Privacy Policy

1. Background

Thanks for visiting our Privacy Policy (Policy), we are Guanyin Investments Pty Ltd of PO BOX 2160 Chermside 4032 (Lotus Insurance, we, our, us and other similar terms). We are committed to providing quality services to you and this Policy outlines our ongoing obligations in respect of how we manage your Personal Information. It applies to our website terms and conditions and other agreements we may form with you.

When we talk about Personal Information, we mean information or an opinion about an identifiable individual (not a company), whether or not that information or opinion is true or in a material form (Personal Information).

2. Disclaimer

While your Privacy is important to us, nothing in this Privacy Policy constitutes a voluntary opt in to any privacy law’s, anywhere in the world, which we are not statutorily bound to comply with.

3. Collection of Personal Information

3.1 How we collect Personal Information

We collect Personal Information in the ordinary course of our business. Personal Information is collected when you:

(a) contact or correspond with us via email, telephone or via our website;

(b) engage with us at trade fairs;

(c) subscribe to our newsletters or complete surveys and online forms;

(d) purchase or enquire about our goods and services; or

(e) make customer service-related enquiries.

Information will only be collected directly from you unless you authorise another person to provide the information. 

3.2 What Personal Information is collected?

The types of Personal Information we collect includes your name, address, telephone number, email, details to assess your proposal for insurance, to administer our services and other information that enhance our client service. 

Where you contact us on behalf of your employer, the information you provide often contains information about your employment, position and employers contact details. In those circumstances certain employment information is collected.

4. How Lotus Insurance uses Personal Information

4.1 Why we collect Personal Information

We collect your Personal Information for the primary purpose of providing our goods and services to you. We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure. 

Examples of when we may use your Personal Information include:

  1. informing you about our goods and services;
  2. providing you with the goods and services you have requested;
  3. administration needs in relation to providing you with goods and services, including the administration of your account;
  4. dealing with requests, enquiries, complaints and other customer care related activities;
  5. arranging for the delivery of goods you purchase; and
  6. carrying out any activity in connection with a legal, governmental or regulatory requirement imposed on us or in connection with legal proceedings, crime or fraud prevention, detection or prosecution.

4.2 Direct marketing

Where you provide us with consent to do so (e.g. if you have subscribed to our email lists, SMS service or have indicated that you are interested in receiving offers or information from us), we may send you marketing communications by electronic means about products and services that we feel may be of interest to you. 

We (or an appointed third party) may also conduct surveys or market research and may seek other information from you on a periodic basis. These surveys will provide us with information that allows improvement in the type, quality and the manner in which our goods and services are offered to you.

You can opt-out of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided in the communication itself.

4.3 Use of de-identified data

The data we collect may have analytical value to us, our business partners and our related entities.  We reserve the right to process, distribute or sell information we collect through our services.  However, we will only distribute data which has been de-identified or otherwise to our associates in accordance with this Policy.  

5. Cookies and browser analytics

5.1 Cookies, pixels and logs

When you visit our website or engage with us through social media, certain information is collected. This is generally anonymous information and it does not reveal your identity. 

The following is the type of information which is collected:

  1. your IP address or proxy server IP address;
  2. the website which referred you to ours;
  3. the domain name and web pages you access;
  4. the name of your internet service provider may be captured depending on the configuration of your connection;
  5. the date, time and duration of your visit to the website;
  6. the number of times you access our site within any month;
  7. the operating system of your computer or mobile device; and
  8. the technical capabilities of your web browser.

By modifying your browser preferences, you have the choice to accept all cookies, to be notified when a cookie is set, or to reject all cookies. If you choose to reject cookies some parts of our website may not work properly.

5.2 Use of Google Analytics

This website may use google analytics, a web analytics service provided by Google LLC (Google).  google analytics uses cookies, which are text files placed on your computer, to analyse how you use the site.

The information collected by Google about your use of the website will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. 

Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. 

By using this website, you consent to the processing of data about you by Google in the manner described in Google’s privacy policy and for the purposes set out above. You can opt out of Google Analytics if you disable or refuse the cookie, disable JavaScript, or use the opt-out service provided by Google.

