• Our Group Privacy Policy

    The Royal Automobile Club of Tasmania Limited, RACT Insurance Pty Ltd, Members Travel Group Pty Ltd (trading as RACT Travel), RACT Destinations Pty Ltd, companies owned and controlled by those listed companies, their subsidiaries and associated entities (collectively “Group” or “we”) provide a range of products and services to RACT members (and other customers) either directly or via contracted service providers. We offer a range of products including roadside assistance, motoring, driver training, accommodation, travel, member benefit program, insurance and related services.

    Our Privacy Policy

    Our Privacy Policy provides you with general information about how we collect and manage your personal information. When you purchase or acquire a product or service from us you will receive the RACT Group Privacy Statement or other form of information about your privacy, such as in scripting or a collection notice. Our Group Privacy Statement gives information about how we manage personal information for a particular product or service, or more generally and may be delivered to you in a number of ways, including verbally, by hard copy/paper, electronically or via a link to our website.

    Our emails to you as well as our Online Terms (which regulate use of our websites, social media sites or other online interactions) may include privacy statements, collection notices or preferences in relation to marketing we would like to send you. Please refer to those emails or terms prior to replying to us or using the services offered, or when you are directed to do so such as during the acquisition of a product or service.

    What is “personal information”?

    Personal Information is any information or opinion about you where it can be associated to you as an identifiable individual. Personal Information collected and held by us generally includes your basic information such as your name, date of birth, gender, address and contact details, but also includes information related to the products you have with us and the transactions you have with us and our partners.

    The information or opinion about you does not have to be true or recorded in a material form for it to be classed as Personal Information, however we treat the accuracy of our data very seriously and encourage you to ensure you update us of your personal information whenever changes to your circumstances occur.

    In some instances, we also collect and maintain personal information that is classified as “sensitive information”. This may include criminal convictions, tax file numbers, health, racial or ethnic origin. We only collect, use or disclose sensitive information in circumstances that include where:

    • we have received your consent to do so;
    • it is necessary for our business purposes or is allowed by law;
    • it is necessary for the establishment, exercise or defence of a legal claim;
    • Australian Law or a court/tribunal order; or
    • when a permitted general situation or permitted health situation applies.

    Information collected about you online

    Personal information we collect from you online, either via Internet or social media sites or through e-mail transmission is personal information that you choose to submit to us on-line.

    Our Internet sites rely on "cookies" to provide a number of services to you. A cookie is a piece of data that an Internet site can send to your browser, which may then be stored on your computer. Cookies generally allow the Internet site you are browsing to interact more efficiently with your computer or enable specific functions within our internet sites for you to make use of, but in tracking your usage of our internet sites we can also enhance your browsing experience by increasing the personalisation of the webpages you see or are directed to. Cookies can also assist with our internet security to assist in keeping you safe on the internet and help us measure the performance of our website.

    While the RACT Group does utilise cookies in relation to our online advertising decisions, both through our own cookies and certain third party cookies provided by the likes of Google and Facebook, we do so with the overall aim to increase the efficiency of our advertising. The cookies we utilise may increase the number of RACT Group advertisements you see online, but will also ensure you don’t continue to see particular advertisements too often and in no way will they increase the overall number of advertisements you see on the internet beyond our website.

    Usually you can set your browser to notify you before you receive a cookie so that you can decide whether to accept it however sometimes not accepting a cookie may affect your use of an Internet site. If your computer does not accept our cookies, you may not be able to make full use of our Internet sites.

    In order to enable you to continue to use our sites without cookies we may use alternative methods and technologies within a browsing session such as embedded urls. Further detailed information about the technologies we may use on our site and third party cookies we may utilise can be found in our Cookie Policy available on our website.

    We have many links to third party websites from our internet sites that are promoted for the purposes of providing general information to you or that may have a specific function in relation to a transaction or product you are interested in from RACT Group’s service providers or partners. Access to these third party websites may use buttons or other tools and these may use cookies to enable them to function properly. Information collected or used by these tools and on the destination website is governed by the privacy policy of the third party that created it. The RACT Group does not take any responsibility for the content of third party websites. We will make it clear when you are moving away from an RACT Group website.

    Purpose of collection and use of personal information

    We collect personal information so that we can:

    • identify you and conduct appropriate checks;
    • administer and manage our products and services including the management and administration of insurance claims, recoveries and settlements either directly, through one of our contracted service providers or distributors;
    • establish and administer products and services;
    • improve our products and services;
    • assess and investigate insurance claims made by you or by our customers;
    • manage complaints and disputes, and report to dispute resolution bodies and regulators; and
    • get a better understanding of you so that we can engage in product and service research, development and business strategy.

