Protecting Your Privacy
PROTECTING YOUR PRIVACY - PRIVACY POLICY
This Privacy Policy sets out the basis which Auto & General Insurance (Singapore) Pte. Limited (trading as Budget Direct Insurance) (“we”, “us” or “our”) may collect, use, disclose or otherwise process your personal data in accordance with the Personal Data Protection Act (the “Act”) when you visit our website, use our online resources, interact with us through any means in relation to our promotions, products and/or services, or enter into a contract with us or is otherwise insured under a contract for our provision of any products or services.
The security of your personal information is important to us. We have in place safeguards to protect your personal information.
What personal information we may collect
We may collect, use and disclose personal data including but not limited to the following:
- your personal particulars such as your name, date of birth, gender, marital status;
- your contact details (including phone number, residential address and email address);
- your financial information such as credit card and other payment details;
- your occupation and relevant employment information;
- your health, lifestyle and relevant medical information such as medical history;
- your previous or current insurance;
- your driving history;
- your travel related information;
- personal data of a third party that you provide to us in connection with the provision of our products and services to you;
and such other information which is relevant and necessary to providing products and services to you or to comply with the law.
Purposes for which personal data may be used
The purposes for which we may collect and use your information include:
- considering your policy application and establishing and administering your policy;
- assessing your eligibility to participate in and administering events such as promotions or lucky draws;
- processing premiums and payments, and recovering monies owed to us;
- assessing our risks and underwriting your insurance;
- assessing, processing and investigating your insurance claim or complaint;
- performing obligations in the course of or in connection with our provision of the products and/or services requested by you;
- verifying your identity and the identity of third parties whose personal information you have provided to us;
- managing your relationship with us;
- responding to, handling and processing queries, requests, applications, complaints, and feedback from you;
- preventing and detecting fraud or loss, including performing anti-money laundering/counter terrorism financing checks in adherence with applicable laws;
- conducting due diligence, compliance, monitoring and audit reviews and checks;
- complying with any applicable laws, regulations, codes of practice, guidelines or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory body;
- conducting market, statistical or actuarial research and trend analysis of our products and services for internal, regulatory or industry exercises and studies;
- enhancing our products and services which may include conducting surveys and requesting for feedback to improve quality of our products and services;
- quality and training for our employees and representatives;
- telling you about our products and services (which may be through post, emails and/or SMS originating from us) as well as our other products and services which may include those of our business partners, which we believe may interest you. You may tell us at any time that you do not want us to advise you about other products and services (see “Marketing” below for more details).
- for any other purpose for which you have provided the information; and/or
- for any other incidental business purposes related to or in connection with the above.
The purposes listed above may continue to apply even when you do not have a relationship with us or your relationship with us (for example, pursuant to your policy or participation in our promotions) has been terminated or altered in any way.
Disclosure to third parties
The personal information that we collect from you may be disclosed to other parties who are involved with the provision of our products and services to you or who assist us in the conduct of our business activities in relation to the products and services we provide to you. Such parties include but are not limited to: your current and/or past insurer(s), our group companies, service providers such as emergency assistance companies, repairers, claims assessors, investigators or lawyers (should they be required in the event of a claim), other insurers (for the purpose of seeking claims recoveries or to assist them to assess insurance risks), insurance reference service providers, selected marketing and social media platforms that we use (such as Google and Facebook), and other relevant service providers. We may also disclose to the police, credit enforcement groups, legal advisors and health providers assisting us to provide our services to you.
Our group companies or external companies who help us web-host, maintain our website and mobile applications, provide communication services (such as mailing) may also have access to your personal information for the sole purpose of providing those services.
We impose security and confidentiality requirements on how these parties handle your personal information and we limit the use of it to the specific purpose for which we supplied it.
The information we provide to third parties will be strictly limited to what is required to provide the products and services, where disclosure is required, or authorised by or under law (for example, we may disclose information to government agencies) or where you have requested us to or have consented to the disclosure to a third party. The third parties may include overseas organisations (see below).
Exchange of information with overseas parties
We generally do not transfer your personal data to countries outside of Singapore. However, some of the parties with which we exchange your personal information, including our service providers and other third parties referenced above, may be located outside Singapore. Where we do this, we will take steps to ensure that your personal data continues to receive a standard of protection that is at least comparable to that provided under the Act.
