Walking the dog...

Like us? Like money? Got friends?

Get a friend signed up and you get $100, it’s that simple.

Find out more

Privacy Policy

Privacy Policy

We’re now going to talk about our legal responsibilities and your rights here; so, we’re going to sound a little more formal than we normally do.


Our Privacy Policy for Policy Holders and visitors to health.com.au

We comply with the Privacy Act 1988 (Cth) and other relevant legislation dealing with privacy and health records. This Privacy Policy explains how we handle your personal information, including collection, use, disclosure, storage, and how you can access, change your information, contact us or make a complaint.

References to “we”, “us”, and “our” refers to health.com.au Pty Ltd. The ultimate parent entity of health.com.au Pty Ltd is GMHBA Limited (ABN 98 004 417 092 ), a registered health insurer.


Customer means an individual who is currently receiving, or has previously received goods and services from us and includes a Policy Holder and individual covered by one of our Policies

Personal Information has the same meaning under the Privacy Act 1988:

Personal information means information or an opinion (including information forming part of a database), whether true or not, and whether recorded in material form or not, about an individual whose identity is reasonably apparent, or can be reasonably ascertained, from the information or opinion.

Policy means one of our policies of insurance

Policy Holder means a holder of one of our policies of insurance

Sensitive Information is a sub-set of personal information and includes health information and otherwise has the same meaning that it has under the Privacy Act 1988

Social Media Features includes social media forums, applications, functions and promotions

Website means ‘health.com.au’

How we collect your personal information

We may collect personal information from you in a range of ways, including when you:

– use our Website: when you log in, complete an “Instant quote”, contact us via the live chat service, complete an email query form, post a blog comment or contribute in any other way through our Website;

– when you contact us by phone, SMS, email, online or mail;

– provide information using any Social Media Features, such as the Facebook Like button and widgets like the Share button; and

– when you lodge a claim.


We will collect personal information directly from you if it is reasonable and practicable to do so.

We may collect your personal (including sensitive) information from you, another person covered by your Policy, or from a person authorised to provide us this information on your behalf.

We may also collect your personal (including sensitive) information from our subsidiaries or a third party (for example, a hospital or other health service provider, our distribution partners who sell our products and services on our behalf, a previous private health insurer, employer, educational institution, government agency or adviser that has dealt with you).

Couples and family Policies

If your Policy covers more than one person, for example if you have a policy covering a couple or a family, information about all person’s covered by the Policy is collected from the Policy Holder or with the Policy Holder’s consent.

If you have provided us with information about another person, then you need to tell that person you have done so, that they have a right to access their information and that this document sets out how we will handle their personal information.

The following kinds of personal information is collected

The personal information we collect from you and hold about you will vary depending on whether you are enquiring about our products and services, whether you used to be Policy Holder and whether you have an existing Policy and also, to the extent that you use our products and services. Further, there are a number of laws that require us to collect information about you, including the Private Health Insurance Act 2007.

If you apply to be, used to be or are currently a Policy Holder, we may collect and hold the following personal information:

– Name, address, date of birth, mobile phone number and email address;

– Your gender, date of birth and marital status;

– Payment and billing details;

– Records of our interactions with you, including notes and voice recordings of telephone conversations with us, information you provide using the live chat service on our Website and any information you type into or select on our Website;

– Information you voluntarily provide us with via Social Media Features, SMS and email;

– Statistical information for the purposes of product development, risk assessment and audit requirements; and

-Claims details.

If you used to be or are currently a Policy Holder, we may hold information about:

– Medicare, Pension, or Health Care Card numbers;

– Policy details, including change of covers, cancellation and suspensions of your policy;

– Private Health Insurance rebate details;

– Employer details;

– Information about your activities, including sporting and other lifestyle activities;

– Health information, including pre-existing condition information;

– Claims;

– Benefits paid; and

– Contributions you make using Social Media Features and our Website, including any information you type into or select on the Website.


Sensitive Information

We may be required to collect and hold sensitive information for some of our products and services. This includes for example, information about your claims for the purposes of assessing claims and administrating your Policy and ensuring that claims have been processed in accordance with the fund rules relevant to your Policy, policies and the law.

Not providing personal information

If you do not provide the personal information requested by us, then we may be unable to provide you with the products or services you request or administer your Policy.

Use of your personal information

We use your personal information to administer our products and services and provide you with better service.  This use may include disclosing your personal information on a confidential basis to our related entities and bodies corporate.

– In addition, the personal information you provide to us may be used to:

– Process your application;

– Manage our ongoing relationship with you;

– Investigate claims;

– Process claims and payments;

– Resolve complaints;

– Develop products and services we think may be of interest to you;

– Conduct quality assurance and market research activities;

– Perform any of our other functions and activities relating to our business; and

– Comply with laws and regulations.


Direct Marketing

We may contact you to provide you with information about products and services offered by us, our related entities and bodies corporate, and business partners which we think may be of interest to you and your family. This includes information about insurance products, like car insurance. When we contact you it may be via email, phone, SMS or mail.

We may also share your personal information on a confidential basis with our related entities and bodies corporate so that they can offer you products and services.

When you become a customer of ours, you consent to us using your personal information for direct marketing, unless you contact us to tell us you have withdrawn your consent. You can withdraw your consent at any time by sending an email to: customers@health.com.au with the word “unsubscribe” in the subject line.

