Make a claim
Popular Searches

We've been helping Australians for 100 years

Learn more

Privacy Policy

In this Privacy Policy the terms “we”, “our”, and “us” refers to Insurance Australia Limited ABN 11 000 016 722 (trading as NRMA Insurance) and its related entity Insurance Manufacturers of Australia Pty Limited ABN 93 004 208 084.

We value the privacy of your personal information. This Privacy Policy (which is referred to in some of our documents as our Privacy Charter) outlines how we collect, hold, use and disclose your personal information.

You do not have to provide us with your personal information. However, if you don’t it may affect our ability to assist you or provide you with a product or service, including processing a claim.

If you want to deal with us while not identifying yourself (i.e. anonymously or by using a pseudonym) we will allow you to do this where it is practicable (for example where you make a general enquiry of us). Please tell us if you wish to do this and we will indicate whether, given the nature of the transaction, it is practicable.

As NRMA Insurance is an Insurance Australia Group Limited (IAG) business, this Privacy Policy must be read together with the IAG Master Privacy Policy, which describes how IAG collects, holds, uses and discloses your personal information. A copy of the IAG Master Privacy Policy is available at: https://www.iag.com.au/master-privacy-policy. If the information in this Privacy Policy conflicts with information in the IAG Master Privacy Policy, the information in this Privacy Policy will override the IAG Master Privacy Policy.

By visiting our website, applying for, renewing or using any of our products or services, making a claim or providing us with your personal information, you agree to your personal information being collected, held, used and disclosed as set out in this Privacy Policy and the IAG Master Privacy Policy.

By accessing or using our website or engaging with our rewards program, you accept the NRMA Insurance Online Terms of Use which include terms that limit our liability for certain types of loss or damage. A copy of the NRMA Insurance Online Terms of Use is available at: nrma.com.au/terms.

Personal information we collect and hold

The personal information we collect and/or hold about you and other individuals (such as a co-insured or your spouse, partner or children) can include:

  • name, date of birth, gender;
  • contact details such as address, phone, fax and email;
  • information relevant to providing a product or service such as:

– underwriting information like your claims history and driving history;

– financial institution account details like your credit card or bank account number e.g. if the product or service is being paid for in this way or we are making a claim payment; and

– information related to your participation in our rewards program e.g. your redemption of an offer from a participating partner;

  • information relevant to authenticating you, such as location information and IP address;
  • information obtained as part of the management and processing of a claim e.g. information on a police report;
  • details of insurance policies you hold or have held;
  • sensitive information such as health information (e.g. where health is relevant to underwriting an insurance policy or dealing with, managing, or processing a personal injury claim) or criminal records (e.g. where this information is relevant to underwriting an insurance policy or processing a claim); and
  • information that we receive from credit providers containing details of products or services you obtained from them (e.g NRMA Insurance Home Loans) following a referral from us.

If you opt into the telematics feature within the NRMA Insurance app, the following information may be automatically collected from your mobile device:

  • mobile device location data, including latitude, longitude and altitude of your vehicle;
  • mobile device sensor data, including accelerometer and gyroscope data;
  • your direction of travel;
  • the time that any of the above information was recorded;
  • trip information derived from the above information, such as trip start and end time, kilometres driven, route taken, acceleration, braking, turning, speeding and mobile device use;
  • mobile application analytics information such as application usage and performance data;
  • information from the application marketplace where you downloaded the NRMA Insurance app.

If you would like to stop the information above being collected from your mobile device, after you have opted out of the telematics feature (within the NRMA Insurance app) you will need to update your Location Services and Physical Activity preferences via your mobile device’s settings for the NRMA Insurance app.

How we collect and hold personal information

How we collect

We may collect personal information about you and other individuals in various ways including:

  • over the phone
  • in person including at branches or offices
  • over the internet, including via our website, online forms and surveys, email or cookies (please see our Online Privacy Statement for more information on how we collect personal information online)
  • when you use our mobile or tablet applications
  • in writing, including via hard copy forms.

From whom we collect

We may collect such information directly from you or through others, including the Entities listed in Table A. We may also collect personal information from publicly available sources such as the phone book or public websites.

When we collect personal information from you about someone else

We and Our Parties listed in Table A on our behalf may seek to collect from you personal information about another person. This may happen if you apply for a product or service jointly with another person, grant third party authority to another person, or you have personal information about another person which is relevant to a claim. For example, you may have the details of a witness to an accident for which you are claiming under an insurance policy.

If you provide us or Our Parties on our behalf with information about another person, then you must:

  • have their consent to do so
  • tell them:

– that you are disclosing their personal information to us, and

– provide them with a copy of (or refer them to) this Privacy Policy.

Holding personal information

We hold personal information electronically and on paper/in hard copy. For the personal information we hold electronically we take reasonable security measures including firewalls, secure logon processes, encryption and intrusion monitoring technologies. For the information we hold in hard copy/on paper we have in place reasonable confidentiality procedures and we also take reasonable security measures. We also require our Service Providers to hold personal information securely.

