Privacy Policy

Grange Insurance Solutions Pty Ltd – Privacy Policy

We, Grange Insurance Solutions Pty Ltd – ABN 16 115 775 141, ACN 115 775 141, AFSL 292523, are committed to protecting your privacy and confidentiality in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and to the extent applicable, the EU General Data Protection Regulations.  It is one of our prime concerns that any personal or sensitive information you provide to us is not used for any other purpose than that intended and expected by you.  This Privacy Policy describes our current policies and practices in relation to the collection, handling use and disclosure of personal information.

What information do we collect, HOLD and how do we use it?

We will collect personal information for primary purposes, which are relevant to providing and administrating our financial products and services.  Personal Information we hold which is identifiable as being about you.  This can include a broad range of information such as your name, email address, contact details, age, and any other information about your personal affairs.  We provide any information that the insurers or intermediaries who we ask to quote for your insurances and premium funding require to enable them to decide whether to insure you and on what terms or to fund your premium and on what terms.

Insurers may in turn pass on this information to their reinsurers. Some of these companies are located outside Australia. For example, if we seek insurance terms from an overseas insurer (e.g. Lloyd’s of London), your personal information may be disclosed to the insurer.  If this is likely to happen, we inform you of where the insurer is located, if it is possible to do so.

When a claim is made under an insurance policy, to enable us to assist in the claim process, we and our representatives and those of the insurer (including loss adjusters, investigators, medical advisers and lawyers) collect information about the claim, some of which may be personal information. We may collect the information from you or from third parties.

We provide this information to the insurer and or their agents and those appointed to assist you in making a claim. Again this information may be passed on to your underwriters and reinsurers.  We may use your personal information internally to help us improve our services and help resolve any problems.

From time to time, we will use your contact details to send you direct marketing communications including offers, updates and newsletters that are relevant to the services we provide. We always give you the option of electing not to receive these communications in the future. You can unsubscribe by notifying us and we will no longer send this information to you.

What if you don’t provide some information to us?

We can only apply for and arrange financial service products if we have all relevant information. The insurance laws also require insureds to provide all the information required by your insurer to help them decide whether to insure you and on what terms.  Credit Providers also require specific information to help them assess any credit applications that we may facilitate on your behalf.

How do we hold and protect your information?

We strive to maintain the reliability, accuracy, completeness and currency of the personal information we hold and to protect its privacy and security. We keep personal information only for as long as is reasonably necessary for the purpose for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements.

We hold the information we collect from you initially in a working file, which when completed is electronically imaged and stored, after which any paper is destroyed in our onsite shredder. In some cases, your file is archived and sent to an external data storage provider for a period of time. We only use storage providers located in Australia who are also regulated by the Privacy Act.

We ensure that your information is safe by protecting it from unauthorised access, modification and disclosure. We maintain physical security over our paper and electronic data and premises, by using locks and security systems. We also maintain computer and network security; for example, we use firewalls (security measures for the Internet) and other security systems such as user identifiers and passwords to control access to computer systems where your information is stored.

Will we disclose the information we collect to anyone?

We may disclose information to:

  • Financial institutions, other Australian Financial Service Licensees, Insurers, underwriters, underwriting agencies, wholesale brokers and reinsurers (for the purpose of seeking recovery from them or to assist them to assess insurance risks);
  • Premium funders / Credit providers for the purposes of gaining quotations on and arranging funding of your insurance premiums.
  • An investigator, assessor, State or Federal Health Authorities, lawyers, accountants, medical practitioners, hospitals or other professional advisors (for the purposes of investigating or assessing your claim);
  • A lawyer or recovery agent (for the purpose of defending an action by a third party against you or for the purpose of recovery costs including your excess);
  • Contractors who supply services to us, e.g. to handle mailings on our behalf.
  • An immediate family member;
  • Other companies in the event of a corporate sale, merger, reorganisation, dissolution or similar event

However, we will do our best to ensure that they protect the information in the same way that we do.  We may provide this information to others if we are required to do so by law or under some unusual other circumstances which the Privacy Act permits.  We do not sell, trade, or rent personal information to others.

How can you Access, check, update or change your information?

Upon receipt of your written request from you and enough information to allow us to identify the information, we will disclose to you the personal information we hold about you. We will also correct, amend or delete any personal information that we agree is inaccurate.  If you wish to access or correct your personal information please write to the 

Privacy Officer:
Don Leadbetter 
Level 1, Unit 5, 375 Charles Street, North Perth WA 6017
PO Box 624, Mt Hawthorn WA 6915
Phone: 08 9201 8000 | Fax: 08 9201 8077  


We do not charge for receiving a request for access to personal information or for complying with a correction request.  We do however reserve the right to charge you for all reasonable costs and outgoings specifically incurred in meeting your request for information.

Your consent

By asking us to provide you with our financial services, you consent to the collection and use of the information you have provided to us for the purposes described above.

Complaints about PRIVACY

Should you have a query or a complaint regarding a breach of privacy please contact our Privacy Officer who will handle the matter in accordance with our formal complaints handling procedures.

