Protecting Your Privacy
What personal information we collect
The personal information we collect and store about you may include:
- your name;
- contact details (including mobile phone, telephone, address and email);
- marital status;
- occupational information;
- health and other medical information;
- lifestyle information that relates to insurance;
- previous or current insurance; or
- driving history
and such other information which is relevant and necessary to providing products and services to you or to comply with the law.
Why we collect personal information
We will inform you of the main reasons for collecting your personal information at the time we request it. The purposes for which we will generally collect and use your information include considering any application you make to us, providing products and services to you, performing administrative functions, communicating with you, verifying your identity, preventing and detecting fraud or loss, enhancing our products and services and telling you about our other products and services which may include those of our business partners, which we believe may interest you. You may tell us at any time that you do not want us to advise you about other products and services (see “Marketing” below for more details).
How we collect personal information
We collect information from you in various ways. It might be through our call centres, over the internet if you transact with us online, or when you fill out an application form for one of our products online or via social media.
At our offices we may record you using CCTV for quality, training, security and record keeping purposes.
Information collected online
We collect information about visitors using our online resources. Any information collected is used to provide our products and services and to identify online behavioural patterns.
Our online resources include, but are not limited to websites and mobile applications “apps”. Information collected by these resources may collect the following information:
- Server address/IP address
- Date and time of visit to our site
- Pages visited
- Documents downloaded
- The site you visited prior to visiting our website
- The browser you are using to access our resources
- If you have visited our website before
- Tracking user preferences
In addition to the above, mobile apps may collect location data.
From time to time, we may use data collection devices such as ‘cookies’ in conjunction with our website. Cookies are commonly used on the internet. They are a small file placed onto a computer by a server. A cookie can later be identified by a server. We may use both ‘persistent’ and ‘session’ cookies. We may (or our marketing company may) evaluate the cookie information collected to measure the effectiveness of our advertising and how visitors use our site. Where our marketing company manages the information coming from our site on our behalf, we control how that data may and may not be used. Any information that is collected in this way is used in an aggregated form, we do not use it to identify you as an individual.
- to provide you with better and more customised service and a more effective website
- collecting anonymous statistical information on things such as how many visitors our sites receive, how those visitors use the sites and where they came from.
Most of our online resources use sessions and/or cookies. If you wish, you can configure your browser so it does not accept cookies, but this may affect the functionality of the website.
Collecting personal information from third parties
Where possible, we collect personal information directly from you. However, in some circumstances we may also collect personal information from other sources so that we can provide you with a policy or assess a claim you make. This may include another insurer, an insurance investigator, claims manager, a medical provider or professional expert.
We will deal with your spouse or partner if they call us on your behalf provided they are named on the policy and they satisfy our identification and verification checks. If you would like someone else to deal with your policy on your behalf on a regular basis, please let us know. In some exceptional cases we may also deal with other people who call on your behalf and with your consent. If at any time you want us to deal only with you, please let us know.
We may also collect personal information about someone else from you. For example, you may wish to purchase insurance in joint names or where you are nominating other people on your policy (for example, another driver or travel companion). Where you provide us with personal information about other people you must have their consent to do this, and to provide it on their behalf. If not, you must tell us.
Use of Information
We use the personal information collected for a number of purposes, including:
- Assessing your policy application, establishing and administering your policy;
- Processing premiums and payments;
- Improve the way we provide our products and services;
- Produce policy schedules and other mail related services;
- Assess, process and investigate any insurance risks, claims or complaints;
- Assessing risks and underwriting insurance;
- Training our employees and representatives.
We will only send you marketing materials about our products and services or those of selected third parties if we have your consent to do so. We will normally obtain your consent when you purchase a policy from us.
If you do not want to receive any marketing material, you can choose to opt out of our marketing activities. To opt out, you can either:
- use the unsubscribe function from our emails, via Policy Manager or
- contact us using the Contact Details below.
You can, however, change your mind about opting out of receiving information about our products and services at any time by contacting us using our Contact Details noted below.
How we store personal information
We will store your personal information in a number of ways including:
- in electronic systems and devices;
- in telephone recordings;
- in paper files;
- secure document retention services off-site; and/or
- cloud facilities operated by us (or by third parties on our behalf)
We will take reasonable precautions to ensure that the personal information that we have about you is protected against any unlawful use, unauthorised access, modification or disclosure and these precautions include:
- using appropriate information technology and processes;
- using computer and network security systems with appropriate firewalls, encryption technology and passwords for the protection of electronic files;
- securely destroying or “de-identifying” personal information if we no longer require it subject to our legal obligations to keep some information for certain prescribed periods;
- restricting access to your personal information to our employees and those who perform services for us who need your personal information to do what we have engaged them to do; and
- requesting certain personal information from you when you wish to discuss any issues relating to the products and services we provide to you.
While we undertake reasonable steps to protect your personal information, no guarantee can be given that information sent over the internet is always 100% secure. Sending and receiving information over the internet is at the user’s own risk, however we will take all reasonable steps to ensure your data security once we receive it.
Disclosure to third parties
The personal information that we collect from you may be disclosed to other parties who are involved with the provision of our products and services to you. Such parties include your insurer, our group companies, service providers such as repairers, claims assessors, investigators or lawyers (should they be required in the event of a claim) other insurers (for the purpose of seeking claims recoveries or to assist them to assess insurance risks) and insurance reference services. We may also disclose to the police, credit enforcement groups, legal advisors and health providers assisting us to provide our services to you.
Our group companies or external companies who help us web-host, maintain our website, provide communication services (such as mailing) may also have access to your personal information for the sole purpose of providing those services.
We impose security and confidentiality requirements on how these parties handle your personal information and we limit the use of it to the specific purpose for which we supplied it.
The information we provide to third parties will be strictly limited to what is required to provide the products and services, where disclosure is required, or authorised by or under law (for example, we may disclose information to government agencies) or where you have requested us to or have consented to the disclosure to a third party. The third parties may include overseas organisations (see below).
Exchange of information with overseas parties
Some of the parties with which we exchange your personal information, including our service providers and other third parties referenced above, may be located outside Singapore. Where we do this, we make sure that such organisations have the appropriate data handling and security arrangements in place.
Access to and accuracy of personal information
You can request access to the personal information we hold about you at any time by contacting us using the Contact Details noted below and we will provide you with that information unless we are prevented by law from giving you that access. If we are unable to provide you with the requested information, we will provide you with a written explanation.
Where access is granted to your information, we may charge a reasonable fee for such access.
We take reasonable measures to ensure that the personal information we hold about you is accurate and up to date. Under the Act, you also have a right to request that we correct information, if you believe your personal information is not accurate and up to date. We would encourage you to inform us by contacting us using the Contact Details noted below. We will promptly update any information that is incorrect.
How to contact us
Our Data Protection Officer can be contacted at firstname.lastname@example.org.
To access or correct your personal information, please refer to “Access to and accuracy of personal information” above.
To unsubscribe from receiving marketing materials, please refer to “Marketing” above.
Last updated: 25 October 2017.