Deliver on the promises of the past and create smart solutions for the future.
This is a place where your ideas and insights make an impact. Where an independent, entrepreneurial spirit is an advantage. And where diversity of thought and experience makes us who we are.
Data-driven insight. Deep expertise. Transformative innovation. Since 1947, Milliman has delivered intelligent solutions to improve health and financial security.
At Milliman, we take data privacy very seriously. This policy applies to all personal information collected by Milliman, Inc. and its affiliates in the course of their normal business activities involving an Australian link. The purpose of this policy is to set out the principles governing Milliman’s use of such information. If you give us personal information, we will treat it according to this policy.
Milliman Australia Pty Ltd is deemed to have an “Australian link” by virtue of the fact that it is incorporated in Australia. Other members of the Milliman Group of companies will be deemed to have an Australian link, and will therefore be bound by this policy, if and to the extent that they carry on business in Australia, or collect or hold any personal information in Australia.
The Privacy Act 1988 (Cth) (Act) defines "personal information" as information or an opinion about an identified individual or an individual who is reasonably identifiable:
(a) whether the information or opinion is true or not; and
(b) whether the information or opinion is recorded in a material form or not.
You should be aware that the Privacy Act contains certain exemptions which may impact upon our privacy obligations. For example, employee records are generally exempt from an organisation's obligations under the Act. This exemption does not, however, permit us to use personal information contained in employee records for purposes not connected with the employment relationship. Employee records remain confidential.
The personal information we collect varies depending upon the nature of the services provided and our interactions with individuals. In the context of the collection of data through our website, Milliman’s marketing activities and contract administration:
(a) we may collect, store and process the personal information of visitors to our websites (first name, last name, title, company, phone number, location, email address, subject of the request and message given) who request information about products or services from Milliman, for the purpose of the management of the relationship with clients and the administration of the website;
(b) we may also collect, store and process the personal information of clients’ representatives, officers, agents and employees, business partners, providers, parties to a contract (name, professional address, title, email and other professional contact details) for contract administration purposes;
(c) we may collect, store and process the personal information of the professional contact details of clients’ representatives, their employees and business partners in order to activate and maintain client accounts, to fulfill requests or respond to inquiries about Milliman products or services, and to provide offers and information (as permitted by law) about products, services, or events offered by Milliman or that Milliman thinks may be of interest;
(d) we may also use professional contact details of clients’ employees for the purpose of sending surveys, questionnaires or for the purpose of organizing contests, unless there is a legal requirement to obtain prior consent; and
(e) we may also collect and process limited personal information about you from public resources (such as LinkedIn) including your name/surname, email address, telephone number, organization, title/position, profession, professional interests, to allow us to assess a potential interest in our services and to contact you for marketing purposes;
(f) without limiting sub-paragraph (e) above, we assume that if you use our services, you consent to the receipt of direct marketing material regarding the products and services we offer or develop. We will only use your personal information in this regard if we have collected such information directly from you, and if it is material of a type which you would reasonably expect to receive from us. Our direct marketing material will include a simple means by which you can request not to receive further communications of this nature. An alternative means of opting out is to contact us as set out below and simply request that you receive no further such communications.
In each case, however, this information will only be subject to this policy, and to protection under the Privacy Act, if it is in fact possible to identify you from that information.
By voluntarily providing us with information about yourself, you are consenting to our use of that data in the manner described in this policy.
Where reasonable and practicable to do so, we will collect your personal information only from you. However, in some circumstances we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.
If we collect personal information from you via our website, we may use digital cookies to remember your preferences and collect online traffic data and browsing characteristics. Internet cookies are small strings of text placed on a user’s hard drive during the data exchange that happens when a browser points to a website. The browser stores the message in a text file which is sent back to the server each time the browser requests a page from the server. Cookies and other information collection technologies can only store information that is explicitly provided by the user or visitor in the first place, or information which is already known to the website such as your IP address. You can choose to adjust your browser to reject cookies or to notify you when they are being used, bearing in mind that rejecting cookies can result in a loss of some website functionality.
