RACQ Group Privacy Policy
1. Who we are
The Royal Automobile Club of Queensland Limited is the owner of a group of companies, which include the following businesses:
- RACQ Bank;
- RACQ Insurance;
- RACQ Assistance, including our roadside assistance business, RACQ Auto, RACQ Autoglass and the RACQ Mobility Centre; and
- RACQ Foundation.
In this Privacy Policy, the RACQ Group is referred to as ‘RACQ’ or ‘we’.
We refer to people who hold eligible Banking, Insurance, Lifestyle and Assistance products as our “members”. We refer to non-members to whom we supply services and products as our “customers”.
This Privacy Policy gives you an overview of the privacy practices of the RACQ Group as a whole. It is supplemented by additional privacy policies, credit information policies and collection notices issued by specific businesses within the RACQ Group.
Some of the businesses in which RACQ has an interest, such as RACQ Solar and RACQ Travel, operate under separate privacy policies, and are not covered by this Privacy Policy.
2. Our commitment to privacy
The protection of your privacy and confidentiality of your personal information is important to us.
We are committed to handling personal information in compliance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles contained within the Act.
We are also committed to helping people in vulnerable circumstances manage their privacy. For more, see “Getting extra help to protect your privacy” below.
3. What information does this Privacy Policy apply to?
This Privacy Policy applies to “personal information” held by RACQ. “Personal information” refers to information or an opinion about an identified individual, or an individual who is reasonably identifiable.
In some circumstances, we also handle “sensitive information”. “Sensitive information” is a subset of personal information, and includes health information, criminal record information, some biometric information, sexual orientation, cultural and religious information, as well as some other categories set out in the Act.
4. The purpose of this Privacy Policy
In this Privacy Policy, we describe the key ways in which we typically handle personal information across the RACQ Group in the ordinary course of our business.
We aim to provide a high degree of transparency. However, there may be ad hoc circumstances where we handle personal information in a way not described in this Privacy Policy. Where that happens, we make sure we comply with our privacy obligations.
We make you aware of how we handle personal information in a number of different ways, so you can make informed choices when dealing with us. This Privacy Policy provides an overview. We may also describe how we handle your personal information in our other privacy policies, credit information policies and collection notices we give you, or in consent forms that you give us.
We may also handle your personal information in other ways permitted by law, including:
- for the primary purpose for which we collect the personal information;
- where, in the circumstances, you give your implied consent;
- where you reasonably expect it, and the secondary purposes is related (or in the case of sensitive information, directly related) to the primary purpose for which it was collected; and
- on other bases permitted by law, including for law enforcement purposes.
5. What personal information do we collect?
The information we collect about you depends on our dealings with you.
RACQ members
If you are an RACQ member, the types of personal information we collect about you may include your name, gender, contact details and date of birth. We may also collect payment information (for Lifestyle members), information about your use of the membership benefits and discounts and your communication history with RACQ.
Please note that when you deal with a third party to access discounts and benefits, that interaction (including the use of their website) may be subject to terms of use and conditions of the third party separate to RACQ. By providing information via that third party’s website, you will be providing information directly to that third party. We recommend that you read the privacy statement of the third party if you are clicking through or redirected.
