Personal Data Protection Policy (“Privacy & Cookies Policy”)
MSIG Insurance (Singapore) Pte. Ltd. (“MSIG”, “we’, “us”) is committed to complying with the Personal Data Protection Act 2012. We set out herein our Privacy & Cookies Policy to assure you of our commitment.
Privacy & Cookies Policy
MSIG takes and values your privacy very seriously. To ensure that your personal information is secure, we communicate and enforce our privacy and security guidelines according to the Personal Data Protection Act 2012 (“the Act”).
We take precautions to safeguard your personal information against loss, theft, misuse, as well as against unauthorised access, collection, use, disclosure, copying, modification, disposal, or similar risks. We impose very strict sanction controls and only authorised staff on a need-to-know basis are given access to or will handle your personal data. We provide regular training to all staff on this Policy, and to keep them abreast of any new development in privacy laws and regulations in Singapore.
MSIG collects, uses and discloses your personal data primarily for the purposes of providing you with the services and benefits of your membership account with us and/or your insurance policy purchased from us, including when handling a claim made by you, administering your policy, any contests, promotions and events, and for conducting customer surveys, research, analytics, business and product improvement, regulatory and statutory searches and checks. Additionally, your personal data may be used and disclosed by MSIG for the purpose of sending you marketing and promotional materials by direct mail and email, and to develop and promote suitable products to you. To fulfil all these aforesaid purposes, we may disclose, and permit the reasonable use of, your personal data to business partners (including reinsurers, brokers, bank and distribution partners), associates, third party service providers, vendors, contractors (including for administrative services, printing and distribution, handling of contests, promotions and events) when reasonably necessary, and on a need-to-know basis. We may need to transfer your personal data overseas for these purposes. We will require these parties to protect personal data they may receive from us in a manner consistent with this Policy and in accordance with the Act. We do not allow them to use the personal data for any other purpose. We will not sell your personal data to any person for any reason.
As a global insurance group, we may disclose your personal data to our related or affiliated companies in the MSIG Group or MS&AD Group. We will also ensure that such disclosure will only be done when absolutely necessary, and will be in accordance with this Policy.
We may also share your personal data with other insurers and the General Insurance Association of Singapore (as well as their third party service providers) as part of the industry’s efforts for proper underwriting and proper administration of claims. This may include sharing the personal data for investigating fraud, suspected fraud, exaggerated claims, and other criminal or improper acts.
We may also need to share your personal data with regulatory and other authorities or public agencies, to comply with applicable laws, or as permitted by applicable laws.
With effect from 2 Jan 2014, as a new customer of MSIG, we will obtain your consent to send you marketing and promotional materials via SMS and phone calls. For existing MSIG customers before this date, we will continue to send you marketing and promotional materials through these means unless you advise us otherwise. We will also send to all customers marketing and promotional materials by direct mail or email, which you may unsubscribe from at any time.
If you are a third party making a claim against us and/or our policyholders/insured persons, we will collect, use and disclose your personal data for the purpose of handling your claim. This may include disclosing your personal data to our policyholders/insured persons, third party service providers, other insurers and the General Insurance Association of Singapore (as well as their third party service providers) for proper underwriting and proper administration of claims, when reasonably necessary, and for investigating fraud, suspected fraud, exaggerated claims and other criminal or improper acts.
We will retain your personal data for a period that is no longer than necessary for business or statutory purposes.
With effect from 1 Feb 2021, we will notify you if there is an occurrence of a data breach deemed to result in significant harm to you, and will provide you with the necessary information and steps to take relating to such data breach.
Transmission of Data
When credit account details and other transactional data you provide to us are transmitted over the Internet, it is protected. Industry standard Secure Socket Layer (SSL) communication protocol is the de facto cryptographic standard that we use for securing data communication between the browser and our website.
Under the Act, you have the right to request for information about your personal data and/or correct your personal data that is in our possession or under our control. You can also request for information about the ways in which your personal data has been or may have been used or disclosed by us. An administrative fee will be imposed on you for the request.
You also have the right to withdraw any consent that you have given to us:
- for the collection, use or disclosure of your personal data, and/or
- for receiving marketing and promotional materials.
Please let us have any notice of withdrawal in writing, indicating your instructions clearly.
If you withdraw your consent for the collection, use or disclosure of your personal data, we will not however be able to provide you with the protection and services expected of us under the insurance policy that you have purchased from us. We may then need to cancel the policy and/or terminate your membership account with us.
If you withdraw your consent for receiving marketing and promotion materials, we will not be able to update you of new products and promotions. We will put the withdrawal into effect within forty-five (45) working days of your request.
You may write to our Personal Data Protection Officer for the above mentioned purposes.
Where you have the right to request for any data transfer or data portability under any applicable code of practice, regulations and law, we will handle such request in accordance with the same.
Feedback and Queries
If you have any feedback or queries in relation to the protection of your personal data, you may also write to our Personal Data Protection Officer. We will look into your feedback or queries, and will provide you with a response within three (3) working days. If we are unable to do so, we will inform you within three (3) working days, and shall keep you updated of our progress every seven (7) working days.
The contact details of our Personal Data Protection Officer are as follows:
The Personal Data Protection Officer
MSIG Insurance (Singapore) Pte. Ltd.
4 Shenton Way
#21-01 SGX Centre 2
Changes to the Privacy & Cookies Policy
We may amend this Privacy & Cookies Policy from time to time and will place such amendments on this website. Please check back here for the latest version of this Policy.
This Privacy & Cookies Policy is not intended to, nor does it create any contractual rights between MSIG and the policyholders.
Copy dated: 15 April 2021