pop-logo-small
Contact us

Privacy Policy

POP International Holdings Pty Limited

POP PRIVACY

Privacy Policy

Effective starting: 1 August 2021

 

POP International Holdings Pty Limited and its subsidiary companies and POPai Holdings Pty Limited and its subsidiary companies, collectively known as “POP” and our related entities (“POP”, “us”, “we” and “our”) are committed to protecting the privacy of our customers and users.

This Privacy Policy describes how and why we collect personal information about you, how we use, store and disclose that information, and how you can exercise your privacy rights. It also outlines how you can contact us to access and update your personal information or to raise any privacy concerns.

We recommend that you read this Privacy Policy in full to ensure you are fully informed. However, if you only want to access a particular section of this Privacy Policy, then you can click on the relevant link below to jump to that section.

Terms used in our Privacy Policy

“POP Services” are all the products and services we may provide to you, including our websites, our online and offline insurance services and associated services.

As used in this Privacy Policy, “personal information” means any information or an opinion that identifies you, or that could reasonably be used (for instance, in combination with other data) to identify you directly or indirectly, including by reference to an identifier such as a name, identification number, location data, online identifiers. It can include information you provide to us (for example, through our websites and your use of other POP Services), publicly available information, and information we collect from other sources as described in this Privacy Policy.

Updates to our Privacy Policy

We may update this Privacy Policy from time to time by posting a new version on our websites. When an updated Privacy Policy is posted, we will change the “Effective starting” date at the top of the policy accordingly.

Where our changes are material, we will try to notify you – this may be by way of an email or a notice on our websites, or an alert on the login screens for the POP Services that will appear for at least 30 days. We may not notify you if the way in which we use your personal information has not changed.

If you do not agree with its terms or any of the changes we make, you should either cease using the POP Services or exercise whatever rights you may have, as described in this Privacy Policy, to opt-out of how we use your personal information.

Why we collect your personal information

We collect your personal information to supply you with the POP Services and to further develop, enhance and safeguard those services. We may also use your personal information to:

  • perform and administer the POP Services;
  • understand the way you use the POP Services;
  • improve your experience when using the POP Services, including by personalising the services;
  • facilitate the predictive functionality and the provision of recommendations, comments and prompts forming part of the POP Services;
  • address and reply to requests for customer support;
  • identify, remedy and prevent any technical or security issues affecting the POP Services;
  • send you information by email, mail or other channels;
  • send you marketing communications, offers and opportunities relating to us or to carefully chosen third-party businesses where we think they might be relevant to you; and
  • perform any other functions described in our terms and conditions or this POP Services.

If we do not collect this information from you, you might not be able to use the POP Services or create an account or profile with us, some of the functions comprising the POP Services might not be available to you, and/or we might not be able to communicate with you (including through marketing communications).

Other ways we use your information

We may also collect, use, store and disclose your personal information for purposes and to recipients additional to those that are set out in this Privacy Policy. Where we do so, we will disclose those purposes and recipients to you when you provide your information to us.

What personal information do we collect?

The personal information we may collect includes information that you provide voluntarily to us, information that we collect automatically and information that we obtain from third party sources. This may include:

  • your contact details, including your name, mailing and email addresses, and telephone numbers;
  • your username, job title, company name and a photograph, and any additional information connected with a profile or account that you create or that is created for you;
  • your billing information, including your payment details and billing address;
  • preferences about the way you would like us to communicate with you, including in respect of marketing communications;
  • information about the way you access and use the POP Services, including the way you use POP online, the content you post, your interactions with other users, and your use of features, links and third-party integrations;
  • log information such as your IP address, the date and time when you used the POP Services, the details of the webpage you visited before accessing the POP Services, your browser type, configuration and plug-ins, your language preferences, and cookie data. For more information on our use of cookies, please see our Cookie Policy;
  • information about the device on which you are using the POP Services, including the device type and settings, operating system, device identifiers, application IDs, and crash information. We may use your Wi-Fi and IP address from your device or browser to ascertain your general location, but we will only collect GPS location data from your mobile device with your consent;
  • analytics information collected when you use the POP Services, or information that we generate or derive, including through queries we run in respect of use of the services and content contained in the services. This data, which could incorporate personal information, may include the username and IP address of the person using the POP Services, the parts of the POP Services being accessed and used, any relevant domain names and identifiers, and data about attachments (including their original filenames and sizes). We may also collect aggregated analytics data about the use of the POP Services, which will not contain personal information;
  • information about third-party services you integrate when using the POP Services. We will connect any such services to the POP Services, and we may receive information about your account (including personal information) from the third-party service provider. We will not collect or hold your passwords for any third-party services; and
  • information about our user base and the performance of marketing campaigns. This might include personal information and/or aggregated information that does not identify individuals.

