1. Who To Contact About Your Personal Information

If You have any questions about Our use of Your Personal Information You can contact Us at:

2. How We Collect Personal Data

The principal ways We collect Personal Data are through Our application forms for Our insurance products, by phone through telephone applications, registrations made by You through Our claim forms, ECICS Limited Electronic Services (not limiting to e-mails, websites, Software Applications and social media pages) and other communications, as well as from other insurers, claims investigation, medical professionals, witnesses and other third parties involved in Our business dealings with You.

We collect Personal Data through:

• this website (the “Website”);
• software applications made available by Us for use on or through computers and mobile devices (the “Software Applications”);
• social media pages post by Us on or through various social media platforms (Our “Social Media Content”)

(collectively referred to as the “ECICS Electronic Services”); and

• other means (for example, from Your application form, claim form, telephone calls, short messaging service, e-mails and other communications with Us, as well as from claim investigators, medical professionals, witnesses or other third parties involved in our business dealings with You).

3. Personal Data That We Collect

Depending on Your business dealings with Us (for example, as a policyholder and/or potential policyholder, non-policyholder insured or claimant, witness, broker or appointed representative, or other person relating to Our business), the Personal Data collected may include but not limited to the following:

• General identification and contact information such as name, address, telephone number, age, date of birth, gender, occupation, marital status, NRIC numbers, passport numbers or FIN, vehicle registration number;
• Financial information such as income, bank account numbers, CPF statements, bank statements, credit card, GIRO, credit history, credit score, assets and financial information;
• Employment information and employment history;
• Education background;
• Skills & experience;
• Medical information such as medical history, consultation history, prescriptions, notes, treatments, description of medical services rendered and medical reports;
• Professional licenses and affiliations;
• Claims related information;
• Personal data of a third party that You provide to Us in connection with the purchase of Our products and services or for referrals.
• Other information which We need to facilitate Our business dealings with You.

4. How We Use Personal Data

Personal Data may be processed, kept, transferred or disclosed in and to any country as We consider appropriate, in accordance with the PDPA.

We may collect, use and/or process Your Personal Data in one or more of the following purposes

• Communicating with You and others as part of our business
• Providing insurance, financial services or related products and services to You and administering, maintaining, managing and operating such products and/or services including any renewals.
• Sending you important information regarding changes to Our policies, other terms and conditions, renewal of policies and other administrative information.
• Processing, assessing and determining any applications or requests made by You for insurance products or services.
• Processing, assessing and determining any claims made under any insurance products or in respect of any services provided by Us including, without limitation, making, defending, analysing, investigating, processing, assessing, determining or responding to such claims.
• Performing any functions and activities related to the insurance products and/or services provided by Us including, without limitation, obtaining reinsurance, auditing, reporting and general servicing and maintenance of online and other services.
• Providing improved quality, training and security (for example, with respect to recorded or monitored phone calls to Our contact numbers).
• Assessing Your eligibility for payment plans, and processing Your premium and other payments.
• Preventing, detecting and investigating crime, including fraud and money laundering, and analysing and managing other commercial risks.
• Carrying out market research and analysis, including satisfaction surveys.
• Providing marketing information to You including information about other products and services offered by Us and/or third-party partners.
• Personalising Your experience on ECICS Electronic Services by presenting marketing information tailored to You.
• Identifying You to anyone to whom you send messages through ECICS Electronic Services.
• Facilitating social media sharing functionality.
• Managing Our infrastructure and business operations, and complying with internal policies and procedures, including those relating to auditing; finance and accounting; billing and collections; IT systems; data and website hosting; business continuity; and records, document and print management.
• Resolving complaints, and handling requests for data access or correction.
• Carrying out due diligence or other screening activities in accordance with legal or regulatory obligations or risk management procedures that may be required by law or that may have been put in place by Us.
• Complying with applicable laws and regulatory obligations (including laws outside of Singapore), rules (including stock exchange rules) such as those relating to anti-money laundering and anti-terrorism.
• Complying with legal process; responding to requests from public and governmental authorities (including those outside of Singapore) and for audit, compliance, investigation and inspection purposes.
• Meeting the requirements to make disclosure pursuant to any law binding on Us or Our related corporations and affiliates or for the purposes of complying with any regulations or rules (including stock exchange rules) or guidelines issued by any regulatory or other authorities which have jurisdiction over ECICS Limited and any of its related corporations and affiliates.
• Conducting background and identity checks, such as for the purposes of verifying Your identity in order to respond to Your request to be provided with a duplicate policy or other documentation, any request made by You to change your Personal Data in our records.
• Conducting credit checks on You- such as analysing verifying and/or checking Your credit, payment and/or status in relation to Your ability to use the services.
• Matching any Personal Data held by Us relating to You from time to time for any of the purposes listed in this Privacy Policy.
• Recovering any and all amounts owing from You or any person who has provided security or an undertaking for such liabilities of Yours.
• Enforcing or defending the legal rights of Ours, contractual or otherwise.
• Enabling any actual or proposed assignee or transferee of all or any part of Our rights or obligations.
• Any other purposes reasonably related to any of the above.

