Privacy Policy

Last updated 22nd March 2024

At KOBA we are committed to ensuring that your personal information is protected. This policy sets out how we collect, store, use and disclose your personal information that is collected by us or our distributors.

Collecting and holding your personal information

Personal information is information or an opinion about an identified individual or an individual who is reasonably identifiable from that information or opinion. We may ask for a broad range of personal information as part of providing you with a policy, which is necessary for us to determine whether or not we can offer you insurance cover.

We will generally ask for your name, address, contact details, date of birth, gender, insurance history, financial history, employment information, information about the asset you are seeking insurance for or eligibility requirements of the product you have applied for, and any other personal information which assists KOBA to ensure we can accurately offer and administer the product. Depending on the product you choose we may also ask for sensitive information, such as your health records and criminal history.

We may also collect information about you including, but not limited to:

  • information about your vehicle and the location of your vehicle;
  • technical information including IP address, operating system, location, browser type and related information regarding the device you use to visit our websites, or on which you install our app;
  • information obtained through monitoring your car via the KOBA Rider or other telematics devices (collectively known as Telematics Device) or Application Programming Interface (API) if you have a compatible connected car, including;
    • the location of your car and roads you’ve driven on;
    • the date and time of day driven;
    • the distance driven, and the time used to drive that distance;
    • the speed and acceleration of the car;
    • the smoothness of braking, accelerating and cornering;
    • other vehicle information such as the Vehicle Identification Number (VIN) and engine fault codes.


Where possible, we will allow you to interact with us anonymously or using a pseudonym. However, if you choose not to provide the information as requested, it may not be practicable for us to provide our services. For example, we will not be able to provide you with insurance coverage if you want to remain anonymous or use a pseudonym.

Our primary purpose of collecting personal information is to provide you with insurance in the car and motorcycle insurance industry that is tailored to your needs and situation, along with additional services that help you manage the safety and security of both you and your car. In particular, we collect your personal information so we can:

  • Identify you and conduct appropriate identification checks.
  • Provide you with a product or service.
  • Set up, administer and manage your policy including the management of claims and renewals of your policy.
  • Assess and investigate a claim made by you under one or more of our products.
  • Manage, train and develop our employees and representatives.
  • Manage complaints and disputes, and report to dispute resolution bodies or regulators.
  • Comply with any legal requirements.

We generally collect your personal information directly from you, by using written forms, access to your vehicle data via the Telematics Device or Application Programming Interface (API) if you have a compatible connected car (as described above), discussions with you in person and over the telephone or from publicly available sources of information. We may also collect your personal information from third parties, including our distributors at point of sale, our service providers, reporting bodies and from other persons or organisations as relevant. We may collect your personal information during the information lifecycle on a recurrent basis using the above methods.

Use and Disclosure

We may hold, use and disclose your information for:

  • The purpose of identifying you.
  • The primary purpose for which the information was collected (please see “Collecting and holding your personal information” above), including building a profile of how, where and when your car is driven, which will allow us to manage your insurance policy and better understand how and when accidents occur.
  • A purpose for which you have consented.
  • Information for direct marketing.
  • Any other purpose authorised or required by an Australian law, court or tribunal.

We may use and disclose your personal information that was collected initially by us for the primary purpose or for a permitted secondary purpose. For example, we may disclose your personal information to:

  • Third party service providers with whom we have contracted to provide services such as investigative, information technology, legal, audit and monitoring, payment processing, analytical, marketing, and debt collection services.
  • Any relevant distributors, or intermediaries connected with your policy such as your advisor or broker.
  • Your financier or credit institution.
  • Credit reporting agencies.
  • Hospitals and health professionals.
  • The Australian Financial Complaints Authority or any other relevant dispute resolution body.
  • Policy or product holders or others who are authorised or noted on the policy as having a legal interest.
  • Other insurers, financial services providers, loss assessors and related claims management services.
  • Government regulators and enforcement bodies.


KOBA may wish to offer you another of our products or services which we think may be of interest to you. We may use the information we hold to market them directly towards you. You can opt out of such offers by emailing [email protected], or using the unsubscribe link in our emails. Once we receive your request to opt out from receiving marketing information, we will stop sending such information within a reasonable period of time.

Some third parties that we disclose personal information to are located overseas in the following countries: United States of America, United Kingdom, and the Philippines. We may send and store personal information overseas to the extent that it is necessary to perform our functions or activities.

