The principal ways AIG HK collects personal data is through its application forms for its insurance products, by phone through telephone applications, or through registration made via its websites. Our websites use "cookies" to gather statistical information concerning web traffic and usage patterns. Cookies do not track your name, e-mail address, or similar personal information.
What types of personal data do we collect?
Depending on your relationship with AIG HK (for example, as a policyholder; non-policyholder insured or claimant; witness; commercial broker,corporate agent, individual agent or appointed representative; or other person relating to our business), personal data collected about you and your dependants may include:
a.General identification and contact information
Your name; address; e-mail and telephone details; gender; marital status; family status; date of birth; passwords; educational background; physical attributes; activity records, such as driving records; photos; employment history, skills and experience; professional licenses and affiliations; relationship to the policyholder, insured or claimant; and date and cause of death, injury or disability.
Identity Card number; passport number; or driver’s or other license number.
c.Financial information and account details
Payment card number; bank account number and account details; credit history and credit score; assets; income; and other financial information.
d.Medical condition and health status
Current or former physical or mental or medical condition; health status; injury or disability information; medical procedures performed; personal habits (for example, smoking or consumption of alcohol); prescription information; and medical history.
e.Other sensitive information
In certain cases, AIG HK may receive sensitive information about your trade union membership, religious beliefs, political opinions, family medical history or genetic information (for example, if you apply for insurance through a third-party marketing partner that is a trade, religious or political organization). In addition, we may obtain information about your criminal record or civil litigation history in the process of preventing, detecting and investigating fraud. We may also obtain sensitive information if you voluntarily provide it to us (for example, if you express preferences regarding medical treatment based on your religious beliefs).
Recordings of telephone calls to the representatives and call centers of AIG HK.
g.Information to investigate crime, including fraud and money laundering
For example, insurers may share information about their previous dealings with policyholders and claimants for this purpose.
h.Information enabling us to provide products and services
Location and identification of property insured (for example, property address, vehicle license plate or identification number); travel plans; age categories of individuals you wish to insure; policy and claim numbers; coverage/peril details; cause of loss; prior accident or loss history; your status as director or partner, or other ownership or management interest in an organization; and other insurance you hold.
Purposes for which customer’s personal data may be collected and used
Our overriding principle is only to collect any of the above personal data which we believe to be relevant and required to understand our customer’s insurance needs, to conduct our business and to provide better customer services and products. In this respect, the particular purposes for which personal data may be collected and used by AIG HK and AIG affiliates are as follows:-
1.Providing insurance, financial services or related products and services to customers and administering, maintaining, managing and operating such products and/or services;
2.Sending customers important information regarding changes to the policies of AIG HK and/or AIG affiliates, other terms and conditions, the websites and other administrative information;
3.Processing, assessing and determining any applications or requests made by customers for insurance products or services;
4.Any purposes in connection with any claims made under any insurance products or in respect of any services provided by AIG HK or AIG affiliates including, without limitation, making, defending, analysing, investigating, processing, assessing, determining or responding to such claims;
5.Performing any functions and activities related to the insurance products and/or services provided by AIG HK or AIG affiliates including, without limitation, obtaining reinsurance, auditing, reporting, performing market research, and general servicing and maintenance of online and other services;
6.Managing the infrastructure and business operations of AIG HK and/or AIG affiliates, and complying with internal policies and procedures, including those relating to auditing; finance and accounting; billing and collections; IT systems; data and website hosting; business continuity; and records, document and print management.
7.complying with applicable laws and regulatory obligations (including laws outside Hong Kong and Macau), such as those relating to anti-money laundering and anti-terrorism and legal processes; and responding to requests from public and governmental authorities (including those outside Hong Kong and Macau);
8.Matching any data held by AIG HK or AIG affiliates relating to customers from time to time for any of the purposes listed in this statement;
9.Meeting the requirements to make disclosure pursuant any law binding on AIG HK or any of the AIG affiliates or for the purposes of complying with any regulations or guidelines issued by any regulatory or other authorities which has jurisdiction over AIG HK or any AIG affiliates;
10.Exercising any rights AIG HK or AIG affiliates may have in connection with the provision of insurance products and services to its customers;
11.Conducting identity checks, such as for the purposes of verifying a customer’s identity in order to respond to that customer’s request to be provided with a duplicate policy or other documentation, any request made by a customer to change his/her address in our records, or any request by a customer to change his/her bank account or payment or other details in our records;
12.Conducting credit checks on customers - such as analyzing, verifying and/or checking a customer’s credit, payment and/or status in relation to his/her ability to use the services;
13.Determining any amount of indebtedness owing to or from a customer, and collecting and recovering any amount owing from a customer or any person who has provided any security or undertaking for such customer’s liabilities;
14.providing improved quality, training and security (for example, with respect to recorded or monitored phone calls to AIG HK’s contact numbers);
15.resolving complaints, and handling requests for data access or correction;
16.preventing, detecting and investigating crime, including fraud and money laundering, and analyse and manage other commercial risks;
17.Enabling an actual or proposed purchaser, assignee, transferee, participant or sub-participant of AIG HK’s or any AIG affiliate’s rights or business to evaluate the transaction intended to be the subject of the reorganization, merger, sale , joint venture, assignment, transfer, participation or sub-participation;
18.Marketing to customers the following services and products* :
a.insurance related services and products; and
b.reward, loyalty or privileges programmes and related services and products.
