The safe and secure management of your personal data is essential to our continuing operation, particularly as the business expands. By keeping personal data secure, and processing it in accordance with our obligations under the PDPA, we protect the interests of our business, employees and our customers.
Please take time to read this carefully. When using our website, this policy must be read in conjunction with the website Terms and Conditions.
Is your consent required to collect personal data?
As per the PDPA, consent is required before collecting personal data, along with information as to why the data is being collected. We do not collect your personal data, unless it has been voluntarily provided by you, or a duly authorised third party, without notifying you of the purposes for which the data is collected (except where permitted by law), and you have provided consent to the collection and usage of your personal data for those purposes.
We shall seek your consent before collecting any personal data and before using your personal data for a purpose which has not been notified to you (except where permitted or authorised by Law).
When you visit our website, we may collect the following information:
Please note, you have the right to withdraw your consent at any time. If you wish to do so, please contact our Data Protection Officer (DPO), details of who are provided in the Contacting Us section below.
What kind of personal data will we collect?
In the course of our business dealings with you, we may collect the following types of personal data:
- General information such as your name, date of birth, address, email address and telephone number, identification information such as national insurance number, passport number or driving licence number
- Information about your job including job title, business description, education, employment history and professional certifications
- Information relating to the advice that you request or the services that we are providing. For example, we might need information relating to your previous insurance policies and claims history
- Information which is relevant to the insurance policy we have placed or any claims made under it. For example where we have placed property insurance for you, we will hold information about your property and the individuals living there
- Information obtained from requests for mid-term adjustments which may reveal changes in your personal circumstances which are relevant to the insurance policy we placed
- Financial information such as your financial history and needs, income, bank details, payment details and information obtained as a result of our credit checks
- Financial information obtained if you request cancellation of your insurance policy and any information relating to the cancellation
- Information obtained when we carry out checks of sanction lists, including information relating to criminal sanctions (including offences and alleged offences and any caution, court sentence or criminal conviction).
- Information obtained as a result of carrying out due diligence
- Your marketing preferences
- Any information we record about your preferences when doing business with us
How will we collect this personal data?
Personal data may be collected in the following manner:
- Directly from you
- From other third parties involved in the insurance process such as another broker and insurers
- Via publically available sources such as internet search engines and social media sites
- From other companies within the Arthur J. Gallagher group
- Via insurance industry fraud prevention and detection databases and sanctions screening tools
What is the purpose for collecting this information?
The personal information that we collect will depend on our relationship with you. Some example of the purposes for collecting your personal data are as follows:
- We need to use your personal information to enter into or perform our contract with you, for example, in order to fulfil our obligations under our contract and place appropriate insurance cover, we need to use your personal information to provide you with a quote and determine market placement.
- We have a genuine business need to use your personal information such as maintaining our business records and keeping records of insurance policies we place and analysing and improving our business model and services. When using your personal information for these purposes, we have considered your rights and ensured that our business need does not cause you harm.
- We have a legal or regulatory obligation to use your personal information. For example, our regulators impose certain record-keeping rules which we must adhere to.
Please see below for further details on the different ways we use your personal information
- To evaluate your insurance needs and risk appetite and obtain quotes for you
- To arrange appropriate insurance cover and provide policy documentation
- To enter into business relationships which facilitate us to place insurance policies for our customers
- To assist in any claims made under an insurance policy we have placed
- To assist with any renewals, mid-term adjustments of your insurance policy or cancellations
- To set you up as a customer including carrying out fraud, credit and anti-money laundering checks
- Communicating with you and responding to any enquiries you have
- Complying with our legal or regulatory obligations (such as our requirements to report to MAS)
- Prevention and detection of and investigating and prosecuting fraud. This might include sharing your personal information with third parties such as the police, and other insurance and financial services providers.
- Providing improved quality, training and security (for example, with respect to recorded or monitored phone calls to our contact numbers)
- Managing our business operations such as maintaining accounting records, analysing financial results, complying with internal audit requirements and receiving professional advice (e.g. tax or legal advice)
- Monitoring applications, reviewing, assessing, tailoring and improving our products and services and similar products and services offered by Gallagher
- Tracing and recovering debt
- Monitoring usage of any of the various Gallagher websites
- To apply for and claim on our own insurance
Who will we share your personal information with?
From time to time, we may share your personal information with companies in the Arthur J. Gallagher group or with the following third parties for the purposes set out above:
- Our insurance partner such as other insurance intermediaries, insurers, reinsurers or other companies who act as insurance distributors,
- Other third parties who assist in the administration of insurance policies and claims such as loss adjustors, claims handlers, auditors, lawyers and other experts,
- Fraud detection agencies and other third parties who operate and maintain fraud detection registers
- Our regulators
- The police and other third parties or law enforcement agencies where reasonably necessary for the prevention and detection of crime
- Other insurers who provide our own insurance
- Industry bodies
- Our third party services providers such as IT suppliers, finance and payment providers, actuaries, auditors, lawyers, marketing agencies, document management providers, tax advisers and insurance software providers
- Selected third parties in connection with the sale, transfer or disposal of our business
How do we protect your personal information when sending it abroad?
Sometimes we (or third parties acting on our behalf) will transfer personal information that we collect about you to countries outside of Singapore.
Our regular transfers include the United States of America for central IT systems (including corporate emails) which are routed through our US parent company AJG & Co. and India who assist with our back office functions. In both instances, in addition to our internal policies and procedures outlined below, we have an Intragroup Data Transfer Agreement in places as a method of protecting your information.
If you would like further information regarding our data transfers and the steps we take to safeguard your personal information, Contact Us by email at: DataProtectionSG@ajg.com.
How do we protect your information?
To protect your information we use a range of organisational and technical security measures.
Within Gallagher we restrict access to your information as appropriate to those who need to know that information for the purposes set out above.
We use firewalls to block unauthorised traffic to the servers and the actual servers are located in a secure location which can only be accessed by authorised personnel. Our internal procedures cover the storage, access and disclosure of your information.
Internal training is conducted for all staff in respect to data protection regulation.
How long do we keep personal information for?
Our records will be retained in compliance with laws and regulations.
|Subject of record||Retention Period|
|Personal recommendation to customer||5 years|
|Policy Summary||5 years|
|Policy document||5 years|
|Complaints subject to DISP 1.1||5 years from the date complaint received|
What marketing activities do we carry out?
If you have provided your consent for marketing, we may from time to time provide you with information about our products.
With your consent, we will send you marketing communications where we think you will be interested in receiving them. An "unsubscribe" link appears in all our marketing emails. To unsubscribe from emails sent by us, simply click on the link at any time. Alternatively, you can contact us to update your preferences at DataProtectionSG@ajg.com. In such circumstances, we will continue where necessary to send you (non-marketing) service related communications.
How do we ensure your personal data is accurate?
Please be assured that we make every reasonable effort to ensure that the personal data we collect on you is accurate and complete, as it is this data that we use to make decisions regarding your insurance needs. From time to time, we may contact you and ask you to confirm whether there are any changes to this personal data, in order for us to maintain accurate records.
Under the PDPA, with certain exceptions, you have the right to request access to the personal data we hold in relation to you. You also have the right to request details regarding how this data has been used or disclosed within the past year. With certain exceptions, you also have the right to request corrections to your personal data held by us. If you wish to exercise these rights at any time please contact us using the details set out in the Contact Us section below.
You may contact our Data Protection Officer if you have any questions about how we collect, store or use your personal information.
Data Protection Officer
61 Robinson Road
Last Updated November 2019