Personal Information Collection
What personal information we collect from you (“discloser”) depends on your relationship with us at the time of collection, i.e. insured, claimant, or prospect, as well as your request – the information of which may include the following:
This may include name, date of birth, age, gender, marital status, and occupation.
This may include address, phone number, telephone/mobile number, email address, and social media.
This may include bank account number, credit history, and other financial details.
Health information, height, weight, medical record, other insurance policies held, hospitalization in the past, smoking habits, pre-existing conditions, family medical history, and other information you have given to us related to your or your family medical history.
- Personal Details
Your personal information will be collected and stored, directly or indirectly, when:
- You enter our Website;
- You disclose to us;
- Any persons related to you or appointed by you (including but not limited to your spouse or family member, a person whose name is under the same policy as yours, and any other persons under the purpose of validation of application, claim, and compensation) discloses to us, and
Your personal information may be collected and used for the following purposes:
- to provide you with our services and products which shall include performing our relevant contractual or regulatory obligations;
- to enhance our existing services and products and develop new services and products;
- to communicate with you about our existing or up-coming services or products, including but not limited to, terms and conditions, promotion, activities, and advertisement;
- for Website administration and business operation and
- to rely on the purpose or obligation which are subjected to us to collect your personal data stipulated by the laws such as insurance law, personal data protection laws and other related law.
For your security, we
- use both encryption and tokenization technology to safeguard your sensitive information such as credit card number, which can only be accessed by an authorized person;
- restrict the access of your personal information to only our employees who require such access;
- prevent unauthorized access by regular update of technology; and
- delete your personal information when it is no longer necessary for relevant aforementioned purposes.
We will retain your personal information as long as it is necessary for the purposes of collection and use, unless required or permitted by applicable law. For most of the cases, your personal information will be retained for five years after the date of termination or cancellation of your policy, whereas for financial information related to you, such as the amount of payment of premiums, claims and other ancillary payments, as per the applicable laws and regulations on Corporate Documents, will be retained for at least ten years after the date of termination or cancellation of your policy.
In order to perform our contractual obligations towards you or our regulatory obligations towards regulators and authorities, your personal information may be disclosed, and/or disseminated to third parties for the relevant mentioned purposes only. These third parties may include insurers, reinsurers, our business partners, financial institutions, regulators e.g. OJK, authorities e.g. DGT, PPATK, POLRI, or other relevant government institutions, other service providers e.g. data storage service providers, call centre service providers, First Notice of Loss service providers, payment system provider or payment gateway provider, and repair shops, hospitals, health clinics, and other health service providers.
Moreover, in order to improve your experience in using our Website and traffic optimization during access by users, we will also track your behaviour using analytical tools. These analytical tools will be provided by third-party provider that we have engaged, and we hereby reserve the right to add, stop or change existing provider to other third party analytical tools provider. The information that we have gathered for this purpose will be anonym and shall not be identifiable to you.
For our business operation, where our legitimate interest is not less important that the data subject’s fundamental rights, your personal information may be disclosed and/or disseminated to our group companies and third parties such as external auditors, advisors, survey/data analytics service providers, and investors.
In any case, your personal information will not be disclosed and/or disseminated to any other persons other than the cases of the above two paragraphs, without your consent, except for the following cases:
- providing that it is required by any applicable law;
- providing that it is necessary for preventing emergencies or protecting others from danger; and
- for the public interest
In order to provide you our services especially for documentation, your personal information will be stored in Indonesia, whereas other non-personal information will be stored outside Indonesia with the encryption and tokenization method mentioned above. None of your personal information with direct reference to you will be stored abroad. In any case, we will take any necessary step to ensure that your personal information is stored and secured appropriately.
Your Rights As a Data Subject
Subject to the applicable laws and regulations in Indonesia concerning personal data protection, by using our Website, receiving our services and/or purchasing our products, the protection of your personal data will cover the following process:
In accordance with the applicable laws and regulations on personal data protection applicable in Indonesia, procurement and collection of personal data will be carried out by respecting your rights as the owner of the personal data, which will be carried out by providing options for confidentiality or non-confidentiality of your personal data, as well as other provision of options to change, add, or update the personal data. In this matter, procurement and collection of your personal data by us will be based on your consent, or according to the applicable laws and regulations.
In accordance with the applicable laws and regulations on personal data protection applicable in Indonesia, processing and analyzing or your personal data will only cover matters that we have clearly stated when procuring or collecting your personal data. This will be based on your consent.
In accordance with the applicable laws and regulations on personal data protection applicable in Indonesia, your personal data will be stored at least 5 (five) years since you are no longer becoming a user in our website. As mentioned above, your personal data will be stored in data center and data recovery center placed within the territory of the Republic of Indonesia. Other non-personal data, may be stored outside the territory of the Republic of Indonesia, by using tokenization and encryption so that the data that we stored outside the territory of the Republic of Indonesia will not be identifiable to you.
In accordance with the applicable laws and regulations on personal data protection applicable in Indonesia, activity of displaying, publishing, transmitting, disseminating, and/or access opening of your personal data, will be done based on your consent.
In accordance with the applicable laws and regulations on personal data protection applicable in Indonesia, your personal data will be destroyed when it has passed the Storing provision that we mention above, or it you request the destruction of your data.
We use the following types of cookies:
Strictly Necessary Cookie
These cookies are necessary to help make the website function properly, by enabling basic functions such as page navigation. The storage duration is one year (persistent).
These cookies track your behaviour of usage in order to know how many times you access certain functions of or your customer journey on our Website. The storage duration is between 1-2 years (persistent).
In some cases we might use both types of cookies through third-party service providers.
You can manage, block, and delete cookies on your browsers. You can learn more abo ut cookies and how to manage them from this link: Allaboutcookies.
- Strictly Necessary Cookie