Privacy Policy

1. Document Controls

1.1 Details 

Document Type 


Document Name 

Policy – Privacy

Document Owner 

Corporate Services Manager

Document Approver 

Corporate Services Manager

Original Issue Date 

November 2019

Current Issue Date 

Feb 2021



1.2 Revision Control Chart 

Version Sections Amended & Description of Changes Date
1.5.1Template and updated track changes created.November 2019
1.5.2First draft complete. March 2020
1.5.3Changes following stakeholder and peer review Confirm content, amending copyright claims May 2020
2.0 Document formally signed off and released from draft July 2020
2.1 Nil changes following stakeholder and peer reviewFeb 2021
3.0 Document formally signed off23 Feb 2021

1.3 Controlled Document  




Date Issued

Steve Chapman 

Managing Director 

Steve Chapman 

23 Feb 2021

Luke Hill 

National Operations Manager 

Luke Hill 

23 Feb 2021

Kristy Meaton 

Corporate Services Manager 

Kristy Meaton 

23 Feb 2021

Mark Gwynne 

Chief Information Officer 

Mark Gwynne 

23 Feb 2021

2. Policy

This Privacy Policy sets out how Australian Accident Management Commercial Pty Ltd (ABN 51 101 934 801) (AAMC) and its related entities collects, stores, uses and discloses personal information, as well as that personal information collected via our website

3. Policy Statement

AAMC is an independent motor and machinery accident management company and collects information on behalf of insurance companies in order to assess and manage insurance loss under the terms and conditions of the insurance policy.


Protecting the confidentiality of personal information is important to AAMC, and it is fundamental to the way we conduct business. AAMC is committed to protecting the privacy of individuals and is bound by the Australian Privacy Principles set out in the Privacy Act 1988 (Commonwealth) (the “Act”). We will only collect, use or disclose personal information in accordance with the Act and this Privacy Policy.


Where required by law, we will provide you privacy information specific to your dealings with us. Your use of the Website is also subject to the AAMC Website Terms of Use.

4. Collection and Storage

AAMC collects personal information from you in a number of different ways. We may collect personal information directly from you or in the course of our dealings with you, for example when you:


  • Provide confirmation of personal information provided to us regarding your claim.
  • Apply for a position of employment with us. Use our website or services (including via cookies).
  • Contact and correspond with us.


Where possible we will collect personal information directly from you. The personal information we collect about you may include (but may not be limited to) your name, address, date of birth, contact details, Internet Protocol (IP) address, occupation and education/work history, employer, legal and industry areas of interest, and information specific to the management and loss assessment of a vehicle, and is used for the purposes of your claim under your insurance policy.


We may also, if you consent, collect personal information about you from insurance companies, automotive repair companies, from publicly available sources of information or in some instances from third parties including recruitment agencies, previous employers, government departments and third-party service providers which provide criminal, bankruptcy and other checks.


AAMC will take reasonable steps to keep any personal information we hold about you secure.

5. Purpose

We only collect personal information where it is reasonably necessary for one or more of our  functions or activities, such as assessing, administering and processing an accident claim, or  assessing an individual for employment. The purposes for which we collect, use, and hold  your personal information may include: 

  • Verifying your identity. 
  • Contacting you (including via electronic messaging such as SMS and email, by mail,  by phone or in any other lawful manner). 
  • Providing you with services. 
  • Facilitating our internal business operations, including internal record keeping and  the fulfilment of any legal requirements. 
  • Developing and improving our services and obtaining feedback. 
  • Complying with any law, binding regulation, court order, or official request, or where  we are permitted by law. 


we are not able to collect personal information about you, we may not be able to administer  or process your claim for assessment and repairs; or accept your expression of interest or  application for employment with us. 

6. Use and Disclosure

AAMC may use or disclose your personal information for the purpose for which it was  collected. Parties to whom we may disclose your personal information include: 

  • Loss Assessors.
  • Repairers and Suppliers.
  • Insurance Companies.
  • Investigators and Recovery Agents.
  • Legal and other professional advisors.
  • Contracted Advisors and Service Providers who assist us in operating our business
    (including data storage services, email filtering, virus scanning, payment processors,
    IT suppliers.
  • Third parties to whom you have agreed we may disclose your information.
  • The police, any relevant authority or enforcement body.
  • Where the use or disclosure is authorised or required by or under an Australian law
    or court/tribunal order.


We may expand or reduce our business, and this may involve the sale and/or transfer of  control of all or part of our business. Personal information, where it is relevant to any part of  the business for sale and/or transfer, may be disclosed to a proposed new owner or newly  controlling entity for their due diligence purposes, and upon completion of a sale or transfer,  will be transferred to the new owner or newly controlling party to be used for the purposes for  which it was provided under this privacy policy.

