Privacy & Data Protection Policy
Howden Malaysia respects and is committed to the protection of your personal data and your privacy. We appreciate that you do not want the personal data you provide to us used indiscriminately.
In this Privacy and Data Protection Notice (“Notice”), we explain how we collect and handle your personal data in accordance with the Malaysian Personal Data Protection Act 2010 (“PDPA”). We are committed to the observance and fulfilment of the provisions in the PDPA and all relevant data protection laws.
“We”, “Us”, “Our” in this Notice refers to Howden Insurance Brokers Sdn. Bhd., Howden Takaful Brokers Sdn. Bhd. and all our operating subsidiaries (collectively, “Howden Malaysia”). This Notice intends to assist you in understanding the basis which Howden Malaysia may collect and handle your personal data in accordance with the PDPA including the information practices of websites that are related to this Privacy Policy (each referred to as a “Site”).
By using these Site, you consent to the use, storage and processing of your personal data and other information stored on these Site or submitted by you at or through these Site in accordance with this Privacy Policy as set out in detail below. It applies to all individuals who interact with Howden Malaysia, including previous clients, existing clients, future prospective clients, as well as current and former employees across all business lines.
Definition
As used in this Notice and in accordance with the PDPA:
"personal data" means any information in respect of commercial transactions, which is collected directly or indirectly from you, who is identified or identifiable from that information or from that and other information in the possession of a data user, including any sensitive personal data.
“sensitive personal data” means any personal data consisting of information as to the physical or mental health or condition of a data subject, his political opinions, his religious beliefs or other beliefs of a similar nature, the commission or alleged commission by him of any offence or any other personal data as the Minister may determine by order published in the Gazette.
1. Why we collect your data?
We may collect and use your personal data for the following purposes including but not limited to:
- Identifying visitor demographics, interests, and behavior to improve contents of our Site(s);
- Sourcing suitable products that meet your insurance/takaful needs and suggesting them for your consideration;
- Processing your application for underwriting and acceptance of insurance/takaful with the insurers/takaful operators;
- Processing, handling and/or dealing with any matters relating to the services and/or products which you are entitled to under the insurance that you are applying or have applied for (including the mailing of correspondences, statements, invoices, reports to you which involve disclosure of certain personal data necessary for the delivery of services and/or products; claims including the settlement of claims and any necessary investigations relating to the claims under your and/or enrolled dependents’ individual insurance policy(ies);
- Executing your requests or addressing enquiries;
- Processing payment or credit transactions;
- Conducting necessary due diligence or screening activities (including background checks) as required by legal or regulatory obligations, risk management procedures, or internal compliance policies and procedures.
- Adhering to applicable laws, regulations, codes of practice, guidelines, or rules in managing our relationship and working with related insurance/takaful service providers.
- Collecting employee data allows us to facilitate various internal functions, including recruitment, ongoing employment matters, and compliance with legal and regulatory requirements. This includes evaluating employees, considering them for promotions or transfers, and ensuring adherence to internal policies and external regulations.
2. What data do we collect?
Depending on the nature of your interaction with us, some examples of personal data we may collect include the following but not limited to:
- Full Name and Alternate Name (where applicable);
- Identification number (ie., NRIC, passport no., work permit and birth certificate);
- Residential address;
- Correspondence address;
- Email address;
- IP Address;
- Contact number (telephone and/or mobile);
- Nationality;
- Gender;
- Date of birth;
- Marital status;
- Bank account/payment details;
- Vehicle information
- Personal data of family members or next of kin/beneficiaries
- Sensitive Personal Data; and any
- Personally Identifiable Information (PII); the concept is encompassed within the definition of "personal data" as provided in Section 4 of the Act.
3. How and where is the information shared?
Personal data provided to us will be kept confidential, where you have hereby consented that we may disclose your personal data to the following parties where such disclosure is required for performing our obligations in the course of or in connection with our provision of the services requested by you
- companies within Howden group of companies, from time to time, when you have opted into this service.
- prospective partners, advertisers and other reputable third parties
- Government agencies, statutory authorities and industry regulators.
- auditors, consultants, accountants, (re)insurers/(re)takaful operators, insurance/takaful intermediaries, lawyers, financial institution or other financial or professional advisers and the Bar Council and third-party service or product providers as may determine to be necessary or appropriate.
