of our website, including browser session data, device and network information, statistics on page views, acquisition sources, search queries, browsing behaviour and information gathered through internet cookies. | • To identify and interact with you. • To perform administrative and operational functions. | Directly from you when you: • interact or share personal information with us via our platforms and social media; and • communicate with us. |
| About contractors or prospective staff members | ||
| • Your name, email address and phone number. • Your nationality and which countries you hold citizenship of. • Educational details, such as schools you have attended, any qualifications you have received, transcripts and/or English language test results. • Employment details, such as a CV, qualifications attained or examples of work. • Criminal history (if we ask to perform a background check). | • To enable us to carry out our recruitment functions. • To correspond with you. • To fulfil the terms of any contractual relationship. • To ensure that you can perform your duties. | Directly from you when you: • interact or share personal information with us via our platforms; and • communicate with us. Through our third-party service providers. |
If you choose not to provide information as requested, we may not be able to service your needs. For example, it will not be possible for us to provide you with our service if you want to remain anonymous or use a pseudonym.
We sometimes receive unsolicited personal information. In circumstances where we receive unsolicited personal information we will usually destroy or de-identify the information as soon as practicable if it is lawful and reasonable to do so unless the unsolicited personal information is reasonably necessary for, or directly related to, our functions or activities.
We may disclose your personal information to the following third parties:
(a) our business or commercial partners;
(b) our professional advisers, dealers and agents;
(c) third parties and contractors who provide services to us, including customer enquiries and support services, IT service providers, data storage, webhosting and server      providers, marketing and advertising organisations, payment processing service providers;
(d) payment system operators and debt-recovery functions;
(e) third parties to collect and process data, for example Amazon Web Services and Google Analytics  and
(f) any third parties authorised by you to receive information held by us.
If you are a contractor, we may disclose your information to payment system operators and debt-recovery functions.
We may also disclose your personal information if we are required, authorised or permitted by law.
From time to time, and in support of our future development and growth, we may use your personal information to contact you to promote and market our products and services.
You can opt-out from being contacted for direct marketing purposes by contacting us at info@readysetinsurance.com.au or by using the unsubscribe facility included in each direct marketing communication we send. Once we receive a request to opt out from receiving marketing information, we will stop sending such information within a reasonable amount of time.
ReadySet may use automated decision making in relation to the offering of our products and services. Automated decision making happens where we have arranged for a computer program to make, or do something substantially related to making a decision, where it reasonably could be expected to significantly affect your rights or interests, and personal information is used by the computer program to make the decision or do something substantially related to making that decision.
The types of personal information which may be used by computer programs to engage in automated decision making include:
·      Your age;
·      Your health information; and
·      Your declared pre-existing medical conditions, travel destination(s), and trip duration.
The kinds of decisions made solely by the operation of those computer programmes include:
·      Determining whether a declared medical condition can be automatically covered, excluded from cover, or requires payment of an additional premium or excess.
The kinds of decisions are made by human decision-makers, but with substantial and direct assistance from the computer program, include:
·      Whether coverage will be approved or denied; and
·    Whether a condition requires referral to an underwriter due to its complexity, instability, or incomplete disclosure.
We may send information to third parties that are located outside of Australia for the purposes of providing our services. These third parties are located in New Zealand, Singapore, Philippines, India, UK, countries within the European Union and the United States of America, although this list may change from time to time. Disclosure is made to the extent that it is necessary to perform our functions or activities.
We take all reasonable steps to protect personal information under our control from misuse, interference and loss and from unauthorised access, modification or disclosure. We hold your personal information electronically in secure databases operated by us and our third-party service providers.
We protect the personal information we hold through a number of different layers of industry-appropriate security; examples of the measures taken by us are detailed below:
(a) encrypted browsing through HTTPS; storing authentication details, such as passwords and user access tokens, in hashed or non-reversible formats; actively monitoring errors; and logs using industry-level tooling, using multi-factor authentication and firewalls.
User logs redact certain types of information, such as passwords, before they are logged to prevent user information leaking to third parties.
Servers and databases are limited to internal access only to prevent database access to the public, unless it relates to certain whitelisted services or for monitoring and troubleshooting
While we take reasonable steps to ensure your personal information is protected from loss, misuse and unauthorised access, modification or disclosure, security measures over the internet can never be guaranteed.
We encourage you to play an important role in keeping your personal information secure, by maintaining the confidentiality of any passwords and account details used on our website.
If you would like to access your personal information, please contact us using the details below. In certain circumstances, we may not be able to give you access to your personal information, in which case we will write to you to explain why we cannot comply with your request.
We try to ensure any personal information we hold about you is accurate, up-to-date, complete and relevant. If you believe the personal information we hold about you should be updated, please contact us using the details below and we will take reasonable steps to ensure it is corrected if appropriate.
We destroy or de-identify personal information when we no longer need it unless we are otherwise required or authorised by law to retain the information.
If you believe your privacy has been breached or you have a complaint about our handling of your personal information, please contact us using the details below.
We take privacy complaints seriously. We will try to resolve your complaint within 30 days. When this is not reasonably possible, we will contact you within that time to let you know how long we will take to resolve your complaint.
We will investigate your complaint and write to you to explain our decision as soon as practicable.
If you are not satisfied with our decision, you can refer your complaint to the Office of the Australian Information Commissioner by phone on 1300 363 992 or online at www.oaic.gov.au.
Our website may collect information during your visit through the use of cookie technology. A cookie is a piece of information in a small text file that is stored in your internet browser or elsewhere on your hard drive. The cookies we use may identify individual users.
We may, from time to time, amend this Policy. Any changes to this Policy will be effective immediately upon the posting of the revised Policy on our website. Contact us.
All questions or queries about this Policy and complaints should be directed to:
Privacy Officer
Phone: 1800 411 580
Email: Â privacy@360uw.com.au