Data from the Telematics Device or via API will be collected by our telematics partners including vehicle data aggregators, road intelligence providers and car manufacturers who will process it and then pass it on to us. Where your data is from a Telematics Device provided by a Car Sharing platform, our Car Sharing partners or their telematics partners will process it and then pass it on to us. Partners who pass data to us may also be data controllers of that data. They will process personal data in accordance with our Privacy Policy as part of our agreement with them. Our telematics partners may also process the data under their legitimate interests and on a pseudonymised basis for general research and development purposes including improving the Telematics Device and analysis of driving patterns and accidents and in accordance with their own privacy policies.

Security of your personal information

We take all reasonable steps to protect personal information under our control from misuse, interference and loss and from unauthorised access, modification or disclosure.

We hold your personal information in secure security systems, electronic databases, digital records, telephone recordings and in hardcopy or paper files.

We will take all reasonable steps to protect your personal information from misuse, unauthorised access, modification, disclosure and loss.

The ways we do this include:

  • Maintaining and continually improving IT security protocols.
  • Requiring any third-party providers to have adequate measures to protect your personal information.
  • Ensuring our premises are secure.
  • Destroying or de-identifying information as required.
  • Providing training to employees and representatives regarding their privacy obligations.
  • Providing authorised persons with user identifiers, passwords or other access codes.

While we take the above steps to protect the security of your personal information, data protection and security measures can never be guaranteed. Sending and receiving information over the internet is at your own risk. Accordingly, we cannot guarantee the security of your personal information.

Accessing your information and ensuring it is correct

We rely on the information we hold about you to efficiently conduct our business of providing products and services. For this reason, it is very important that the information we collect from you is accurate, complete and up to date. If your information changes, please inform us by contacting +61 3 6159 2000 so that we may update our records.

You have a right to request access to personal information we hold about you. If you would like to request access to the personal information we hold about you, please contact our Customer Service team by calling +61 3 6159 2000, or at [email protected] if you have any concerns. You may be required to provide further information to KOBA to identify yourself.

We may refuse your request in a number of circumstances, such as:

  • Giving access to the information would pose a serious threat to the life, health or safety of a person.
  • Giving access would have an unreasonable impact on the privacy of a person.
  • The information relates to existing or anticipated legal proceedings and would not be available under the discovery process.
  • Where denying access is required or authorised by an Australian law or court order.

We will seek to handle all requests for access to personal information as quickly as possible. You have the right to request that we correct any inaccurate, out-of-date, incomplete or misleading personal information. We will update your details immediately in accordance with our General Insurance Code of Practice requirements. We will also take reasonable steps to ensure that the correction takes place across all records that hold the information.


We take privacy complaints very seriously. KOBA has established a formal Privacy Complaints Procedure to deal with any complaints lodged with the company in relation to breaches of the Australian Privacy Principles or the Privacy Act 1988. If you have a complaint about how we collect, hold, use, or disclose your personal information or if you believe KOBA has not protected your personal information as set out in this Privacy Policy you may lodge a complaint with us. If you make a complaint, we will respond within fifteen calendar days to acknowledge your complaint. We will investigate any complaint and will try to resolve your complaint within ten calendar days from our acknowledgement. When this is not possible, we will contact you to let you know our revised response date. Once we have completed our investigation, we will notify you of any decision in relation to the complaint.

Complaints can be made by telephoning the number or emailing the address set out below and should be directed to the Privacy Officer, who will provide you with further information about KOBA’s Complaints Procedure. It is important to follow the process so we can deal with your complaint effectively and efficiently.

Contact Details

Visit our website: ‘Contact us’
By email: [email protected]
By phone: +61 3 6159 2000

What if I am not satisfied with KOBA’s response?

If you are not satisfied with the outcome of your complaint to KOBA you can refer your complaint to either the Office of the Australian Information Commissioner or the Australian Financial Complaints

Authority for further review

Office of the Australian Information Commissioner
By phone: 1300 363 992
By email: [email protected]
In writing: GPO Box 5218, Sydney NSW 2001

Australian Financial Complaints Authority
By phone: 1800 931 678 (free call)
By email: [email protected]
In writing: Australian Financial Complaints Authority, GPO Box 3, Melbourne VIC 3001