    We will not use your personal information for any other purpose, unless:

    • we obtain consent from you, or your authorised representative; or
    • in the case of direct marketing, we provide you a choice (via opt out or opt in) and you have chosen accordingly; or
    • the other purpose is related to the first, and where you would reasonably expect us to; or
    • the other purpose is required by law, a court or enforcement body; or
    • a permitted general situation (such as lessening serious threats to life, health or safety) or a permitted health situation exists (such as for research, to prevent serious threat to health or safety of a genetic relative).

    Refusal to supply requested details may delay or prevent us from satisfying your needs or request.

    How we collect your personal information

    We collect your personal information directly from you, from publicly available sources, from other persons or organisations (including related and third parties). We do this:

    • by using written forms;
      through contact over the telephone, your mobile or other messaging technology;
    • via the internet, including websites and social media; and/or
    • in person to person contact (for example, meetings where we discuss providing products or services either at branches, offices, service centres or kiosks).

    We collect personal information during the information life cycle, on an adhoc or a recurrent basis using the above methods. For example, we will collect personal information when you acquire a product or service from us, when you make changes to that product, when you make a claim or exercise a right under the product or service or when you need to complain. We will combine or link personal information we already know about you to other personal information we collect or hold about you.

    Examples of where we may receive personal information about you from another source and why this may happen include:

    • an investigation or reference service in the course of assessing a claim under, or request for, a product;
    • Our customers providing information about you in an insurance claim;
    • publicly available sources of information such as the internet or telephone directories in the course of identification verification;
    • Industry data bases; and
    • market research organisations for the purpose of product development or marketing.

    We will tell you the source of information collected about you, if you request.

    In most cases we will require you to specifically acknowledge your consent to any collection, use or disclosure of your personal information by us. Your acknowledgment may be required in writing or by a specific act such as when you click an acknowledgment on our Internet sites or when verbal acknowledgment is sought from you.

    Your consent or acknowledgment may also be implied through conduct such as,

    • when you continue a telephone call to our Call Centre after you have heard a recorded message that tells you that the call may be recorded;
    • when you speak to a branch Consultant;
    • when you provide us with personal information that we have not specifically requested; or
    • when we have provided you with the opportunity to choose (via opt out or opt in) and you have chosen accordingly.

    We may collect personal information from you about someone else. For example where you provide personal information about another person (including a family member or household member). When this occurs we rely on you providing the correct information and ensuring you have the consent of that person to provide that information.

    How we amend your personal information

    We can amend your personal information at the request of you or your authorised representative (by which we include your family member). Where amendment is requested by someone other than you, we will check the authority of that person by asking them to identify you and themselves or by requiring them to provide evidence of your authorisation to them to represent you, as appropriate.

    Where you hold insurance products held jointly, our contract (as set out in our PDS), authorises any joint policyholder to make amendments to policy details.

    Where you choose to hold roadside membership as a group, our contract (evidenced in our roadside application form), authorises any group member to amend personal information, provided we are satisfied of their identity and authorisation to act on behalf of the group.

    Anonymity and Pseudonymity

    You have the option of not identifying yourself or of using a pseudonym unless we are required or authorised under Australian law or a court/tribunal to identify you or it is impracticable to deal with you anonymously or by a pseudonym.

    Unsolicited personal information

    If we receive unsolicited personal information we will de-identify or destroy it as soon as practicable if the information is not reasonably necessary to provide RACT Group products or services, or perform one or more of our functions related to those products or services.

    How we use and disclose your personal information

    We use and disclose personal information from you for the purpose that we collect it, for specific or wider purposes that you later approve, or for exceptional purposes, as set out or required by Privacy Laws.

    Some examples of the parties to whom we may disclose your personal information to and collect your personal information from, include:

    • our contracted service providers
    • customer, product, business or strategic research and development organisations;
    • a third party with whom we have contracted to provide financial services/product, administrative or other business services – for example:
    • information technology providers,
    • administration or business management services, consultancy firms, auditors and business management consultants;
    • marketing agencies and other marketing service providers;
    • claims management service providers;
    • print/mail/digital service providers; and
    • imaging and document management services.
    • data warehouses, strategic learning organisations, data partners, analytic consultants;
    • social media and other virtual communities and networks where people create, share or exchange information;
    • publicly available sources of information, such as web sites that you subscribe to;
    • clubs, associations, member loyalty or rewards program providers and other industry relevant organisations that we partner with;
    • intermediaries, including your authorised agent, adviser, representative or person acting on your behalf;
    • a third party claimant or witnesses in a claim;
    • accounting or finance professionals and advisers;
    • government, statutory or regulatory bodies and enforcement bodies;
    • policy or product holders or others who are authorised or noted on a policy;
    • the Office of the Australian Information Commissioner or any other dispute resolution body;
    • legal and any other professional advisers or consultants;
    • hospitals, medical/ health or wellbeing professionals;
    • debt collection agencies, your guarantors, organisations involved in valuing, surveying or registering a security property, or which otherwise have an interest in such property, purchasers of debt portfolios; and
    • any other organisation or person where you have asked them to provide your personal information to us or asked us to obtain personal information from them, (e.g. your parent).

