Your privacy is important to us. This Privacy Policy outlines how PPS Mutual Limited (we / us / our) collects, uses, stores, discloses, protects, and processes your personal information in accordance with the Privacy Act 2020 and, where applicable, the Health Information Privacy Code 2020 (together, Privacy Laws).

Below is a summary of our approach to managing your personal information:

  • We collect personal information directly from you, and from third parties, where permitted by law or with your consent.
  • We generally only collect personal information that we require to manage our relationship with you and to meet our legal and regulatory obligations.
  • We retain personal information for as long as necessary, or as required by law. From time to time, we may share your personal information with third parties with your consent, or if required by law.
  • We store your personal information securely in New Zealand and overseas with our cloud-based data storage providers, subject to appropriate safeguards. We take all reasonable steps to ensure that it is safe.
  • We use cookies and other tracking technologies to improve our services, to provide targeted marketing, and to enhance your experience with us.
  • You can contact us about the personal information that we hold about you, request a copy or correction of that personal information, or make a privacy-related complaint by contacting us at [email protected] or 0508 PPS Mutual (0508 777 688).

As we interact with you, we may provide you with additional information about how we handle your personal information. Please review any additional privacy information we give you carefully. 

The information we collect

To manage our relationship with you, we need to collect personal information about you.  

Advisers

For advisers, the personal information we collect about you may include:

  • Contact details – e.g. your name, phone number, email, or postal address.
  • Information about your identity – e.g. your date of birth.
  • Business and billing information – e.g. your nominated bank account for payments.
  • Background information – e.g. information about your professional history.
  • Publicly available information – e.g. information from public registers or social media.
  • Information you give us to help onboard, maintain, or end our relationship with you as an adviser – e.g. discussions in person, telephone calls, email, letters, social media or via our website or third-party portals.
  • Your feedback.

We may collect this information directly from you when you interact with us and, when onboarding advisers, from the adviser company that holds the market services licence under which you are authorised to provide financial advice. We may also collect personal information from third parties, where permitted by law.

There might also be times when we need to collect personal information about another person (e.g. your support staff). You should only provide us with this personal information when you’re authorised to do so.

It is your right not to provide us with your personal information, but this may affect the business relationship that we can maintain with you.

Customers

For applicants and customers, the personal information we collect about you may include:

  • Contact details – e.g. your name, phone number, email, or postal address.
  • Information about your identity for customer due diligence purposes to comply with AML/CFT laws - e.g., driver licence, passport or birth certificate, and confirmation of address.
  • Health, medical, and financial information required for underwriting or claims – e.g. information about your personal health history, income, occupation and dependents and, where necessary for financial underwriting purposes, the Statement of Advice provided by your adviser.
  • Policy history or claim information with other insurance providers.
  • Billing information – e.g. a direct debit authority for premium payments or your account details for any claims payments.
  • Information you give us to help initiate, maintain, or end your policy – e.g. discussions in person, telephone calls, email, letters, social media or via our website or third-party portals.
  • We may record telephone calls for compliant handling, assurance, or training purposes.
  • Information you provide to us if you choose to participate in any marketing promotions.
  • Your feedback.

We may collect this information from your adviser. We may also collect this information directly from you when you interact with us, or from other third parties, with your consent or where permitted by law. For example, we may collect information from the organisations listed below:

  • any bank, financial institution, accountant, or financial adviser;
  • any insurer or reinsurer (whether public or private); and
  • any government department, agency, or organisation.

We may also collect your health and medical information directly from your GP or another medical practitioner using a third party service provider where you have provided your consent as part of an application or claims process.  We will also ask you for separate approval before information is released to PPS from any third party service provider.

We may or may not collect information from third parties depending on what information we need for the relevant use set out below.

There might also be times when we need to collect personal information about another person (e.g. your partner or child). You should only provide us with this personal information when you’re authorised to do so. 

It is your right not to provide us with your personal information, but this may affect the insurance that we are able to provide to you, our ability to assess claims and administration of your policy.

Using your information

Depending on your relationship with us, we may use your personal information in some of the following ways:

  • To confirm your identity.
  • To assess customer applications – e.g., conduct underwriting, provide quotes, and determine policy terms or premiums.
  • To manage or assess your insurance claims, including determining whether you have met your duty of disclosure.
  • To communicate with you about, manage, or end your policy.
  • To onboard, train, and accredit you as an adviser.
  • To maintain or end our relationship with you as an adviser.
  • To calculate and process commission payments.
  • To respond to your questions, requests, instructions, feedback, and complaints.
  • To perform business activities – e.g. to perform statistical or actuarial investigations, reinsurance, risk management activities, conduct customer insight etc.
  • To design, enhance and/or seek your views on our products and services.
  • To notify you about updates, promotions, or other marketing material (unless you opt out).
  • To comply with regulatory and legal obligations (including any obligations we may have under laws outside New Zealand) - e.g. responding to requests from regulators and complying with applicable financial crime and taxation laws including applicable AML/CFT laws.
  • To prevent, detect and investigate fraud and financial crimes, which may involve us disclosing your personal information to a government agency, regulator, or law enforcement to assist with investigating suspected illegal activity.
  • For our internal business and administrative purposes

If, in collecting personal information for the above purposes, PPS Mutual receives any personal information that is not relevant for those purposes, PPS Mutual will not use that personal information for any purpose except as permitted under NZ privacy law.

