Let’s first take a quick look at the EU’s data privacy law. GDPR stands for General Data Protection Regulation, if you haven’t heard of it, is the EU’s latest regulation on data and privacy. The main feature of this law is that it gives people the right to view, modify, and request deletion of their personal data. In short, it gives people more control over their personal data while also requiring companies to implement less vague privacy policies and stronger data privacy arrangements.
A key element of this law is that unlike privacy policies in other countries, the GDPR applies to all citizens and residents of the EU, regardless of their location. It also applies to all companies (foreign and domestic) that collect, track, and utilize data of those from the EU.
This is incredibly far reaching because it affects many companies who don’t even have operations in the EU but do sell to, or work with residents or citizens. As an international insurance broker, we offer a variety of plans to people from all over the world so being compliant and adhering to these rules is very important to how we operate.
In all things related to data collection and protection, we endeavour to implement and abide by best practices. The information contained within this privacy adhere to following generally accepted data principles list here:
- Personal data is processed fairly and legally – We do not collect or process any data unless it is contractually required or it is necessary by our partners.
- Personal data shall be obtained only for one or more specified and lawful purposes – As noted above and explained through the document, i-Brokers only collects and processes data when we need to.
- Personal data shall be relevant – Data collected by i-Brokers is only what is needed, and nothing else. Any requests made by clients or otherwise are followed through immediately, or within the next business day.
- Personal data shall be accurate – All data collected by i-Brokers is deemed to be accurate and any changes are updated as soon as physically possible.
- Personal data shall be kept only for as long as it serves a purpose – All data stored by i-Brokers is kept only as long as needed or legally required.
- Personal data shall be processed only in accordance with local and international law – All data collection, processing, and storage is done in a way that it is compliant with local requirements where we have offices and international regulations such as the GDPR.
- Appropriate technical and security measures must be taken to secure personal data – i-Brokers employs robust IT solutions and standard operating procedures that ensure all personal data is secure and only available to those who use it.
- Personal data shall only be shared as necessary – i-Brokers does share data, only as necessary, with other i-Brokers offices. Any transfer of data is done utilizing secure methods. We will also only share data with third parties as is contractually necessary or legally required. We will not sell any of this data.
Who collects data at i-Brokers?
Officially employed i-Brokers staff are the only persons approved to gather, handle, maintain, and use users’ personal data. Generally this will be handled by people on our sales staff, but such data can also be handled by i-Brokers staff working in compliance, renewals, claims, administration, accounting, marketing, and client support departments.
What data is being collected?
As an insurance broker, i-Brokers are contractually obligated to gather and retain certain data of both potential and existing clients. The data collected reflects what is required by insurers in order for the insurer to offer quotes underwrite policies and bind cover. The personal data collected can include some or all of the following:
- Name (first, middle, and last)
- Address (work, or home)
- Contact details (Phone number, email)
- Medical history
- Details related to method of payment
- Lifestyle information (such as hazardous hobbies)
- Job title
- Family structure (for family plans)
- Insurance purchase, coverage and claims history
Collection of data from businesses
The above list also applies to corporate customers which i-Brokers works with however for business policies additional data might also be requested by the insurer. This could include:
- Employee data of all types listed above
- Business registration and ownership information
- Business tax registration record
- Employee salary record – for life/disability plans only
How is data collected by i-Brokers?
All data gathered by i-Brokers is furnished by users of their own accord as long as their explicit consent is provided (see section below). You reserve the right to question what data is collected and why. User data may be collected across various mediums. Mediums where i-Brokers collects data include:
- Insurance quote forms on our website – Certain data such as age of those to be covered, location, nationality, name, and phone or email are required in order to develop a personalized quote and enable our Sales team to contact you should you have questions or want to apply for insurance cover.
- Email – This is the primary way application data is collected. Data collected by this medium will only be collected as necessary/required/requested by an insurer or as contractually required by law.
- Application forms from the insurer, or ones created by i-Brokers on behalf of an insurer, and other written documents – Only data listed in these forms will be collected. Data that is not necessary will not be requested.
- Telephone calls and in-person verbal communication – Data that is not necessary will not be requested. Our advisors will plainly state what data they need and why it is necessary.
- Text messages – This includes SMS, WeChat, WhatsApp, Facebook, and other chat/messaging apps. Data collected will only be what is necessary to furnish information requested by the client.