Our Site may contain links to other external sites. Howden Malaysia is not responsible for the privacy policies or the content of such other external sites.
4. Where is the information stored?
Upon your consent, your personal data which you submit via this website might be processed by entities (in or out of Malaysia) within the Howden Group including outsourcing partners. In such cases, this is necessary in order to process the information and to send you the information you have requested. Information submitted by you may be transferred by us to our other offices and to other reputable third-party organisations identified in item 3 above, as required under law and pursuant to relevant contractual relationship.
We will ensure that:
- access to your personal data is restricted to staff who are contractually required to process your personal data in accordance with their respective job requirements; and
- only necessary information is released to the relevant employees.
5. Where we might collect your personal data from
We may collect your personal data from various sources, including but not limited to:
- you;
- your company representative;
- within the Howden Group.
6. Security of your personal data
Howden places great importance on the security of all personally identifiable information associated with our customers. We have security measures in place to protect against the loss, misuse, and alteration of customer data under our control. For example, our security and privacy policies are periodically reviewed and enhanced as necessary and only authorised personnel have access to user information. While we cannot ensure or guarantee that loss, misuse, or alteration of data will not occur, we use our best efforts to prevent this.
7. Use of cookies
Cookies are pieces of information that a website transfers to your hard drive to store and sometimes track information about you. Most web browsers automatically accept cookies, but if you prefer, you can change your browser to prevent that. However, you may not be able to take full advantage of a website if you do so. Cookies are specific to the server that created them and cannot be accessed by other servers, which means they cannot be used to track your movements around the web. Although they do identify a user’s computer, cookies do not personally identify users and passwords and credit card information are not stored in cookies.
We may use cookies from time to time to:
- estimate our audience size and patterns;
- track preferences and to improve and update our website
For more on cookies read our cookie policy.
8. Marketing and promotional communications
Upon opting in to our services, you may receive newsletters, know-how, promotional material, and other marketing communications from us. If you do not wish to receive any promotional and/or marketing materials, please click the “unsubscribe” link at the bottom of the communication or contact us using the contact details at the bottom of this Notice.
9. Your obligations regarding your personal data.
It is necessary for you to supply personal data to us in the most accurate manner. Failure to provide us with accurate Personal Data may result in us being unable to effectively provide you with the services and/or deliverables requested.
10. Retention of your personal data
We will retain your personal data for as long as is reasonably necessary for the purposes for which it was collected. In some circumstances we may retain your personal data for longer periods of time, for instance where we are required to do so in accordance with legal, regulatory, tax or accounting requirements.
In specific circumstances we may also retain your personal data for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal data or dealings.
We maintain a data retention policy which we apply to records in our care. Where your personal data is no longer required beyond the stipulated retention period, we will ensure it is either securely deleted or stored in a way which means it will no longer be used by the business.
11. Rights regarding your personal data
To request access to your personal data
- You may request for access to personal data processed by us on reasonable notice.
To request correction of your personal data
- You may request for correction and/or update of your personal data that is inaccurate, incomplete, or outdated. We may seek to verify the accuracy of the data before rectifying it.
To limit processing of your personal data
- You may limit our processing of your personal data by expressly withdrawing the consent given previously, in each case, including for direct marketing purposes subject to any applicable legal restrictions, contractual conditions and within a reasonable time.
You may submit your request(s) via email to our Data Protection Officer at the contact details provided in Item 12 below.
12. Contact details
Any enquiries, feedback, or concerns regarding your Personal Data can be directed to us via the contact details below:
Data Protection Officer | ||
Email Address | : | |
Office General Number/Email | ||
Telephone | : | +603 9213 0606 |
Fax | : | +603 9213 0608 |
Email Address | : | |
Office Address | ||
Level 27, Menara Etiqa, No.3, Jalan Bangsar Utama 1, 59000 Kuala Lumpur. | ||
Operating Hours | ||
8.45 am to 5.45pm, Mondays to Fridays |
13. Updates to this Notice
We may update this Notice as and when required. When we do, the latest version will be published on this Site and the revised version date will be displayed at the bottom of this page.
Last updated: 06 June 2024