Like many companies, Milliman monitors the use of its websites by collecting aggregate data. No personal information is collected in this process. Typically, Milliman collects data about the number of visitors to the website, to each web page, and the originating domain name of the visitor's Internet service provider. This data is used to improve the usability, performance and effectiveness of Milliman’s website.
We collect personal information for the purpose of managing the relationship with our clients, administering our website, authentication of website visitors and for contract administration. To the extent permitted by law, we may also use professional contact details of our clients’ employees for the purpose of sending surveys and questionnaires or for the purpose of organizing games, and we may source personal information from public resources (such as LinkedIn) to allow us to assess a potential interest in our services and to contact you for marketing purposes.
If we obtain any personal information about you, we may share it with other Milliman entities, wherever located, for the purposes of data processing or storage.
We may have cause to disclose personal information to our service providers who assist us in operating our computer systems. Your personal information may also be exposed from time to time to maintenance and support personnel acting in the normal course of their duties. In the event that we outsource part of our infrastructure, it is possible that the entity we engage for this purpose may also have access to your personal information.
In addition, we may share your personal information with authorised third-party agents or contractors in order to provide a requested service or transaction. We only provide third-party agents with the minimum amount of personal information necessary to complete the requested service or transaction.
Subject to the foregoing, we only use your personal information in a manner consistent with the original purposes of collection or as otherwise permitted by the Australian Privacy Principles.
We may disclose your personal information to a third party if required or authorised to do so under an Australian law or by a court or tribunal order, or where disclosure is reasonably necessary for one or more enforcement related activities conducted by or on behalf of an enforcement body, or as otherwise required or permitted by law (such as the investigation of suspicious or unlawful behavior, the defence of a legal claim or for use in connection with a confidential alternative dispute resolution process).
Milliman’s websites, products, and services are not directed to children, and Milliman does not knowingly collect personal information from children. If a parent or legal guardian becomes aware that his or her child has provided Milliman with personal information without their consent, the parent or legal guardian should contact Milliman at [email protected], and Milliman will take steps to delete any such Personal Data.
Australian Privacy Principle 12 permits you to obtain access to the personal information we hold about you in certain circumstances, and Australian Privacy Principle 13 allows you to correct inaccurate personal information subject to certain exceptions. If you wish to seek access for this purpose, please contact our Chief Compliance Officer at [email protected].
There is no charge for requesting access. If access is subsequently provided, a small fee may be charged.
If you have a complaint concerning the manner in which we maintain the privacy of your personal information, please contact us as set out below. All complaints will be considered by our Chief Compliance Officer at [email protected] and we may seek further information from you to clarify your concerns. If we agree that your complaint is well founded, we will, in consultation with you, take appropriate steps to rectify the problem. If you remain dissatisfied with the outcome, you may refer the matter to the Office of the Australian Information Commissioner.
The United Kingdom and the European Union
Your personal information may be transferred from Australia to recipients located in the United Kingdom or the European Union. The United Kingdom, and countries which are members of the European Union, have data protection laws which protect personal information in a way which is at least substantially similar to the Australian Privacy Principles, and there will be mechanisms available to you to enforce protection of your personal information under that overseas law. In the circumstances, we do not require the overseas recipients to comply with the Australian Privacy Principles and we will not be liable for a breach of the Australian Privacy Principles if your personal information is mishandled.
The United States of America
Your personal information may be transferred from Australia to recipients located in the United States of America. The United States of America does not have data protection laws as comprehensive as Australia’s, and we will accordingly take reasonable steps to secure a contractual commitment from the recipient to handle your information in accordance with the Australian Privacy Principles.
Milliman’s website may contain links to websites hosted and operated by companies other than us (“Third-Party Websites”) to which you can export (part of) your personal information.
If you have any queries, or if you seek access to your personal information, or if you have a complaint about our privacy practices, you can contact us on: [email protected].