    Direct marketing

    From time to time we may use your personal information to provide you with information about our range of RACT Group products and services. In those cases, we will provide you with a choice (via opt out or opt in) to receive information from us, and we will respect your choice in regard to receipt of further information.

    We do not disclose your personal information to third parties for the purposes of allowing them to direct market products or services to you.

    Where we are required to provide you with certain information about the product or service that you receive from us, either due to the law or to allow you to continue to use the product or service, you will continue to receive this type of information from us even if you have opted out of receiving information about our products and services generally.

    Overseas disclosure

    Generally, we use systems and providers within Australia.

    From time to time though, we may send your information to overseas recipients and to service providers or other third parties who operate or hold data outside Australia. Where your information is sent overseas it is likely to be the European Union, Singapore, Canada or the USA.

    Where we send your information overseas, we make sure that appropriate data handling and security arrangements are in place.

    Ensuring your personal information is up-to-date

    You may request access to any of the personal information we hold about you. In most cases, a summary of personal information such as your name and address details, contact telephone numbers, policy numbers, policy cover and the products and services you have with us is freely available to you by calling 13 27 22 or visiting us at one of our branches.

    We rely on the personal information we hold about you to efficiently administer our relationship and conduct our business of providing RACT Group products and services.

    For this reason, it is very important that the personal information we collect from or about you is accurate, complete and up-to-date. We will take reasonable steps to ensure that all your personal information is accurate, complete, up to date and relevant prior to using it and will correct it where required, or where you notify us that it requires correction. Where we refuse to correct information upon request by you, we will provide reasons for any refusal in writing within a reasonable time and details of the mechanisms by which you may complain about our decision. Where requested by you, we will add a statement to your personal information about your request for correction.

    Security of your personal information

    We hold your personal information in:

    • computer systems;
    • electronic databases;
    • digital records;
    • telephone recordings; and
    • in hard copy or paper files.

    These storage mechanisms may be managed in a number of ways by us or a third party storage provider with whom we have a contractual relationship.

    We will take all reasonable precautions to safeguard your personal information from loss, misuse, unauthorised access, modification or disclosure. We employ a number of means to protect your personal information including:

    • external and internal premises security;
    • restricted electronic and physical access to personal information;
    • entering into confidentiality agreements with all employees, contractors and third party organisations that may have access to your personal information;
    • having in place stand-by systems to deal with major business interruptions;
    • maintaining technology products to prevent unauthorised computer access;
    • regular reviewing and testing of our technology in order to improve the level of security; and
    • destroying or de-identifying personal information pursuant to the law and our record retention policies.

    We will destroy or de-identify your personal information if it is no longer needed for any of the use or disclosure purposes described in this policy. This does not apply where personal information:

    • Is required by Australian Law/Tribunal Order; or
    • If it is contained in a Commonwealth record.

    We maintain industry standard technology and procedures in respect of our information management and provision of online services. We have an ongoing program of review and enhancement of its security measures. E-mail transmissions are not necessarily secure. If you have any concern about the security of the contents of your e-mail or any other transaction over the Internet then you should consider contacting us by other means. Once we receive and store your personal information, it is protected by a range of security controls, including firewalls, user identification requirements and audit trails.

    We train employees and representatives in their privacy obligations, apply confidentiality obligations to them and oversee their user identifiers, passwords or other access codes so as to monitor how they access to your personal information.

    Refusal of access to personal information

    We may refuse to give you access to some or all of your personal information where:

    • We reasonably believe that giving access to you would pose a threat to the safety of any individual or to public health or safety;
    • Giving you access would have an unreasonable impact on the privacy of others;
    • Your request is frivolous or vexatious;
    • Your request relates to imminent legal proceedings between us and would not be allowed, in those proceedings;
    • Access would reveal our intentions regarding negotiations with you;
    • Access would be unlawful;
    • Access would enable you or someone to engage in misconduct or unlawful activity that would compromise our functions;
    • Access would prejudice the actions of an enforcement agency; or
    • Access would reveal evaluative information connected to our commercially sensitive decision making processes.

    We will provide reasons for any refusal in writing and details of the mechanisms by which you may complain about our decision.

    Dealing with requests to access to personal information

    All requests for access to personal information will be handled as quickly as possible and we shall endeavor to process any request for access within thirty (30) days of having received the request. Some requests for access may take longer than thirty (30) days to process depending upon the nature of the personal information being sought and where it is stored.

