Privacy Policy

MGA Insurance Brokers Pty Ltd (ABN 29 008 096 277, AFSL 244601) (referred to below as MGA Insurance Brokers, MGA, we, our, us) is committed to protecting your privacy.

This privacy policy (Privacy Policy) sets out how we manage your Personal Information. In particular, this Privacy Policy sets out how we will manage any Personal Information that is disclosed, collected or otherwise handled in connection with:

  • the MGA Website https://www.mga.com (the Website);
  • our subsidiaries and other affiliated companies; and
  • our third-party suppliers

This Privacy Policy may change from time to time, and it is important that you review it regularly. Any change to this Privacy Policy will become effective when we publish the revised Privacy Policy on our Website.

What Personal Information do we collect and hold?

Personal Information is defined in the Privacy Act 1988 (Cth) (Privacy Act) to mean information or opinion about an individual, or an individual who is reasonably identifiable (whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not).

We may collect and hold different kinds of Personal Information about you depending on the nature of your engagement with us. Such categories of Personal Information may include the following:

  • Contact information: includes your name, phone number, email address, date of birth, your address and any details relating to your employment or previous employment;
  • Transaction information: includes insurance history, details about payments to and from you, and other details of products and services you have purchased from and sold to us;
  • Payment information: if you are requesting products or services from us, we will collect any relevant payment or billing information, (including but not limited to bank account details, direct debit, credit card details, billing address, premium funding and instalment information;
  • Marketing information: includes your preferences (if advised) in receiving marketing communications from us; and
  • Any other Personal Information: that you provide to us either directly or indirectly or when using our website, or when interacting with our subsidiaries or other affiliated companies.

What Sensitive Information do we collect and hold?

Sensitive Information is defined in the Privacy Act to include Personal Information about your race or ethnic origin, political opinions or associations, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association or union, sexual orientation or practices, or criminal record information. Sensitive Information also includes information about your health or genetic background and biometric information.

We may collect and hold the following types of Sensitive Information and use such Sensitive Information for reasons directly relevant to our relationship with you (for example, to appropriately administer an insurance policy or review and consider a claim you make under an insurance policy):

  • criminal record information;
  • health information; and
  • membership of a professional or trade association.

How do we collect your Personal Information?

We will collect Personal Information directly from you wherever it is reasonable and practical to do so. We may also obtain Personal Information indirectly, for example, from:

  • another insured if they arrange an insurance policy which also covers you;
  • our subsidiaries and other affiliated companies;
  • referrals;
  • your previous insurers or insurance intermediaries;
  • witnesses in relation to claims;
  • health care workers;
  • publicly available sources;
  • premium funders; and
  • people with whom we enter into business alliances.

We may collect Personal Information from you as a result of:

  • your response to any surveys or marketing materials we send out;
  • information uploaded to the Website by yourself or by other users; and
  • interactions between yourself, other users of the Website or any internal applications (if applicable), and our representatives.

We may also collect your Personal Information from third parties in addition to those referred to above, including:

  • third parties who provide services to MGA;
  • other third parties who provide services through the Website; and
  • via public sources.

How do we hold your personal information?

We generally hold Personal Information in electronic format, which we store either within our own internal systems and applications or using third party data processors and data storage providers. We may otherwise hold your Personal Information in hard copy form which is stored in our offices. We discuss the security of your Personal Information below.

Why do we collect, hold, use and disclose your Personal Information?

We collect, hold, use and disclose your Personal Information for a variety of reasons including in the most common circumstances listed below:

  • to provide insurance broking services, insurance intermediary services, funding services, claims management services and risk management and other consulting services;
  • to assess the performance of the Website and to improve the services we provide;
  • to deliver targeted content based on user profiling and location;
  • to process and respond to a complaint or request you may make;
  • to contact you in relation to our services, particularly if we believe there are any products or services or any information we believe you might be interested in (however in doing so we will comply with all applicable laws regarding the provision of unsolicited messages);
  • if you have given consent for MGA’s use of the Personal Information for one or more other specific purposes;
  • it is necessary for the performance of a contract to which you are party;
  • for the provision of services or the administration of our business and the business of our subsidiaries and other affiliated companies (including fulfilling and exercising our obligations and rights, exercising or defending legal claims and managing the relationship with you); or
  • where it is necessary to meet our obligations at law, for example:
    • for conducting identity checks required by the anti-money laundering and counter-terrorism financing laws.

Who may we disclose your Personal Information to?

We may disclose your Personal Information to our subsidiaries and other affiliated companies, as well as various third parties. These third parties may include:

  • technology partners and service providers in connection with services that these parties perform for us;
  • our lawyers, accountants and professional advisors;
  • other third-party service providers, such as third party branding service providers;
  • our agents, contractors or our subsidiaries and other affiliated companies (and their agents and others they rely on to provide their services);
  • reinsurers, premium funders, other insurance intermediaries, insurance reference bureaus, loss adjusters or assessors, medical service providers and credit agencies;
  • to law enforcement authorities where we are required to do so by law or pursuant to a legal process;or
  • to any entity in the event that we sell or transfer (or propose to sell or transfer) all or a portion of our shares, business or assets. Should such a sale or transfer occur, we will use reasonable efforts to require that the transferee uses the Personal Information you have provided to us in a manner that is consistent with this Privacy Policy.