5. Disclosure of Personal Data

ECICS Limited may make Personal Data available to:

• ECICS Limited’s related corporations and affiliates and any of their director, officer, staff and relevant personnel;
• third parties (whether in or outside Singapore) such as other insurers; reinsurers; insurance and reinsurance brokers and other intermediaries and agents; appointed representatives; distributors; affinity marketing partners; and financial institutions, securities firms and other business partners;
• third party service providers such as medical professionals, accountants, actuaries, auditors, experts, lawyers and other outside professional advisors; travel and medical assistance providers; call center service providers; IT systems, support and hosting service providers; printing, advertising, marketing and market research and analysis service providers; banks and financial institutions that service our accounts; third-party claim administrators; document and records management providers; claim investigators and adjusters; construction consultants; engineers; examiners; jury consultants; translators; and similar third-party vendors and outsourced service providers that assist Us in carrying out business activities;
• any regulators, law enforcement agency, statutory board, governmental or other public authorities, dispute resolution or industry bodies as necessary to comply with any laws, rules, regulations, agreements or schemes;
• other third parties such as payees; emergency providers (fire, police and medical emergency services); retailers; medical networks, organizations and providers; travel carriers; credit bureaus; credit reporting agencies; and other people involved in an incident that is the subject of a claim;
• any purchasers and prospective purchasers or other parties in any actual or proposed reorganization, merger, sale, joint venture, assignment, transfer or other transaction relating to all or any portion of our business, assets or stock.

To check information provided, and to detect and prevent fraudulent claims, Personal Data (including details of injuries) may be shared with other insurers when dealing with claims to detect, prevent and investigate fraud.

6. Security

We will take appropriate measures, which are consistent with applicable privacy and data security laws. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with Us is no longer secure (for example, if you feel that Your Personal Data might have been compromised), please immediately notify us.

When We provide Personal Data to a service provider, the service provider will be selected carefully and required to use appropriate measures to protect the confidentiality and security of the Personal Data.

7. Retention of Personal Data

We will take reasonable steps to ensure that the Personal Data we process is reliable for its intended use, and as accurate and complete as is necessary to carry out the purposes described in this Privacy Policy.

Personal Data will be kept by Us only for so long as it is needed for the purposes for which it was collected and as required for business or to comply with legal, regulatory and internal requirements.

Personal Data is purged from ECICS Electronic Services, manual, and other filing systems in accordance with specific schedules based on the above criteria and Our internal procedures.

8. Personal Data of Other Individuals

If you provide Personal Data to Us regarding other individuals (e.g. insured persons, family members, and beneficiaries), you agree:

• to inform the individual about the content of this Privacy Policy; and
• to obtain any legally-required consent for the collection, use, disclosure, and transfer (including cross-border transfer) of Personal Data about the individual in accordance with this Privacy Policy and has retained the proof of such consent which will be provided to Us upon Our request.

9. Withdrawal of Consent

• On providing reasonable notice in writing to Us, You may at any time withdraw any consent given, or deemed to be given, in respect of Our collection, use or disclosure of Your personal data for any purpose.
• You may submit the withdrawal of consent via mail or email to Our DPO.
• On receipt of such notice, We shall inform you of the likely consequences of withdrawing your consent.
• Please allow up to 30 days for Us to process and update your request. You may continue to receive marketing messages and other product information from Us within these 30 days.
• We shall not prohibit You from withdrawing Your consent to the collection, use or disclosure of Your Personal Data.
• If You withdraw Your consent, then We shall cease collecting, using or disclosing Your Personal Data unless otherwise required under the PDPA or other written law
• Although You may have withdrawn consent for the collection, use or disclosure of Your Personal Data, We may retain Your personal data for purpose of administering your insurance products and/or services with Us and in accordance with Our internal procedures.

10. Access and Correction of Personal Data

To the extent that the applicable law allows, You may request access to, and correction of, the Personal Data. However, some Personal Data may be exempt from such access and correction rights in accordance with the PDPA. All requests for access to, and/or correction of, the Personal Data can be submitted to ECICS’ Data Protection Officer via email address at [email protected] Please note that ECICS Limited has the right to charge a reasonable fee for the handling and processing of such requests.

11. Governing Law

This Privacy Policy shall be governed by and construed in accordance with the laws of Singapore. Any dispute arising out of or in connection with this Privacy Policy including any question regarding its existence, validity or termination, shall be referred to and finally resolved by the Courts of Singapore.

12. Changes to This Privacy Policy

We review this Privacy Policy regularly and reserve the right to make changes at any time to take account of changes in our business and legal requirements.

Please take a look at the “LAST UPDATED” date at the top of this Privacy Policy to see when it was last revised ; any change will be effective immediately upon being posted on this Website.

For the avoidance of doubt, where the Singapore personal data protection law permits an organization such as ECICS Limited to collect, use, disclose or process Personal Data without consent, such permission granted by the law shall continue to apply and nothing herein is to be construed as limiting any of these rights.

Where written permission is required by law or otherwise for any such disclosure by ECICS Limited, the signing of the relevant documents, Personal Data consent form and/or other methods of consent notification, as well as in any other manner permitted by law shall constitute and be deemed to be sufficient written permission for such disclosure.