How we collect personal information
We may collect information from you in various ways. It might be through our call centre, over the internet if you access our website or transact with us online, use the services provided by our service providers, or when you fill out an application form for one of our products and/or services online or via social media.
At our offices, we may record you using CCTV and your phone calls with us are also recorded for quality, training, security and record keeping purposes.
Information collected online
We collect information about visitors using our online resources. Any information collected is used to provide our products and services and to identify online behavioural patterns.
Our online resources include but are not limited to websites and mobile applications “apps”. Information collected by these resources may include:
- Server address/IP address
- Date and time of visit to our site
- Pages visited
- Documents downloaded
- The site you visited prior to visiting our website
- The browser you are using to access our resources
- If you have visited our website before
- Tracking user preferences
In addition to the above, mobile apps may collect location data.
From time to time, we may use data collection devices such as 'cookies' in conjunction with our website. Cookies are commonly used on the internet. They are small files placed onto your device by a server and can be used to identify your device later. We may use both 'persistent' and 'session cookies'. These cookies help us and our marketing partners to evaluate the effectiveness of our advertising and understand how visitors use our site. We retain control over how that data is used. Any information that is collected in this way is used in an aggregated form and we do not use it to identify you as an individual.
We may use cookies for various purposes such as:
- to provide you with better and more customised service and a more effective website
- collecting anonymous statistical information on things such as how many visitors our sites receive, how those visitors use the sites and where they came from.
Most of our online resources use sessions and/or cookies. If you wish, you can configure your browser so it does not accept cookies, but this may affect the functionality of the website.
Our website uses Google Analytics, a web traffic analysis service provided by Google Inc. (Google). Google Analytics uses cookies or similar technologies to collect and analyse information on how users use our website. For more information on how Google uses data when you visit our website and how to control information sent to Google, please refer to http://www.google.com/policies/privacy/partners.
You may opt-out from Google Analytics tracking through your Google Ads Settings page or by downloading and installing the Google Analytics Opt-out Browser Add-on at https://tools.google.com/dlpage/gaoptout/.
Collecting personal information from third parties
Where possible, we collect personal information directly from you. However, in some circumstances we may also collect personal information from other sources so that we can provide you with a policy or assess a claim you make. This may include another insurer, an insurance investigator, claims manager, a medical provider or professional expert.
If you authorise someone else (for example, your spouse, employer or representative) to provide your personal information to us, then you also authorise such other person to provide your consent to this Privacy Policy.
We will deal with your spouse, employer or representative if they call us on your behalf provided they are named on the policy and they satisfy our identification and verification checks. If you would like someone else to deal with your policy on your behalf on a regular basis, please let us know. In some exceptional cases we may also deal with other people who call on your behalf and with your consent. If at any time you want us to deal only with you, please let us know.
We may also collect personal information about someone else from you. For example, you may wish to purchase insurance in joint names or where you are nominating other people as insured persons on your policy (for example, another driver or travel companion). Where you provide us with personal information about other people, it is deemed that you are authorised and have obtained their consent to provide their personal information to us for the relevant purposes described in this Privacy Policy. You will notify us in writing as soon as practicable should you be aware that such consent has been withdrawn. Notwithstanding anything to the contrary, you undertake to indemnify us against any loss, damages and/or costs as may be incurred by us due to any breach by you in respect of this “Collecting personal information from third parties” section in this Privacy Policy.
Marketing
We will only send you marketing materials about our products and services or those of selected third parties if we have your consent to do so. We will normally obtain your consent when you get a quote from us or purchase a policy with us or participate in our marketing campaign, events or promotions.
We will never sell or disclose your personal information to other companies, however, we may provide your personal information to our business partners so that they can provide you with information about their products and services that you might be interested in (where you have agreed or as described in our Privacy Policy). Should you purchase products or services on our business partner websites, their privacy policy will apply to those products and services.
If you do not want to receive any marketing material, you can choose to opt out of our marketing activities. To opt out, you can either:
- use the unsubscribe function from our emails or
- log in to your Policy Manager to unsubscribe; or
- contact us using the Contact Details below.
You can, however, change your mind about opting out of receiving information about our products and services at any time by contacting us using our Contact Details noted below.
