Privacy policy

We will collect personal information directly from you where possible. However, there may be times where we are required to collect personal information from other sources. We may collect personal information from you at various times, including:

• when you open, start or complete an application form or other type of form in relation to our products and services
• when you contact us in person, by phone, mail, email or online
• when you make a claim
• when you visit a premise from which we operate
• when you visit our website, use the HBF mobile application (HBF App), subscribe to or use one of our products or services, and
• when you participate in a health, corporate or wellness service.

We may collect your personal information from another person covered by your policy, from a person authorised to provide us with your personal information on your behalf, or from an agency or organisation on whose behalf we are providing you with services or products. We may also collect information about you from other sources, such as:

• a third party including a hospital, dentist or optometrist or other health service providers who have treated you
• a person or organisation who has facilitated or paid for your insurance cover
• an educational institution, government agency or adviser who has dealt with you (or their authorised representatives)
• HBF health service contractors who have provided you with services
• a service provider engaged by us - or a third party who partners with us - to assist in providing goods or services or administering our business
• from relevant databases and directories if you are a health service provider
• publicly available sources or networking services
• CCTV cameras in operation at our offices and retail centres
• the main policy holder (or person setting up a policy to cover you) at the time the policy was established, and
• another health fund, if you have requested a transfer of your health insurance between that fund and us.

• we provide products and services on behalf of or in conjunction with others, including business partners
• we need information from third parties relating to a product or service we provide to you, or relating to a health insurance claim
• you have consented to third parties sharing the information with us, such as people you have authorised to deal with your policy.
• we need information to prevent or minimise the risk of fraud, and
• you have consented to third parties sharing the information with us, such as people you have authorised to deal with your policy.

We collect information about how you use our website and applications for the purposes of analytics, marketing and site performance measurement. This allows us to enhance our member experience, our products and services and online functionalities. Subject to your marketing preferences, this information also enables HBF to tailor marketing to you, based upon your demographic information, use of the HBF App or website and the information you input. This information is accessed using cookies, if the privacy settings you have chosen on your device accept them. For more information, please refer to HBF Terms of Use on our website which applies to both the HBF website and applications.

Unsolicited personal information is personal information received by us where we did not request it and includes information sent to us intentionally or by mistake. If we receive unsolicited personal information, we will decide within a reasonable timeframe as to whether the personal information would be reasonably necessary for one or more of our associated functions or activities. If this is the case, we will notify you of the collection and retention of the information in accordance with the Privacy Act and obtain consent if required, otherwise it will be securely destroyed or de-identified as soon as practicable, provided it is lawful and reasonable to do so.

You have the option of remaining anonymous or using a pseudonym when dealing with us unless we are required or authorised under law to obtain your identity or if it would be impracticable to deal with you.

If you choose to remain anonymous and do not provide your personal information, it may be impracticable to:

• provide you with information or the product or service you have requested or enquired about
• accept your application or documentation, or
• accept your goods, services or conduct business with you or your employer.

You may choose to remain anonymous when submitting a complaint, but not when submitting a specific complaint about your policy payment premiums.

We will advise you if your decision to withhold your identity prohibits us from processing your application or requested service.

If you are an HBF member, we may also use your personal or health information to assess your suitability for, and contact you about, health services which may be of benefit to you, including chronic disease management programs and health related services, whether run by HBF or offered by a third party.

Where HBF has identified you may benefit from participation in a health program, your personal information may be given to a provider of a health program, who will contact you to assess your suitability for the health program and to provide you with details of the programs available to you.

If you are a participant in one of our community events, we will use your personal information to manage your participation in the event, inform you of any changes and keep you informed of our other health, wellbeing, fitness initiatives and community events held by HBF or our partners.

Where you are a prospective employee of HBF we will use your personal information to consider you for the role for which you have applied and may retain your personal information for consideration for future employment by HBF, unless you advise us not to. If you are a current or former employee, your personal information will be collected, used, disclosed and retained for purposes related to your employment with HBF or otherwise in accordance with law.

