A Decrease font size. A Reset font size. A Increase font size.

Australia Privacy Notice

Crystal-Mark-23429-Privacy-Notice-400x271
This privacy policy explains how Canopius Group Limited and its subsidiaries (“Canopius,” “we,” “us,” or “our”) collect, use, or discloses any personal information we collect about you in Australia so that we can provide you with appropriate insurance products and services, settle any valid claims and deal with any concerns you may have. This includes information gathered on websites that expressly link to this privacy notice (“Website”). Depending on which services you use, this may involve us using your personal information (information that can identify you, such as your name, contact details, employment details, and details of financial payments) and sensitive personal information (for example, details about your health, race, or ethnic background).

Topics in this document:

  1. Who we are
  2. What information do we collect about you
  3. Why we use your information
  4. How we collect your information
  5. Who we share your information with and why
  6. How long we keep your information
  7. How we protect your information
  8. Your rights relating to your information
  9. How to contact us
  10. Changes to our privacy notice

Who we are

We are Canopius Australia & Pacific Limited. We operate as a Lloyd’s of London approved Service Company, acting for and on behalf of Syndicate 4444 (which is managed by Canopius Managing Agents Limited in the United Kingdom). We and Canopius Managing Agents Limited are part of Canopius Group Limited, which has its head office in Jersey and operates in the UK, Bermuda, Australia, USA and Singapore. The Canopius group is made up of several trading companies. For more information, please visit our website at www.canopius.com.

We act as the delegated underwriter of your insurance policy. To find out more about how we might use your information in Australia, please expand the options below.

In order to deliver our insurance services to you, we may collect the following information in keeping with certain legislative requirements (for example the Insurance Contracts Act 1984).

Note: If the necessary information is not provided, we may not be able to provide you with our insurance services, of your ability to seek reimbursement for any claim(s) under your insurance may be impacted.

  • Contact details such as your name, address, date of birth, email address, and phone number, and details of any other people you are including on the proposal or policy, and your relationship with them
  • Financial information such as your bank account details, details of the items you want to insure (including the location of those items where this applies) or the cover you want to take out
  • Details of any personal injuries or medical conditions if these are relevant to the insurance product or a claim
  • Details of any previous insurance cover you have had
  • Details about any insurance claims you have made
  • Information about any criminal convictions or offences, or county court judgments
  • Details from credit, fraud, anti-money-laundering and sanctions checks
  • Details of any complaints you make about your policy
  • Sensitive personal information (for example, details about your health, race, or ethnic background)

For additional information on our use of Collection Technologies, please see our Cookie Policy.

We may use your information for the following purposes.

  • To provide a quotation and set up your policy
  • To set you up as a client, including to carry out fraud, credit, anti-money-laundering, and sanctions checks
  • To evaluate the risks you want to cover and match you to the appropriate policy and premium
  • To manage your policy
  • To collect and refund your premiums (if this is necessary)
  • To provide general client care, including communicating with you about managing your policy and making any changes you ask for
  • To send you your policy documents
  • To process claims
  • To manage insurance claims
  • To defend or prosecute legal claims
  • To investigate and prosecute cases of fraud
  • To renew your policy
  • To contact you in order to renew your insurance policy
  • To assess general risks and provide insurance
  • To meet the obligations we have by law and under any regulations that apply
  • To transfer books of business if we are selling or reorganising all or part of our company

AND

  • For general insurance and profiling purposes
  • When calculating insurance premiums, we may compare your personal information against industry averages and use it to update the industry averages

We may process your personal information if:

  • It is necessary to meet the terms of a contract. If we have a contract with you or a third party on your behalf, we will process your information in order to fulfil that contract and provide you with our services
  • It is necessary to meet an obligation we have by law
  • It is necessary to carry out a task that is in the public interest (for example, analysing claims in order to calculate insurance risk ratings and premiums)
  • It is in our or a third party’s legitimate interests, for example:
    • to prevent and detect fraud;
    • to analyse claims and carry out profiling to calculate insurance risk ratings and premiums (this is where our actuaries analyse the information we have available to assess how likely you are to make a claim and so decide how much your premiums should be);
    • to carry out direct marketing activities with other businesses; or
    • due to any sale, merger or takeover of all or part of the Canopius group.
  • You have agreed to us processing your personal information. If we need you to agree before we can process your information, we will make this clear at the time we collect it.

We may process your sensitive personal information in relation to your insurance policy if this is necessary:

  • to provide the insurance;
  • for reasons of substantial public interest; or
  • to defend a legal claim against us.

