PERSONAL DATA PROTECTION POLICY

Similar documents
CASUALTY INSURANCE ACE OFFSHORE INSURANCE FOR CONTRACTORS AND SUPPLIERS TO THE OFFSHORE OIL & GAS INDUSTRY

SCCCI Personal Data Protection Policy

Event Cancellation. Proposal Form. Completing The Proposal Form. A. General Information. B. Event Information

How Well Do You Understand the Personal Data Protection Act and its Practical Implications?

Data Processing Agreement and Privacy Policy (EU) Classification: PUBLIC March 2018

Information Network Technology Insurance Property Proposal Form

Terms of Business Agreement (Risk Transfer)

Chubb Elite Excess Professional Indemnity Insurance Policy Schedule and Wording

Legal Considerations in Negotiating Cloud Contracts

Taking care of what s important to you

American Express Cardmember Hospital Income Plan and Cardmember Recovery Plus Insurance Plan

Global Transaction Banking MiFID Terms

SB REIT MANAGEMENT PTE LTD PERSONAL DATA PROTECTION POLICY (1 March 2018)

It is important you provide honest, complete, up-to-date and relevant information when completing this form.

Miller Insurance Services (Singapore) Pte Ltd. Terms of Business Agreement ( TOBA )

FINANCIAL LINES ACE ELITE PRIVATE EQUITY & VENTURE CAPITAL INSURANCE - PROPOSAL FORM

Customer Privacy Notice Edition

Sun Life Assurance Company of Canada (U.K.) Limited. Customer Data Protection Notice

Terms and conditions of Partner Credit Card agreement

CASUALTY. ace global guard. multinational liability insurance

An Agreement dated 22/ governing the conduct of Insurance Business between:

Chubb Elite V Directors & Officers Liability Insurance

Total and Permanent Disability

Model Code for the Protection of Personal Information, CAN/CSA-Q830-96

Professional Indemnity Insurance

Professional Indemnity Insurance

CONDITIONS OF CONTRACT FOR QUOTATION

Trading Terms and Conditions

Twilio Data Protection Addendum ( DPA ) (GDPR, Binding Corporate Rules, Privacy Shield, and Standard Contractual Clauses) (Revision June 2018)

Sumo Power Market Retail Contract

Appendix 7. In this appendix underlining indicates new text and striking through indicates deleted text. The DFSA Rulebook. Conduct of Business Module

Terms and Conditions for Certification, Assessment Services and TradeMark Licence

Expatriate Medical & Emergency Evacuation Insurance

Professional Indemnity Insurance

Dividend Reinvestment Plan Rules

IRIS Group of Companies Customer Data Processing Terms

Privacy in Canada Federal Legislation: Personal Information Protection and Electronic Documents Act

Professional Indemnity Insurance

American Express Essential Card

Appendix 2. In this appendix underlining indicates proposed new text and striking through indicates deleted text. The DFSA Rulebook.

Solar Feed-in Agreement. Terms and Conditions

Moxtra, Inc. DATA PROCESSING ADDENDUM

Association of Service Providers for Employability and Career Training ( ASPECT ) PRIVACY CODE

Data Processing Addendum

DATA PROCESSING ADDENDUM

D a t a P r o t e c t i o n U p d a t e

DBS Group Holdings Ltd Co. Reg. no.: M

Lifesize, Inc. Data Processing Addendum

DATA PROCESSING ADDENDUM

Privacy Policy. IS Industry Fund Pty Ltd ATF Intrust Super. Revision History. The table below sets out the history of this document.

Product Highlight Sheet

Prairie Centre Credit Union

Terms of Business for Intermediaries. Effective from 17 May 2018

An Agreement dated [...] governing the conduct of Insurance Business between:

HOW TO REGISTER ON THE OECD ESOURCING PORTAL

TRADE CREDIT INSURANCE

LLP TERMS AND CONDITIONS OF BUSINESS

Data Processing Addendum

Recognition Criteria for other ancillary health care providers

ACORN CAPITAL INVESTMENT FUND LIMITED ACN DIVIDEND REINVESTMENT PLAN

intermediary terms of business

GDPR Data Processing Addendum

SECTION IIIB - INTERNATIONAL ISSUERS - DEBT SECURITIES

Taking care of what s important to you

GUIDELINES FOR THE CONTRACTING OUT OF RESEARCH ACTIVITIES

intermediary terms of business

URBAN AIRSHIP DATA PROCESSING ADDENDUM with EU Standard Contractual Clauses. (Revised September 2017)

An Agreement dated XX/XX/XXXX governing the conduct of Insurance Business between:

Principles. Bison Transport will implement policies and procedures to give effect to this policy, including:

DATA PROCESSING AGREEMENT

March 2017 DIVIDEND REINVESTMENT PLAN ORDINARY SHARES

Conditions of Use. Terms and Conditions. Version 1/2015. Cabcharge Conditions of Use

