This Privacy Policy applies to Unimutual Limited and its associated entities (as that term is used in the Corporation Act 2001 (Cth) in every place that we carry out business. Unimutual (also referred to as “we”, “us” and “our” in this document) is committed to respecting your privacy and securing of personal information maintained by Unimutual about its Members and any other individual from whom Unimutual collects personal information. Our Privacy Policy is in accordance with the Privacy Act 1988 (Cth), as amended, and is based on the Australian Privacy Principles outlined in the Privacy Amendment (Enhancing Private Protection) Act 2012 (Cth) (Privacy Act). Our Privacy Policy also complies with relevant State legislation relating to the collection and use of health information.
We reserve the right to change our Privacy Policy at any time. If we change our Privacy Policy, we will take reasonable steps to bring those changes to your attention.
“Personal Information” is information or an opinion about a person that identifies the person or from which the person’s identity can be reasonably ascertained. Unimutual will collect and hold personal information that is required by us to deliver our services and products to you, and we will do this in a fair and lawful manner. We collect the following information:
When you visit our website, which is hosted in Australia at www.unimutual.com.au, there are several ways in which we collect information:
Unimutual use WordPress to collect analytics. The main purpose of collecting your data in this way is to improve your experience when using our site. We also use this data to understand and report on which content pages and downloads are accessed by visitors. WordPress collects data regarding Unimutual’s website traffic, including new visitors, page views, bounce rate, and click through rates. WordPress also highlights the top viewed pages per month and average time users spent on each page before clicking out. WordPress allows comparisons to be made from month-to-month to track performance and user engagement.
Cookies are small data files transferred onto computers or devices by websites for record-keeping purposes and to enhance functionality on the website. Most browsers allow you to choose whether to accept cookies or not. If you do not wish to have cookies placed on your computer, please set your browser preferences to reject all cookies before accessing our website.
For more information on cookies from our website please refer to the WordPress article regarding their use of cookies here.
We use YouTube to host videos which are embedded on our website. Videos on our website use YouTube’s Privacy Enhanced Mode and count the number of views. When you play an embedded video from our website, the video, and associated assets will load from the domain. YouTube collects information about user activity, including videos watched and interactions with content and ads. You can access the YouTube Privacy Policy here.
We will collect information that you provide to us when signing up to mailing lists, registering for our events, or submitting feedback on your experience with our website.
We use MailChimp to manage our mailing lists. You can access the Privacy Policy for Intuit (MailChimp) here. As a Member you are automatically subscribed to our mailing list. MailChimp analytics are performed when you click on links in emails or download the images in emails. This includes which emails you open, which links you click, total successful deliveries, clicks per unique open, and number of un-subscriptions from our mailing lists.
We use the services of Survey Monkey to collect voluntary feedback on your experience with our services. We use this to conduct anonymous stakeholder surveys to gather feedback to help us improve our performance. We do not collect personal information via Survey Monkey unless you provide this. Information about how Survey Monkey manages your personal information is available in the privacy notice on their website. You can access the Survey Monkey Privacy Policy here.
We use GoTo Webinar to register for online events. GoTo Webinar is part of the LogMeIn group of companies. The registration form used for online events will collect your name and email address, and this information will be used to confirm your registration. You can access the Privacy Policy for GoTo Webinar here.
We also use CVENT to manage event registrations. You can access CVENT’s Privacy Policy here. When registering for an event, you may be required to give CVENT personal information including your name, telephone number, and email address. You may also be required to provide financial information, including credit card numbers and expiration date, if you make a payment for an event. CVENT may share some personal information with us, including information about whether a registered individual has made a payment, but we do not receive your financial information.
We use social networking services, such as LinkedIn, to communicate with the public about our work. When you communicate with us using these services we may collect your personal information, but we only use it to help us to communicate with you and the public. The social networking service will also handle your personal information for its own purposes. These services have their own Privacy Policies, which you can access on their individual websites.
Unimutual will not use or disclose personal information about an individual other than for the purpose(s) stated at the time of the collection. If another use is proposed, Unimutual will seek the individual’s consent, unless that other purpose is related to the original purpose(s) of collection.