- Smartphone applications – Data collected here will only be what is contractually necessary.
- Online forms – Data collected here is for marketing purposes and will never be shared with third parties unless consent is provided by the data holder, or is legally requested by a government.
Why does i-Brokers collect data?
i-Brokers collects information from users for two purposes:
- Contractually necessary purposes – In order to apply for an insurance policy with an insurance provider, a user will need to provide information as required by a particular insurance company’s application requirements. Any data not required by an insurer will not be requested.
- Marketing purposes – Aside from information directly relevant to insurance providers and products, the only other information used by i-Brokers is purely for marketing purposes. This will only include contact details (email, and phone) and basic personal information (name), and will never include any type medical information.
Does i-Brokers share data?
Any user data collected by i-Brokers is shared only internally within our offices, and with relevant licensed insurance companies, insurance agents and third party administrators/service providers. Any personal data regarding a particular user is also available to them upon request. We may also share requested user information with regulators and governmental authorities as required by law and local regulations.
i-Brokers does not share user data with any third parties outside of relevant insurance companies, insurance agents, third party administrators, third party service providers, regulators, or governmental bodies, and does not sell user data under any circumstances.
How long does i-Brokers store data?
i-Brokers stores data for as long as a user is a client or can reasonably be considered a potential customer without having notified us of their intention to opt out of any marketing communications. Beyond this, users that purchase products or services through i-Brokers will have their data stored for up to seven years following the end of their business with us, as such data may be needed for reasons related to regulatory needs, governmental, and financial compliance.
Consent to collect data
By using this website, you consent to the collection and use of your personal data as described in this document. This consent is deemed to be entirely voluntary with data only being collected when contractually necessary, as required by law, or for marketing purposes.
Where required by applicable law, we will seek your explicit consent to collect, process, and use the personal data described in this document. In all cases, data requested will only be what you freely give. You maintain the right to refuse to provide your data along with the right to request to view or delete the data we have collected from you at any time.
It is important to note however that refusal to provide data that is contractually necessary, or data that you are legally obligated to cover will result in our inability to offer you our products or services. The use of this website will also not be possible.
If you would like to change/modify your consent please follow the contact information in the What control do I have over data and how do I change my consent? section of this document.
How does i-Brokers use collected data?
i-Brokers uses data collected from users to enable the sales, purchase, underwriting, payment, administration, use, and renewal of insurance products and services. We may also make use of personal data for marketing purposes related to the sale, purchase, underwriting, payment, administration, use, and renewal of insurance products.
In all cases, consent will be required. You can change your consent/Request to view your data that we have collected at any time by following the information in the What control do I have over data and how do I change my consent? section below.
What control do I have over data and how do I change my consent?
Users can be notified of and amend any of their data collected by us, as well as opt out of receiving any marketing promotions from us. To do so, please send a notification to i-Brokers at the following address:
i-Brokers Data Protection Officer
15F, Nexxus Building, 41 Connaught Road Central, Central, Hong Kong
Alternatively, users can contact us at [email protected]
Failure to notify us of a desire to ‘opt out’ of marketing promotions will be interpreted as an agreement to allow i-Brokers to continue using your data for voluntary marketing purposes.
Is i-Brokers data collection policy compliant?
All of our data collection, protection, and usage policies are fully in line with international regulations, including the European Union’s General Data Protection Regulation and Hong Kong’s Personal Data (Privacy) Ordinance as well as that of the Insurance Authority (IA). Furthermore, all users have the ability to view and alter any submitted user data.
Collection of data from children
i-Brokers sells insurance cover to families. This means that a child’s data may need to be collected, as is contractually required by an insurer. With all data collected for children under 18, i-Brokers will contact the parents or guardian of the children to first gain consent and to explain what data is being collected and why. In situations where we are dealing with a minor (any person under the age of 18) as the primary policy holder (e.g., a student going overseas contacts us looking for insurance) we will contact the parent or guardian of the minor and ensure that consent for requested data is provided. Parents or guardians will be involved in ALL communication and any decisions made.
Cookies on our website
i-Brokers will only collect data that is contractually necessary – in order for an insurer to offer and underwrite a plan they require specific data. As a broker, we are required to collect this data if you purchase a plan from us – or for marketing purposes.
Data collected by us is never sold to third parties and we will only provide third parties the data they require.