Honan Insurance Group (Asia) Pte Ltd (referred to as “Honan”, “we”, “us” and “our”) is committed to the protection of your privacy. When we collect, handle, store, use or disclose personal information, we try at all times to comply with the Personal Data Protection Act 2012.
- Our policy on the management of personal information; and
- The types of personal information we hold, the purposes for which we hold it and how we collect, store and handle that information.
If you require more information about the sort of personal information we hold, or the purposes for which and manner in which we collect, hold and use and disclose it, you should contact Honan’s Data Protection Officer on +65 6559 4500.
Personal Data refers to data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which the organization has or is likely to have access. Personal data in Singapore is protected under the Personal Data Protection Act 2012 (PDPA).
What is the Personal Data Protection Act?
The PDPA establishes a data protection law that comprises various rules governing the collection, use, disclosure and care of personal data. It recognizes both the rights of individuals to protect their personal data, including rights of access and correction, and the needs of organizations to collect, use or disclose personal data for legitimate and reasonable purposes.
When, why and how we collect personal information
We may collect personal information in a number of circumstances. The main ones are:
- When a person or their broker asks us for an insurance quote;
- When a person asks us to arrange insurance through us;
- When a person alters the terms of their insurance policy;
- When a person makes a claim;
- When we investigate a claim;
- When a person requests information from us; and
- When a person applies for a job with us.
We will only collect the personal information that we need to:
- Quote on or assess an insurance proposal;
- Arrange an insurance policy;
- Assist with a claim; and
- Consider a job application.
Whenever we collect personal information, we do everything we can to let the person know:
- How to contact us
- Why we collect the information
- The organisation or types of organisations to which we usually disclose that kind of information
- The consequences if the information is not provided.
We generally provide this information in the form of a collection statement which we give the first time we collect information from an individual.
From time to time we may need to collect sensitive information or health information about a person. We may need to collect sensitive information or health information when providing a quotation for an insurance proposal or assisting with a claim. We will only collect that information with the consent of the individual or where we are required by law to collect that information.
We generally try to collect personal information directly from the individual and not from the third parties. However, there are situations where it is not reasonable and practicable to collect information directly. They include:
- When a person contacts us through a broker
- When we are seeking independent verification or appraisal of information provided
- When we are assisting with a claim.
If we collect personal information from a third person, such as a company for whom the individual works, or a broker or assessor, we may rely on that third person to provide the collection statement to the individual.
An individual or a company may elect to remain anonymous if making a general inquiry relating to our services. However, if the personal information is not provided, we may not be able to provide you with the appropriate services.
The purposes for which we use or disclose personal information
We collect personal information because we need it to:
- Provide quotation
- Arrange insurance
- Assist with a claim
- Consider a job application
Generally, we will not use or disclose personal information for any other purpose unless we have received the consent of the individual. We will not give personal information to any other organisation for marketing purposes.
From time to time, we may use personal information to provide individuals with news or offers about products and services that we provide. However, we will only do that with the consent of the individual. If a person consents to us using personal information for that purpose, and subsequently change their mind, they can request us not to use the information for those purposes again.
The Personal Data Protection Act allows us to disclose personal information for purposes relating to public safety and law enforcement..
How we maintain the integrity of personal information
We do everything we can to ensure that the personal information we hold is accurate, complete and up-to-date. To this we:
- Periodically review our database and remove personal information that is no longer required; and
- Promise to correct any error that is brought to our attention.
Your access to your personal information
We will provide access to personal information we hold about you on request. Any request must be made in writing addressed to the Data Protection Officer.
However, the Personal Data Protection Act allows us to refuse access in some circumstances, including where:
- The information relates to a legal dispute, and the information would not be acceptable by process of discovery in legal proceedings;
- Providing access would reveal our strategy in relation to negotiations in a way that prejudice the negotiations; and
- Providing access would be likely to prejudice an investigation of possible unlawful activity.
We will not charge you for providing access to personal information. However, we may charge you to comply with the access request (such cost will not be excessive).
If we refuse to give access to the personal information, we will give you a written notice that sets out:
- The reasons for the refusal except to the extent that it would be unreasonable to do so; and
- The mechanisms available to complain about the refusal.
How we keep personal information secure
We recognise that you are concerned about the security and confidentiality of the personal information provided to us. We recognise the value of that information and will do everything we reasonable can to prevent unauthorised access to, or disclosure, misuse or loss of that information.
We try to do that by:
- Ensuring all staff who have access to your information understand the requirement of the Personal Data Protection Act;
- Requiring persons to whom we supply information or who process that information on our behalf to comply with the requirements of the Personal Data Protection Act;
- Using encryption and other data protection techniques whenever we store or transmit information electronically; and
- Storing personal information in hard copy form in secure facilities.
Correction of your personal information
We will do everything we can to ensure that the personal information we hold is accurate, complete and up-to-date.
You may request correction of personal information which we hold about you. Such request must be in writing to the Data Protection Officer. If we are satisfied that the information is inaccurate, out of date, incomplete, irrelevant or misleading, we will correct it as far as reasonably practicable.
If your personal information is corrected by us, you may request us to notify any other entity to which we had previously disclosed the information of the correction.
If we refuse to correct the personal information as requested, we will give the personal a written notice that sets out:
- The reasons for refusal except to the extent that it would be unreasonable to do so; and
- The mechanisms available about the refusal.
Where we do not amend the personal information, you may request us to make a notification in our records, noting that you have requested a change and what it was, and that we did not make the amendment. We will take such steps as are reasonable in the circumstances to notate the documentation to include your request and our reasons.
We may send your personal information outside Singapore
If may be necessary for us to transfer personal information held about you to an organisation outside Singapore. We may need to do this where information is stored in or processed in a database that is located outside Singapore.
We will not transfer information outside Singapore without your consent unless we are satisfied, or have put arrangements in place to ensure, that the information will be handled in a manner that is consistent with the requirements of the Personal Data Protection Act.
We take very seriously any complaints we receive about the way we treat personal information. If you have a complaint about the way we use or handle your personal information, you can contact us through one of the following methods:
Tel: +65 6559 4500
Address: 1 Raffles Place, #20-03 One Raffles Place, Tower 1, Singapore 048616