Depending on which of our services you use, we may collect information about you from various sources, including:

  • you;
  • your family members, employer or representative, such as an insurance broker;
  • other insurance companies;
  • credit-reference agencies;
  • anti-fraud databases, sanctions lists, court judgments and other databases that are available to the public;
  • the open electoral register; or
  • if we receive a claim, third parties, including the other party to the claim (the person making or defending the claim), witnesses, experts (including medical experts), loss adjustors, solicitors, and claim handlers.
  • third parties who help deliver products and services on our behalf, such as payment-card providers, claims handlers and data-storage providers;
  • other companies in the Canopius group to manage your policy and any related claims;
  • National anti-fraud databases to prevent fraud and facilitate accurate underwriting and claims management.
  • Auditors, regulators, and the Australian Financial Complaints Authority if we must do this by law or under any regulations that apply; and
  • any third party that takes over all or some of our assets, in which case we may transfer your personal information to the third party.

We may transfer your information to a country outside of Australia in order to deliver our services. We make sure your information is protected when it is transferred and processed by including restrictions in the contracts we have in place with the organisation receiving or processing it. The other organisation must also keep to data protection laws.

We will disclose your information if we must disclose it by law. We may disclose your information with enforcement authorities if they ask us to, or with a third party if this is necessary because of actual or threatened legal proceedings, provided we can do so without breaking data protection laws.

We will keep your personal information for as long as is necessary for the purposes we originally collected it for, or for as long as we are allowed to keep it under data protection laws. How long we keep your personal information for will depend on:
  • your relationship with us and the types of products or services you have with us;
  • how long it is reasonable to keep records to show that we have met the obligations we have to you by law;
  • any time limits for making claims under your insurance;
  • any retention periods set by law, regulators, professional bodies or associations; and whether there are any relevant proceedings.
We are committed to keeping your personal information secure. We have put in place physical, electronic, and operational procedures to protect the information we collect and keep it secure.

You have the following rights relating to the information we collect about you.

  • Right of access
  • Right to make a written request for details of the personal information we hold about you, and to receive a copy of that personal information.
  • Right of rectification
  • Right to have any inaccurate information about you corrected or removed from our records.
  • Right to erasure (‘right to be forgotten’)
  • Right to have certain personal information about you deleted from our records.
  • Right to restriction of processing
  • Right to ask us to use your personal information for restricted purposes only.
  • Right to object
  • Right to object to us processing your personal information.
  • Right to data portability

If you have given us personal information that we store electronically, you have the right to ask us to transfer that information to you or someone else in a format that can be read by computer.

These rights may not apply in all cases. We will let you know whether we think they apply to you.

If you make a request relating to the rights above, we may ask you to confirm your identity and to provide information that helps us to understand your request better. Once we have the information we need from you and have confirmed that your request is valid, we will respond to you within one month of receiving your request, unless you make several or particularly complicated requests, in which case we may extend this time by up to a further two months or otherwise in accordance with applicable law. We will tell you if we need this extra time and will explain why.

If you want to exercise any of your rights, please write to our Data Protection Team, whose contact details are given below in the ‘How to contact us’ section.

If you are not happy with our response to your request, or you believe the way we have processed your information is not in line with data protection law, please contact us so we can either fix the problem or explain our decision. Alternatively, you can contact the Office of the Australian Information Commissioner (OAIC) to lodge a privacy complaint by:

  1. Completing the OAIC online Privacy Complaint Form
  2. In writing to GPO Box 5288, Sydney NSW 2001 (send it by registered mail if you’re concerned about sending it by standard post)
  3. By facsimile to +61 2 6123 5145.

If you decide to write to the OAIC (by fax or post) make sure your complaint includes:

  • your name and contact details — the OAIC can’t investigate an anonymous complaint
  • any relevant reference numbers or identifiers
  • our name so the OAIC knows of whom you are complaining
  • a brief description of your privacy complaint (what happened and when)
  • any action we have taken to fix the problem
  • a copy of any relevant document (such as your complaint to us and our response
  • what outcome you’d like.

If you have any questions, comments or complaints, or you want to exercise the rights you have relating to data protection, please contact the Group Data Protection Officer.

Write to: Group Data Protection Officer
Canopius Managing Agents Limited
Floor 29, 22 Bishopsgate
London
EC2N 4BQ

Email: privacy@canopius.com

We keep our privacy notice under regular review, and the latest version will be available on this website. This privacy notice was last updated on 8 August 2025.

Staff Bio Content