Personal Data Protection Policy
This overview provides information on how iAscenders manages your personal information under the Personal Data Protection Act 2012.
We are committed to treat all personal data with the due respect, in accordance with the relevant data protection laws of Singapore.
DATA PROTECTION POLICY
We at iAscenders take our responsibilities under Singapore’s Personal Data Protection Act 2012 (the “PDPA”) seriously. We also recognize the importance of the personal data you have entrusted to us and believe that it is our responsibility to properly manage, protect and process your personal data.
This Data Protection Policy is designed to assist you in understanding how we collect, use, disclose and/or process the personal data you have provided to us, as well as to assist you in making an informed decision before providing us with any of your personal data.
If you, at any time, have any queries on this policy or any other queries in relation to how we may manage, protect and/or process your personal data, please do not hesitate to contact our Data Protection Officers (the “DPO”) below:
• Mr Charles Tan
• Tel : +65 62224148
• Email : firstname.lastname@example.org
9 Maxwell Road #03-03 Annexe A, MND Complex Singapore 069112
9am to 6pm, Mondays to Fridays, excluding Public Holidays.
1 INTRODUCTION TO THE PDPA
1.1 “Personal Data” is defined under the PDPA to mean data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which an organisation has or is likely to have access. Common examples of personal data could include names, identification numbers, contact information, medical records, photographs and video images.
1.2 We will collect your personal data in accordance with the PDPA. We will notify you of the purposes for which your personal data may be collected, used, disclosed and/or processed, as well as obtain your consent for the collection, use, disclosure and/or processing of your personal data for the intended purposes, unless an exception under the law permits us to collect and process your personal data without your consent.
2 PURPOSES FOR COLLECTION, USE, DISCLOSURE AND PROCESSING OF PERSONAL DATA
2.1 The personal data which we collect from you may be collected, used, disclosed and/or processed for various purposes, depending on the circumstances for which we may/will need to process your personal data. You can see full details of the purposes of collection, use and disclosure of your personal data (collectively, the “Purposes”) on the Collection, Use and Disclosure section: As the purposes for which we may/will collect, use, disclose or process your personal data depend on the circumstances at hand, such purpose may not appear in the Collection, Use and Disclosure section. However, we will notify you of such other purpose at the time of obtaining your consent, unless processing of your personal data without your consent is permitted by the PDPA or by law.
2.2 iAscenders representatives will treat all information about you securely and with care guided by our policies and practices.
iAscenders representatives may send you marketing information about financial products and services whom iAscenders has a relationship. You have a right to request us not to use your data for sending marketing materials to you. If you do not wish to receive marketing materials from your iAscenders representative, please write to your iAscenders representative at their usual contact address. Unless you tell us otherwise, we may contact you by telephone, mail, SMS and/or e-mail.
You have the right to apply to your iAscenders representative for a copy of the data which your iAscenders representative hold about you and to have any inaccuracies corrected. Please notify your iAscenders representative as appropriate if your personal details change or are incorrect. If you agree, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.
Return to top
3 SPECIFIC ISSUES FOR THE DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES
3.1 We respect the confidentiality of the personal data you have provided to us.
3.2 In that regard, we will not disclose your personal data to third parties without first obtaining your consent permitting us to do so. However, please note that we may disclose your personal data to third parties without first obtaining your consent in certain situations, including, without limitation, the following :
(a) cases in which the disclosure is required or authorized based on the applicable laws and/or regulations;
(b) cases in which the purpose of such disclosure is clearly in your interests, and if consent cannot be obtained in a timely way;
(c) cases in which the disclosure is necessary to respond to an emergency that threatens the life, health or safety of yourself or another individual;
(d) cases in which the disclosure is necessary for any investigation or proceedings;
(e) cases in which the personal data is disclosed to any officer of a prescribed law enforcement agency, upon production of written authorisation signed by the head or director of that law enforcement agency or a person of a similar rank, certifying that the personal data is necessary for the purposes of the functions or duties of the officer;
(f) cases in which the disclosure is to a public agency and such disclosure is necessary in the public interest; and/or;
(g) where such disclosure without your consent is permitted by the PDPA or by law.
3.3 The instances listed above at paragraph [3.2] are not intended to be exhaustive. For more information on the exceptions, you are encouraged to peruse the Second, Third and Fourth Schedules of the PDPA which is publicly available at http://statutes.agc.gov.sg.