These services or products may be provided and/or marketed by AIG HK and/or any member of the AIG group and/or marketed by marketing companies authorized by the AIG group; and
19.Any purposes relating to the above or any other purposes in accordance with AIG HK’s general policies or those of AIG affiliates in relation to insurance and financial services as set out in statements, circulars, notices or other terms and conditions made available by AIG HK and/or AIG affiliates to customers from time to time.
[*Please note, however, that we will not use any claims information submitted via AIG GO for direct marketing purposes]
In addition information provided through the “Careers” section of the website may also be used for interview and recruitment assessment purposes.
Classes of persons to whom personal data may be disclosed
Personal data held by AIG HK will be kept confidential but AIG HK may disclose or transfer such data to any of the following classes of persons in fulfilment of any of the purposes listed in the above section.
•Any AIG affiliates including, without limitation, share service hubs and centres of excellence operated by AIG affiliates to support operating insurers such as AIG HK.
•Any companies carrying on insurance and/or reinsurance related business.
•Any insurance intermediaries.
•Any insurance claims investigators.
•Any associations and federations of insurance companies that exist from time to time.
•Any insurance agents and professional advisers.
•Any other service providers providing insurance and/or reinsurance related business.
•Any marketing companies authorized by the AIG group for the purpose of conducting marketing activities in relation to the products of AIG HK.
•Any person in connection with any claims made by or under or otherwise involving any products or services provided by AIG HK or AIG affiliates.
•Any agent, contractor or third party service provider who provides administrative, telecommunications, computer, payment, data processing or storage, or other services to AIG HK or AIG affiliates in connection with the operation of the business of AIG HK and any of AIG affiliates.
•Any credit reference agencies or, in the event of default, any debt collection agencies.
•Any person under a duty of confidentiality to AIG HK or AIG affiliates which has undertaken to keep such data confidential.
•Any actual or proposed purchaser, assignee, transferee, participant or sub-participant of AIG HK’s (or any AIG affiliate’s) rights or business.
•Any person to whom AIG HK or AIG affiliates are under an obligation to make disclosure under the requirements of any law, rules, regulations, codes of practice or guidelines binding on AIG HK or AIG affiliates including, without limitation, any applicable regulators, governmental bodies, or industry recognised bodies, and where otherwise required by law.
•Any registers of claims which are shared with other insurers for the purpose of detecting, preventing or investigating fraudulent claims (and for these purposes, AIG HK may search such registers).
AIG HK and AIG affiliates takes appropriate technical, physical, legal and organization measures to handle personal data in a secure manner which are consistent with the Personal Data (Privacy) Ordinance (Cap. 486). Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with AIG HK is no longer secure (for example, if you feel that the security of any personal data you might have with AIG HK has been compromised), please immediately notify AIG HK by writing to AIG HK at GPO Box 456 or email@example.com or telephone us at the appropriate number shown in the ‘Contact Us’ section of this website. Access to AIG HK’s web site's servers is limited to employees, agents, and contractors of AIG HK and AIG Affiliates. Standard practices require these personnel to preserve the confidentiality of user information they receive while performing their jobs and conducting the business of AIG HK or AIG Affiliates. AIG HK’s and AIG Affiliate staff are trained on how to handle personal data in a secure, confidential and appropriate manner.
Retention of personal data
AIG HK will destroy any personal data it may hold in accordance with its internal policy which accord with the following principles:
a. personal data will only be retained for as long as is necessary to fulfill the original or directly related purpose for which such data was collected, unless the personal data is also retained to satisfy any applicable statutory or contractual obligations (and applicable limitation periods for causes of action); and
b. AIG HK and AIG Affiliates take reasonable steps to purge personal data from electronic, manual, and other filing systems in accordance with specific schedules based on the above criteria and AIG HK’s internal procedures.
