Privacy Policy

Media/Online Devices connected to the internet network (“Online Devices”) of PT MSIG Life Insurance Indonesia Tbk

We respect the privacy of every individual who visits our Online Media/Devices. By accessing this Online Media/Device, please read our Privacy Policy carefully to understand our approach and/or method of using and/or processing your personal data. The term "personal data" here refers to the definition as stipulated in the Personal Data Protection Law. By submitting your personal data to us, you are deemed to have given your consent—as required and appropriate—for the disclosure set out in this policy.

What does this privacy policy cover?

This privacy policy is intended to inform you about the use of personal data collected during your visit to one of our Online Media/Devices. Who is responsible for the personal data collected through this Online Media/Device?

Your personal data is fully controlled and protected by PT MSIG Life Insurance Indonesia Tbk (“We”/“MSIG Life”), a company registered in the Republic of Indonesia. Special Notice – if you are under the age of 18 – Our Online Media/Devices are not intended for children under the age of 18, and we do not knowingly collect, use, provide, or process in any form any personal information from children under 18 years old. If you are under 18 and intend to submit inquiries or use our Online Media/Devices which require submitting your personal data, please have your parent or guardian do so on your behalf. Whoever you are—whether a prospective customer or an existing customer, partner, job applicant, prospective or active agent, employee, or any other Personal Data Subject whose Personal Data is processed by MSIG Life—your Personal Data protection is our commitment and a form of our compliance with applicable regulations in Indonesia, especially Law No. 27 of 2022 on Personal Data Protection, including any amendments from time to time ("PDP Law").

Purpose of Collecting and/or Processing Your Data

We may process your Personal Data as a Data Subject. The purposes of processing this Personal Data (“Processing Purposes”) generally include:

  1. Providing insurance services and offering coverage or protection to Personal Data Subjects, whether prospective or current MSIG Life customers; and
  2. Supporting the company’s operational activities. These Processing Purposes include:

1. Insurance Issuance, Policy Administration, and Insurance Services Provision

  • Processing insurance applications;
  • Issuing and delivering policies via email or mail;
  • Insurance risk assessment;
  • MSIG Life operational activities;
  • Claim submission and handling (including but not limited to claim examination and investigation);
  • Processing and paying insurance/claim benefits;
  • Co-insurance processes including handling of related claims;
  • Customer service, including complaint handling;
  • Commission payments;
  • Collaboration for insurance and/or claim processing (whether submitted to MSIG Life or other insurance companies);
  • Cooperation for the detection or prevention of fraud and financial crimes;
  • Legal processes involving MSIG Life and/or its marketing personnel;
  • Reinsurance and/or retrocession cooperation;
  • Other processes related to the operation of insurance activities.

2. Employee Recruitment

  • Background checks on prospective and/or current employees;
  • Health assessments for prospective and/or current employees;
  • Documentation and administration related to the employee recruitment process and its implementation; and/or
  • Employee termination.

3. Online Media/Device Visitors

Providing, maintaining, and improving the operations of MSIG Life’s Online Media/Devices for visitors.

4. Marketing

  • Contacting you for administrative services and matters related to our products and services;
  • Conducting market research for business needs and profiling/statistical analysis;
  • Providing general information about our products and services, including announcements, promotions, and discounts; and/or
  • Marketing and promotional activities including but not limited to sweepstakes or other information that may interest you, with the goal of improving our product and service quality.

5. Agent Recruitment

  • Background checks on prospective and/or current agents;
  • Documentation and administration related to the recruitment process, including agent commission payments, promotion/demotion, and other related agency processes per MSIG Life policies; and/or
  • Agent termination.

6. Legal Obligations and Interests Fulfillment

  • Compliance with court orders, laws, and regulations;
  • Conducting due diligence, including compliance with Anti-Money Laundering, Counter-Terrorism Financing, and Proliferation of Weapons of Mass Destruction (AML/CFT) provisions, as well as other legal requirements;
  • Responding to court orders, legal processes, or requests from any regulators or authorities; protecting against fraud or illegal activities; managing risks; enforcing legal rights; or limiting potential damages to MSIG Life, including compliance with FATCA and CRS reporting obligations.

You as the Personal Data Subject must also be willing to provide the necessary information/documents to fulfill these purposes (“Related Information”) and promptly update MSIG Life in case of any changes to such Related Information.

