Privacy Policy
Prudential Assurance Malaysia Berhad

Prudential Assurance Malaysia Berhad Privacy Policy

We, Prudential Assurance Malaysia Berhad (“PAMB”), take the privacy and protection of your personal data seriously.

So, we’ve set out the below information about our processing of your personal data, what rights you have, and how you can get in touch if you want to know more.

When we say “personal data”, we mean information about you, such as your name, date of birth and contact details. We collect personal data from you that is necessary for us to either provide you with the product or service you’ve requested or to comply with statutory or contractual requirements. Unfortunately, if you’re unable to provide certain personal data which is necessary for us to provide our products and/or services to you, we will not be able to provide you with those products and/or services.

We may change this Privacy Policy from time to time by updating our Privacy Policy page on our website. We encourage you to check our Privacy Policy from time to time on our website, as the version of our Privacy Policy which is currently displayed on our website takes precedence over all previous versions of our Privacy Policy. 

Part A – Personal data we process

  • Personal and contact details, such as title, full name, contact details and contact details history;

  • Travel document information;

  • your date of birth, gender and/or age;

  • your nationality, details and copies of identity documents (if relevant to the product or service);

  • details of third parties that you provide to us, including without limitation to beneficiaries (including minor beneficiaries), nominees, trustees, assignees, life assured, of our products or services;

  • details about your family members (if relevant to the product or service);

  • records of your contact with us such as where you get in touch via the phone number of our customer service centre and, if you get in touch with us online using our online services or via our smartphone app, details such as your mobile phone location data, IP address and MAC address;

  • products and services you hold with us, as well as those you have been interested in and have held and the associated payment methods used;

  • the usage of our products and services, any claims and whether those claims were paid out or not (and details related to this);

  • analysis of data relating to marketing made to you, including history of communications and whether you open them or click on links;

  • information about your use of products or services held with our Marketing Partners, such as insurance policies or financial services and products;

  • information we obtain from third parties, including information about insurance risk, pricing, claims history, instances of suspect fraud and usage history;

  • personal data which we obtain from Credit Reference Agencies and Fraud Prevention Agencies, including public (for example, defaults) and shared credit history, financial situation and financial history;

  • fraud, debt and theft information, including details of money you owe, suspected instances of fraud or theft, and details of any devices used for fraud;

  • criminal records information, including alleged offences;

  • information about your health/medical records or if you are a vulnerable customer or if you are applying for medical or life insurance;

  • information about your property, such as location, value, number of rooms, property type and building work you’ve had done (if relevant to the product or service);

  • financial details about you, such as your salary and details of other income, details of your savings, details of your expenditure, and payment method(s);

  • details about all your existing borrowings and loans (if relevant to the product or service);

  • information about your employment status (if relevant to the product or service);

  • your residency and/or citizenship status;

  • your marital status, family, lifestyle or social circumstances (if relevant to the product or service). For example, the number of dependents you have or if you are a widow or widower;

  • information we buy or rent from third parties, including demographic information, details of outstanding finance, marketing lists, publicly available information, and information to help improve the relevance of our products and services;

  • insights about you and our customers gained from analysis or profiling of customers;

  • third party transactions; such as where a person other than the account holder uses the service, information about that person and the transaction; and

  • tax information (if relevant to the product or service). For example, for investment accounts.

Part B – Where we get your personal data 

We’ll collect personal data from the following general sources:

  • from you directly, and any information from family members, associates or beneficiaries of products and services;

  • information generated about you when you use our products and services;

  • from a broker or other intermediary (for example, agents, distributors, business partners) who we work with to provide products or services or quotes to you;

  • Prudential Group companies if you already have a product or service with them, have applied for one or have held one previously;

  • Cookies, location services, IP addresses when you visit our website or mobile app or when you fill up contact us forms within our website or app;

  • Third parties including without limitation to insurers, vendors, financial institutions, medical personnel, industry associations, regulators, trustees, assignees, life assured, nominees of our products and services, courts or public records;

  • Questionnaire and contact details when you attend surveys, investor conferences, roadshows or when you update contact us forms on our website;

  • from other sources such as Fraud Prevention Agencies, Credit Reference Agencies, other lenders, publicly available directories and information (for example, telephone directory, social media, internet, news articles), debt recovery and/or tracing agents, other organisations to assist in prevention and detection of crime, police and law enforcement agencies; and

  • we buy or rent information about you or customers generally from third parties including demographic information, vehicle details, claims history, fraud information, marketing lists, publicly available information and other information to help improve our products and services or our business. 