Members and customers of RACQ businesses
If you deal with the following businesses, the types of personal information we collect about you may include:
| RACQ Bank | |
|---|---|
| RACQ Bank member (or you apply to be one) | In addition to the types of personal information listed above in relation to RACQ members, we may also collect your personal circumstances (for example marital status and/or any dependents you have), identity information and government related identifiers (for example, tax file number or tax identification number), financial information, credit information, employment-related information, publicly available information (for example registers maintained by the various land registries or ASIC), hardship information (if provided by you), information about your use of our banking services and products (including internet banking) and your communication history with RACQ |
| Guarantor for an RACQ Bank member | Personal and contact details (including name, address, email address, phone number and/or date of birth), personal circumstances (for example marital status and/or any dependents you have), identity information and government related identifiers (for example, tax file number or tax identification number), financial information, credit information, employment-related information, publicly available information (for example registers maintained by the various land registries or ASIC) |
| Authorised representative of an RACQ Bank member | Personal and contact details (including name, address, email address, phone number and/or date of birth), relationship with the RACQ Bank member, identity information (for example driver’s licence) and your communication history with RACQ |
| Someone who transacts with an RACQ Bank member | Name, bank account details and transaction details |
| RACQ Insurance | |
|---|---|
| RACQ Insurance member (or you apply to be one) | In addition to the types of personal information listed above in relation to RACQ members, we may also collect information about your personal circumstances (for example marital status and/or any dependants you have), information about the vehicle, house, pet or travel being insured, information about your claims history, payment information, criminal history information in police checks, hardship information (if provided by you), claims history and information about any insurance claims you make (which may include health information) and your communication history with RACQ |
| Named party in an RACQ Insurance policy |
Name, contact details, date of birth, identity information, claims history and information about any insurance claims made (which may include health information) |
| Person involved in an insurance claim |
Name, contact details, identity information, financial hardship information (if provided by you), information relating to the claim (which may include health information) |
| Authorised representative of an RACQ Insurance member |
Name, contact details, relationship with the RACQ Insurance member and your communication history with RACQ |
| RACQ Assistance | |
|---|---|
| RACQ Assistance customer or member (or you apply to be one) | Name, contact details, date of birth, identity information, credit information, information about the relevant vehicle or device being covered or services, publicly available information (such as vehicle details), payment information, hardship information (if provided by you), information about any requests for assistance, including location information, and your communication history with RACQ |
| Authorised representative of an RACQ Assistance member or customer |
Name, contact details, relationship with the RACQ Assistance member or customer, payment information (where provided by you) and your communication history with RACQ |
| Applicant for an international driving permit |
Name, contact details, a photo of you, country of birth, intended travel dates, driver’s licence and payment information |
We also collect personal information through RACQ Foundation and our community initiatives. This may include:
| RACQ Foundation and community | |
|---|---|
| Applicant for an RACQ grant | Name, contact details, your affiliation with an organisation and any information about you that you include in your application (which may include photographs) |
| RACQ Foundation donor | Name, date of birth, contact details and RACQ member number (if you have one) |
| Someone involved in our community activities, such as Friends of Foundation and volunteers |
Name, contact details, date of birth, your affiliation with an organisation and information about your engagement, (where relevant) health information and emergency contact information, driver’s licence details and communications with RACQ |
| Participant in our community activities or programs, including road safety programs |
Name, date of birth and contact details and information about your engagement and communications with RACQ |
| Someone we fund or a partner on one of our community activities, such as someone we sponsor |
We typically collect your name and contact details. The other personal information we may collect will depend on our engagement with you. |
| A stakeholder in our Advocacy work or projects | We typically collect your name, contact details and (where relevant) your role and organisation. |
Other people we deal with
We may also collect your personal information if you are:
| Engaging with us by signing up for our magazines or newsletters, entering into a competition, or responding to a survey | We typically collect name and contact details, and any information you provide when entering into a competition or responding to a survey. |
| Contractors and personnel of organisations and entities (including government entities) we engage with, such as suppliers and service providers |
We typically collect name, contact details, information about your affiliation with the business and information about your engagement and communications with RACQ. Depending on the circumstances, we may collect gender, criminal history information or other background check information. |
| Someone applying to join our team |
We typically collect name, contact details, information about your experience, education, memberships, qualifications, attributes and character, criminal history information, working rights, information you provide in your application and interview, and information provided by your referees. Depending on the role you apply for, we may also collect health information via a pre-employment medical screening and driver’s licence information. |
| A referee of someone applying to join our team |
We typically collect name, contact details, current position title, organisation name and information about your relationship with the applicant. |
| Someone referred to us through our internal referral program |
We typically collect name, contact details and role for which they may be interested. |
| Our staff |
We also collect personal information about our staff, including health information and criminal history information and in some circumstances, cultural and religious information, for the purposes of managing our employment relationship. |
The types of personal information we collect may also depend on the ways in which you choose to deal with us, including:
| When you set up a My RACQ account | We typically collect your name, date of birth, email address, and postcode so we can connect your account with your member record. |
| When you call us | We record the call, which may include your personal information such as your name, date of birth, contact details, residential and postal address, Bank ID number, membership, policy or claim number and information about your enquiry. |
| When you email us, use our online chat service or correspond with us by mail or social media | We keep a record of communications, which may include your personal information including your name, contact details, Bank ID number, and membership, policy or claim number. |
| When you visit us at one of our RACQ stores or locations, such as the Queensland Driving Excellence Centre |
We may record your image and information about your visit on CCTV. |
| When you make an online enquiry |
We collect your name and contact details, your membership card number (if provided), and information about your enquiry. |
| When you engage with us on social media |
We collect your username and the information you provide when interacting with us. |
| When you browse our website |
We record your server or IP address, the date and time of your visit, pages visited, documents downloaded, the site you visited prior to visiting our website, information about your browser and user preferences and your website interactions. This may only be personal information if we can reasonably identify you from this information. |