7. Other Activities

  • Facilitating improvements to our system infrastructure and business operations to provide you with better services related to your insurance policy;
  • Conducting and managing business activities, including but not limited to disaster recovery and data storage;
  • If applicable, facilitating potential acquisition, spin-off, and merger with other organizations and other corporate transactions;
  • Responding to and handling inquiries, requests, registrations, or complaints;
  • Executing all rights and obligations of MSIG Life and/or its affiliates and/or the Controlling Company related to our products and services, including but not limited to audit, compliance, and investigation;
  • Protecting the rights and property of MSIG Life; and
  • Complying with all applicable regulations and laws in Indonesia related to legal obligation grounds.

LEGAL BASIS FOR PERSONAL DATA PROCESSING

MSIG Life requires your Personal Data for each of the previously stated processing purposes. We will use the most relevant legal basis for such purposes in accordance with the PDP Law. The legal bases for MSIG Life to process your Personal Data may consist of one or more of the following:

  1. Fulfillment of Contractual Obligations

    We need to use your Personal Data to process your request related to the signing of a contract with MSIG Life, policy issuance, and the execution of existing contracts. Example: issuing a policy based on a contract between you and MSIG Life, claim payment, and signing an agency or employment agreement.

  2. Fulfillment of Legitimate Interests

    As a financial services company, MSIG Life has a legitimate business interest in using the Personal Data we collect. This is aimed at offering effective services and running our operations. Example: performing analysis and using data to offer you a more personalized experience when using MSIG Life services.

  3. Compliance with Legal Obligations

    Ada situasi di mana MSIG Life harus mematuhi kewajiban hukum dan perlu menggunakan Data Pribadi Anda untuk memenuhi kewajiban tersebut. Contoh: mengirimkan Data Pribadi kepada pihak berwenang seperti Otoritas Jasa Keuangan, pengadilan, kepolisian, dan lembaga perpajakan.

  4. Protecting Your or Another Person’s Vital Interests

    We may need to use your Personal Data to protect your or another person's vital interests in certain situations. Example: collecting and processing medical information in emergencies when you are unable to provide consent.

  5. Consent

    We may also collect and use your Personal Data if you give consent. Example: asking if you agree to be contacted for marketing purposes. If you agree, we may contact you to provide the latest information about MSIG Life products. For clarity, "consent" is not used as the basis for processing purposes related to "Insurance Issuance, Policy Administration, and Insurance Services Provision" above.


PERSONAL DATA WE COLLECT

To achieve and fulfill the Processing Purposes described, MSIG Life needs to collect Personal Data from Personal Data Subjects either directly or through third parties (while complying with applicable regulations, including the PDP Law). Personal Data collection is limited and specific, covering only relevant and necessary information for the effective and efficient provision of insurance services. The Personal Data processed may vary depending on the processing purposes and activities. Generally, the required Personal Data includes:

  • Full name, phone number, email address, residential and correspondence address
  • ID number or passport and date of birth
  • Occupation, gender, marital status, education, and income level
  • Specific/sensitive health and medical history information depending on the type of service provided
  • Financial, banking, and payment information such as credit or debit card details when you purchase products through our Online Media/Devices
  • Personal opinions submitted through surveys or feedback
  • Browsing history, usage patterns, or other unique information collected via cookies on our Online Media/Devices, including visited pages, location, device type, and visit frequency
  • Your Internet Protocol (IP) address and related information
  • Records of your interaction with us, including through customer service and information obtained when you contact us online or via applications
  • Products and services you have or are interested in, including payment methods used
  • Usage of our products and services, and claim-related information, including the claim status (paid or not)
  • Marketing data analysis provided to you, including communication history and interactions
  • Information obtained from third parties, including insurance risk, pricing, claims history, and suspected fraud
  • Information from credit reference agencies and fraud prevention agencies, including credit history and financial situation
  • Information on suspected fraud or theft, and debt details
  • Criminal records, including suspected violations
  • Your financial details, such as salary, savings, and spending information
  • Information about your employment status if relevant
  • Information we purchase or rent from third parties, including demographics and marketing lists
  • Insights obtained from customer profiling or analysis
  • Transactions performed by third parties if someone other than the account holder uses the service
  • Other Personal Information required to provide the requested products or services
  • Other Personal Information permitted or required by applicable local or foreign laws
  • We only collect the Personal Information necessary for the Processing Purposes in providing you with products and services

TRANSFER OF PERSONAL DATA

Your personal data may be transferred to our affiliates, controlling companies, and/or third parties in any location, provided that the provision and/or storage of such personal data is solely necessary for the implementation of the data collection and/or processing purposes. We will ensure compliance with applicable data protection regulations and use our best efforts to ensure that our affiliates and/or third parties working with us in other countries can provide a level of protection equivalent to our commitment in safeguarding personal data as stated in this privacy policy and the PDP Law.

