1.1.We collect personal information necessary to provide our services when you request or apply to us for accident management services or deal with us over the telephone, via sms, online forms (including via our website) or e-mail us.

This information can include:

a. personal information such as your name, address, email address, telephone number and date of birth;

b. government identifiers and related information, such as your driver’s licence and passport, depending on the circumstances of your claim/case or hire;

c. details about other parties involved in your accident or claim, including facts or opinions in supporting or rebutting material, e.g. statutory declarations;

d. details about your family, business, financial details, insurance company (and claim number and policy number), car registration, occupation and income, and transactions with us or third parties; and

e. information you otherwise submit about yourself, or someone else, to us, or our website, including enquiries, complaints and other feedback.

We may also monitor and record telephone calls for training and security purposes.

1.2. Any other information lawfully obtainable under the relevant Privacy Law.

In some circumstances, Primus may collect sensitive information about you, for example in relation to insurance claims, such as information about injuries you may have suffered in your accident, and other health information. We will only collect sensitive information about you where we are permitted to do so by law.

2.1. We collect the majority of the personal information directly from you. This is including when you interact with us in person, over the phone or electronically, when you access our website, or via email and when we provide our services to you.

2.2. We may receive and gather personal information from third parties, including repairers, insurers or any other referring partners. If we do, we will protect it as set out in this Privacy Policy. We will only collect your personal information from third parties if you give the third party your consent to provide the information to us or it would be reasonably expected. We will only collect sensitive information with your consent.

2.3. If someone other than you provides us with personal information about you that we did not ask for, or you provide us with unsolicited personal information, we will only hold, use or disclose this information if we determine that we could have collected this information from you had we asked for it. In this circumstance we will take all reasonable steps to notify you of the collection of that information. If we could not have collected this personal information, we will lawfully de-identify or destroy that personal information.

3.1. We may use the personal information collected from you to provide you with our services and information, updates related to our services and information about our business and the industry in general.

3.2. We use the personal information provided for purposes consistent with the reason you provided it, or for a directly related purpose, where required or permitted by law or where you have provided us with your express or implied consent.

These purposes include, but are not limited to:

a. provision of commercial and consumer vehicle leasing arrangements, including accident repair and replacement vehicle services;

b. processing a product application or service or purchase request;

c. managing our products and services or other relationships and arrangements;

d. processing receipts, invoices and payments and servicing customer accounts, including determining liability for payment;

e. responding to customer enquiries about applications, accounts, products or services;

f. understanding customer needs and offering products and services to meet those needs;

g. assessing, processing and investigating insurance risks or claims and (with your consent) referring your potential personal injury claims to third party solicitors;

h. accounting, billing and other internal administrative purposes;

i. from time to time we may use your personal information (but not sensitive information) to provide you with information on our services by direct mail email/SMS or telephone. You may request that your information is not to be used for these purposes;

j. considering, and contacting you about, any application you make for a job with us;

k. enforcing our rights, including undertaking debt collection activities and legal proceedings; and

l. any other legal and regulatory requirements. Various laws may expressly require us to collect your personal information, or we may need to do so in order to be able to comply with other obligations under those laws.

4.1. We may disclose your personal information to any of our employees, officers, insurers, professional advisors, agents, suppliers, partners or subcontractors insofar as reasonably necessary for the purposes set out in this policy. Personal information is only supplied to a third party when it is required for the delivery of services that you have requested from either ourselves, or a third party. This may include, but is not limited to the list below;

1. our related entities in Australia and United Kingdom;

2. administrative services providers, such as marketing and IT systems providers, mailing houses, printers and call centre operators;

3. legal, settlement, valuation and recruitment service providers;

4. regulatory bodies, law enforcement authorities and toll operators in Australia;

5. any person who is considering whether to acquire or who has acquired any part of our business, or the rights or obligations under our contract with you;

6. insurers, reinsurers, loss adjusters, assessors and underwriters;

7. brokers and other distributors; and

8. debt collectors and investigators.

4.2. We may from time to time need to disclose personal information to comply with a legal requirement, such as law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request.

4.3. Information that we collect may from time to time be processed in or transferred between our offices overseas:

As at the date of this edition of our policy we may use technical support in the Philippines or the UK but such technical support does not require the transfer or storage of personal information. To the extent that the laws and rights of these countries are not equivalent to the laws of Australia, you agree to be bound by the laws and rights of the relevant extraterritorial jurisdiction as far as they apply. These countries have data protection laws that are not equivalent to the laws of Australia and you may not have equivalent rights of enforcement.

4.4. We may also disclose your personal information to anyone authorised by you, or to whom you have provided your consent (either expressly or impliedly) or where another permitted general situation applies (as defined in Section 16A of the Privacy Act). To the extent required by law, we will obtain your consent before disclosing sensitive information to third parties.

4.5. By providing us with personal information, you consent to the terms of this Privacy Policy and the types of disclosure covered by this policy. Where we disclose your personal information to third parties, we will request that the third party follows this Policy regarding handling your personal information.

