(hereafter referred to as “Hayat”, “we” or “us”) manage Personal
Information. It applies to any Personal Information you provide to us
and any Personal Information that we collect, use, process or disclose
from other sources.
Data and Sensitive Personal Data as defined in the Malaysian Personal
Data Protection Act 2010.
continuing to communicate with us, you confirm that you have read,
understood and agree to this policy in its entirety, unless you clearly
and specifically indicate to the contrary in your communications with
Statement of Commitment Hayat
is committed to the highest level of integrity in all of our dealings
with our clients, employees and business partners. This commitment
extends to any Personal Information about our clients that we might
possess or acquire. We are committed to abiding by the requirements of
the Malaysian Personal Data Protection Act 2010 (“PDPA”), respecting
personal privacy, protecting client record confidentiality and
safeguarding system security. Accordingly, Hayat adheres to the
following Privacy Guidelines and Principles: (i) Hayat has developed policies and programs for the protection of client information. (ii)
Hayat strives to maintain the accuracy of client information and will
promptly respond to any questions or concerns clients may raise with
respect to the accuracy of such Personal Information. (iii)
Hayat employees are aware of their duty to protect client information,
and each Hayat employee with access to personal client information is
required to comply with our privacy policies and procedures. (iv)
Hayat expects all of its business partners and service providers to
adhere to Hayat’s high ethical standards as to the confidentiality of
Personal Information. (v) Hayat will only use Personal Information in compliance with applicable law.
information you provide about yourself or about third parties to us
be accessed by contacting us at email@example.com.
WHAT PERSONAL INFORMATION DO WE COLLECT?
The Personal Information we hold and process includes Personal Information about you. This information includes and is not limited to Personal Data and Sensitive Data – as defined in the PDPA.
Personal Data is information about individuals where the individual can be identified. It may include information such as your name, contact details, age, insurance history or financial details. Sensitive Data is a particular kind of Personal Data and includes information about an individual's health; racial or ethnic origins and other Sensitive Personal Data as defined in the PDPA.
WHY DO WE COLLECT THIS INFORMATION?
collect Personal Information to offer, provide, manage and administer
the many services and products that we are involved in. These include
and are not limited to insurance broking, claims management, risk
management consulting, employee benefits and other forms of insurance
services such as the arranging of reinsurance.
If you would like more information on the services and products available please email us at firstname.lastname@example.org.
also collect Personal Information for the purposes of developing or
identifying products and services that may interest you, conducting
market or customer satisfaction research, developing, establishing
and/or administering arrangements with other organizations in relation
to the promotion, administration and use of our respective products and
HOW DO WE COLLECT THIS INFORMATION?
may collect this information directly from you, your agents and/or a
third party. For example, an insured's representative may tell us about
other persons wanting the benefit of our service or the relevant product
such as a nominated driver, a director or officer or professional or
other staff member. Alternatively, we may collect this information
through our own representatives, advisers or other third parties, such
as insurers, loss adjusters, lawyers, publicly available sources or
witnesses to a claim etc.
Dealing with us Anonymously Where
lawful and practicable to do so you can deal with us anonymously e.g.
general inquiries about the services we can offer you.
WHO MIGHT WE SHARE YOUR INFORMATION WITH?
Unless you specifically tell us not to, we may use or distribute your Personal Information to the extent required by law, and as described below:
(i) Provision of Products and/or Services. We may disclose this information to other organizations or third parties where we believe it is necessary to assist us and them in providing products and/or services and/or information about those products and/or services. Recipients may include and are not limited to our employees, insurers, reinsurers, other insurance providers, agents and service providers, consultants, market research and quality assurance companies, employers, health workers, investigators, lawyers and loss adjusters. These organizations in turn may need to disclose the information to other third parties, but we limit their use and disclosure to the purpose or purposes for which we supplied it (unless you or we consent). If these third parties wish to use your Personal Information for any other purpose, they have a legal obligation to notify you of this and, where required, to obtain your consent.
(ii) Other Service Providers. We may contract with other organizations and/or individuals to perform functions or services on our behalf. These may include and are not limited: hosting a website, managing databases, sending e-mail messages, IT and/or IT-related services, and making phone calls on our behalf. These organizations and/or individuals may have access to Personal Information needed to perform their functions, but they are restricted from using it for purposes other than providing services for Hayat.
(iii) Business Transfers. As we continue to develop our business, we may sell, buy or otherwise transfer assets – and this includes Personal Information. Also, if either Hayat itself or substantially all of Hayat’s assets were acquired, your Personal Information may be one of the transferred assets.