Disclosing your information

We may share your personal information with third parties who provide services that help us to operate our business to perform certain business functions or where required by law. We will not disclose your personal information except where authorised by you, or where disclosure is made:

  • To health practitioners or medical providers that you have authorised us to obtain information for underwiring or claims purposes.
  • To our related or funding entities where required for reporting or governance purposes.
  • To regulators and other public authorities such as legal tribunals, courts, law enforcement and tax authorities where required by law.
  • In connection with services performed for us by our suppliers, including service providers that help us gather and analyse your feedback – for example, to conduct adviser experience surveys or to complete customer due diligence as part of the onboarding process.
  • To our dispute resolution service in connection with any complaint you make to that service.
  • To reinsurers, other insurance companies, banks and financial institutions that are involved in providing our services to you.
  • To any third party where necessary to prevent a threat to health, security or safety.
  • Unless you opt out, to research or direct marketing firms engaged by us (but this will never include your health or other sensitive personal information).

Storing and protecting your information

We keep your information safe by storing it securely and only allowing staff to access it if required for their role. Most of the personal information that we keep or provide to third parties to keep is securely stored by third party cloud-based data storage providers based in New Zealand and overseas – such as Microsoft Azure or Amazon Web Services.

When transferring information to our third-party providers overseas, we comply with the safeguards required by the Privacy Laws, including ensuring that the recipient is subject to comparable privacy laws, or that you have been informed and have consented.

We choose our providers carefully and only work with companies that have appropriate information retention and security policies and that we believe will keep your personal information safe.

Communications over the internet are not secure unless they have been encrypted. When it is necessary to send personal information over the internet, we use secure methods to do so. We may also use third parties to monitor our technology for security and information assurance purposes.

We retain personal information only as long as necessary to fulfil the purposes for which it was collected or as required by law.

While we take reasonable steps to protect the security of your personal information from unauthorised access, disclosure or loss, no system is completely secure. We do not warrant absolute security. In the event of a data breach that poses a risk of serious harm, we will comply with our legal obligations to notify affected individuals and the Office of the Privacy Commissioner.

Use of Artificial intelligence (AI)

All decisions made in connection with our business are made by a person – either directly or through process automation using business logic defined by a person. We may use generative AI tools, such as predictive learning models, to support our staff to perform such activities. We do not use AI tools to make decisions that have a legal or similarly significant effect without human oversight.

We may use data that you disclose through our AI tools. However, we ensure that no personal information is included in any AI training data set. These tools may not be used by the AI developer or any other third party to access your personal information or to incorporate your personal information into its AI model training set data. We may use data that you disclose to train our own AI models provided that such data does not contain any personal information about you. 

Accessing your personal information

You have the right to request access to, and correction of, the personal information we hold about you. In your request, please let us know what information you would like to access or have corrected. The law contains exceptions to some requests and if we decide not to grant your request under one of these exemptions, we will let you know why.

It is not usually our policy to charge for these requests. While most questions and issues can be handled quickly, complex or difficult requests may take more time to resolve and may result in us incurring costs to address your request. In such cases, you will be contacted and provided with an explanation of the likely charges for processing your request.

Cookies and tracking

A cookie is a small text file placed on your device by a website to capture information about your visit to the website. We use cookies and other tracking technologies to improve our services, to provide targeted marketing, and to enhance your experience with us.
 
The information collected by cookies may or may not identify you personally. The cookies we use collect information about how you have used our website and the pages you have visited. Cookies can also let you set preferences. Where cookies or other tracking technology we use collects or generates personal information, that personal information will be handled in accordance with this Privacy Policy.

We also use tracking cookies and technology which can identify if your device has visited our website before and which pages or areas of the website you have visited and how often. This technology may also be used for targeted advertising.

You can adjust the settings on your browser to notify you of when a cookie is offered, and to disable or block cookies. If you disable or block cookies some sections of our website may not work or may not work as intended. Some tracking technology may still work even if the cookies are blocked or disabled.

The personal information captured by cookies and other tracking technology we use will be processed by the provider of the technology, in accordance with their own privacy policies. You are responsible for reviewing any third-party website policies for personal information collected via that technology.

Complaints

If you have a privacy-related complaint regarding our use, disclosure and storage of your information in accordance with the Privacy Laws and/or our Privacy Policy, you should first contact us.
  
We will investigate and attempt to resolve your privacy complaint regarding use and disclosure of your information. If you’re not satisfied with the resolution of your complaint, you can contact the Office of the Privacy Commissioner.

Contact Us

If you no longer want us to provide you with information about our products and services, you can let us know by contacting us at [email protected].

For privacy-related queries, to access or correct your personal information that we hold about you, or to make a privacy-related complaint, you can contact us at [email protected] or 0508 PPS Mutual (0508 777 688).

Changes to this Privacy Policy

We may update this Privacy Policy by posting changes to our website. These changes take effect from the date that they are posted.