Table A: Entities through which we may collect your personal information

Our Parties

  • Our agents and distributors. For example, someone who offers you one of our products or services on our behalf
  • Our related entities and their agents and distributors. For example, CGU Insurance

Our Service Providers

  • for example, investigators, recovery agents, lawyers, assessors, repairers, suppliers, advisers, mailing houses, marketing agencies, online publishers, media partners, market researchers, payment service providers, experts and IT providers and agents or subcontractors of any of those providers.
  • may also include overseas service providers

External Parties

For example:

  • NRMA Motoring & Services (NSW, SA & ACT only)
  • participating partners of our rewards program
  • insurance reference bureaus
  • a credit provider with an interest in your insured property, or one we have referred you to if you expressed an interest in their products or services (e.g NRMA Insurance Home Loans)
  • a credit provider with an interest in your insured property
  • other insurers – for example to recover monies on a claim you have made
  • another party involved in a claim – for example to recover monies on a claim you have made
  • your family members – for example, if they contact us with your authority
  • a joint insured on your policy
  • statutory authorities or government departments – for example, if we request a police report for your claim
  • medical practitioners or other professional experts – for example, if your claim is for personal injury
  • Australian Financial Complaints Authority – for example, if they contact us about a complaint you make with them.

The purposes for which we collect, hold, use and disclose personal information

We and Our Parties may:

  • hold and use your personal information, and
  • disclose your personal information to the Entities listed in Table A, for the purposes set out in Table B.

Where we or any of Our Parties disclose your personal information to any of Our Service Providers listed in Table A, they will only be authorised by us to use that information and disclose it to the other Entities listed in Table A for the specific purpose(s) in Table B for which the information was provided to them. Our Service Providers and External Parties listed in Table A may have their own privacy policy that contains information about their privacy practices and how you can access any personal information they hold about you, seek correction of it or make a complaint about a breach of the Privacy Act 1988 (Cth).

Occasionally we may be required or authorised to collect personal information because of an Australian law or an order of a Court/Tribunal. If we are collecting personal information for this purpose we will tell you.

Some of the Entities listed in Table A are located in countries outside of Australia such as the United States of America, New Zealand, Singapore, Malaysia, South Africa, Philippines, the United Kingdom, Scotland, Republic of Ireland, Brazil, Germany, Fiji, the Netherlands, Israel, Vietnam, India, Sweden, Denmark, Belgium, Chile, Finland, Taiwan, Japan and France. We may disclose personal information to these parties. Our contractual arrangements with these Entities generally include an obligation for them to comply with Australian privacy laws.

Marketing

Your personal information helps us to provide you with a range of leading insurance products and services. We, Our Parties, Our Service Providers, listed in Table A (as applicable), and NRMA Motoring & Services (NSW, SA & ACT only) may collect, hold, use and disclose your personal information and communicate with you via various channels including email, telephone, SMS, mail, social media or targeted digital advertising to:

  • provide you with information and offers about our products and services that we believe may be of interest to you
  • provide you with information and offers about products and services offered by:

– NRMA Motoring & Services and its related entities

– our agents and distributors

– our related entities, and

– other organisations we promote or their agents.

We may share your personal information with third parties, such as online publishers and media partners, who may combine this information with their data. We do this to measure ad performance and deliver targeted ads, to help us improve our offerings and personalise your online experience. You can opt out of targeted ads by adjusting your privacy settings, but you may still see general ads and receive direct marketing from us. For details on opting out of direct marketing, see the “Opting Out” section below. For more information on how we collect personal data, including our use of Cookies, please see our Online Privacy Statement.

Opting Out

You can contact us at any time to ‘opt out’ of receiving marketing communications, or simply follow the unsubscribe instructions in the relevant communication.

You can change your mind at any time. If you decide to ‘opt back in’ just let us know.

Certain email and SMS text messages we send you will not include unsubscribe instructions. These messages will relate to your insurance needs, including information about your policy, updates to our terms and conditions, service messages such as ‘reset password’ messages, communications about claims made under your policy, and information about our self-service tools, as well as renewal reminders.

Our contact details are at the end of this Privacy Policy under ‘Further information’.

Table B: Purposes for which we and Our Parties may collect, hold, use and disclose personal information

To deal with Enquiries

We may need to collect your personal information to answer an enquiry you make

Providing a product or service

Including:

  • providing you with a quote
  • considering your application(s)
  • underwriting a policy for example deciding whether or not to insure you and if so on what terms
  • issuing, renewing or amending a policy
  • administering a policy, for example processing payments, or third-party authority arrangements
  • operating, and enabling your participation in, our rewards program
  • operating, and enabling your use of, the telematics feature within the NRMA Insurance app
  • automatically issuing you with an online account which may include access to our rewards program (if eligible)

Pricing a policy, offering excesses and discounts

For example, pricing your policy and calculating or offering discounts

Maintaining and improving our products and services, auditing, quality assurance and training

For example, we may review your personal information to see how our products and services can better suit your needs, or conduct market research

Dealing with a claim

Including:

  • managing and assessing claims made under or against a policy which you hold
  • processing claims
  • recovering money paid to you or debts you have incurred

Dealing with a complaint

For example a complaint made by you in respect of a product, service or claim

Communicating details about our products and services or conducting market research

For example we may tell you about products and services we provide. For further information, please refer to the “Marketing” section.