    We rely on the accuracy of the personal information we hold about you to provide our products and services to you. You have the right to request us to correct any inaccurate, out-of-date, incomplete, irrelevant or misleading personal information. We will take such steps that are reasonable in the circumstances with regard to the purpose for which your personal information is held to make a correction.

    We may refuse to correct your personal information and will provide reasons for refusal in writing. If we refuse to correct your personal information you have the right to associate with the information a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading. We will take such steps that are reasonable in the circumstances to associate that statement with all records containing the relevant information.


    If you believe that we have not protected your personal information as set out in this privacy policy please let us know by contacting the person you have dealt with as they may be able to resolve the complaint for you. You can also use our internal dispute resolution service to lodge a complaint with our Privacy Officer in any of the following ways:

    • By telephoning 13 27 22 and requesting the RACT Privacy Officer or Compliance Manager;
    • By writing to the Privacy Officer, GPO BOX, 1292, HOBART TAS 7001; and
    • By email to [email protected]

    Should additional information be required from you, we will contact you to discuss. Otherwise, we will usually contact you with a decision within 25 business days of receiving your complaint.

    If you are not satisfied with the result of your complaint to us you can refer your complaint to the Office of the Australian Information Commissioner (OAIC) as follows:

    Office of the Australian Information Commissioner (OAIC)
    Director of Compliance
    Office of the Australian Information Commissioner
    GPO Box 5218
    Sydney NSW 2001

    In the case of RACT Group Insurance products, you may also complain to:
    Australian Financial Complaints Authority
    GPO Box 3
    Melbourne VIC 3001
    Phone: 1800 931 678
    Email: [email protected]

    Our Privacy Policy may change from time to time. We constantly review all policies and procedures to keep up to date with changes in the law, technology and market practice. Changes made will be updated to this Policy, on our website.

  • Our Group Privacy Statement

    The Royal Automobile Club of Tasmania Limited, RACT Insurance Pty Ltd, Members Travel Group Pty Ltd (trading as RACT Travel), RACT Destinations Pty Ltd, companies owned and controlled by those listed companies, their subsidiaries and associated entities (collectively “Group” or “we”) have a Group Privacy Policy as well as this Statement, which outlines in greater detail how we collect, store, use, amend and disclose your personal information.

    Our contact details
    We may be contacted in any of the following ways:

    • By telephoning 13 2722
    • By writing to us at GPO BOX 1292, Hobart, TAS 7001
    • By visiting us at any branch
    • Via our website www.ract.com.au

    Our Group Privacy Policy

    Our Group Privacy Policy contains further information about how you can access and correct your personal information, how we may change it at the request of you, your authorised representatives or (in some cases) family members, how you may raise concerns or complaints, and when we may collect information from third parties about you. The Policy can be accessed as follows:

    • http://www.ract.com.au/privacy; or
    • by calling 13 2722; or
    • by visiting any branch.

    Collection, use and disclosure of personal or sensitive information

    Personal information collected and held by us generally includes your name, date of birth, gender, address and contact details. In some instances, with your prior consent or otherwise as permitted by law, we also collect sensitive information, such as about your health, criminal history or tax file number.

    We may use and disclose personal information we collect about you so we can:

    • set up and administer products or services supplied by the RACT Group, joint venture partners or service providers we contract;
    • identify you;
    • assess claims under one or more of our products; and
    • improve our products or services.

    We may be unable to provide you with our products or services without your personal information.

    How we collect personal information

    Where possible, we collect or amend your personal information directly from you however in some cases we will collect it from a third party. This may take place in a number of ways including in writing, by telephone, via the internet, including websites and social media and/or in person to person contact. At the point of collection we will provide a collection notice to you, or refer you to this statement.

    We may also collect or amend your personal information at the request of your authorised representative or (in some cases) family members. In those cases, we will check the identity and authority of that person by asking them questions or by requiring them to provide your written authorisation, as appropriate.

    We may collect personal information from you about someone else. For example where you provide personal information about another person (including a family member or household member). When this occurs we rely on you providing the correct information and ensuring you have the consent of that person to provide that information.

    Overseas Disclosure

    We may disclose personal information to overseas third party organisations who provide us re‐insurance, arrange or administer travel services you have requested or other services or activities we need to conduct our businesses. In these cases, we make sure that overseas recipients are bound by requirements similar to the Australian Privacy Principles or whose processes align with our Group Privacy Policy in the work they do for us.

    Security of personal information

    Protecting and updating your personal information is a key part of our normal operations. We will take all reasonable precautions to safeguard your personal information from loss, misuse, unauthorized access, modification or disclosure.