MGA may transfer your Personal Information to Direct Overseas Foreign Insurers (DOFI) based in Singapore, Barbados, Bermuda, United Kingdom, and the United States of America and to other countries in which we do business. MGA may also subcontract certain activities and share your Personal Information with our subsidiaries and affiliates or other third parties located in countries outside of Australia. The countries in which these organisations are located will vary, but, in the course of our business operations, we generally may disclose Personal Information to organisations located in Australia and outside Australia, including but not limited to Cambodia, Philippines, Singapore, the United Kingdom and the United States of America. Such transfers are made in order to provide the services and carry out the activities specified in this Privacy Policy. If we do this, we make sure there are appropriate privacy, data handling and security arrangements in place to protect your information.

What if we can't collect your Personal Information?

If you do not provide us with the Personal Information we need, some or all of the following may occur:

  • we or any involved third parties may not be able to provide appropriate services or products;
  • you may not be able to use the Website and certain applications; and
  • we may not be able to provide you with targeted content and relevant information.

Direct marketing

We may provide you with electronic marketing messages from time to time. You may opt out of receiving electronic messages from us at any time by contacting our Privacy Officer via the contact details at the bottom of this Privacy Policy or by using the opt out mechanism included in our electronic marketing messages.

Data security

We have put in place a range of electronic security and access measures to prevent your Personal Information from being accidently lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your Personal Information to representatives, employees, agents, contractors, subsidiaries and other affiliated companies, and other third parties who have a business need for access.

We have put in place procedures to deal with any suspected Personal Information breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

Access and correction of Personal Information

We take reasonable steps to ensure that the Personal Information we handle is accurate, complete and up to date. If you become aware of any errors in your Personal Information or, if you change your Personal Information, please let us know.

You can request access to any Personal Information we hold about you at any time. However please be aware that from time to time we may need to reject your request to access Personal Information we hold about you, if we believe such rejection to be necessary and to the extent allowed by law. To request access to any Personal Information that we may hold about you, please contact our Privacy Officer using the contact details at the bottom of this Privacy Policy. Depending on the nature of your request and where permitted by law, we may charge a small fee for complying with your request.

You may request us to amend any Personal Information we hold about you which you believe to be inaccurate, incomplete, or out of date. To request an amendment to any Personal Information that we hold about you, please contact our Privacy Officer using the contact details at the bottom of this Privacy Policy. If we do not agree to amend your Personal Information, you may request that we make a note of your requested correction with the information we hold about you.

If we do not provide you with access to any of your Personal Information, or do not correct any of your Personal Information, we will provide you with our reasons.

You may also contact our Privacy Officer if you wish to obtain further information regarding our privacy practices and the way we handle your Personal Information.

For more information regarding privacy, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au .

Information retention

We are subject to legal and regulatory requirements in relation to the retention of information collected under this Privacy Policy. For more information in relation to these requirements, please contact our Privacy Officer or the OAIC website referenced above.

Additional Services and Links to Other Sites

From time to time, we may provide links or mechanics to interface with other websites for your information or convenience or offer additional services through separate third-party websites linked to our Website. Although these websites may be operated by our subsidiaries or other affiliated companies, they operate independently from our website and may be subject to alternative terms of use, including terms concerning use of your Personal Information. We have not necessarily reviewed these third-party sites and we do not control and are not responsible for any of these websites, their content or their privacy policies. If you decide to access or interact with any of the third-party sites listed on our Website, you do so at your own risk.

Complaints

We take your privacy concerns seriously. If you have a complaint regarding our handling of your Personal Information or concerning our privacy practices, you may file a complaint with our Privacy Officer using the contact details set out at the bottom of this Privacy Policy. Our Privacy Officer will confirm receipt of your complaint. If our Privacy Officer believes an investigation is necessary, we will open an investigation into your complaint. Our Privacy Officer may need to contact you to request further details of your complaint.

If an investigation has been opened following a complaint made by you, our Privacy Officer will contact you with the result of that complaint as soon as possible.

In the unlikely circumstances we are unable to resolve your complaint to your satisfaction, you may refer your complaint to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au .

Cookies

Our website may use ‘cookies’. Cookies can be used to collect Personal Information. A cookie is a small file that is stored on your device by a website. Cookies contain information which is readable by the website that issued the cookie to you and is commonly used to remember your details and preferences when you return to that website. If you set up your web browser to reject cookies, certain functions of our website may become unavailable to you.

Contact us

If you have any questions about this Privacy Policy, our privacy practices or if you would like to request access to, or correction of, any Personal Information we hold about you, please contact our Privacy Officer:

Policy version

This Privacy Policy Version 7.0 was last updated on 29 September 2025.