Facilitating our business operations

For example, for managing our IT infrastructures, databases, websites and statistical and maintenance purposes

Other purposes

Including:

  • complying with legislation, regulation and industry codes that are applicable to us such as anti-money laundering, sanctions and anti-slavery requirements
  • any other purpose communicated to you at the time we collected your personal information or as required or permitted by law

How you may access your personal information and seek correction of it

Accessing your information

You can request access to the personal information we hold about you. So that we can provide access quickly and efficiently, we may ask you to complete a ‘Personal Information Access Request Form’. We may charge you a reasonable amount to cover matters such as retrieving, copying and sending out the information, but we will not charge you just for making the request. If we aren’t able to meet your request for access, we’ll let you know why.

Keeping your information accurate

We take reasonable steps to ensure that the personal information we collect and store, use or disclose is accurate, up-to-date and complete. However, we rely on you to advise us of any changes to your information to help us do so. If you believe your personal information is not accurate, up-to-date or complete, then please let us know. If you’d like to request access to or seek correction of your personal information please contact us. Our contact details are at the end of this Privacy Policy under ‘Further Information’.

Complaints about how we handle your personal information

We will always do our best to provide you the highest level of service but if you are not happy or have a complaint or dispute, here is what you can do.

If you experience a problem or have a complaint regarding our handling of your personal information, let us know so we can help.

Call us on 132 132 or go to our website for more information on how to contact us: nrma.com.au

If we are not able to resolve your complaint when you contact us or if you would prefer not to contact the people who initially handled your complaint, the next step of our complaint and dispute resolution process is to contact our Customer Relations team using the contact details below:

Free Call: 1800 045 517

Email: Customer.Relations@iag.com.au

Customer Relations will contact you if they require additional information or have reached a decision relating to your complaint. Customer Relations will advise you of the progress of your complaint and the timeframe for a decision in relation to your complaint.

We expect our procedures will address your complaint in a fair and prompt manner.

If you are unhappy with the decision made by Customer Relations, the next step is that you may wish to seek an external review of the decision by raising your complaint with the Australian Financial Complaints Authority (AFCA).

You have a right in certain circumstances to have your privacy complaint determined by the AFCA. AFCA can determine a complaint about privacy where the complaint forms part of a wider dispute between you and us or when the privacy complaint relates to or arises from the collection of a debt.

AFCA is an independent dispute resolution body that is recognised as an external dispute resolution (EDR) scheme under the Privacy Act 1988 (Cth) by the OAIC to handle particular privacy-related complaints and is an approved EDR scheme by the Australian Securities and Investments Commission (ASIC). We’re bound by AFCA determinations, provided the dispute falls within AFCA Terms of Reference.

You have two years from the date of our letter outlining our final decision to make an application to AFCA for a determination. You can access AFCA dispute resolution services by contacting them at:

The Australian Financial Complaints Authority

Website: www.afca.org.au

Email: info@afca.org.au

Phone: 1800 931 678 (free call)

Mail: GPO Box 3, Melbourne, Victoria 3001

If you are unhappy with AFCA’s determination in relation to your complaint, or if AFCA is unable to hear your complaint, the next step is that you may wish to raise your complaint with the OAIC.

The OAIC is an independent government agency with primary functions that relate to privacy, freedom of information and government information policy. The OAIC’s responsibilities include conducting investigations, reviewing decisions, handling complaints, and providing guidance and advice. The OAIC will act as an impartial third party when addressing your complaint. The OAIC will investigate your complaint, and where appropriate, make a determination about your complaint, provided it is covered by the Privacy Act 1988 (Cth).

The contact details for the OAIC are:

Website: www.oaic.gov.au

Email: enquiries@oaic.gov.au

Phone: 1300 363 992

Mail: Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 2001

Call us on 132 132 or go to our website for more information on our complaint and dispute resolution process or how to contact us: nrma.com.au

Revision of our Privacy Policy

We may change this Privacy Policy from time to time. If we do so, we will notify you in such manner as we consider reasonably appropriate, including by making the revised version available on our website. Please review our Privacy Policy or website periodically for changes.

Your continued use of our website, products or services, requesting our assistance, applying for or renewal of any of our products or services, making a claim or the provision of further personal or sensitive information to us after this Privacy Policy has been revised, constitutes your acceptance of the revised Privacy Policy.

Further information

If you would like further information about this Privacy Policy, or about how we manage your personal information, please:

  • call one of our consultants on 132 132
  • write to us at Customer Relations, NRMA Insurance, Reply Paid 89824, Sydney, NSW 2001
  • email us using the Enquiry Form on our website.

This Privacy Policy is also available on our website nrma.com.au/privacy