4.6. We may use and disclose your personal information (other than sensitive information, which requires your consent) in order to inform you of products and services that may be of interest to you. You authorise us to use any email address or other contact information you provide to use at any time for such above purposes.

In the event that you do not wish to receive such communications, you can opt out by unsubscribing in the communications we or our partners send to you. You agree and acknowledge that even if you opt out of receiving marketing material, we will still send you essential information that we are required to send you relating to the services we provide.

5.1. Primus is committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure, such as password protection and multi-factor authentication. You warrant that you will not act in a manner that results in us collecting, using or storing information that is in breach of our obligations at law.

5.2. Information is retained for the period required for business purposes or by law. Files electronic or hard format are usually stored for 7 years to meet legal requirements. However, we will destroy or re-identify personal information in circumstances where it is no longer required, unless we are otherwise required by to law to retain the information.

5.3. We will seek to secure the breach, notify you if your information is compromised, take steps to prevent any further breaches and report serious breaches to the appropriate authorities.

6.1. You may request details of personal information that we hold about you in accordance with the provisions of the Privacy Act. If you would like a copy of the information which we hold about you or believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please email us at: [email protected].

At Primus we pride ourselves on ensuring that the information we hold about you is correct and up to date at all times. If you believe that any of your personal information is inaccurate, please contact us using the above details and we will take reasonable steps to correct it.

To obtain access to your personal information we suggest that you:

– provide proof of identity. This is necessary to ensure that personal information is provided only to the correct individuals and that the privacy of others is protected; and

– be reasonably specific about the information you require.

We may charge you a reasonable administration fee which reflects the cost to us for providing access in accordance with your request. We will not charge you for making the request.

6.2. If you request to access your personal information, we will respond to your request within a reasonable period of time and, where reasonable and practicable, give access to the information in the manner you request. We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act.

7.1. Please be aware that we may change this Privacy Policy in the future. We may modify this Policy at any time, in our sole discretion and all modifications will be effective immediately upon our posting of the modifications on our website. Please check back from time to time to review our Privacy Policy.

8.1. When you visit our website we may collect certain information such as browser type, operating system and from what source you came before entering our website, etc. This information in an aggregated manner to analyse how people use our website, such that we can improve our service.

8.2. We may from time to time use cookies on our website. Cookies are very small files which a website uses to identify you when you come back to the website and to store details about your use of the website. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences. We may use traffic log cookies to identify which pages are being used. This helps us analyse data about webpage traffic and improve the website in order to tailor it to users’ needs. We only use this information for statistical analysis purposes, after which the data is removed from the system. Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. Cookies are not malicious programs that access or damage your computer. Most web browsers automatically accept cookies but you can choose to reject cookies by changing your browser settings. This may prevent you from taking full advantage of the website.

8.3. Our website may from time to time have links to other websites not owned or controlled by us. These links are meant for your convenience only. Links to third party websites do not constitute sponsorship or endorsement or approval. Please be aware that Primus is not responsible for the privacy practices of such websites. We encourage our users to be aware, when they leave our website, to read the privacy statements of each and every website that collects personal identifiable information.

9.1. Even though Primus is not within the jurisdiction of the new EU privacy regulations “GDPR”, we do value your privacy and are more than happy to comply with any requests regarding your rights as stated in the GDPR. These requests can be submitted to: [email protected].

9.2. The GDPR requires any business that offers their services or products to individuals in the EU or track individuals in the EU on the internet, need to comply with the GDPR regulations. We only offer our products to people in Australia. Even though you might be an EU citizen, we do not operate in the EU.

9.3. Primus may engage employees that reside in the UK, these employees log in to our servers based in Australia. No data transfer takes place and no services are offered to UK individuals..

9.4. Primus observes the regulations set out in the GDPR and values privacy and your rights as stated in the GDPR.

9.5. We have put in place suitable physical, electronic and managerial procedures to ensure that any data held by us about an individual is safe, and will not be used outside the purpose that you provided it for.

10.1. We take complaints very seriously. Every complaint is investigated, replied to within a reasonable period of time and in a confidential manner. Following a complaint, our Privacy Officer will commence an investigation into your complaint. We may seek further information from you in order to provide a comprehensive and complete response. You will be informed of the outcome of your complaint following completion of the investigation.

Where it is practical to do so, whenever contacting us about any privacy matter, you have the option to either not identify yourself or to use a pseudonym. However, this will not apply if we are required or authorised under Australian law (or a court or tribunal order) to only deal with individuals who have identified themselves.

If you have any complaints about our privacy practices or believe we have breached privacy law, or otherwise wish to contact us, please feel free to contact the Privacy Officer at:

[email protected]

or

Primus Law

Attn: Privacy Officer

4 – 14 Dickson Avenue,

Artarmon NSW 2064

You can also contact the Privacy Officer on 02 8425 4990

10.2. You may also make a complaint to the Office of the Australian Information Commissioner (OAIC). You may contact the Australian Information Commissioner via telephone on 1300 363 992, by submitting a complaint or inquiry online at www.oaic.gov.au or by writing to the OAIC at GPO Box 5218 Sydney NSW 2001.