 

Part B.1 – Cookie Policy [Applicable only if you are accessing our website]

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you use our website and also allows us to improve our website. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer. Cookies contain information that is stored on your computer's hard drive. You have the ability to accept or decline cookies by modifying the setting in your browser. If you would like to do this, please see the help menu of your browser.

We use the following types of cookies:

  • Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into our secure website;

  • Analytical/performance cookies. These allow us to recognise and count the number of visitors to our website and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily; and

  • Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).

By continuing to use our website, you accept to the use of cookies as outlined above. 

Part C - How we use your personal data and why 

We may use the personal data you provide to us, together with other information, for the following purposes:

  • to process your application;

  • to administer and process insurance policies, insurance claims and medical, security and underwriting checks;

  • to process payment instructions;

  • to verify your eligibility for insurance, financial or wealth management products and services;

  • to design and provide you with future insurance, financial and related products and services;

  • to communicate with you;

  • to comply with any regulatory or other legal requirements;

  • to investigate and settle claims and detect and prevent fraud (whether or not relating to the policy issued in respect of your application);

  • to carry out checks using agencies including but not limited to credit reference agencies and tracing companies;

  • to provide customer services;

  • to perform automated decision-making or profiling;

  • to perform a policy review or needs analysis;

  • use of new technologies to conduct research and statistical analysis;

  • conferring an interest, benefit or privilege on you as our customer or potential customer where such interest, benefit or privilege may be provided by us or third parties;

  • carrying out any activity in relation to or in connection with our duties as an insurer;

  • data matching;

  • exercising any right of subrogation; and

  • to send you information on third party’s services and/or products which may be of interest to you..

 

Who we share your personal data with and why 

I authorize any organization, institution or individual that has any record or knowledge of the Patient’s/Assured’s health and medical history or treatment or advice and that has been or may be consulted, other personal information or details of the related accident/injury to disclose to PAMB, its intermediary or third party service provider.

X. Data Privacy Declaration/We understand and agree to the following Data Privacy Declaration:

  1. Any personal data, health information or other information collected or held by PAMB (whether given or subsequently given to PAMB) can be processed and used to process this application, for investigation, settlement of claims and detection and prevention of fraud and other purposes as mentioned in PAMB’s Privacy Policy found in its corporate website (“Purposes”).

  2. To achieve the Purposes, PAMB may transfer your personal data, health information or other information to its financial or health business partners and third party service providers (including without limitation to insurers, takaful operators, lawyers, bankers, accountants, auditors, investment managers, scheme advisors, financial institutions, trustees (and other stakeholders) and processors of these third party service providers, other third party service providers who provide administrative, telecommunications, computer, payment, printing, redemption, IT service and platform providers or other services to PAMB to enable it to operate its business), doctors, medical specialists, hospitals, clinics, its representatives or intermediaries, re-insurance companies and retakaful companies, medical bill review companies, claims investigations companies, organisations that consolidate claims and underwriting information for the insurance industry, fraud prevention organisations, industry associations and federations, databases or registers (and their operators) used by the insurance industry to analyse and check information provided against existing information, risk management and regulatory compliance solutions, regulators and government agencies, law enforcement agencies and the courts, Prudential Group, your joint policy or investment holder, professional advisors, researchers, credit reference agencies, debt collection agencies, financial/health institutions and partnerships. PAMB may process your personal data, health information or other information in a country other than the one in which you reside.

  3. I/We understand that I/we have a right to get access and request for correction of any personal data held by PAMB. Such requests can be made at PAMB’s Customer Service Centre.

  4. This Data Privacy Declaration can be revised from time to time, of which the notice of any such revision can be given on PAMB’s corporate website or by such other means of communication deemed suitable by PAMB. 

We keep your personal data for a set amount of time 

Your personal data will be stored either for as long as you (or your joint policyholder) are our customer and for a period of seven years after the end of the customer relationship, or longer if required by law. There may be specific circumstances where it is necessary for us to retain your personal data for longer (such as when a dispute arises). 

Part D - Reference checks 

For certain products, we may use approved credit reference agencies, tracing companies, financial crime prevention agencies, risk management and regulatory compliance solutions or publicly available information, to help us to check your identity, as well as to prevent fraud and money laundering; this may include checks on your current or previous addresses. Results of these may be recorded for future reference.

