Assikura Insurance Brokers PCC Limited (herein referred to as the “Company” and/or “Assikura”) are the data controllers as defined by relevant data protection laws and regulations. We control and are responsible for keeping and using personal data in paper or electronic files.
This statement is in compliance with the Data Protection Act, Chapter 440 of the Laws of Malta, the European Union Directive 2002/58/EC and Regulation (EU) 2016/679 (GDPR).
Scope of this statement
Whether you are our customer or approached us for a proposal, we understand the importance of your personal data and of your right to privacy. Throughout the insurance lifecycle, Assikura will receive information on beneficiaries under a policy, their relatives, claimants and other parties to a claim. Moreover, references to ‘individuals’ in this statement includes any living person from the preceding list, whose Personal Data Assikura receives in connection with the services it provides under its engagements with its clients.
The purpose of this document is to reassure you that the privacy and security of your personal information is very important to us. We are committed to continue to do our utmost to keep your personal data as safe as possible.
Information we hold about you
We may collect, store, and process the following categories of personal information about you (“Personal Information”):
We may also collect, store and use the following “special categories” of more sensitive personal information such as health information (for example current state of health, existing conditions, family or personal history in relation to medical conditions). The information we collect, store and process, will depend on the type of policy you will be requiring.
How is this information collected?
We may collect, store and process information through the following sources either when assisting you with a proposal, your policy or a claim:
How will this information be used?
We will use your personal data to provide you with products and services. Relevant data will be shared by Assikura with Insurers or other brokers for the purpose of obtaining insurance quotations and during the course of the insurance contract, to other insurers or to persons acting on their behalf and/or instructions, the Malta Association of Insurance Brokers, banks for payment purposes and other appointed experts where such sharing is required for any of the purposes listed above, together with the Commissioner of Police or any person, body or authority authorised by law to receive personal data and sensitive data
As part of this, we may use your personal data in the course of correspondence relating to the products or services. In addition, the purpose for obtaining the information will include:
How will this information be shared?
We will ensure that your personal data is processed in a manner that is compatible with the purposes indicated above.
For the stated purposes, your personal data may be shared with and processed where applicable by:
This may also include appointed consultants and experts such as motor surveyors, private investigators, lawyers, loss adjustors, medical doctors and other service companies to assist in the insurance process. Your information may be disclosed when we believe in good faith that the disclosure is required:
In order to prevent and detect fraud we may share your information with regulatory bodies in Malta or if applicable, overseas, as well as with insurance companies other than your principal (directly or via shared databases such as the Malta Insurance Fraud Platform), public bodies including the Police and other organisations and may undertake credit or fraud searches with relevant agencies.
Handling of sensitive information
For us to provide you with a holistic service, we may require personal sensitive information such as Bank account details, payment card details, income and other information pertaining to financial personal data.
In addition, for certain insurance policies, such as Health or Life Insurance policies, we require to collect personal sensitive information. This could be in the form of medical or health data, existing or former physical/mental medical conditions, medical procedures history, personal habits relevant to insurance (including smoking, consumption of alcohol, amongst others), disability information, prescription information and medical history.
Sensitive Personal Information requires higher levels of protection. We will not use Personal Information for any other purpose incompatible with the purposes described in this Privacy Statement.
How do we secure your information?
The security of your information is very important for us. We have implemented a variety of security measures to maintain the safety of your personal information when you place an order or enter, submit, or access your personal information whilst within our control. We also adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information, transaction information and data obtained and stored through our website.
Assikura also restricts access to Personal Data to personnel and third parties that require access to such information for legitimate, relevant business purposes only.
Where will my information be processed?
Your information may be processed both inside and outside of the European Economic Area (EEA) by the parties specified above, subject always to contractual restrictions regarding confidentiality and security in line with applicable data protection laws and regulations. We will not disclose your personal data to parties who are not authorised to process them.
On what basis are we collecting your personal information?
All processing of your personal information is justified by a “lawful basis” for processing. In the majority of cases, processing will be justified on the basis that processing is:
In limited circumstances, we will use your consent as the basis for processing your personal information, for example, where we are required to obtain your prior consent in order to send you marketing communications.
Before collecting and/or using any special categories of data, or criminal record data, we will establish a lawful exemption which will allow us to use that information. This exemption will typically be:
Any data collection that is optional would be made clear at the point of collection.
What if you choose not to give personal information?
If you choose not to give us this personal information (where we have a legal basis to collect it), or decide to withdraw your consent, it may delay or prevent us from providing you with our products or services.
For how long is your data retained?
Our retention periods for Personal Data are based on commercial, tax and legal requirements. These vary depending on the type of service, policy and individual circumstances. Such retention period under normal circumstances is that of 10 years. No Data will be maintained other than to fulfil its purpose unless a longer retention period is required or permitted by law. In the scenario that Personal Data is no longer required, Assikura either irreversibly anonymizes the data or entirely deletes such data.
What cookies do we use and why?
We do not use our cookies to deliver any targeted advertising or for use through any third party services such as Google analytics.
What are my rights?
You have various rights in relation to your personal data. In particular, you have a right to:
To exercise any of your rights, or if you have any other questions about our use of your personal data, please email us on firstname.lastname@example.org or write to us at the address below:
Assikura Insurance Brokers PCC Limited
Old Railway track
You may also use these contact details if you wish to make a complaint to us relating to your privacy.
It is important that you include your name, email address and purpose of your request when contacting us. Please note, however, that certain Personal Information and Sensitive Personal Information may be exempt from such access, correction and erasure requests pursuant to applicable data protection laws or other laws and regulations.
Right to complain
If you are unhappy with the way we have handled your personal data or any privacy query or request that you have raised with us, you have a right to complain to the Office of the Information and Data Protection Commissioner. Find out on the IDPC website how to send a complaint.
Changes to this privacy statement
We may modify or amend this privacy statement from time to time.
To let you know when we make changes to this privacy statement, we will amend the revision date at the top of this page. The new modified or amended privacy statement will apply from that revision date. Therefore, we encourage you to periodically review this statement to be informed about how we are protecting your information.