This Policy sets out the processes the ESI Group has in place to protect your information and includes the collection, use, disclosure and security of your information. It also details how you can access and correct information we hold about you and how you may make enquiries or complaints about how we manage this information.
The ESI Group is required to comply with the requirements of the Privacy Act 1988 (Privacy Act), including the Australian Privacy Principles.
This Policy applies to the “ESI Group” which incorporates:
We are required to comply with the requirements of the Privacy Act 1988 (Privacy Act), including the Australian Privacy Principles, in managing personal information.
“Personal information” is any information that can identify you or that can reasonably enable your identification. This could include information such as your name, address, email address, date of birth and financial details.
Personal information also includes “sensitive information”. This includes information about your religion, racial or ethnic origin, political opinions, membership of a professional or trade association or trade union, sexual orientation, criminal record, and health or genetic information.
This document incorporates the following regulatory requirements and guidance:
What types of information do we collect and hold?
When you apply for membership with the Fund or for our other products or services, or if you are a beneficiary of a Fund member or an insurance policy held by them, we may require identification information.
We will ask for the following types of personal information:
We may also collect your:
Throughout your membership of the Fund or the life of your product or service, we may collect and hold additional personal information about you. This may include seeking additional financial information if you make a claim for a financial hardship benefit or seek detailed financial advice, making a record of queries or complaints you make, and if you make an insurance claim, collecting additional information to assess the claim. If you are a beneficiary of a Fund member or under an insurance policy we provide, details of your financial position and financial needs, and other information that will assist the Trustee in deciding to whom a death benefit should be distributed may be required.
Generally, we will only collect sensitive information (such as health information) if it is necessary to provide you with a particular product or service and you have consented to the collection. For example, we may collect health information about you to process a claim under an insurance policy.
What laws authorise or require us to collect personal information?
We are authorised or required by law to collect under the following laws:
How do we collect personal information?
We will collect most personal information directly from you. For example, we will collect your personal information when you apply for membership of the Fund or for a product or service, complete our forms, make email enquiries, or talk to us on the phone. We may also collect information from you electronically, including when you visit our website including Member Online, Employer Online and by using calculators provided on our website (see “Collection of personal information via our website or electronically” below).
We may sometimes collect personal information about you from other people or organisations, without your direct involvement. For example, from:
Our Fund administration services provider, will sometimes collects this information on our behalf.
Why do we collect personal information?
Who do we disclose your personal information to and why?
We disclose your personal information to organisations that assist us or who we deal with in conducting our business. These may include:
Overseas disclosure of your personal information
We may disclose your personal information to a recipient located outside Australia. This includes:
We will take reasonable steps to the information we hold about you is secure and is protected from misuse, interference and loss, or from unauthorised access, modification or disclosure.
Much of the personal information we hold about you will be stored electronically in secure data servers and data centres that are located in Australia and that are owned by the ESI Group or external service providers. Some of the personal information we hold about you will be stored in paper files.
We use a number of physical and electronic security measures to protect the security of personal information we hold. These include:
Control of access to information systems through identity and access management;
Obligations on employees to comply with internal information security policies and to keep information secure; and
Regular monitoring and review by us of our compliance with internal policies.
If we have determined we no longer need the information about you, we will take steps to destroy the information or ensure it is de-identified.
We may collect information from you electronically, for example through our website. Each time you visit our website, we collect information about your use of the website, such as information about the date and time of visits, which website pages are viewed, how users navigate through the website and interact with the pages, information about the location of users and the device used to visit the website and IP addresses.
The Energy Super website uses “cookies”. A cookie is a piece of data that our website can send to your browser that may then be stored on your computer. Cookies can record information about your visit to our website, and allows our website to remember you the next time you visit our website and optimise your online experience.
We will do our best to ensure the personal formation we hold about you is accurate, complete and up to date. We may correct the information we hold about if you if we reasonably believe it is inaccurate, out of date, incomplete, irrelevant or misleading. We may also request that you review information we send you, to advise of any changes to your personal information.
You can also complete a Change of Personal Details Form to correct your member details.
You have a right to request access to the personal information the ESI Group holds about you. You can also ask for corrections to be made. If you wish to do so, please contact us. We will need to verify your identity before granting access to or correcting your personal information. We will respond to your request within a reasonable timeframe. There is no fee for requesting a correction to your personal information. In processing your request for access to your personal information, a reasonable cost may be charged, to cover such things as locating the information and providing it to you. In some circumstances we are not required to correct or provide you with the personal information we hold about you. If we do, we will give you written reasons that explains our reasons, except where it would be unreasonable to do so.
If we refuse your request to correct the personal information, you have the right to ask us to associate with the information a statement that you disagree with its accuracy.
If we refuse to give you access to or correct your personal information, we will also provide you with information on how you can complain about the refusal.
You may request at any time to not receive marketing communications from us. You will not be charged for making this request.
The ESI Group may use your personal information to let you know about products and services that we believe may be of interest to you. These products and services may be offered by the ESI Group or by one of our preferred suppliers, and may include mortgage/banking services, membership rewards programs and financial planning services.
We may offer you products and services by various means, including mail, telephone, email, SMS or other electronic means such as through social media or targeted advertising through the ESI Group or third party websites.
We take complaints about how we handle your personal information and privacy breaches by us seriously.
If you have a complaint about how your personal information is being handled or a by us of the Australian Privacy Principles, please contact the Complaints Officer using any of the contact methods listed below.
We will acknowledge your complaint as soon as we can after receipt and will let you know if we need any further information from you in order to resolve your complaint.
If you are not satisfied with our response or how we handled your complaint, you may complain to the Office of the Australian Information Commissioner at:
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992