3.4 Where we disclose your personal data to third parties with your consent, we will employ our best efforts to require such third parties to protect your personal data.
Return to top
4 REQUEST FOR ACCESS AND/OR CORRECTION OF PERSONAL DATA
4.1 You may request to access and/or correct the personal data currently in our possession by contacting us.
4.2 For a request to access personal data, we will provide you with the relevant personal data 30 calendar days from such a request being made.
4.3 For a request to correct personal data, we will :
(a) correct your personal data as soon as practicable after the request has been made unless we have reasonable grounds not to do so; and
(b) Subject to paragraph [4.4], we will send the corrected personal data to every other organisation to which the personal data was disclosed within a year before the date the correction was made, unless that other organisation does not need the corrected personal data for any legal or business purpose.
4.4 Notwithstanding paragraph [4.3(b)], we may, if you so consent, send the corrected personal data only to specific organisations to which the personal data was disclosed by us within a year before the date the correction was made.
4.5 We will also be charging you a reasonable fee for the handling and processing of your requests to access your personal data.
5 REQUEST TO WITHDRAW CONSENT
5.1 You may withdraw your consent for the collection, use and/or disclosure of your personal data in our possession or under our control by contacting our DPO at email@example.com
5.2 If you withdraw your consent for your personal data to be used for marketing purposes, we will process your request for such withdrawal of consent, and will thereafter cease to use and/or disclose your personal data for marketing purposes within 30 calendar days of your request.
5.3 However, if you request to withdraw your consent for us to use your personal data for your insurance or account matters (for example matters relating to the servicing and administration of your insurance policy or your investment account) this will affect our ability to provide you with the products and services that you asked for or have with us, including preventing us from keeping your insurance cover in force or properly assessing and processing your claim. In this regard, it may mean that we will not be able to continue with your existing relationship with us and/or the contract you have with us will have to be terminated .This may be disadvantageous to you, as you may sustain a loss, losing valuable benefits from the policy and/or it may not be possible for you to obtain a similar level of protection on the same terms in the future.
6 ADMINISTRATION AND MANAGEMENT OF PERSONAL DATA
6.1 We will take reasonable efforts to ensure that your personal data is accurate and complete, if your personal data is likely to be used by iAscenders to make a decision that affects you, or disclosed to another organisation. However, this means that you must also update us of any changes in your personal data that you had initially provided us with. We will not be responsible for relying on inaccurate or incomplete personal data if you did not update us of the changes in your personal data.
6.2 We will also put in place reasonable security arrangements to ensure that your personal data is adequately protected and secured. Appropriate security arrangements will be taken to prevent any unauthorized access, collection, use, disclosure, copying, modification, leakage, loss, damage and/or alteration of your personal data. However, we cannot assume responsibility for any unauthorized use of your personal data by third parties due to factors beyond our control.
6.3 We will also put in place measures such that your personal data in our possession or under our control is destroyed and/or anonymized as soon as it is reasonable to assume that (i) the purpose for which that personal data was collected is no longer being served by the retention of such personal data; and (ii) retention is no longer necessary for any other legal or business purposes.
Return to top
7 COMPLAINT PROCESS
7.1 If you have any complaint or feedback about how we are handling your personal data or complying with the PDPA, please contact our Data Protection Officers at:
Mr Charles Tan
Tel: +65 62224148
9 Maxwell Road #03-03 Annexe A, MND Complex Singapore 069112
9am to 6pm, Mondays to Fridays, excluding Public Holidays.
7.2 Where it is an email or a letter through which you are submitting a complaint, your indication at the subject header that it is a PDPA complaint would assist us in attending to your complaint speedily by passing it on to the relevant staff in our organisation to handle. For example, you could insert the subject header as “PDPA Complaint”.
7.3 We will certainly strive to attend to any complaint or grievance that you may have speedily and fairly.
8 UPDATES ON DATA PROTECTION POLICY
8.1 As part of our efforts to ensure that we properly manage, protect and process your personal data, we will be reviewing our policies, procedures and processes from time to time.
8.2 We reserve the right to amend the terms of this Data Protection Policy at our absolute discretion. Any amended Data Protection Policy will be posted on our website and can be viewed at http://www.iascenders.com
8.3 You are encouraged to visit the above website from time to time to ensure that you are well informed of our latest policies in relation to personal data protection.