EU Data Processing Addendum

Excess of Loss Insurance Policy Wording

For personal use only

Aon Risk Solutions (ASIA) Terms of Business Agreement HONG KONG

STANDARD TERMS AND CONDITIONS

Worldwide Travel. Claim Form. Important information. Policy and Claimant Details. Payment Details

Marine Liability Marine Professional Negligence Proposal Form

NETIM GENERAL TERMS AND CONDITIONS OF USE FOR THE RESELLER SERVICE

STEADFAST UNDERWRITING AGENCIES PRIVACY POLICY

Guide to compliance with the Australian Privacy Principles. APP 1 Open and transparent management of personal information

Financial Services Guide Air Asia. A guide to our relationship with you

Dividend reinvestment plan. People Infrastructure Ltd ACN Terms. 2 August 2018

Buyer s Edge Credit Contract.

ING Lifelong Income. Branch 23 life insurance Unlimited subscription period General terms and conditions. Art. 3 Insured benefits

Motor Vehicle Claim Form

DATA PROCESSING ADDENDUM

WILLIS AUSTRALIA LIMITED FINANCIAL SERVICES GUIDE

The data controllers responsible for the personal information in this notice are:

Property Insurance. Important Notices

General Provisions 2. Disclosure of Information 4. Other Information Subject to Disclosure by Issuer 8. Handling of Inside Information 14

Corporate Finance Terms of Business Terms Client DEFINITIONS Anti-Bribery and Corruption Law Applicable Law BaFin Bank Business Day Clearing System

Dividend reinvestment plan Plan terms. Link Administration Holdings Limited ABN

Grow by ANZ Share Investments Terms and Conditions

SPDR S&P Emerging Markets Fund

For personal use only

Public and Products Liability Statutory Liability Employers Liability Insurance Binder

KINGDOM OF SAUDI ARABIA. Capital Market Authority AUTHORISED PERSONS REGULATIONS

TERMS OF BUSINESS AGREEMENT. The terms of this agreement confirm that the Insurer will be pleased to accept Business from (the "Adviser").

Transcription:

PERSONAL DATA PROTECTION POLICY

TABLE OF CONTENTS 1. ACE's Personal Data Protection Policy... 3 2. Objectives... 3 3. Personal Data Protection Act 2012 ( PDPA )... 3 4. Consent Obligation... 3 4.1. Consent Required... 3 4.2. Provision of Consent... 3 4.3. Deemed Consent... 4 4.4. Withdrawal of Consent... 4 5. Purpose Limitation Obligation... 4 5.1. Limitation of Purpose... 4 5.2. Notification of Purpose... 4 6. Access and Correction Obligation... 5 6.1. Access to Your Personal Data... 5 6.2. Correction of Your Personal Data... 5 7. Accuracy Obligation... 5 8. Protection Obligation... 5 9. Retention Limitation Obligation... 5 10. Transfer Limitation Obligation... 5 11. Do Not Call Provisions... 6 12. Complaints Handling Procedure... 6 13. Compliance With This Policy... 6 14. Review of ACE s Data Protection Policy... 7 15. Data Protection Officer ( DPO )... 7 2

1. ACE's Personal Data Protection Policy ACE Insurance Limited ( ACE ) is committed to the protection of your personal data. ACE collects, uses, discloses and retains your personal data in accordance with the Personal Data Protection Act 2012 ( PDPA ) and our own policies and procedures. The purpose of this Data Protection Policy ( Policy ) is to regulate how ACE collects, uses, discloses and retains personal data. We developed this Policy as part of our on-going commitment to the protection of your personal data. For a summary of our privacy commitment to you, including the type of personal data we collect; how we collect it; how to access, correct or update your personal data; or what to do if you have a complaint about the treatment of your personal data, please refer to our privacy statement available on our website at www.acegroup.com/sg or by contacting us. 2. Objectives The objectives of this Policy are to: a. Provide a set of privacy and personal data protection standards that govern our procedures and protect the privacy of your personal data. b. Demonstrate our on-going commitment to protecting your privacy and addressing any privacy concerns that you might have. c. Describe the ways in which we collect, use, disclose and retain your personal data. d. Ensure that we comply with the PDPA. e. Facilitate our compliance with any further developments in the protection of personal data. 3. Personal Data Protection Act 2012 ( PDPA ) Below, we provide guidance as to how we collect, use, disclose and retain your personal data in accordance with the PDPA and how we administer this Policy. 4. Consent Obligation 4.1. Consent Required 4.1.1. ACE shall not collect, use or disclose your personal data unless: a. you give, or are deemed to give, consent to the collection, use or disclosure of your personal data; or b. the collection, use or disclosure of your personal data without your consent is required or authorised under the PDPA or other written law. 4.2. Provision of Consent 4.2.1. ACE shall not, as a condition of providing a product or service to you, require you to consent to the collection, use or disclosure of your personal data beyond what is reasonable to provide the product or service to you. 4.2.2. ACE shall not obtain or attempt to obtain your consent for collecting, using or disclosing personal data by providing false or misleading information with respect to the collection, use or disclosure of your personal data, or use deceptive or misleading practices. 3