We hold personal information of the individuals comprising our Members and, in certain circumstances, of third parties, such as your service providers or consultants, and third-party claimants for the following purposes:
The Unimutual business model focuses on people and organisations working together for the mutual benefit of all parties involved.
We may employ a variety of direct marketing techniques in order to keep Members informed about updates or changes to the services offered by Unimutual, as well as the benefits or products available to Members.
We consider that direct marketing to our Members forms an integral part of our services to you, and that these services are directly related to our primary purpose for originally collecting the personal information. Without such services, the communication with our Members and potential Members may be substantially reduced, and therefore we are less likely to be able to deliver the benefits that are available to our Members. We handle all of our mailouts to Members and other interested parties.
Your personal information may be provided to service providers of Unimutual such as claims advisers, legal advisers, or assessors for the purpose of service delivery. Each service provider is required to deal with your personal information in a manner and at the level specified by our standards.
We take all reasonable care to make sure that the personal information we hold is protected from loss, misuse, interference, unlawful access, modification, or disclosure. We destroy or permanently de-identify personal information in accordance with the Privacy Act. We maintain computer and network security including Multifactor Authentication Accounts, specific user identifiers, complex passwords, and firewalls to protect unauthorised access to our systems.
Unimutual employees attend cyber training and learn how to securely store your information.
Mandatory investigations and reporting are required for personal data breaches. If a breach has occurred, we will report such a breach to the individual whose personal information has been breached and to the Office of the Australian Information Commissioner.
Data breaches occur where there is:
Data breaches may be caused by malicious intentional actions, such as a serious cyber security incident, accidental loss, loss through negligence, or loss through improper disclosures.
We do everything that we can to ensure that the personal information we hold is accurate, complete, and up-to-date whenever we collect or use it. This means that from time to time we will ask you to tell us if there are any changes to your personal information. If you find that the information that we hold about you is incorrect, incomplete, or out of date, please contact us immediately and we will correct it.
Use of Government Identifiers
We do not adopt, use, or disclose an identifier that has been assigned by a Commonwealth government agency unless legally required. An identifier, for example, a Medicare or tax file number, is a number assigned by a Commonwealth government agency to uniquely identify the individual for the purposes of the organisation’s operations.
Under ordinary circumstances, we do not disclose personal information to any person or organisation in a foreign country if that country does not have a comparable information privacy regime. In the unlikely event that we need to do so, we will obtain your prior consent, except where the Australian Privacy Principles do not require us to do so.
It is reasonably likely that we may disclose personal information to overseas recipients in Europe (including United Kingdom, the Isle of Man and Luxembourg) and New Zealand. These jurisdictions are each subject to a privacy regime substantially similar to that in Australia.
Should we disclose your personal information to an overseas recipient we will ensure that the overseas recipient complies with the Australian Privacy Principles, and we will be accountable for any acts or practice that may breach the Australian Privacy Principles.
When you browse our website, our service provider logs the following information for statistical purposes: your server address and top-level domain name, the date and time of your visit, the pages and articles accessed, and the documents downloaded. We do not identify users or their browsing activity except in the event of an investigation where a law enforcement agency may be entitled to inspect the service provider’s logs.
If you make an online payment by credit card, we will collect information such as your email address, name, and credit card details to enable us to process your payment, and we will provide you with a payment receipt.
When you communicate with us through our social media pages such as LinkedIn, the social network provider and its partners may collect and hold your personal information overseas. You should consult their individual privacy policies for further information.
If you think your privacy has been interfered with due to a breach of our privacy obligations, you can complain directly to our Privacy Officer. If you are not satisfied with our response, we will advise you of your options before further proceeding with your complaint.
At your request we will provide you with additional information about the way Unimutual manages the personal information we hold. If you wish to know more about the way we manage your personal information, please contact our Privacy Officer at:
For further information about privacy issues in Australia and protecting your privacy, visit the Office of the Australian Information Commissioner’s website here.
When information is no longer needed, we will take reasonable steps to destroy or permanently de-identify personal information.
Here are ten FAQs to assist you in understanding our privacy responsibilities.