Withdrawing your Consent
Your consent for the collection, use and disclosure of your personal information will remain valid until such time it is withdrawn by you in writing via the Contact Details below. Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal information where it is permitted and required under applicable laws. Upon receipt of your written request to withdraw your consent, we may require reasonable time to process your request (depending on the complexity of the request and its impact on our relationship with you). We will also notify you of the consequences of us acceding to your request, including any legal consequences which may affect your rights and liabilities to us.
Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our products and/or services to you. In such circumstances, we will notify you before completing the processing of your request.
How we store personal information
We will store your personal information in a number of ways including:
- in electronic systems and devices;
- in telephone recordings;
- in paper files;
- secure document retention services off-site; and/or
- cloud facilities operated by us (or by third parties on our behalf)
We will only hold your personal information for as long as is necessary for the purposes described in this Privacy Policy or for legal or business purposes.
Information Security
We will take reasonable precautions to ensure that the personal information that we have about you is protected against any unlawful use, unauthorised access, modification or disclosure and these precautions include:
- using appropriate information technology and processes;
- implementing computer and network security systems with appropriate firewalls, encryption technology and multi-factor authentication to secure access and protect electronic files;
- regular patching of operating system and other software to address vulnerabilities;
- securely destroying or “de-identifying” personal information if we no longer require it subject to our legal obligations to keep some information for certain prescribed periods;
- restricting access to your personal information to our employees and those who perform services for us who need your personal information to do what we have engaged them to do; and
- verifying your identity by requesting certain personal information from you when you wish to discuss any issues relating to the products and services we provide to you.
While we undertake reasonable steps to protect your personal information, no guarantee can be given that information sent over the internet is always 100% secured. Sending and receiving information over the internet is at the user's own risk, however we strive to protect the security of your information and are constantly reviewing and enhancing our information security measures.
Access to and accuracy of personal information
You can request access to the personal information we hold about you at any time by contacting us in writing using the Contact Details noted below and we will provide you with that information unless we are prevented by law from giving you that access. If we are unable to provide you with the requested information, we will provide you with a written explanation.
We will respond to your request as soon as reasonably possible. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the Act).
Please note that depending on the request that is being made, we will only need to provide you with access to the personal data contained in the documents requested, and not to the entire documents themselves. In those cases, it may be appropriate for us to simply provide you with confirmation of the personal data that our organisation has on record, if the record of your personal data forms a negligible part of the document.
Where access is granted to your information, we may charge a reasonable fee for such access.
We take reasonable measures to ensure that the personal information we hold about you is accurate, complete and up to date. Under the Act, you also have a right to request that we correct or update any of your personal information, if you believe your personal information in our records is not accurate and up to date. We strongly encourage you to inform us in writing by contacting us using the Contact Details noted below. We will respond to your request as soon as reasonably possible.
Retention of Personal Information
The personal information that we collect from you may be retained for as long as it is necessary to fulfill the purposes for which they were collected, or as required or permitted by applicable laws. We will cease to retain your personal data or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purposes for which the personal information were collected, and are no longer necessary for legal or business purposes.
Website Links
This Privacy Policy applies to websites operated by us or on our behalf which we authorise to provide a link to this Privacy Policy.
When you use a link from our websites to which this Privacy Policy applies, to the websites of third parties, we have no control over these third-party websites we may link to. Those third-party websites are not subject to our privacy standards, and we take no responsibility for the conduct of these third parties. Always read the privacy and security statements when using other websites.
Contact Details
For data protection concerns or queries, you may contact our Data Protection Officer at:
- Email: [email protected]
To withdraw your consent, request access to your personal data, update or correct your personal data, you may visit our website at https://www.budgetdirect.com.sg/about-us/contact-us to submit your request to us.
Effect of Privacy Policy and Notification of Changes
This Privacy Policy applies in conjunction with our other policies, notices and contractual documents that apply in relation to the collection, use and disclosure of your personal information by us.
We may make changes to this Privacy Policy from time to time for any reason without any prior notice. We will publish changes to this Privacy Policy on our websites. You may determine if any such revision has taken place by referring to the date on which this Privacy Policy was last updated. It is important that you read and understand this Privacy Policy. Your continued use of our services and/or online resources constitutes your acknowledgment and acceptance of such changes.
Last updated: 9 January 2025.