4.3. Deemed Consent 4.3.1. You are deemed to consent to the collection, use or disclosure of your personal data for a purpose if: a. you voluntarily provide your personal data to ACE for that purpose, albeit without actually expressly providing your consent; and b. it is reasonable that you would voluntarily provide the data. 4.3.2. If you give, or are deemed to give, consent to the disclosure of your personal data by ACE to another organisation for a particular purpose, then you are deemed to consent to the collection, use or disclosure of your personal data for that particular purpose by such other organisation. 4.4. Withdrawal of Consent 4.4.1. On providing reasonable notice to ACE, you may at any time withdraw any consent given, or deemed to be given, in respect of ACE s collection, use or disclosure of your personal data for any purpose. 4.4.2. You may submit the withdrawal of consent via mail, email or by completing the Withdrawal of Consent Form and submit to the ACE DPO. 4.4.3. On receipt of such notice, ACE shall inform you of the likely consequences of withdrawing your consent. 4.4.4. Please allow up to 30 days for ACE to process and update your request. You may continue to receive marketing messages and other product information from ACE within these 30 days. 4.4.5. ACE shall not prohibit you from withdrawing your consent to the collection, use or disclosure of your personal data. 4.4.6. If you withdraw your consent, then ACE shall cease (and cause its data intermediaries and agents to cease) collecting, using or disclosing your personal data unless otherwise required under the PDPA or other written law. 4.4.7. Although you may have withdrawn consent for the collection, use or disclosure of your personal data, ACE may retain your personal data for purpose of administering your policy with ACE and in accordance with ACE Records and Retention Policy. 5. Purpose Limitation Obligation 5.1. Limitation of Purpose 5.1.1. ACE may collect, use or disclose your personal data only for purposes: a. that a reasonable person would consider appropriate in the circumstances; and b. where you have been informed in accordance with clause 4.2 of this Policy, to the extent applicable. 5.2. Notification of Purpose 5.2.1. ACE shall provide you with the following information whenever we seek to obtain your consent to the collection, use or disclosure of your personal data, except under circumstances where your consent is deemed or is not required: a. the purpose(s) for the collection, use or disclosure of your personal data, on or before collecting your personal data; b. any other purpose(s) for the use or disclosure of your personal data of which you have not been informed under clause 4.2.1 of this Policy, before the use or disclosure of your personal data for that purpose; and c. on requested by you, the contact details of the ACE Data Protection Officer ( DPO ), who can answer your questions about the collection, use or disclosure of your personal data. 4

6. Access and Correction Obligation 6.1. Access to Your Personal Data 6.1.1. On your request, and subject to the restrictions set forth in the PDPA, ACE shall, as soon as reasonably possible, provide you with: a. your personal data that is in ACE s possession or control; and b. information about the ways in which your personal data has or may have been used or disclosed by ACE within a year before the data of your request. 6.1.2. ACE may charge you a minimum fee for access to your personal data to offset the administrative costs in complying with such requests. 6.2. Correction of Your Personal Data 6.2.1. You may request ACE to correct an error or omission in your personal data that is under ACE s control or possession. Unless ACE is satisfied on reasonable grounds that a correction should not be made or the law states otherwise. ACE shall: a. correct your personal data as soon as practicable; and b. send your corrected personal data to every organisation to which your personal data was disclosed by ACE within a year before the data the correction was made, unless that other organisation does not need the corrected personal data for any legal or business purpose. 6.2.2. ACE is not required to correct or alter an opinion, including professional or an expert opinion. 7. Accuracy Obligation ACE shall make reasonable efforts to accurately record your personal data as given by you or your representatives and make reasonable efforts to ensure that your personal data is accurate and complete, if the personal data: a. is likely to be used by ACE to make a decision that affects you; or b. is likely to be disclosed by ACE to another organisation. 8. Protection Obligation ACE shall protect personal data in its possession or control by making reasonable security arrangements to prevent unauthorised access, collection, use, disclosure, copying, modification, disposal or any other similar risks. 9. Retention Limitation Obligation ACE shall cease to retain documents containing your personal data, or remove the means by which your personal data can be associated with you, as soon as it is reasonable to assume that: a. the purpose for which your personal data was collected is no longer being served by retention of your personal data; and b. retention is no longer necessary for legal or business purposes. 10. Transfer Limitation Obligation ACE shall not transfer your personal data outside of Singapore except in accordance with the requirements of the PDPA. 5