1. What do you classify as my ‘personal information’?
Personal information is any information about you that identifies you, or by which your identity can reasonably be ascertained. Personal information held by us may include your name, private/business address, occupation, employer, previous addresses, and private/business telephone number. Where a claim has been made or where you or your employer has applied to become a Unimutual Member, we may collect other personal information, including but not limited to, financial details, risk and claim histories (validated and invalidated), statements and valuations of business assets, entity and trade references, and claim details, which may include health information.
If you and or other third parties choose not to provide personal information, we may not be able to process your application for Membership, discretionary protections, or deliver appropriate services.
2. How do you collect my personal information?
We will, as much as reasonably possible, collect the information directly from you, when you provide information in documents, such as an application for Membership or protection. By representing your organisation in completing an application to become a Member of Unimutual, the applicant’s representative agrees to the use and disclosure of personal information necessary to effect Membership, discretionary protection, and/or functions involved with delivery of discretionary benefits.
If we are not able to collect the information that we need directly from you, then we will take reasonable steps to ensure that you are made aware of:
(a) Our identity;
(b) The ways you can access your personal information held by us;
(c) The purpose for collecting the information;
(d) The organisations to which that information is usually disclosed;
(e) Any law that requires the information to be collected; and
(f) The consequences for you if that information is not provided (for example, that we will not be able to provide you with the services you request).
3. How do you use my personal information?
Your personal information will be used to provide the services that your organisation requires. This may include administering and managing those services, (which includes collecting contributions, issuing discretionary protections, managing claims, and delivering benefits subject to absolute discretion) and to protecting you, your organisation, third parties, and Unimutual from fraud.
As a Unimutual Member, you agree to receive communication via direct marketing. The information provided to our Members via direct marketing is essential in keeping you aware of all the benefits offered by Unimutual to our Members. You can choose not to receive this information, but this may hinder your ability to take full advantage of all the benefits of Unimutual Membership.
We will normally only transfer personal information about you to an overseas recipient located in a country with a comparable privacy regime to Australia. If required to transfer your personal information to an overseas recipient located in a country without a comparable privacy regime, we will obtain your consent to do so, except where the Australian Privacy Principles do not require us to.
4. Is the personal information I give you kept in a secure place
We take all reasonable steps and care to ensure the data collected is secure, protected from misuse, loss, unauthorised access, and disclosure, and we will destroy the data once it is no longer required.
5. Can I see what you have on file about me?
Upon request, we will provide you details of the information we have on file about you. Our Privacy Officer will process all such requests within 30 days of the date of receipt. There may be some exceptions, and, by law, Unimutual is permitted to charge a small fee for this service.
6. What happens if I find out that the information you hold about me is incorrect, incomplete, or out of date?
We take all reasonable steps to ensure the information we hold is accurate when collected. If a change or correction is required, you must advise us in writing, and the changes/corrections will be made within 30 days of receipt.
7. Are you bound by the Australian Privacy Principles?
Unimutual is legally bound by the Australian Privacy Principles set out in the Privacy Amendment (Enhancing Private Protection) Act 2012 (Cth).
8. Do I have to be on your email/mailing broadcasts and lists?
You have the option to unsubscribe and no longer receive electronic marketing on products, services, communications, events etc. If you would like to unsubscribe from our mailing lists, please email us at [email protected].
9. I think you have interfered with my privacy, and I wish to complain.
You can complain directly by contacting our Privacy Officer. If you are not satisfied with our response, we will advise you on your options for further proceeding with your complaint.
10. Will you notify me if you believe my privacy has been breached?
Yes. Privacy data breaches may be caused by malicious intentional actions, such as a serious cyber security incident, accidental loss, loss through negligence, or loss from improper disclosures. Should we suspect a data breach, we have a mandatory reporting obligation to notify the person whose personal information has been breached and the Office of the Australian Information Commissioner of such a breach.
This Privacy Policy was prepared on 7th February 2025 Version UML_PS25.00
Unimutual Limited ABN: 45 106 564 372 AFS License No. 241124.
Suite 11.02, Level 11, 56 Pitt Street, Sydney NSW 2000
T: 02 9169 6600
PO Box H96, Australia Square NSW 1215
ABN: 45 106 564 372 | AFS Licence No: 241142
[email protected]
Follow us on LinkedIn
Copyright © Unimutual
Privacy Policy
Whistleblower Policy
Complaints and Dispute Resolution Guide