We may also process personal information incorporated in the content that users create, provide, post, host, upload, store, communicate or display when you use the POP Services (“User Content”). This may include sensitive information, such as personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. Where we process personal information in content, we do so on behalf of our customers and users and it is their responsibility to have lawful grounds to use that personal information. We will not be responsible for obtaining consent for the use of any sensitive information that is incorporated in any user content.

How do we collect personal information?

We collect personal information in a number of ways, including:

  • when you establish an account with us, or when another user (for instance, a user from your company) creates an account for you;
  • when you create or amend your profile;
  • when you use the POP Services;
  • through your device or browser, as outlined above;
  • when you submit personal information directly to us, including through the use of our websites and the other POP Services, where you submit online forms, and where you send emails or other communications to us;
  • from third parties. To ensure we are providing you with information, marketing, offers and opportunities that are relevant to you, we may collect information about you from sources including our marketing partners, publicly-accessible databases and social media. We may also collect information about our user base, the POP Services and our marketing campaigns from our related bodies corporate, our service partners, or others;
  • from your third-party service providers. We may collect information from the providers of third-party services you integrate when using the POP Services, as described above; and
  • by running analytics or generating analytics data in connection with the POP Services, including through queries we run in respect of use of the services and content contained in the services.

How do we disclose personal information?

We may disclose the personal information we collect:

  • with your team administrator, where you use the POP Services as part of a team (for instance, a Buyer or a Seller team in an acquisition transaction). In line with your company’s policies, your team administrator may be able to access and control your POP account and retrieve, share or delete your personal information;
  • with other users of the POP Services. For instance, your name, photograph and contact details may be displayed to other users, including in your profile and in posts or notifications. Similar types of personal information might also be made available to others in your organisation to allow them to locate and collaborate with you. You can also choose to share information with others as part of the POP Services, such as when you use our online virtual data rooms to communicate with others;
  • with our service providers, such as our technology and customer assistance service providers. Those providers may access your personal information as we may direct or permit in order to facilitate and improve your use of the POP Services;
  • in accordance with legal requirements and our legal rights – for instance, where necessary to comply with statutory requirements, to prevent fraud, to prevent death or serious injury, or to protect our proprietary rights. Where you use our Q&A functionality, we may provide certain organisations whose registered users view or post Q&A information with a separate copy of that information, in order for them to comply with the rules of the U.S. Securities and Exchange Commission (SEC). Those organisations (and their related companies) may use and disclose such information to the extent required to comply with those SEC rules, and any other law to which they are subject (and may transfer and store that information offshore); and

to related entities of POP Specialty Insurance Pty Limited for the purposes of performing the Services and operating our group’s business. A list of our group companies is set out below:

 

POPai Holdings Pty Ltd.

 

to a new owner or potential buyer of POP, where the ownership of all or substantially all of the POP business, or individual business units owned by POP, were to change. This information would be provided in order to allow the POP Services to continue to operate.

Some of the recipients described above, including our service providers, your team administrator, other users of the POP Services, any new owner of POP, and the SEC, are or may be located offshore.

We may disclose your personal information to third parties to allow them to market to you (including through direct marketing) if we have first obtained your consent or if we have other lawful grounds to do so.

Legal basis for processing personal information (EEA visitors only)

If you are a visitor from the European Economic Area, our legal basis for collecting and using the personal information described above will depend on the personal information concerned and the specific context in which we collect it.

However, we will normally collect personal information from you only where we have your consent to do so, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you or may otherwise need the personal information to protect your vital interests or those of another person (e.g. other users).

If we ask you to provide personal information to comply with a legal requirement or to perform a contact with you, we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information).

Similarly, if we collect and use your personal information in reliance on our legitimate interests (or those of any third party), we will make clear to you at the relevant time what those legitimate interests are.

Most of the ways in which we use your personal data are based on our legitimate interests in:

  • providing and administering the POP Services;
  • keeping our website and the POP Services secure;
  • keeping the POP Services up to date and enhancing them, both generally and for your use of them; and
  • marketing our products and services.

When we rely on our legitimate interests as a lawful ground to process your personal information, we do so taking into account the potential impact on your privacy and we offer the right to object to or opt out from processing as described below in the “Your privacy rights” section below.

