How does CTPIS collect Personal Data?
We may collect your Personal Data from the proposal forms for our insurance products, claim forms for your insurance claim matters, emails and other communications you hold with us. Your Personal Data may also be collected by other insurers and reinsurers, claim investigators, medical professionals, lawyers and solicitors, fraud investigators, witnesses, government bodies and other parties involved in our business dealings with you.
When you provide us with Personal Data of another person, you confirm that they have appointed or authorised you to act for them and to have given consent to CTPIS collection, use and disclosure of their Personal Data, and that you have informed them of our identity and the Purposes (described in this Policy) for which their Personal Data may be used or disclosed.
What types of Personal Data that CTPIS collect?
We may collect Personal Data such as the following:
- your general identification and contact information such as name, identification numbers, contact details, address, date of birth, gender, marital status, occupation etc;
- your financial information such as bank account, income levels, assets, liabilities etc;.
- your medical and health history and claims history information;
- information from cookies, or similar technology in order to enhance the functionality of our websites and analyse visitor traffic;
- CCTV footage, voice recordings and electronic communication;
- other relevant and/or sensitive information about you such as insurance coverage from other insurers, claims experience, employment information, driving or criminal records; and
- information about family members and other persons designated as beneficiaries or trustees under an insurance plan.
We will not collect Personal Data which are not required and related for our provision of the product or service you requested.
When you provide Personal Data in your request for our products or services which requires us to generate a response to your request, you also consent to our collection, use and disclosure of your personal data for the Purposes described in this Policy.
How does CTPIS use Personal Data?
To process, administer and/or manage your relationship, account and policy with CTPIS, CTPIS will necessarily need to collect, use, disclose and/or process your personal data or personal information about you.
Personal data may be collected and used by CTPIS for one or more of the following purpose(s):
- confirming your identity and accuracy of information collected;
- considering whether to provide you with the insurance you applied for including assessing your ability to afford the product;
- processing your application for underwriting and insurance including invoicing and collecting premiums and outstanding amounts from you;
- arranging re-insurance;
- administering and/or managing your relationship, account and/or policy with CTPIS;
- processing and/or dealing with any claims including the settlement of claims and any necessary investigations relating to the claims, under your policy;
- carrying out due diligence or other screening activities (including background checks) in accordance with legal or regulatory obligations or risk management procedures that may be required by law or that may have been put in place by CTPIS;
- carrying out your instructions with respect to your policy, communicating any update, and responding to any enquiries by you;
- dealing in any matters relating to the services and/or products which you are entitled to under this policy which you are applying for or have applied; (including the mailing of correspondence, statements, invoices, reports or notices to you, which could involve disclosure of certain personal data about you to bring about delivery of the same as well as on the external cover of envelopes/mail packages);
- investigating fraud, misconduct, any unlawful action or omission, whether relating to your application, your claims or any other matter relating to your policy, and whether or not there is any suspicion of the aforementioned;
- conducting compliance monitoring and audit service;
- complying with applicable law of local or foreign regulator, government bodies or industry recognised imposed on CTPIS in administering and managing your relationship with CTPIS; and/or
- storing, hosting, backing up (whether for disaster recovery or otherwise) of your personal data, whether within or outside Singapore.
- customer outreach and relationship management;
- conducting market research and/or analysis for statistical, profiling or other purposes for us to design our products, understand customer behavior, preferences and market trends, and to review, develop and improve the quality of our products and services;
- resolving complaints, and handling requests for data access or correction;
- managing and preparing reports on incidents and accidents;
(Collectively the “Purposes”)
Does CTPIS transfer Personal Data across geographical borders?
As for the Purposes set out above we may transfer Personal Data to our affiliated companies in our parent company, and other service providers located outside Singapore. We ensure that such transfer will only be done to carry out the Purposes set out above, and we will use legally binding instruments and other safeguards to ensure that appropriate levels of protection necessary to maintain the security of your personal data are in place and that any transferred personal data is processed only in accordance with this Policy, PDPA and with the applicable law.
Does CTPIS disclose your Personal Data?
For the Purposes set out above, we may disclose your Personal Data to the following:
- third party service providers, contractors, assignees, and advisors who provide administrative, communications, computer, payment, or other services which assist us to carry out the above purposes;
- any financial advisor, bank partner, broker, introducer or other intermediary;
- other insurers and reinsurers;
- credit reference agencies;
- claim investigators;
- medical professionals;
- lawyers and solicitors;
- fraud investigators and witnesses;
- CTPIS’s related companies; and
- government bodies as required or permitted by applicable laws and other parties involved in our business dealings with you.
We ensure that such disclosure will only be done to carry out the Purposes set out above, and will be in accordance with this Policy, PDPA and with the applicable law.
We do not sell, trade, or otherwise release your Personal Data to outside parties not involved in our business dealings with you.
Does CTPIS protect your Personal Data?
CTPIS takes appropriate physical, technical and internal security safeguards to protect your Personal Data against unauthorised access, disclosure, misuse, alteration, or destruction.
When CTPIS provides Personal Data to a service provider, the service provider shall also take appropriate measures to protect the confidentiality and security of the Personal Data.
Does CTPIS retain your Personal Data?
CTPIS will only retain Personal Data for as long as is necessary to fulfil the Purposes for which such data was collected, unless the Personal Data is also retained to satisfy any legal obligations. After which, Personal Data is destroyed appropriately from CTPIS database system and other filing systems in accordance with specific schedules based on the above criteria.
When you interact with us on our websites, we automatically receive and record information on our server logs from your browser. We may employ cookies in order for our server to recognise a return visitor as a unique user including monitoring information relating to how a visitor arrives at the website, what kind of browser a visitor is on, a visitor's IP address, and a visitor's click stream information and time stamp (for example, which pages they have viewed, the time the pages were accessed and the time spent per web page).
Cookies are small text files placed in the 'Cookies' folder on your computing or other electronic devices which allow us to remember you. The cookies placed by our server are readable only by us, and cookies cannot access, read or modify any other data on an electronic device. All web-browsers offer the option to refuse any cookie, and if you refuse our cookie then we do not gather any information on that visitor.
Should you wish to disable the cookies associated with these technologies, you may do so by changing the setting on your browser. However, you may not be able to enter certain part(s) of our website or use the functions in our website.
Are you able to access and correct the Personal Data held by CTPIS?
It is your right to request for information about your personal data that is in our possession or under our control. For security reasons, any request for details of personal data held by us should be made in writing. Please note that an administrative fee will be imposed on you for the request, and the request may be rejected with compliance to Personal Data Protection Act and other government laws.
You may also ask us to correct personal data about you that we collect in accordance with laws and regulations.
Withdrawal of Consent
Please note that if you withdraw your consent to any or all use or disclosure of your personal data, we may not be able to provide our products or services to you, or to administrate any contractual relationship in place.
We urge you to review this webpage periodically to read and understand our latest policy regarding the handling of your personal data.
If you have a complaint or need more information about how CTPIS is managing your personal data, please contact:
The Data Protection Officer
3 Anson Road #16-00
Springleaf Tower Singapore 079909
Tel: (65) 6389 6111
Fax: (65) 6222 1033
Last revised on 17 December 2018