Last Updated: 29 January 2019
ECICS Limited is committed to protecting the privacy of the individuals We encounter in conducting
Our business.
This Privacy Policy sets out how ECICS Limited and its [related corporations and affiliates]
(collectively, (“We”, “Our”, “Us”) collect, use, disclose and retain Your personal data in accordance
with the Personal Data Protection Act 2012 (“PDPA”) and Our own policies and procedures.
“Personal Data” is any data that identifies and relates to you or other individuals such as your spouse
and dependants (“You”, “Your”, “Yours”). This Privacy Policy is designed to assist You in
understanding why and how ECICS Limited collects and uses Your Personal Data, to whom such
data is disclosed and to whom data access requests can be addressed.
You are deemed to consent to the collection, use or disclosure of Your Personal Data for a purpose if
You voluntarily provide Your personal information to Us for that purpose, albeit without expressly
providing Your consent; and it is reasonable that You would voluntarily provide the data.
1. Who To Contact About Your Personal Information
If You have any questions about Our use of Your Personal Information You can contact Us at:
ECICS Limited
Data Protection Officer
10 Eunos Road 8
#09-04A Singapore Post Centre
Singapore 408600
Email: dataprotection@ecics.com.sg
2. How We Collect Personal Data
The principal ways We collect Personal Data are through Our application forms for Our insurance
products, by phone through telephone applications, registrations made by You through Our claim
forms, ECICS Limited Electronic Services (not limiting to e-mails, websites, Software Applications and
social media pages) and other communications, as well as from other insurers, claims investigation,
medical professionals, witnesses and other third parties involved in Our business dealings with You.
We collect Personal Data through:
(collectively referred to as the “ECICS Electronic Services”); and
3. Personal Data That We Collect
Depending on Your business dealings with Us (for example, as a policyholder and/or potential
policyholder, non-policyholder insured or claimant, witness, broker or appointed representative, or
other person relating to Our business), the Personal Data collected may include but not limited to the
following:
4. How We Use Personal Data
Personal Data may be processed, kept, transferred or disclosed in and to any country as We consider
appropriate, in accordance with the PDPA.
We may collect, use and/or process Your Personal Data in one or more of the following purposes
4.1 Communicating with You and others as part of our business
4.2 Providing insurance, financial services or related products and services to You and
administering, maintaining, managing and operating such products and/or services
including any renewals.
4.3 Sending you important information regarding changes to Our policies, other terms and
conditions, renewal of policies and other administrative information.
4.4 Processing, assessing and determining any applications or requests made by You for
insurance products or services.
4.5 Processing, assessing and determining any claims made under any insurance products or in
respect of any services provided by Us including, without limitation, making, defending,
analysing, investigating, processing, assessing, determining or responding to such claims.
4.6 Performing any functions and activities related to the insurance products and/or services
provided by Us including, without limitation, obtaining reinsurance, auditing, reporting and
general servicing and maintenance of online and other services.
4.7 Providing improved quality, training and security (for example, with respect to recorded or
monitored phone calls to Our contact numbers).
4.8 Assessing Your eligibility for payment plans, and processing Your premium and other
payments.
4.9 Preventing, detecting and investigating crime, including fraud and money laundering, and
analysing and managing other commercial risks.
4.10 Carrying out market research and analysis, including satisfaction surveys.
4.11 Providing marketing information to You including information about other products and
services offered by Us and/or third-party partners.
4.12 Personalising Your experience on ECICS Electronic Services by presenting marketing
information tailored to You.
4.13 Identifying You to anyone to whom you send messages through ECICS Electronic Services.
4.14 Facilitating social media sharing functionality.
4.15 Managing Our infrastructure and business operations, and complying with internal policies
and procedures, including those relating to auditing; finance and accounting; billing and
collections; IT systems; data and website hosting; business continuity; and records,
document and print management.
4.16 Resolving complaints, and handling requests for data access or correction.
4.17 Carrying out due diligence or other screening activities in accordance with legal or
regulatory obligations or risk management procedures that may be required by law or that
may have been put in place by Us.
4.18 Complying with applicable laws and regulatory obligations (including laws outside of
Singapore), rules (including stock exchange rules) such as those relating to anti-money
laundering and anti-terrorism.
4.19 Complying with legal process; responding to requests from public and governmental
authorities (including those outside of Singapore) and for audit, compliance, investigation
and inspection purposes.
4.20 Meeting the requirements to make disclosure pursuant to any law binding on Us or Our
related corporations and affiliates or for the purposes of complying with any regulations or
rules (including stock exchange rules) or guidelines issued by any regulatory or other
authorities which have jurisdiction over ECICS Limited and any of its related corporations
and affiliates.