Transfer of personal data outside of Macau and Hong Kong
Personal data collected in Macau , by AIG HK’s Macau branch is transferred to AIG HK’s head office in Hong Kong , a jurisdiction which has laws protecting the use and processing of personal data in the form of the Personal Data (Privacy) Ordinance (Cap. 486) (the “Ordinance”). Personal data collected in Hong Kong by AIG HK (including data collected by its Macau branch) is likely to be transferred to places outside of Hong Kong (such as to AIG or AIG secure data centres, AIG Affiliates including those which operate shared service hubs and centres of excellence supporting other AIG Affiliates, service providers, business partners and governmental or regulatory authorities) in order to carry out the purposes, or directly related purposes, for which the personal data were collected. Where such a transfer is performed, it will be done in compliance with the requirements of the Ordinance. The countries/jurisdictions to which personal data is transferred by AIG HK include, without limitation,
the United States of America,
the mainland area of the People’s Republic of China,
Access and correction of personal data
Each customer of AIG HK has the following rights in respect of the personal data he/she has provided to AIG HK:
i.to check whether AIG HK holds data relating to him/her and to access such data;
ii.to require AIG HK to correct any data relating to him/her which is inaccurate; and
iii.to ascertain AIG HK’s policies and practices in relation to personal data and to be informed of the kind of personal data held by AIG HK.
To exercise any right of access and correction of personal data above you may write to the Privacy Compliance Officer of AIG HK at GPO Box 456 or firstname.lastname@example.org. The Privacy Compliance Officer of AIG HK will, upon satisfying itself of the authenticity and validity of the access request, make every endeavour to comply with and respond to the request within the period set by the Ordinance. In accordance with the terms of the Ordinance, AIG HK has the right to charge a reasonable fee for the processing of any data access request.
Marketing Preferences and opt-out of personal data for direct marketing
You may at any time inform AIG HK whether you object to the intended use by AIG HK for direct marketing by writing to the Privacy Compliance Officer of AIG HK at GPO Box 456 or email@example.com.You may opt-out of receiving all direct marketing channels from AIG HK, or simply state your preferences as to the channels of communication from which you wish to opt-out. For example:
1.Receiving e-mails from AIG HK: If you no longer want to receive marketing-related e-mails from AIG HK, you may opt-out by clicking on the link to “unsubscribe” provided in each e-mail or by contacting AIG HK at the above addresses.
2.Receiving mobile messages (for example SMS text messages) / telephone communications / postal mail from AIG HK: If you no longer want to receive mobile messages / telephone communications / postal mail from AIG HK, you may opt-out by contacting AIG HK at the above addresses.
3.Transfer of your personal data with AIG affiliates for their marketing purposes: If you would prefer that AIG HK does not share your personal data for marketing purposes with any of its affiliates, you may opt-out of this sharing by contacting AIG HK at the above addresses.
Upon receipt of any opt-out request from you, AIG HK will, at no cost to you, act on your request and ensure that your personal data will not be used as indicated in your request .
Other information AIG HK collects through this website
In addition to personal data, AIG HK may collect other data through its websites. AIG HK and/or AIG Affiliates and its third-party service providers may collect other information in a variety of ways, including:
• Through your internet browser: Certain information is collected by most websites, such as your IP address (i.e., your computer’s address on the internet), screen resolution, operating system type (Windows or Mac) and version, internet browser type and version, time of the visit and the page(s) visited. We use this information for purposes such as calculating Site usage levels, helping diagnose server problems, and administering the Site.
• Using cookies: Cookies are pieces of information stored directly on the computer you are using. Cookies allow us to recognize your computer and to collect information such as internet browser type, time spent on the Site, pages visited, language preferences. We may use the information for security purposes, to facilitate navigation, to display information more effectively, to personalize your experience while visiting the Site, or to gather statistical information about the usage of the Site.
• Using pixel tags, web beacons, clear GIFs or other similar technologies: These may be used in connection with some Site pages and HTML-formatted e-mail messages to, among other things, track the actions of Site users and e-mail recipients, measure the success of our marketing campaigns and compile statistics about Site usage and response rates.
• From you: Some information (for example, your location or preferred means of communication) is collected when you voluntarily provide it. Unless combined with Personal Information, this information does not personally identify you.
• By aggregating information: We may aggregate and use certain information (for example, we may aggregate information to calculate the percentage of our users who have a particular telephone area code).
Please note that we may use and disclose such other information for any purpose, except where we are required to do otherwise under applicable law. If we are required to treat any such other information as Personal Information under applicable law, then, in addition to the uses listed in above, we may use and disclose such other information for all the purposes for which we use and disclose Personal Information.
Third Party Websites
Use of website by Minors
This website is not directed to individuals under the age of eighteen (18), and AIG HK requests that these individuals do not provide personal data through this website.