(iv) Legal Matters. Hayat reserves the right to disclose without your prior permission any Personal Information about you if Hayat has a good faith belief that such action is necessary to protect and defend the rights, property, safety or legitimate business interests of Hayat, our employees, clients, business partners and/or the public. We may also disclose Personal Information as we deem necessary to satisfy any law, regulation, legal process or governmental request. These instances may include and are not limited to: suspected crime, fraud prevention and related purposes. Relevant portions of your data may also be used for other secondary legal, administrative and management purposes such as audits and research.
If you do not want us to disclose your Personal Information to other organizations (including our own related companies) please email us at email@example.com, clearly specifying your request.
WHAT WE EXPECT OF YOU
If We Provide You with Personal Information: If you collect, use, disclose or handle Personal Information on our behalf, or receive it from us, you and your representatives must meet the relevant requirements of the PDPA and only use and disclose it for the purposes we agreed to. You must also ensure that your agents, employees, contractors and business partners meet all of these requirements.
If you wish to use this information for any purpose other than the purposes we agreed to, you are required to directly notify the data subject – as defined by the PDPA – of this and, where required by the PDPA, to obtain the data subject’s consent.
TRANSFERRING INFORMATION INTERNATIONALLY
Any information provided by you to us may be transferred internationally to Hayat’s business partners where it is necessary for the purposes described above. For example, where your insurance cover involves an insurer, reinsurer or service provider that is based overseas.
Countries outside Malaysia may not have the same standard of data protection as the PDPA.
HOW DO WE USE THIS INFORMATION?
This information may be used by Hayat, its agents and/or its business partners to provide to you products, services and / or information about these products or services. If you do not provide the information requested, we or those involved with the provision of the service or product, may not be able to provide the appropriate type or level of service or product.
This information may also be used for purposes including system administration, research and statistical purposes and crime prevention or detection.
The details, which you provide may also be used in order to help us update our records and/or for marketing purposes. If we send you any information about services or products, or you do not want us to disclose your Personal Information to any other organization (including related bodies corporate) please contact us at firstname.lastname@example.org, clearly specifying your request.
If you have any inquiries about this policy or practices, please email us at email@example.com.
Information related to employment If you have submitted your resume, curriculum vitae, an application form or any other Personal Information for the purposes of applying for a position with us, we will use this information to evaluate your qualifications and to contact you regarding any positions in which we believe you may be interested.
We may disclose and/or transfer your Personal Information to other members of Hayat for the purposes of considering your application. This includes and is not limited to transferring your Personal Information to our employees who will process your application on our behalf.
SECURITY OF PERSONAL INFORMATION
Your Personal Information may be stored in hard copy documents, as electronic data, or in our software or systems. We endeavor to protect any Personal Information that we hold from misuse, loss, data corruption, and from unauthorized access, modification and disclosure. Some of the ways we achieve this are: (i) employee confidentiality requirements (ii) policies and security measures controlling access to our systems (iii) document storage security policies (iv) controlling access to our premises
However, as effective as our security measures are, no security system is impenetrable. We cannot guarantee the security of our database, nor can we guarantee that Personal Information you supply will not be intercepted while being transmitted to us over the internet. We ask that you do your part by maintaining in strict confidence any computer passwords you use to access the Internet.
KEEPING INFORMATION UP-TO-DATE, COMPLETE AND ACCURATE
reasonable steps to ensure that your Personal Information is accurate,
complete, and up-to-date whenever we collect, disclose or use it.
RETENTION OF PERSONAL INFORMATION
As Company Policy we archive our documents, correspondence and any other information records for seven (7) years. After that date, this information is then destroyed without further reference to you. This policy applies to all types of policy coverage other than personal injury.
Personal Injury Records are all documents and any other records whether broking, underwriting or claims pertaining to an insurance policy which provides cover for any injury to persons regardless of the class of that insurance policy.
If you have any questions about our file retention policy, please contact us at firstname.lastname@example.org.
ACCESSING YOUR INFORMATION
We will, on request, provide you with access to information we hold about you, unless there is an exception which applies under the PDPA. Things that may affect a right to access include and are not limited to: (i) Granting access may pose a serious threat to the life or health of any individual; (ii) Granting access may have an unreasonable impact on the privacy of others (iii) A frivolous or vexatious request (iv) The information relates to commercially sensitive decision making process (v) Access would be unlawful or denying access is required or authorized by law (e.g. we have a duty of confidentiality to our client's and will not provide access to Personal Information about you if it will breach that duty) (vi) Access would prejudice enforcement activities relating to criminal activities and other breaches of law, public revenue, a security function, or negotiations with the individual (vii) Legal dispute resolution proceedings
If we don't provide you with access, we will provide you with reasons for the refusal.
We will respond to you as soon as is reasonably possible and we may recover from you our reasonable cost of supplying you with this information.