These checks may also be carried out for any third parties including without limitation the life assured, nominee, trustee, beneficiary and assignee, that you provide personal data on. Should we ever lose contact with you, we may use these agencies to verify your address to help us get back in touch.

Any transfer of your personal data will always be done securely.

Part E – We may use your personal data to make automated decisions or profile you

We, PAMB, Prudential Group, our Business Partners, and our Marketing Partners may use your personal data to make automated decisions affecting you or to conduct other profiling (for example, marketing profiling).  

Part F – Use of your sensitive personal data 

For certain products or services, we’ll need to process your sensitive personal data, such as information relating to health, genetics, biometric identifiers and sexual orientation. We will only process these types of sensitive personal data after having obtained your express consent for us to do so.

Part G – You’re in control

When it comes to how we use your personal data, you have the right to:

  • request a copy of your personal data (we have the right to charge a reasonable fee to complete this request);

  • request that we correct anything that’s wrong or outdated, or complete any incomplete personal data;

  • limit or withdraw any part of your consent you have previously given for the processing of your personal data, however such action may prevent us from performing our obligations to you;

  • limit or withdraw your consent to us using your personal data for direct marketing or other processing for the purposes set out in Part A; and

  • complain to a data protection authority or another independent regulator about how we’re using it.

If you currently reside in a EU jurisdiction, additional rights under the General Data Protection Regulation (GDPR) may apply. As such, you may:

  • ask us to delete your personal data if it is no longer needed for the purposes set out in Part A or if there is no other legal basis for the processing;

  • object to us using your personal data for direct marketing (including related profiling) or other processing based on legitimate interests;

  • request to be provided a copy of your personal data in a structured and commonly used format in certain circumstances; and

  • limit how we use your personal data or withdraw your consents (including automated decision making) you have given for the processing of your personal data.

If you want to exercise your rights, or would like an explanation about these rights, we’ve explained how you can get in touch in the Contact Us section.

If you do need to speak to us, please note that for the purpose of this Privacy Policy the data controller1 of your personal data is PAMB. We may monitor or record calls or any other communication we have with you. This might be for training, for security, or to help us check for quality.

Part H – Acting on someone else’s behalf? 

When you give us personal data about another person (or persons), you should have been appointed and authorised by such person to act on their behalf. This includes obtaining their consent to:

  • our processing of their personal data and sensitive personal data (as we’ve explained in Parts A - G above); and

  • you getting any privacy policies or other related notices on their behalf.

If for any reason you are concerned as to whether you are permitted to provide us with the other person’s information, please contact us at the email address below before sending us anything. 

 

Part I – Direct marketing

We will send you information on products and services provided by us, the Prudential Group and carefully selected third parties.

Additionally, before providing your personal data to the third parties in Part C for direct marketing purposes, we may be required by law to obtain your express consent, and in such cases, only after having obtained such express consent, may we do so.

And if you change your mind, and/or you would like to opt-out of receiving direct marketing, it’s easy to let us know. Just use one of the options in the Contact us section. 

Contact us

 If want to exercise your rights in Part G or if you require any other information about any other part of this Privacy Policy, you can contact us in several different ways.

You can contact PAMB’s Customer Service Officer by telephone at 603-2771 0228 or by email at customer.mys@prudential.com.my

Part J – Links to Third Party Websites

This website may contain links to third party websites. PAMB has no control over the content of such third party websites or the way that the operators of these websites deal with your personal data. You should review the privacy policies applicable to these third party websites to understand the ways in which these third parties may deal with your personal data.

Inconsistencies

In the event that there shall be any conflict or inconsistencies between the English and Bahasa Malaysia versions of this Privacy Policy, for the purposes of interpretation and construction, the English language version of this Privacy Policy shall prevail and be given effect to. 

Prudential Group means Prudential plc, Prudential Holdings Limited and any other affiliates of Prudential plc. Prudential plc is not affiliated in any manner with Prudential Financial Inc., a company whose principal place of business is in the United States of America, or with the Prudential Assurance Company, a subsidiary of M&G plc, a company incorporated in the United Kingdom.

Business Partners means our service providers, accountants, auditors, IT service and platform providers, intermediaries, reinsurers, investment managers, agents, pension trustees (and other stakeholders), scheme advisors, introducers, selected third party financial and insurance product providers, and our lawyers.

Marketing Partners means our service providers, intermediaries, trustees (and other stakeholders), scheme advisors, introducers and selected third party financial and insurance product providers.

1 Data Controller - Natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data. 

Version: 11/2024

Please click here for the Bahasa Malaysia version.