6. How do we collect personal information?
Where reasonable and practicable, we will collect personal information (including credit information) directly from you. This information will generally come from what you provide in your application for one of our products or services and supporting documentation, or what information you provide when communicating with us.
Where we are dealing with a child, such as a student engaging in one of our road safety courses, we will generally collect personal information from the child’s parent or guardian, or from the child’s school where the parent or guardian has given their consent.
On occasion, we will collect personal information passively – that is, by observing you. This may occur, for example, where:
- you call our call centre, and we record the call;
- you attend one of our stores or locations and are captured on CCTV; or
- you use our digital services, such as browsing our website, using My RACQ, using online banking or using our apps.
We will sometimes collect information about you from third parties, where it is unreasonable or impracticable to collect that information from you directly. This may include, depending on the circumstances:
- from your authorised representative or from any referees that you may provide to us in support of an RACQ Bank application;
- from publicly accessible databases such as the National Personal Insolvency Index, company registration details maintained by the Australian Securities and Investments Commission, registers maintained by the various land registries and criminal history information in police checks;
- for RACQ Insurance members, from the Insurance Reference Service (IRS);
- for RACQ Bank members, from the Australian Financial Crimes Exchange (AFCX);
- from third parties, such as your employer, finance brokers and mortgage insurers, other credit providers, third party service providers or other organisations as authorised by you;
- from third parties involved in an insurance claim, including service providers (such as our repairers, investigators, recovery agents, legal representatives, assessors, suppliers, advisors and payment service providers), specialists, and other involved individuals or entities such as another party’s legal representatives, medical professionals, other insurers, co-insureds or claimants;
- from publicly available sources, such as social media when you choose to interact with us through that channel; and
- for job applicants, employees and contractors, in addition to some of the sources listed above, from your previous employers, nominated referees, educational/membership institutions, Australian Securities and Investments Commission and Australian Prudential Regulation Authority registers to verify whether you are banned or disqualified, have any current shareholdings or directorships or hold an Australian Financial Services (AFS) licence (where relevant to the work you may be doing), court judgments to check for court actions which may expose RACQ to business risk, Australian and international government published watch lists and politically exposed persons, government databases for driving and traffic history and Australian Home Affairs and Immigration for visa conditions.
7. How do we use your personal information?
We generally use your personal information for the primary purpose for which we collected it. Generally, this is to provide you the product or service that you have requested, to process payments, to manage any insurance claims (including resolution of any dispute) or to consider your employment application. The primary purpose may also be to process a donation to the RACQ Foundation, or to engage in Advocacy work that you are involved in.
In the ordinary course of our business, we may also use it for the following additional purposes, depending on the circumstances:
- verifying your identity, including where we are required to do so by law;
- considering and assessing your application for a product or service, which may include considering your creditworthiness;
- where you are an unsuccessful job applicant, to consider you for further roles;
- for administrative, accounting, audit, insurance, management, training, planning, record keeping, archiving, risk management, staff training and other business purposes of RACQ;
- complying with our legal and regulatory obligations, and managing our rights and obligations in relation to external payment systems;
- investigating suspicious or potentially fraudulent activities;
- to monitor the security of our premises;
- to better understand our members and customers, and to develop and improve our products and services;
- to manage and respond to complaints;
- to track the impact of our RACQ Foundation activities; and
- generally with your consent or where you would reasonably expect it, to publish information about your involvement with RACQ online, such as where you are involved in an RACQ Community or Advocacy initiative.