11. Do Not Call Provisions 11.1. ACE shall not, and shall ensure that its agents shall not, send a specified message to a Singapore telephone number without first checking with the Do Not Call Registry established by the Personal Data Protection Commission ( PDPC ) and receiving confirmation from the PDPC that such Singapore telephone number is not listed on the Do Not Call Register. 11.2. ACE shall not, and shall ensure that its agents shall not, send a specified message to a Singapore telephone number, unless the specified message includes clear and accurate information identifying the person sending the specified message and/or ACE, and such person s and/or ACE s contact information. 11.3. The prescribed duration within which ACE must check with the Do Not Call Registry before sending a specified message to a Singapore telephone number will be: a. 60 days, for messages sent before 1 August 2014; and b. 30 days, for messages sent on or after 1 August 2014. You may continue to receive marketing messages and other product information from ACE within the prescribed validity period. 11.4. ACE shall not make, cause or authorise a voice call addressed to a Singapore telephone number that conceals or withholds, or that has the effect of concealing or withholding, the calling line identity from the recipient. 11.5. ACE shall not require a subscriber or users of a Singapore telephone number to consent to the sending of a specified message beyond what is reasonable for ACE to provide its goods and services. ACE shall not obtain or attempt to obtain such consent by: a. providing false or misleading information; or b. using deceptive or misleading practices. 11.6. If a subscriber or user of a Singapore telephone number gives notice withdrawing consent for the sending of a specified message to that number, then ACE shall cease (and cause its agents to cease) sending specified messages to that number. 12. Complaints Handling Procedure 12.1. Should you be unhappy with our treatment of your personal data or you believe there has been a breach of this Policy, please contact ACE s Data Protection Officer (details in clause 15 below) and clearly set out the nature of your concern. 12.2. Complaints may be initially made orally, or in writing. Where a complaint is made orally, you must confirm the complaint in writing as soon as possible. If you require assistance in lodging your complaint, please contact us. 12.3. Your complaint will be reviewed and you will be provided with a written response within fourteen (14) working days. 13. Compliance With This Policy 13.1. ACE implements this Policy through the use of proper procedures and staff training to ensure compliance with this Policy. 13.2. We ensure that all our employees and any representatives who deal with personal data are aware of the standards of this Policy. 13.3. ACE requires that all of its staff and representatives with access to personal data maintain confidentiality concerning that personal data. We implement that requirement through appropriate contractual terms and internal policies. 13.4. Our procedures for handling personal data are developed to implement the standards of this Policy. ACE trains its employees in the proper conduct of those procedures that are relevant to their duties. 6

14. Review of ACE s Data Protection Policy ACE ensures that this Policy remains current and continues to fulfil its objectives. This is achieved through periodical reviews, having regards to: a. the need to actively consider privacy and data protection issues as new products and services are developed or offered; b. any guidance issued in relation to the PDPA; and c. any changes to the PDPA. 15. Data Protection Officer ( DPO ) For further information about this Policy or to access our complaint handling procedure, please address your correspondence to: Address: ACE Data Protection Officer 138 Market Street #11-01 CapitaGreen Singapore 048946 Email: dpo.sg@acegroup.com 7

CONTACT US ACE Insurance Limited 138 Market Street #11-01 CapitaGreen Singapore 048946 Tel: +65 6398-8000 Fax: +65 6298-1055 Website: www.acegroup.com/sg About ACE in Singapore ACE Group is one of the world s largest multiline property and casualty insurers. With operations in 54 countries, ACE provides commercial and personal property and casualty insurance, personal accident and supplemental health insurance, reinsurance and life insurance to a diverse group of clients. ACE Limited, the parent company of ACE Group, is listed on the New York Stock Exchange (NYSE: ACE) and is a component of the S&P 500 index. ACE has been present in Singapore since 1948, providing risk management and underwriting expertise for all major classes of general insurance, including Property & Casualty, Marine, Liability, Financial Lines and Group Personal Accident insurance. Over the years, ACE has established strong relationships with its clients by offering responsive service, developing innovative products and providing market leadership built on financial strength. It has been assigned a financial strength rating of A+/Positive and the highest ASEAN credit rating of axaaa by Standard & Poor s. ACE has also been awarded the Singapore Quality Class STAR (SQC STAR) and Singapore Service Class (S-Class) certification for achieving all-round business excellence and high levels of service respectively by SPRING Singapore, the national standards and accreditation body. More information can be found at www.acegroup.com/sg. ACE Group is a registered trademark of ACE Limited. 2015 ACE Group. Coverages underwritten by one or more companies of the ACE Group. Not all coverages available in all jurisdictions. ACE, ACE logo, and ACE insured are trademarks of ACE Limited. 07/2015 8

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback