This Policy describes how the ESI Group deals with the privacy of its members and their personal information. The Office of the Information Commissioner requires this Policy to be made available for free, in appropriate formats and on our website.
This Policy sets out the processes the ESI Group has in place to protect your information and includes the collection, use, disclosure and security of your information. It also details how you can access and correct information we hold about you and how you may make enquiries or complaints about how we manage this information.
The ESI Group is required to comply with the requirements of the Privacy Act 1988 (Cth) (Privacy Act), including the Australian Privacy Principles.
- This Policy applies to the “ESI Group” which incorporates:
- Electricity Supply Industry Superannuation (Qld) Ltd (ABN 30 069 634 439) (AFSL 336567) (the Trustee) as Trustee for Energy Super (ABN 33 761 363 685) (the Fund), and
- ESI Financial Services Pty Ltd (ABN 93 101 428 782; AFSL 224952 (ESIFS) a wholly-owned entity of Energy Super
3. Policy Statement
We are required to comply with the requirements of the Privacy Act 1988 (Privacy Act), including the Australian Privacy Principles, in managing personal information.
“Personal information” is any information that can identify you or that can reasonably enable your identification. This could include information such as your name, address, email address, date of birth and financial details.
Personal information also includes “sensitive information”. This includes information about your religion, racial or ethnic origin, political opinions, membership of a professional or trade association or trade union, sexual orientation, criminal record, and health or genetic information.
This document incorporates the following regulatory requirements and guidance:
- Privacy Act, and
- Australian Privacy Principles.
5. Personal information collected and held by the ESI Group
What types of information do we collect and hold?
When you apply for membership with the Fund or for our other products or services, or if you are a beneficiary of a Fund member or an insurance policy held by them, we may require identification information.
We will ask for the following types of personal information:
- Name, address and contact details;
- Gender and date of birth; and
- Information about your use of our product or service.
We may also collect the following personal information from you:
- Tax File Number if we are authorised to collect it and if you elect to provide it;
- Insurance, health and financial situation;
- Employment information;
- Marital status, family details or circumstances;
- Names and other personal information of nominated beneficiaries; and
- Any other personal information that is either required to acquire a product or service, or required during the lifecycle of the particular product or service.
Throughout your membership of the Fund or the life of your product or service, we may collect and hold additional personal information about you, including in the following circumstances:
- When you make a claim for a financial hardship benefit or seek detailed financial advice;
- When we record a query or complaint you have made; and
- If you make an insurance claim, collecting additional personal information to assess the claim.
If you are a nominated beneficiary of a Fund member or under an insurance policy we provide, details of your financial position and financial needs, and other information that will assist the Trustee in deciding to whom a death benefit should be distributed, may be required.
Generally, we will only collect sensitive information (such as health information) if it is necessary to provide you with a particular product or service, and you have consented to the collection. For example, we may collect health information about you to process a claim under an insurance policy.
What laws authorise or require us to collect personal information?
We are authorised or required by law to collect under the following laws:
- The Income Tax Assessment Act 1936 (Cth) and the Income Tax Assessment Act 1997 (Cth);
- The Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth);
- The Insurance Contracts Act 1984 (Cth);
- The Corporations Act 2001 (Cth);
- The Family Law Act 1975 (Cth); and
- The Superannuation Industry (Supervision) Act 1993 (Cth) and the Superannuation (Unclaimed Money and Lost Members) Act 1999 (Cth).
How do we collect personal information?
We will collect most personal information directly from you. For example, we will collect your personal information when you apply for membership of the Fund or for a product or service, complete our forms, make email enquiries, or talk to us on the phone. We may also collect information from you electronically, including when you use our mobile app or visit our website, including Member Online, Employer Online and by using calculators provided on our website (see “Collection of personal information via our website or electronically” below).
We may collect personal information about you from other people or organisations, without your direct involvement. For example, from:
- Publicly available sources of information such as public registers;
- Any social media site (such as Facebook or Twitter) you use to interact with us, and allow to share information with us;
- Your employer (including where we have not received a completed Member Application Form or if we believe the information we hold about you is not complete or up-to-date);
- Your representatives (including legal adviser, executor, administrator, guardian, trustee, attorney);
- Insurers and healthcare providers; and
- Other organisations who provide products or services to you, jointly with us, or with whom we have a commercial relationship.
Where we collect your personal information from a third party, it is that third party’s responsibility to notify you about the disclosure of your personal information to us.
In some instances you will provide us with the personal information of other individuals (such as your nominated beneficiaries). If this happens, it is your responsibility to: (a) tell these individuals that you have provided their details to the ESI Group and (b) provide them with a copy of this Policy.
6. Purposes for which the ESI Group collects, holds, uses or discloses your personal information
Why do we collect personal information?
The main reason the ESI Group collects your personal information is to provide you with our products and services, including membership of the Fund and the provision of financial advice. This includes:
- Verifying your identity and processing your application for membership of the Fund or for another product or service;
- Understanding your requirements and providing you with membership of the Fund or the product or service;
- Helping manage your membership of the Fund, the product or service (including processing beneficiary nominations, claims and paying benefits to beneficiaries);
- Providing services complementary to your membership of the Fund or account, such as seminars, newsletters and educational materials regarding our products and services;
- Conducting market research and analysis;
- Developing and improving our products and services, and informing you about additional products and services that may be of interest to you;
- Managing and responding to complaints, investigations and disputes, and reporting to a dispute resolution or regulatory body;
- Meeting legislative and regulatory obligations, and for enforcement-related activities; and
- Considering your application for employment with us, including pre-employment checks.