Last updated on 4/12/2015
Collection, Use and Disclosure
The Personal Data Protection Act
The Personal Data Protection Act or “PDPA” governs the collection, use and disclosure of personal data by private organisations. It contains various obligations relating to the Do-Not-Call Registry (“DNC Obligations”) and the protection of personal data (“DP Obligations”). The DNC Obligations came into force on 2 January 2014 while the DP Obligations came into force on 2 July 2014.
DNC Registry website
If you are an individual and you apply for or are holding an insurance policy or an investment account with iAscenders, your personal data will be collected, used and/or disclosed in the course of your dealing with iAscenders. Please read the section, “Collection, Use and Disclosure” for more information on how your personal data is/will be used as an individual.
If you are a corporation and you request for or have a group insurance policy with iAscenders, you may be collecting and passing individual’s personal data to/from iAscenders.
PURPOSES OF USE OF PERSONAL DATA
If you consent to marketing, iAscenders may contact you to inform you about iAscenders partnering products or services, special offers or other information which may be of interest to you.
You can change your mind anytime. If you subsequently decide you do not wish to receive marketing materials from us, all you need to do is to contact our DPO at firstname.lastname@example.org.
Alternatively, if you decide you would like to receive the above marketing materials, you can also contact us at email@example.com to do so.
Administration and Servicing
In order to carry out our business, process, administer and/or manage your relationship, policy and/or account with iAscenders, we will have to collect, use and disclose your personal data.
1. Personal Data
Such personal data may include information or data provided by you or other parties in the application forms, other forms or from other sources, including existing data in our record and/or to be collected in the future.
Such personal data will be collected, used, disclosed and/or processed by iAscenders for the purpose(s) of :
(a) providing financial advice to recommend product(s) based on your financial needs analysis, where applicable;
(b) administration of your policy, which may include but is not limited to:
(i) underwriting of the risk proposed
(ii) requesting and collecting premiums
(iii) providing regular information about your policy
(iv) making changes or updates to your policy
(v) reviewing or renewing or reinstating your policy
(vi) carrying out your instructions or responding to any enquiries by you
(vii) assessing and processing your claim(s) made under the policy
(c) administration of your account which may include but is not limited to :
(i) maintenance of your account
(ii) performing or updating transactions on your account
(iii) carrying out your instructions or responding to any enquiries by you
(d) Dealing in any matters relating to your policies and/or accounts (including the mailing of correspondence and other documents to you which may disclose certain personal data about you on the envelopes/mail packages).
(e) managing your relationship with iAscenders;
(f) compiling statistics or conducting research for company or industry exercises and studies, to design, review or improve our products and services;
(g) compliance monitoring and audit reviews; due diligence checks, other screening activities and/or risk management procedures put in place by iAscenders and/or the industry;
(h) complying with applicable laws, regulations, rules, guidelines, schemes or directions imposed by any regulator, government body, statutory body, law enforcement agency or dispute resolution body;
(i) providing general information on product enhancements and services, which are relevant to your needs or policies(including increasing benefits, adding riders / supplements and/or insured lives);
(j) investigating fraud, misconduct, any unlawful action or omission, whether relating to your policy, your claims or any other matter relating to your policy, and whether or not there is any suspicion of the aforementioned;
(k) Archiving, backing-up or destroying personal data.
3. Some of these purposes may apply or continue to apply after your relationship, policy and/or account with iAscenders has ended or is no longer in force or active.
Such personal data of yours will be disclosed by
(a) iAscenders (whether in Singapore or elsewhere in the world where and between each of them; and/or
(b) iAscenders to third party service providers, suppliers, agents, reinsurers, fund managers or intermediaries, as and when relevant or necessary for the purposes as described above.
Without limiting the generality of the foregoing, iAscenders may also disclose such personal data of yours to the following parties for the following purposes:
(i) To medical organisations, insurance offices or organisations, reinsurers, credit agencies, dispute resolution bodies or investigators for underwriting, claims, reinsurance and compliance/audit purposes;
(ii) To your broker, financial adviser or representatives (including any new intermediary appointed by you or the company) to service and administer of your plan or policy;
(iii) To related companies for the processing and administration of your plan or policy;
(iv) To banks, CPF agent banks, credit card companies, other financial institutions CPF Board or third party contractors for payment, collection or refund of any monies due or payable or upon their valid request;
(v) To third party vendors engaged by iAscenders to perform processes required for the administration of your policy or account (e.g. data entry, printing and despatch of documents, claims administration etc), for data analytics or to perform processes required to send marketing material or messages to you, where applicable;
(vi) To related companies or third party vendors engaged by iAscenders to store and maintain our data and documents, (including storage for business recovery purposes);
(vii) To any regulatory, government and statutory body to comply with applicable laws or regulation or upon their valid request; and
(viii) To related company or regional office or head office to comply with company policies and procedures or upon their valid request.