We may use your personal information, including your contact details, to provide you with information we think will interest you about our products and services, where we have your express or inferred consent. This may include conducting marketing and communication purposes and member and customer satisfaction research.
You may opt out at any time if you no longer wish to receive marketing information or do not wish to receive marketing information through a particular channel, like emails. You can make this request by contacting our Privacy Officer using the contact details at the end of this policy, or by ‘unsubscribing’ from our marketing messages, which always include an unsubscribe option.
8. When might we disclose your personal information?
We may disclose your personal information to third parties where this disclosure is the primary purpose for which we collected it.
In the ordinary course of our business, we may also disclose your information in the following additional circumstances, depending on the circumstances:
- to other entities within the RACQ Group, and to our retail agents;
- to our business partners, for example, other roadside assist organisations should you require assistance outside of Queensland;
- to third parties where required to manage an insurance claim, such as investigators, recovery agencies, assessors, suppliers, repairers, payment service providers, another party’s legal representatives, other insurers, co-insureds or claimants and the Australian Financial Complaints Authority;
- to our service providers, such as organisations that provide vehicle inspection services, driver training, identity verification, background checks, payment service providers and other financial institutions to allow payment processing, settlement agents, data storage providers, mailing houses and research consultants;
- to RACQ professional advisors, such as accountants, lawyers and auditors where we have taken steps to ensure that these advisors are bound by sufficient confidentiality and privacy obligations to protect personal information;
- to credit reporting bodies, other credit reporting providers and brokers;
- to external organisations that are RACQ assignees for the purpose of allowing them to perform obligations under contract assigned to them;
- to debt collecting agencies, if a member or customer has not paid an amount if required;
- in relation to our RACQ Insurance business, to the Insurance Reference Service (IRS) and members of the IRS via the IRS database for use for authorised purposes such as providing insurance services, including carrying out underwriting processes and issuing an insurance policy, dealing with claims and/or detection of fraud or other unlawful activities;
- for the purposes of reporting fraud, including disclosure to the Australian Financial Crimes Exchange (AFCX) and members of the AFCX for that purpose;
- to your representatives and agents, where authorised by you;
- to other automobile clubs that you are a member of, where we invoice your club for the services that we provide to you in Queensland;
- to ClubConnect, Woolworths, Eagers Automotive, Wink and Vibe in connection with the member benefits initiatives run in association with those organisations;
- to digital platforms (where you already interact with those platforms) in order for those platforms to conduct relevant online advertising for us; and
- if required or authorised by law, to government and regulatory authorities, such as under Anti-Money Laundering/Counter-Terrorism Financing Act laws, State and Territory conveyancing laws, tax laws or in response to a subpoena.
Except as set out above, when you engage with a third party to redeem member benefits offered by RACQ, we typically do not disclose your personal information to that third party. Generally, you provide your personal information to that third party directly.
We may disclose your personal information to recipients located overseas, where permitted by law. Where we disclose your personal information to an overseas recipient, we will take reasonable steps to include relevant obligations aligned with the Australian privacy laws on how the recipient collects, uses, discloses, stores and retains your personal information.
Please see our RACQ Overseas Disclosure list at https://www.racq.com.au/privacy/racq-overseas-disclosure, which lists the countries that RACQ may disclose your personal information to in the ordinary course of its business.
RACQ may also disclose your personal information to a recipient located overseas in order ad hoc circumstances, such as when need to liaise with overseas entities to conduct a background check. Where this applies, it is not possible for us to set out in this Privacy Policy all of the possible countries to whom we may send personal information. However, if you have any specific questions about disclosure of your personal information to overseas recipients, please reach out to our Privacy Officer using the contact details below.