7. Disclosure of your personal information to other parties
Who do we disclose your personal information to and why?
We disclose your personal information to organisations that assist us or who we deal with in conducting our business. These may include:
- Our external service providers, agents and contractors (including our fund administrator, Link Group, who provides administration, technology and other services to us);
- Web hosting companies and web application developers;
- Government, statutory or regulatory bodies and enforcement bodies;
- Authorised representatives who sell or provide products and services on our behalf, including insurers, and financial advisers and paraplanners;
- Our accountants, legal advisers, auditors, consultants and insurers;
- Your employer(s) and representatives (including your legal adviser, accountant, financial adviser, executor, administrator, guardian, trustee or attorney);
- Insurers (including our main insurers, OnePath Life Limited and MLC Life Insurance) and healthcare providers;
- Referees, recruiters or employment screening service providers in considering your application for employment with us; and
- Research and data analysis services.
Overseas disclosure of your personal information
We may disclose your personal information to a recipient located outside Australia. This includes:
- If you wish to rollover superannuation funds to a New Zealand KiwiSaver scheme we will disclose your personal information to that scheme provider in New Zealand;
- If you wish to transfer funds from certain eligible overseas-based pension funds, we may disclose your personal information to the fund(s) in the relevant countries such as the United Kingdom and Ireland; and
- If you have Death, Total and Permanent Disability (TPD) and/or Income Protection insurance, in some instances your personal information might be disclosed to our insurer and their business partners, reinsurers and service providers. The countries in which these recipients may be located will vary from time to time, but include the United Kingdom, the United States of America, France and other countries where the entity has a presence.
8. How do we hold and protect your personal information?
We will take reasonable steps to ensure that the information we hold about you is secure and is protected from misuse, interference and loss, and from unauthorised access, modification or disclosure.
Much of the personal information we hold about you will be stored electronically in secure data servers and data centres that are located in Australia, and that are owned by the ESI Group or external service providers. Some of the personal information we hold about you will be stored in paper files.
We use a number of physical and electronic security measures to protect the security of personal information we hold. These include:
- Control of access to information systems through identity and access management;
- Obligations on employees to comply with internal information security policies and to keep information secure; and
- Regular monitoring and review by us of our compliance with internal policies.
If we have determined we no longer need the information about you, we will take steps to destroy the information or ensure it is de-identified.
9. Collection of personal information via our website and electronically
We may collect information from you electronically, for example through our website or mobile app.
Each time you visit our website, we collect information about your use of the website, such as information about the date and time of visits, which website pages are viewed, how users navigate through the website and interact with the pages, information about the location of users, and the device used to visit the website and IP addresses.
10. Access to and correction of personal information
We will do our best to ensure the personal information we hold about you is accurate, complete and up-to-date. We may correct the information we hold about if you if we reasonably believe it is inaccurate, out-of-date, incomplete, irrelevant or misleading. We may also request that you review information we send you, to advise of any changes to your personal information.
You can also complete a Change of Personal Details Form to correct your member details.
You have a right to request access to the personal information the ESI Group holds about you. You can also ask for corrections to be made. If you wish to do so, please contact us using the contact details below. We will need to verify your identity before granting access to or correcting your personal information. We will respond to your request within a reasonable timeframe. There is no fee for requesting a correction to your personal information. In processing your request for access to your personal information, a reasonable cost may be charged to cover such things as locating the information and providing it to you. In some circumstances we are not required to correct or provide you with the personal information we hold about you. If we do, we will give you written reasons that explains our reasons, except where it would be unreasonable to do so.
If we refuse your request to correct the personal information, you have the right to ask us to associate with the information a statement that you disagree with its accuracy.
If we refuse to give you access to or correct your personal information, we will also provide you with information on how you can complain about the refusal.
11. Use and disclosure of personal information for marketing
You may request at any time to not receive marketing communications from us. You will not be charged for making this request.
The ESI Group may use your personal information to let you know about products and services that we believe may be of interest to you. These products and services may be offered by the ESI Group or by one of our preferred suppliers, and may include mortgage/banking services, membership rewards programs and financial planning services.
We may offer you products and services by various means, including mail, telephone, email, SMS or other electronic means such as through social media or targeted advertising through the ESI Group or third party websites.
12. Our complaints handling process
We take complaints about how we handle your personal information and privacy breaches by us seriously.
If you have a complaint about how your personal information is being handled or believe that we have breached the Australian Privacy Principles, please contact the Complaints Officer using any of the contact methods listed below.
We will acknowledge your complaint as soon as we can after receipt and will let you know if we need any further information from you in order to resolve your complaint.
If you are not satisfied with our response, how we handled your complaint, or you have not received a response from us within 30 days, you may complain to the Office of the Australian Information Commissioner at:
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992
Energy Super (the fund)
ESI Financial Services Pty Ltd (ESIFS)