If you do withdraw your consent to receiving direct marketing information, we will still contact you to manage our on-going relationship with you, for example administering your Policy.

Cookies and Web Beacons

When you visit our Website you consent to the use of Cookies, Web Beacons and measurement software.

Cookies are text files containing small amounts of information which are downloaded to your computer when you visit a website that enables the website to recognise your browser and capture and remember certain information. Cookies do not individually identify the user of the computer.

Cookies are industry standard and are used by most websites, including us, because they allow:

– a website to recognise a user’s device and enable more efficient navigation of the website and remember preferences;

– customisation and personalisation of advertising based on your prior use of the website; and

– compilation of analytical data to improve site performance and monitor traffic, measure the effectiveness of products, services, website usage and auditing.


Web Beacons are small pieces of code that are contained in emails and webpages and allow a website to transfer or collect information such as whether an email is opened or links are clicked upon. We may use Web Beacons to determine which emails and web pages are interesting to you and for same reasons we use Cookies on our Website.

When you visit our Website we may, or may allow service providers like third party analytics, advertising and adserving partners, including Google, to place Cookies on your computer or through Web Beacons collect information about your browsing activities. If you access our products and services through a mobile or tablet device, we may, or we may allow these service providers to, use mobile or tablet measurement software to obtain similar information to what we do through Cookies or Web Beacons. We use these Cookies, Web Beacons and measurement software to assist us provide or improve the provision of our products and services to you, display personalise advertising and assist us to audit, measure and analyse usage across our Website.

If you do not want information collected through the use of Cookies or mobile measurement software, there is a simple procedure in most browsers or settings that allows you to deny or accept the Cookie or measurement feature. For example:

– You have the option to opt out of Google’s use of cookies by visiting the Google advertising opt-out page.

– Alternatively you can opt out of cookies by visiting the Network Advertising Initiative opt out page.


Applications, widgets or links to other websites

We provide links to websites outside of our Website, as well to other third party websites. We also allow some third parties to display what we call ‘widgets’ or applications on our Website that allow you to interact and share content including buttons for Social Media Features like Facebook share, Twitter, Pinterest and Google+. We do not control these applications, widgets or applications. We recommend before you disclose your personal information using these, that you examine their terms and conditions, including their privacy policy.

Collecting anonymous data

We collect general information about your visitation, use and navigation of our Website. We may record mouse clicks, mouse movements, scrolling activity as well as any text you type. We use your Internet Protocol (IP) address to help diagnose problems with our server and to administer our Website. We analyse our Website logs to improve the relevance of content featured on the Website.  We may use a third party provider to collect this information for us. The information is anonymous and aggregated.


We take all reasonable steps to protect your personal information from misuse, loss and unauthorised access, modification or disclosure. We review and update our security measures in light of current technologies. Only authorised personnel, or those organisations with authority, will have access to the personal information we hold about you.

We also take reasonable steps to destroy or permanently de-identify personal information if we no longer need it for any purpose.

Disclosing your personal information

During the course of our normal business operations and in order to allow us to provide, manage and administer our products and services to you, we may need to disclose your personal information to third parties. This may include:

– Hospitals, medical and ancillary service providers;

– Payment systems operators and financial institutions;

– Government and regulatory bodies, including Medicare and the Australian Taxation Office;

– Where you, or any person covered by your Policy, is transferring to or from another private health insurer, we may disclose your personal information to the other insurer to facilitate the transfer;

– Any persons acting on your behalf such as those nominated or authorised by you, executors, trustees and legal representatives;

– Lawyers, auditors and other advisers acting on our behalf;

– Where we need to disclose information to enforce our legal rights;

– Where disclosure is required by law, tribunals or government agencies; and

– Any persons or entities engaged by us or acting on our behalf like contracted service providers, this includes for example our distribution partners who sell our products and services on our behalf.


We may also disclose you personal information to other persons covered by your Policy as part of administering your Policy.


We primarily conduct our business online and via the telephone.  We use a number of contractors to help us handle information, which includes your personal information. The services of these contractors may be provided in locations that include Australia, the United States of America, Europe and Asia.

We have procedures to safeguard the handling of your personal information by these contractors. We have taken reasonable steps to verify their security arrangements and their compliance with applicable privacy obligations, including EU-US Safe Harbor frameworks and principles. You can learn more about Safe Harbor by visiting the Safe Harbor page.

We have also taken reasonable steps to put in place with our contractors contractual arrangements in compliance with our obligations under the Privacy Act 1988 (Cth).

When you provide us with your personal information you give us your consent to the handling of your personal information as described in this Privacy Policy.


If we are involved in a reorganization, merger, acquisition or sale of our assets, your personal information may be transferred as part of that deal. Will notify you of any such occurrence.

From time to time we may change this Privacy Policy and post the most current version on our Website. You should review this Privacy Policy periodically so that you are updated on any changes.

Access to & correcting your personal information

We take reasonable steps to ensure the personal information that we collect, use or disclose is accurate, complete and up-to-date. You can access and correct personal information we hold about you. Please email us at:customers@health.com.au.

Questions or Complaints

If you have any questions or complaints with regards to our collection, use or disclosure of your personal information please email us at customers@health.com.au.

We will do our utmost to resolve the issue as quickly as possible. If you are not satisfied with our response or would like more information about protecting your Privacy, you can refer the matter to the Office of the Australian Information Commissioner by telephone on 1300 363 992 or email at enquiries@oaic.gov.au.