6. Data retention and security

6.1 Security mechanisms we employ

Generally, we store your Personal Information using secure servers protected from unauthorised access, modification and disclosure. However, like most businesses we hold some information on our staff’s computers (such as emails from you) and where necessary as hard copy files (such as printed invoices).

Our systems are managed by us and our service providers. Personal Information that we store or transmit is protected by security and access controls, including username and password authentication, two-factor authentication, and data encryption (such as SSL) where appropriate.

In our dealings with third party service providers, we take care to work with subcontractors and service providers who we believe maintain an acceptable standard of data security compliance.

6.2 How long we keep your Personal Information

We retain your Personal Information for as long as is necessary to provide the goods and services to you, as required for our internal business operations, and to comply with our legal obligations.

If we hold Personal Information about you, and we do not need that information for any purpose, we will take reasonable steps to destroy or de-identify that information, in accordance with the Australian Privacy Principles (APP), unless we are prevented from doing so by law.

Under Australian law, financial records, such as those relating to financial transactions, must be retained for 7 years after the transactions associated with those records are completed.

If you no longer want us to use your Personal Information, you can request that we erase your Personal Information. Where possible we will do so in accordance with the APPs. However, where you request the erasure of your Personal Information we will retain information from deleted accounts as necessary for our legitimate business interests, to comply with the law, prevent fraud, collect fees, resolve disputes, troubleshoot problems, assist with investigations or requests by government, a court of law, or law enforcement authorities, enforce the terms of service and take other actions permitted by law. Any information we retain will be handled in accordance with this privacy policy.

7. Disclosure of your Personal Information

7.1 Who we share your Personal Information with?

Your Personal Information may be disclosed to:

  1. our employees, a related company and our professional advisers (lawyers, accountants, financial advisers etc.);
  2. regulators and government authorities in connection with our compliance procedures and obligations, including law enforcement agencies to assist in the investigation and prevention of criminal activities; 
  3. a purchaser or prospective purchaser of all or part of our assets or our business, and their professional advisers, in connection with the purchase;
  4. a third party, in order to enforce or defend our rights, or to address financial or reputational risks;
  5. third party contractors, suppliers and service providers with whom we have a business association, including: 
    1. product fulfillment and logistics service providers; 
    2. administrative service providers;
    3. marketing service providers; and 
    4. information technology service providers including cloud application providers.

We will not disclose your Personal Information other than in accordance with this Policy without your consent.

7.2 Offshore transfers

We may disclose your Personal Information to third party contractors, service providers and suppliers with whom we have a business association operating in the United States and the Philippines.  

While we do not otherwise actively disclose your Personal Information to overseas entities, our engagement of service providers, such as those who operate cloud services, may have international data centres and disaster recovery sites. Consequently, these providers may have access to your information offshore. We rely solely on reputable organisations for such cloud services.

8. Access to Personal Information and corrections

We endeavour to only hold Personal Information that is accurate, complete and up-to-date. You have the right to make a request to access Personal Information which we hold about you and to request corrections of any errors in that data. To make an access or correction request, contact us using the contact details provided at the end of this Policy.

In order to protect your Personal Information, we may require identification from you before releasing the requested information or making the correction.

9. Complaints 

Your privacy is important to us. If you have a complaint or concerns about our handling of your Personal Information, we ask that you first contact our privacy officer whose contact details are listed below.

We will investigate your complaint and reply to you in writing if you provide us with contact details and request us to do so. If, after we have conducted our investigations you are still not satisfied then we ask you to consult with the Office of the Australian Information Commissioner:


Telephone: 1300 363 992 (from overseas +61 2 9284 9749)

Post: GPO Box 5218 Sydney NSW 2001

10. Contacting Lotus Insurance

If you have any questions about our privacy practices, wish to make a complaint or have questions regarding the way in which we have been managing your Personal Information, please contact our privacy officer:


Telephone: 0468 643 594

Post: PO BOX 2160 Chermside 4032

11. Variations to this Policy

We will need to change this Policy from time to time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.

When we do change the Policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this Policy will always be available on this page.