We may use your personal information, including your telephone number, address and your email or other electronic addresses, to provide marketing communications as:

• indicated in any Collection Statement provided to you as part of your relationship with us
• otherwise set out in this policy, or
• permitted by law.

Communications may be provided on an ongoing basis by telephone, electronic messages, online via the Website, social media and mobile applications, or other means. We may imply your consent to receive these communications from our existing business relationship or in some circumstances where you or your representatives have provided us with your contact details.

Additionally, we use your personal information for direct marketing and promotional research for the improvement and optimisation of your cover. You may choose to opt out of our marketing activities at any time by advising us via the unsubscribe function or via other contact mechanisms provided in any marketing you receive. Alternatively, you may advise us by speaking to one of our Member Sales and Retention Consultants on 133 423.

In general, the following include the parties to whom we may disclose personal information:

• our agents and service providers
• our professional advisors
• health service providers
• other persons covered by your policy as part of administering the policy and paying benefits
• potential or actual buyers of our assets or business
• payment system operators and financial institutions
• your agents and advisors or other persons authorised by, or responsible for, you
• government agencies
• third party insurers whom we are authorised to represent if you purchase other insurance products through us
• businesses or subsidiaries within HBF Health or other partners to improve your opportunities or improve your wellbeing and/or the value you get from your membership
• service providers engaged by us or acting on our behalf to provide software or other IT services
• service providers engaged by us or acting on our behalf to assist us to develop and implement software and services, including updates to or new versions of our mobile apps and our website
• other health funds, service providers or other third parties who assist us in the detection and investigation of fraud
• in relation to a transfer certificate requested by you or the main policy holder - your co-insured
• your employer (or their authorised representatives) if you have a corporate insurance product
• the facilitators of our arrangements with doctors, health service providers and hospitals
• the Australian Health Service Alliance (AHSA) who maintain their own privacy policy, and
• other parties to whom we are authorised or required by law to disclose information.

We may also disclose limited personal information to market research companies to gather independent feedback from you about the performance of HBF.

Generally, HBF use systems and customer service teams located within Australia. However, HBF may also use service providers who store personal information overseas. This means personal information may be transferred overseas as part of commercial arrangements between HBF and its service providers. Service providers located overseas may also be able to access your personal information which is stored in Australia.

At the time of publication of this Privacy Policy, the territories in which HBF either transferred or intended to transfer personal information may include the United States, United Kingdom and Canada. A list of countries where information may be located is available on our website.

Also, as part of our direct digital marketing campaigns, we may transfer some personal information, such as your email address, overseas to social media platforms and other digital content operators.

From time to time, we may also disclose your personal information to overseas organisations where you ask us to or provide express consent for us to do so.

Overseas entities to whom your personal information may be disclosed include, but are not limited to, overseas travel agents, overseas travel helplines or overseas health service providers in the country you are travelling to or are travelling in. HBF may provide a transfer certificate or claims history containing your personal information to an overseas insurer nominated by you.

HBF provides, or engages third parties to provide, a range of health and wellness services, such as flu vaccinations, group training sessions and chronic disease management services, to members and other individuals including those who receive these services though an arrangement between HBF and their employer or another organisation to which they belong. If you participate in these services HBF or the provider may disclose your personal information to related third parties such as its agents, service or professional, health service providers, persons authorised by or responsible for you, and to other parties to whom the health program provider is authorised or required by law to disclose personal information, including government agencies.

Third party providers may also disclose your personal or health information to HBF so we can pay benefits for your participation in the health program or allow us to:

• review, develop and improve the services
• assess the outcomes of the services, and
• contact you (via mail, email, phone or SMS) in relation to our other health programs.

If you are a participant in one of our community events, we may disclose your personal information to third parties such as the events agents and service providers.

We only keep your personal information for as long as we require it or as required by law. Personal information which is no longer required will be destroyed or permanently deidentified. Consequently, if you request access to your old personal information, we may not be able to fulfil your request.