Your complaint can be lodged over the phone (08) 9201 8000, via mail to PO Box 624, Mt Hawthorn WA 6915 or email or you may wish to make an appointment with our Privacy Officer at a convenient time and location.  We will do all that is reasonable in the circumstances to address your complaint.

The OAIC can investigate privacy complaints from individuals about our business if we are specifically caught by the Privacy Act.  We also follow the Notifiable Data Breach obligations imposed by the Privacy Act.

Before a client can lodge a complaint with the OAIC, they will generally need to complain directly to ourselves and allow 30 days for it to respond. If they do not receive a response within 30 days, or they are dissatisfied with our response, they may then complain to the OAIC.

Complaints to the OAIC must be made in writing. Further information on the complaints process is available for clients wishing to complain regarding a Privacy Breach at

Information sent overseas

In certain situations it is likely that that some or all of the Personal Information that you provide to us may be disclosed to businesses that operate overseas.  This would only occur where the product provider / intermediary is based overseas – e.g. Lloyds of London syndicates or brokers and other overseas based insurers and intermediaries or in situations where we utilise “Cloud Computing” services that are situated outside Australia.

In all such cases, unless we expressly inform you and obtain your consent to the contrary, we commit to making reasonable enquiries to ensure that these organisations comply with their local privacy legislation where such legislation is comparable to the Australian legislation and to comply with the key components of Australian Privacy legislation in cases where their local legislation is considered inadequate or non-existent.

Website Privacy Issues

Anonymous data

We use technology to collect anonymous information about the use of our website, for example when you browse our website our service provider may log your server address, the date and time of your visit, the pages and links accessed and the type of browser used. It does not identify you personally and we only use this information for statistical purposes and to improve the content and functionality of our website, to better understand our clients and markets and to improve our services.


In order to collect this anonymous data we may use “cookies”.  Cookies are small pieces of information which are sent to your browser and stored on your computer’s hard drive. Sometimes they identify users where the website requires information to be retained from one page to the next. This is purely to increase the functionality of the site. Cookies by themselves cannot be used to discover the identity of the user. Cookies do not damage your computer and you can set your browser to notify you when you receive a cookie so that you can decide if you want to accept it. Once you leave the site, the cookie is destroyed and no personal or other information about you is stored.


Our Website may allow visitors to submit information via Self-Service forms (Quotes, Claim Forms, Employment and Contact request).  The information submitted via the Forms may not be encrypted.  Should you be concerned about the confidentiality of any information provided by any Self Service forms please do not hesitate to lodge this information with us via phone or email.

We may also use your contact information that you supply on this website to send you requested product information and promotional material and to enable us to manage your ongoing requirements, e.g. renewals, and our relationship with you, e.g. invoicing, client surveys etc.

We may also notify you via direct marketing about new services and special offers, events or articles we think will be of interest to you. We may send you regular updates by email or by post on insurance matters. If you would rather not receive this information or do not wish to receive it electronically, email or write to us.

We may also use your information internally to help us improve our services and help resolve any problems.

General Data Protection Regulation (GDPR) for the European Union (EU)

We will comply with the principles of data protection set out in the GDPR for the purpose of fairness, transparency and lawful data collection and use.

We process your personal information as a Processor and/or to the extent that we are a Controller as defined in the GDPR.

We must establish a lawful basis for processing your personal information.  The legal basis for which we collect your personal information depends on the data that we collect and how we use it.

We will only collect your personal information with your express consent for a specific purpose and any data collected will be to the extent necessary and not excessive for its purposes.  We will keep your data safe and secure.

We will also process your Personal Information if it is necessary for our legitimate interests, or to fulfill a contractual or legal obligation.

We process your personal information if it is necessary to protect your life or in a medical situation, it is necessary to carry out a public function, a task of public interest or if the function has a clear basis in law.

We do not collect or process any personal information from you that is considered “Sensitive Personal Information” relating to your sexual orientation or ethnic origin unless we have your explicit consent, or if it is being collected subject to and in accordance with the GDPR.

You must not provide us with your personal information if you are under the age of sixteen without the consent of your parent or someone who has parental authority for you.  We do not knowingly collect or process the personal information of children.

Your rights under the GDPR

If you are an individual residing in the EU, you have certain rights as to how your personal information is obtained and used.  We comply with your rights under the GDPR as to how your personal information is used and controlled if you are an individual residing in the EU.

Except as otherwise provided in the GDPR, you have the following rights:

  • To be informed how your personal information is being used;
  • Access your personal information (we will provide you a free copy of it);
  • To correct your personal information if it is inaccurate or incomplete;
  • To delete your personal information (also known as the “right to be forgotten”);
  • To restrict processing of your personal information;
  • To retain and reuse your personal information for your own purposes.
  • To object to your personal information being used; and
  • To object against automated decision making and profiling.

Please contact our Complaints Officer at any time to exercise your rights under the GDPR.  We may ask you to verify your identity before acting on your requests.


Although we intend to observe this policy at all times, you should note that the Privacy Act does not apply to small businesses.  It only applies to businesses with an annual turnover of $3M or more per annum. Therefore should we be in a position where the Privacy Act does not legally apply to us we may decide it is necessary or desirable to act outside this Policy.  We may do so, subject only to any legal obligations we have to you or under any law, including the Privacy Act.

Search our website