Privacy policy

Clarion Claims Pty Ltd ABN application pending ("Clarion", "we", "us", "our")

1. About this policy

Clarion Claims is a third-party claims administrator (TPA) operating in the Australian insurance industry. We administer insurance claims on behalf of insurers, brokers and other principals. Our claims handling technology is powered by Curium Co Pty Ltd ("Curium").

This Privacy Policy explains how we collect, hold, use and disclose personal information, and how you can contact us about your personal information.

References to "APPs" in this policy are to the Australian Privacy Principles contained in the Privacy Act 1988 (Cth). Clarion Claims is not currently an APP entity under the Privacy Act 1988 (Cth) and the APPs do not directly apply to us. Nonetheless, we aim to adopt best practices drawn from the APPs in our handling of personal information, and we comply with any applicable industry codes, including the General Insurance Code of Practice where it applies to the claims we administer.

This policy applies to personal information we collect when people use our website, contact us, or are involved in claims we administer.

2. The kinds of personal information we collect

In the course of administering claims and operating our business, we collect personal information including:

About claimants and people involved in claims:

• Identity and contact details: name, date of birth, address, email, phone number
• Driver licence details and driving history
• Vehicle details: registration, make, model, condition, ownership
• Claim details: incident or loss descriptions, date and location of loss, claim amounts, supporting documents, photographs and other media
• Policy details: policy number, coverage type, period of insurance, insurer and broker details
• Financial information: bank account details for claim payments
• Information about third parties involved in or affected by an incident, including witnesses and other drivers

About insurance brokers, agents and other intermediaries:

• Name, business contact details, role and licensing information

About users of our website and digital services:

• Account credentials, browser information, IP address, usage logs
• Information you provide when contacting us through web forms, email or phone

About prospective and current employees, contractors and service providers:

• Information needed for engagement, payment, performance and compliance

We only collect personal information that is reasonably necessary for our functions and services.

3. How we collect personal information

We collect personal information in several ways:

• Directly from claimants and people involved in claims, including through our website, claim forms, emails, calls and meetings
• From the insurers, brokers or principals on whose behalf we administer claims
• From third parties involved in the claim, such as repairers, assessors, investigators, lawyers, witnesses and other service providers
• From publicly available sources where relevant to verifying or investigating a claim
• Automatically through our website, software and IT systems
• From you when you apply for a role with us or engage with us as a supplier

4. Why we collect personal information and how we use it

We collect, hold and use personal information for the following purposes:

• To administer insurance claims on behalf of our principals, including assessing, investigating, settling, denying and paying claims
• To communicate with claimants, principals and other parties involved in claims
• To comply with the regulatory and contractual obligations applicable to insurance claims handling, including the General Insurance Code of Practice and ASIC Internal Dispute Resolution requirements (RG 271)
• To detect, investigate and prevent fraud, misuse and unlawful activity
• To respond to complaints and disputes, including engaging with external dispute resolution bodies such as the Australian Financial Complaints Authority (AFCA)
• To manage our business operations, including billing, audit, training, risk management and reporting
• To improve our services, including through analytics and de-identified or aggregated reporting
• To recruit, engage and manage employees, contractors and suppliers
• To comply with court orders, subpoenas, regulatory directions and other legal obligations

We will not use personal information for a purpose other than the purpose for which it was collected (or a directly related purpose you would reasonably expect), unless you consent or another lawful basis applies.

5. Disclosing personal information

We may disclose personal information to:

• The principal we are administering the claim for (the insurer, broker or other entity that has engaged us)
• Curium Co Pty Ltd, our technology provider, whose software we use to administer claims. Curium handles personal information on our behalf as a service provider and is contractually required to protect that information consistent with this policy
• Other service providers involved in the claim, including loss adjusters, investigators, assessors, repairers, legal advisors and accountants
• Reinsurers and other parties with a legitimate interest in the claim
• Government, regulators and statutory bodies where required or authorised by law, including ASIC, AFCA, courts and tribunals
• Law enforcement agencies where reasonably necessary to investigate suspected fraud or unlawful activity
• Our professional advisors such as lawyers, auditors and consultants
• Other service providers we use to run our business, including cloud hosting, IT support, communications, payments, payroll and analytics providers

We require our service providers and subcontractors to handle personal information consistent with this policy.

6. Cross-border disclosure

Some of the service providers we use, including cloud hosting providers, may store or process personal information outside Australia.

The primary customer database and document storage are located in Australia. However, when providing certain features — including email and SMS notifications, error monitoring, product analytics, and AI-assisted functionality — personal information may be transmitted to and stored by service providers located in the United States and the European Union.

Where personal information is disclosed to overseas recipients, we take reasonable steps to ensure it is handled in accordance with the Australian Privacy Principles (APPs), including APP 8.

7. Data quality, retention and correction

We take reasonable steps to ensure the personal information we hold is accurate, complete and up to date.

We retain personal information for as long as it is needed for the purposes for which it was collected, or to comply with our legal, regulatory, contractual or audit obligations. Claims records are typically retained for the minimum period required under the General Insurance Code of Practice, the Insurance Contracts Act 1984 (Cth), the Limitations Act of the relevant jurisdiction, and any retention requirements of the principal on whose behalf we administered the claim. After this period, we securely destroy or de-identify the information.

If you believe personal information we hold about you is inaccurate, incomplete or out of date, please contact us using the details in Section 12 and we will take reasonable steps to correct it.

8. Security

We implement technical and organisational safeguards to protect personal information from misuse, interference, loss, unauthorised access, modification and disclosure. These include:

• Encryption of personal information in transit and at rest
• Access controls, including role-based permissions and multi-factor authentication
• Secure authentication, audit logging and monitoring
• Regular vulnerability assessments and security testing
• Staff training on privacy and information security obligations
• Vendor due diligence and contractual security commitments

If there is a suspected data breach, we will act promptly to contain, investigate, notify affected parties and mitigate risks.

9. Cookies, tracking and website analytics

We may use cookies, web beacons, analytics tools and similar technologies on our website to:

• Understand how visitors interact with our site
• Improve site functionality, performance and usability
• Diagnose issues and monitor for misuse
• Measure the effectiveness of any marketing activities

You can choose to disable cookies in your browser, but doing so may limit your ability to use some features of our website.

Where we embed links to third-party sites or services, those third parties may set their own cookies. We encourage you to review their privacy policies.

10. Access, correction and complaints

You may request:

• Access to the personal information we hold about you
• Correction of personal information you believe is inaccurate, incomplete or out of date
• To opt out of receiving direct marketing from us

To make a request or complaint, please contact our Privacy Officer using the details in Section 12. We may need to verify your identity before responding. We will acknowledge your request promptly and respond within a reasonable time.

If we refuse a request, we will provide written reasons consistent with APP 12.

For complaints relating to a specific insurance claim, you may also be able to lodge a complaint with the Australian Financial Complaints Authority (afca.org.au).

11. Direct marketing

We may use your contact details to send you information about our services where permitted by law and the Spam Act 2003 (Cth). You can opt out at any time by following the unsubscribe instructions in any marketing message or by contacting us directly.

12. Contact us

If you have any questions, concerns or requests about this Privacy Policy or how we handle personal information:

Privacy Officer
Email: info@clarionclaims.com.au
Postal address: Pending

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, our practices or our business. When we make material changes, we will publish the updated version on our website and, where appropriate, notify affected individuals directly.