If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “Contacting POP about Privacy” heading below.

Cookies and similar tracking technology

We use cookies and similar tracking technology (collectively, “Cookies”) to collect and use personal information about you. For further information about the types of Cookies we use, why, and how you can control Cookies, please see our Cookie Policy.

International data transfers

Your personal information may be transferred to, and processed in, countries other than the country in which you are resident. These countries may have privacy laws that are different to the laws of your country (and, in some cases, may not be as protective).

Specifically, our group companies and third party service providers and partners operate around the world and, in particular, in Australia, the United States of America, Amsterdam, Germany, Hong Kong, the United Kingdom and Vietnam. This means that when we collect your personal information we may process it in any of these countries.

We currently host our servers for the POP Services in Australia using a third party hosting provider (Google Cloud).

Data retention

We retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to continue providing access to the POP Services or to comply with applicable legal, tax or accounting requirements).

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymise it or, if this is not possible (for example, because your personal information has been stored in backup archives), then we will securely store your personal information and isolate it from any further processing until deletion is possible.

We only retain User Content for such time as permitted by our contracts with our customers or for such time as they instruct or permit us to do so.

Your privacy rights

You have the following privacy rights:

  • If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by using the setting made available via the POP Services or by, if settings are not available via the POP Services, by contacting us using the contact details provided under the “Contacting POP about Privacy” heading below.
  • In addition, if you are a resident of the European Union, you can object to processing of your personal information or ask us to restrict processing of your personal information. Again, you can exercise these rights by contacting us using the contact details provided under the “Contacting POP about Privacy” heading below.
  • You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the “unsubscribe” or “opt-out” link in the marketing e-mails we send you. To opt-out of other forms of marketing (such as postal marketing or telemarketing), then please contact us using the contact details provided under the “Contacting POP about Privacy” heading below.
  • Similarly, if we have collected and process your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
  • You have the right to complain to a privacy authority about our collection and use of your personal information. For more information, please contact your local privacy authority. (Contact details for data protection authorities in the European Economic Area, Switzerland and certain non-European countries (including the US and Canada) are available here.)

We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable privacy laws.

Please note that we do not offer any of the rights described above with respect to any personal information that is incorporated in any User Content. We process such content on behalf of our customers and if your personal information is contained in any such content, you should contact the customer on whose behalf we have stored the information.

 

Security

In storing your personal information, we use a number of security and organisational measures and technologies to safeguard your personal information from unauthorised access, modification or disclosure and misuse, interference or loss. We have personnel tasked with protecting your information, developing new security features, and identifying and mitigating vulnerabilities. Our existing security measures include encryption, two-factor authentication, and notifications when new devices and apps are connected with your user account. We also have in place security measures and policies focused on restricting access to sensitive information to authorised personnel.

While we hold your information on a secured server behind a firewall and we encrypt data transfer using 256 bit SSL encryption, please be aware that there are inherent risks in transmitting information using the internet.

 

Contacting POP about Privacy

Please contact us using the below details if you have queries about our Privacy Policy and privacy practices, or the way we deal with your personal information. You may also contact us using these details if you wish to exercise any of your privacy rights described in the section entitled “Your privacy rights” above.

By mail:
Privacy Officer
POP International Holdings Pty Ltd. and POPai Holdings Pty Ltd.
Level 29, Chifley Tower. 2 Chifley Square, Sydney NSW 2000

By email:
customerservices@POP.insure

When you request that we access or correct your personal information, we will need to locate the relevant information, so it would assist us if you could supply as much supporting detail as possible. Where we refuse your access or correction request, we will comply with any requirements under applicable laws to notify you of our reasons for doing so and the mechanisms through which you may complain. Where we deny a request to correct information and where you make a request to us, we will comply with any applicable legal requirement to associate with the information a statement that it is inaccurate, out of date, incomplete, irrelevant or misleading.

We take your privacy complaints seriously. Where you inform us that you have a complaint about our handling of your personal information, we will contact you to let you know which of our team members will investigate your matter and the timeframe within which they will aim to respond to you.

Contact

Request a call back

If you’d like to have a chat with one of our team, please send us your name, email and phone number and we’ll get back you to as soon as possible

Visit our businesses

brand-icon-fusion
brand-icon-io.insure
brand-icon-popai

POP

Businesses
Partners

Legal

Approach

People

Contact

Specialist MGAs

InsurTechs

Partnerships

Entrepreneurs

Terms of Service

Privacy Policy

Cookie Policy