7. Disclosure of Personal Information overseas

We are assisted by a variety of external service providers to deliver our services, some of  whom may be located overseas. These third parties are too numerous to list, and they change  from time to time. Some examples of the types of third parties include technology service  providers who may be located in Canada and the United States of America. 

In many cases, we impose contractual restrictions equivalent to those imposed on us under  the Privacy Act in respect of collection and use of personal information by those third parties. 

You consent to this overseas disclosure and agree that by providing that consent, APP 8.1  under the Privacy Act no longer applies. APP 8.1 requires entities to take such steps as are  reasonable in the circumstances to ensure that the overseas recipient does not breach the  APPs in relation to the information. 

8. Information about Events, the Website and Our Services

We will never knowingly send unsolicited commercial electronic messages. More information  on the Spam Act 2003 (Cth) is available from the regulator’s website: 

If you use our services or subscribe to our mailing list, we may use or disclose your information  (excluding sensitive information) for direct marketing purposes and to contact you via email,  SMS or other means in order to provide you with updated information about our services, the  Website, our events, or to provide you with other information about our products or services.  

You will be able to opt-out of direct marketing at any time with no charge to you or request us  to provide you with our source of information, by email to, or through the unsubscribe link found in all  marketing emails we send. We will then ensure that your name is removed from our mailing  list. 

If you receive communications from us that you believe have been sent to you other than in  accordance with this policy, or in breach of any law, you should contact us using the details  provided below.

9. Security

We store personal information in different ways, including in paper and in electronic form. The  security of your personal information is important to us. We take appropriate measures to  protect the personal information we hold from interference, misuse, loss, unauthorised access,  modification or disclosure, including electronic and physical security measures. 

The personal information we do collect is hosted on third-party data servers located in  Australia and Canada. We take all reasonable steps to ensure any third-party data storage  suppliers we partner with have appropriate cyber and physical security controls in place. 

Where personal information we hold is no longer required for our business or legal purposes,  we delete the information or permanently de-identify it, subject to specific laws in respect of  data retention.

10. The information we keep about you

Our aim is to always have accurate, complete, up-to-date and relevant personal information.  

You may access the personal information we hold about you upon making a written request.  We will respond to the request within a reasonable period. We may charge a reasonable fee  for processing your request (but not for making the request for access). 

We may decline a request for access to personal information in circumstances prescribed by  the Privacy Act or other relevant legislation, and if we do, we will give you a written notice that  sets out the reasons for the refusal (unless it would be unreasonable to provide those  reasons).If, upon receiving access to your personal information or at any other time, you  believe the personal information we hold about you is inaccurate, incomplete or out of date,  please notify us immediately. We will take reasonable steps to correct the information so that  it is accurate, complete and up to date. 

If we refuse to correct the personal information, we will give you a written notice that sets out  our reasons for our refusal (unless it would be unreasonable to provide those reasons),  including details of the mechanisms available to you to make a complaint. There is no fee for making any corrections to your personal information. 

The firm, usually your Insurer, that engaged us on your behalf maybe notified of your request  for access, and correction of information.  

11. How to contact us or make a complaint

If you have any questions or concerns about our collection, use or disclosure of personal  information, or you believe that we have not complied with this Privacy Policy or the Act, please  contact us. The Privacy Officer will investigate the complaint and determine whether a breach  has occurred and what action, if any, to take. When contacting us, please provide as much  detail as possible in relation to the query, issue or complaint.  

  • Address: Privacy Office, AAM Commercial PO Box 5752 Brendale Qld 4500 Email: 
  • Telephone: 1300 739 470 
  • Website: 


We will take any privacy complaint seriously. We will aim to resolve any such complaint in a  timely and efficient manner, and our target response time is 30 days.  

We expect that our procedures will deal fairly and promptly with your complaint. However, if  you remain dissatisfied, you can also make a formal complaint with the Office of the Australian  Information Commissioner (OAIC). To lodge a complaint, visit the ‘Complaints’ section of the  OAIC’s website, located at, to obtain the  relevant complaint forms, or contact the Information Commissioner’s office.

12. Compliance

12.1 Review of Policy 

This policy is formally reviewed at a minimum on an annual basis for relevance against  industry changes and new technology trends. Updates may occur on an ad hoc basis to  respond to legislation and compliance requirements. 

When an annual review occurs the major version number (the whole number) increases. Minor  updates on an ad hoc basis will increase the minor version number (the decimal digits). 

13. Associated Documents

This policy contains references to the following policies and procedures:

Document Type 



Privacy Process