4.21 Conducting background and identity checks, such as for the purposes of verifying Your
identity in order to respond to Your request to be provided with a duplicate policy or other
documentation, any request made by You to change your Personal Data in our records.
4.22 Conducting credit checks on You- such as analysing verifying and/or checking Your credit,
payment and/or status in relation to Your ability to use the services.
4.23 Matching any Personal Data held by Us relating to You from time to time for any of the
purposes listed in this Privacy Policy.
4.24 Recovering any and all amounts owing from You or any person who has provided security
or an undertaking for such liabilities of Yours.
4.25 Enforcing or defending the legal rights of Ours, contractual or otherwise.
4.26 Enabling any actual or proposed assignee or transferee of all or any part of Our rights or
obligations.
4.27 Any other purposes reasonably related to any of the above.
5. Disclosure of Personal Data
ECICS Limited may make Personal Data available to:
To check information provided, and to detect and prevent fraudulent claims, Personal Data
(including details of injuries) may be shared with other insurers when dealing with claims to
detect, prevent and investigate fraud.
6. Security
We will take appropriate measures, which are consistent with applicable privacy and data security
laws. Unfortunately, no data transmission over the Internet or data storage system can be
guaranteed to be 100% secure. If you have reason to believe that your interaction with Us is no
longer secure (for example, if you feel that Your Personal Data might have been compromised),
please immediately notify us.
When We provide Personal Data to a service provider, the service provider will be selected carefully
and required to use appropriate measures to protect the confidentiality and security of the Personal
Data.
7. Retention of Personal Data
We will take reasonable steps to ensure that the Personal Data we process is reliable for its intended
use, and as accurate and complete as is necessary to carry out the purposes described in this
Privacy Policy.
Personal Data will be kept by Us only for so long as it is needed for the purposes for which it was
collected and as required for business or to comply with legal, regulatory and internal requirements.
Personal Data is purged from ECICS Electronic Services, manual, and other filing systems in
accordance with specific schedules based on the above criteria and Our internal procedures.
8. Personal Data of Other Individuals
If you provide Personal Data to Us regarding other individuals (e.g. insured persons, family members,
and beneficiaries), you agree:
9. Withdrawal of Consent
9.1 On providing reasonable notice in writing to Us, You may at any time withdraw any
consent given, or deemed to be given, in respect of Our collection, use or disclosure of
Your personal data for any purpose.
9.2 You may submit the withdrawal of consent via mail or email to Our DPO.
9.3 On receipt of such notice, We shall inform you of the likely consequences of withdrawing
your consent.
9.4 Please allow up to 30 days for Us to process and update your request. You may continue
to receive marketing messages and other product information from Us within these 30
days.
9.5 We shall not prohibit You from withdrawing Your consent to the collection, use or
disclosure of Your Personal Data.
9.6 If You withdraw Your consent, then We shall cease collecting, using or disclosing Your
Personal Data unless otherwise required under the PDPA or other written law
9.7 Although You may have withdrawn consent for the collection, use or disclosure of Your
Personal Data, We may retain Your personal data for purpose of administering your
insurance products and/or services with Us and in accordance with Our internal
procedures.
10. Access and Correction of Personal Data
To the extent that the applicable law allows, You may request access to, and correction of, the
Personal Data. However, some Personal Data may be exempt from such access and correction rights
in accordance with the PDPA. All requests for access to, and/or correction of, the Personal Data can
be submitted to ECICS’ Data Protection Officer via email address at dataprotection@ecics.com.sg
Please note that ECICS Limited has the right to charge a reasonable fee for the handling and
processing of such requests.
11. Governing Law
This Privacy Policy shall be governed by and construed in accordance with the laws of Singapore.
Any dispute arising out of or in connection with this Privacy Policy including any question regarding its
existence, validity or termination, shall be referred to and finally resolved by the Courts of Singapore.
12. Changes to This Privacy Policy
We review this Privacy Policy regularly and reserve the right to make changes at any time to take
account of changes in our business and legal requirements.
Please take a look at the “LAST UPDATED” date at the top of this Privacy Policy to see when it was
last revised ; any change will be effective immediately upon being posted on this Website.
For the avoidance of doubt, where the Singapore personal data protection law permits an
organization such as ECICS Limited to collect, use, disclose or process Personal Data without
consent, such permission granted by the law shall continue to apply and nothing herein is to be
construed as limiting any of these rights.
Where written permission is required by law or otherwise for any such disclosure by ECICS Limited,
the signing of the relevant documents, Personal Data consent form and/or other methods of consent
notification, as well as in any other manner permitted by law shall constitute and be deemed to be
sufficient written permission for such disclosure.