9. How do we hold your personal information?
RACQ implements safeguards to protect the personal information we hold from:
- misuse, interference and loss, and
- unauthorised access, disclosure or modification.
We may hold your personal information in hard copy or electronically and we keep it in our facilities and systems or those of our service providers. We have policies and procedures that are aimed at ensuring that information is only accessed by people who have the authority and need to do so. We protect the physical security of our premises, and we implement technical security measures over our electronic systems. We regularly review and test our security measures. While RACQ implements measures to keep personal information safe, RACQ is not able to control all external cyber threats.
We use up-to-date security measures on our website to protect your personal information and your credit information. Any data containing personal, credit or related information which we transmit via the internet is encrypted. However, we cannot guarantee that any information transmitted online is entirely secure. If you have any questions or concerns about transmitting your personal information online, you may contact our Privacy Officer, as there are other ways for you to provide us with your personal information.
10. Your right to access your personal information
You may request access to the personal information that we hold about you at any time from the Privacy Officer, using the details at the end of this policy.
We will respond to your request for access within a reasonable time. If we refuse to give you access to any of your personal information, we will provide you with reasons for the refusal and the relevant provisions of the Privacy Act that we rely on to refuse access. You can contact our Privacy Officer if you would like to challenge our decision to refuse access. Where we incur cost providing you with access to personal information, we may charge you a reasonable amount.
11. Your right to request correction of your personal information
We take reasonable steps to make sure that the personal information that we collect, use or disclose is accurate, complete and up-to-date. You may have options to request to update your personal information yourself, such as through your My RACQ account. If this is not an option and if you believe your information is incorrect, incomplete or not current, you can request that we update this information by emailing racq@racq.com.au, contacting our call centre, or visiting an RACQ store.
Before correcting or providing access to personal information in response to a request, we will require your identity to be confirmed. We will respond to your request within a reasonable time. If we do not correct your information we will provide you with the reasons for the refusal. You can ask us to associate a statement with the record indicating your disagreement with it.
12. How you can ask questions, raise comments and make complaints
If you have any questions or comments regarding your privacy in relation to RACQ, please contact us on 13 1905 or email us at privacy@racq.com.au.
If you believe that we have not fulfilled our obligations under the Privacy Act or you do not agree with a decision made by RACQ in relation to accessing or correcting your personal information, you can make a complaint to our Privacy Officer – details are below.
Once we have received your complaint, we will investigate and endeavour to respond to you within a reasonable time. If you are unhappy with the response from RACQ, you can direct your complaint to the Australia Privacy Commissioner at:
Office of the Australian Information Commissioner (OAIC)
GPO Box 5218
Sydney NSW 1042
email: privacy@privacy.gov.au
13. Getting extra help to protect your privacy
RACQ recognises that many of us could be facing difficult situations and we endeavour to help and support as best as we can, if needed, and to take additional steps to protect your privacy.
If your finances are being controlled by someone else in a way that is causing you concern, or if you are being threatened, controlled, coerced, or experiencing violent acts that may be causing you to be fearful, speak to one of our staff who can help you by taking steps to protect your privacy and managing the products you hold, or wish to hold with us, to reasonably suit your needs. We have many options appropriate for complex and challenging times and we are here to provide care and additional support to our members and customers.
Call 000 if you are in immediate danger.
Call our Group Member Advocate Office on 1800 848 869 between 8:30am and 5:00pm, Monday to Friday. We can arrange the National Relay Service or an interpreter, if required. To find out more how the Member Advocate Office can help you, refer to the Group Member Advocate Office page here.
To access other support services, refer to the RACQ Supporting vulnerability page here.
14. How to contact us
Our Privacy Officer’s contact details are:
Privacy Officer
Group Risk & Compliance
PO Box 4 Springwood QLD 4127
email: privacy@racq.com.au
15. Updates to this RACQ Group Privacy Policy
This privacy policy was last updated in August 2024.
We may make changes to this Privacy Policy from time to time to ensure that it is up to date and accurate, and to reflect any changes to the law or our operations. As a result, we may update and change this privacy policy from time to time, and the updated version will be published on our website.