Neither iAscenders nor any of its officials shall be liable for any loss or damage suffered by you or any user as a result of any disclosure of any personal data which you have consented to any financial institutions and/or any of its officials disclosing.
By applying for an insurance policy or an investment account with any partners of iAscenders, you consent to iAscenders:
(a) collecting, using, disclosing and/or processing the personal data mentioned above for the purposes as described above; and
(b) transferring the personal data mentioned above to its third party service providers, suppliers, agents, reinsurers, fund managers or intermediaries where such third party service providers, suppliers, agents, reinsurers, fund managers or intermediaries are sited (whether in Singapore or outside of Singapore), for the purposes as described above.
6. Consequence of withdrawing consent to the collection, use and disclosure of personal data for administration and servicing
You may withdraw your consent for iAscenders to collect, use or disclose your personal data by giving iAscenders reasonable notice so long as there are no legal or contractual restrictions preventing you from doing so. For example, you may withdraw your consent for your personal data to be used for marketing purposes. This withdrawal will not affect iAscenders’ ability to provide you with the products and services that you asked for or have with iAscenders.
However, if you withdraw your consent for iAscenders to collect, use or disclose your personal data, iAscenders will be unable to process, administer and/or manage your relationship, policy and/or account with any partnering financial institutions. To proceed with such withdrawal, you will be required to surrender or terminate all your policies or accounts with iAscenders’ partners. This may be disadvantageous to you, as you may be losing valuable benefits from the policy and/or it may not be possible for you to obtain a similar level of protection on the same terms in the future.
PERSONAL DATA PROTECTION COMPLIANCE UNDERTAKINGS (BY CORPORATE PROSPECT/POLICYHOLDER)
1. The Company hereby represents, undertakes and warrants to iAscenders that :
(a) for any personal data of individuals that the Company will be or is disclosing to iAscenders, whether directly or through an intermediary, that the Company would have prior to disclosing such personal data to iAscenders obtained the appropriate consent from the individuals whose personal data are being disclosed, to :
(i) permit the Company to collect, use and/or disclose the individuals’ personal data to iAscenders for the purpose of issuance and administration of the Company’s insurance policy(ies) and/or account(s) with iAscenders’ partners, including the processing of the individuals’ personal data for underwriting purposes, payment of premiums and/or claims purposes, and for statistical, compliance, audit and regulatory purposes;
(ii) permit iAscenders to collect, use, disclose and/or process the individuals’ personal data for the purpose of issuance and administration of the Company’s insurance policy(ies) or such other policy(ies) and/or account(s) with iAscenders’ partners, including but not limited to the processing of the individuals’ personal data for underwriting purposes, payment of premiums and/or claims purposes, and for statistical, compliance, audit and regulatory purposes; and
(iii) permit iAscenders to disclose the individuals’ personal data to third party service providers, suppliers, reinsurers or intermediaries, whether located in Singapore and/or elsewhere, for the purposes as described above
(b) Any personal data of individuals that the Company will be or is disclosing to iAscenders are accurate. Further, the Company shall give iAscenders notice in writing as soon as reasonably practicable should it be aware that any such personal data has been updated and/or changed after such disclosure;
(c) it shall give iAscenders notice in writing as soon as reasonably practicable should it be aware that any individual above has withdrawn such consent as set out at sub-clause (a); and
(d) it shall otherwise assist iAscenders to comply with the Personal Data Protection Act 2012 and all subsidiary legislation related thereto.
2. Notwithstanding anything to the contrary, the Company undertakes to indemnify and at all times hereafter to keep iAscenders (together with their respective officers, employees and agents) (each an “Injured Party”) indemnified against any and all losses, damages, actions, proceedings, costs, claims, demands, liabilities (including full legal costs on a solicitor and own client basis) which may be suffered or incurred by the Injured Party or asserted against the Injured Party by any person or entity (including Company, his/her agents) whatsoever, in respect of any matter or event whatsoever arising out of, in the course of, by reason of or in respect of:
(a) any breach of any of the provisions in this clause; and/or
(b) any action or omission by the Company, that causes iAscenders to be in breach of the PDPA.