If you reside outside Indonesia, your personal data may be processed in the country you are visiting and/or residing in. We will ensure that the processing and/or transfer of your personal data is carried out in accordance with the personal data protection standards of the country where you provide your personal data, or at least equivalent to or higher than Indonesia’s data protection standards.

For specific processing purposes, MSIG Life may disclose and/or transfer your personal data to parties considered relevant and necessary, such as:

  • Medical experts, independent specialists, and/or other third parties (including healthcare providers you receive services from)
  • Companies (including service providers, insurance and reinsurance companies), partners, individuals, or third parties cooperating with MSIG Life
  • MSIG Life’s parent company (MS&AD Insurance Group), affiliates, subsidiaries, agents, representatives, and/or joint ventures
  • Authorities, insurance associations, and/or government agencies (regulators)

We implement the following security measures to protect your personal data during transfer:

  • Use of encryption during the transfer process
  • Strict data security policies
  • Additional necessary security measures

You have read, understood, and agreed to the transfer of your personal data both within and outside your country as outlined in this privacy policy.


DISCLOSURE OF PERSONAL DATA

For purposes and policies as stipulated by applicable laws and regulations, we may disclose your personal data to fulfill our obligations in complying with such regulations to third parties or our business partners who are authorized to act as agents in marketing our products and services; our financial/health business partners including other third-party service providers that enable us to operate and support our business; other companies and/or parties that cooperate with us in improving our services or carrying out our operational activities; and government and/or regulatory bodies that require your personal data disclosure.

We do not sell or rent your personal data.

We may disclose and share your personal information with the following parties to carry out the Processing Purposes or other necessary purposes:

  • Employers, contractors, and agents of MSIG Life who may have access to the Personal Information we collect, limited to use only for the performance of duties related to the products or services we provide;
  • Service providers, agents, contractors, delegates, suppliers, or third parties (including subcontractors) appointed by us to provide services to you;
  • Business partners (including reinsurance companies, brokers, and bank partners), affiliates, and third-party service providers reasonably required and on a “need-to-know” basis;
  • Our professional advisors, consultants, and auditors, as well as any other parties we deem as legal or professional advisors in good faith;
  • Parties who may acquire all or part of our rights or obligations under this Privacy Notice or to whom such rights or obligations may be transferred;
  • Other entities in the event that MSIG Life plans to be acquired or merged with another entity;
  • In the case of a motor vehicle accident claim, to other parties if information is not exchanged. This information may include your name and address or your driver’s name;
  • Relevant government authorities or regulators, upon request, or if required by applicable law;
  • Parties who assist us in performing the Processing Purposes described in this Privacy Policy;

Except for legal obligations or court orders, we will not disclose, share, lease, sell, or trade your Personal Data to third parties without your permission or notification. If we need to disclose your Personal Data to third parties, we will ensure that they protect your Personal Data in accordance with MSIG Life’s Privacy Policy. These third parties are not allowed to use or process your Personal Data for purposes other than those we authorize.

In the event of a breach of personal data protection, including breaches of confidentiality, integrity, or availability of Personal Data resulting in damage, loss, disclosure, or unauthorized access, we will provide you with a written notification within 3×24 hours after the incident, or within another timeframe specified by applicable regulations. The notification will include:

  • The Personal Data that was disclosed;
  • The time and method of the Personal Data disclosure;
  • The mitigation and recovery efforts carried out by the Personal Data Controller;

STORAGE AND RETENTION OF PERSONAL DATA

  • MSIG Life stores your Personal Data as the Personal Data Subject to carry out the Processing Purposes.
  • Your Personal Data may be retained by MSIG Life for a certain period in accordance with data retention requirements as stipulated in applicable laws and regulations.

RIGHT TO ACCESS PERSONAL DATA

In accordance with the applicable laws and regulations, you as the Personal Data Subject have the Right to Access, including to:

  • Obtain information regarding the clarity of identity, the legal basis of interest, the purpose of the request and use of your personal data, and the accountability of our company;
  • Complete, update, and/or correct errors or inaccuracies in your personal data;
  • Access and obtain a copy of your personal data (with a fee charged to you, if necessary);
  • Request the termination of processing, deletion, and/or destruction of your personal data;
  • Withdraw your consent to the processing of your personal data;
  • Object to automated decision-making, including profiling, that has legal consequences or significantly affects your personal data;
  • Request the postponement or restriction of the processing of your personal data;
  • File a complaint and receive compensation for violations in the processing of your personal data, in accordance with the provisions of the applicable laws and regulations;
  • Obtain and/or use your personal data processed by us in a format commonly used and/or readable by electronic systems.

The exercise of these Rights to Access shall be carried out to the extent determined by the applicable laws and regulations and may be submitted through written requests either electronically or non-electronically via the contact center listed below.


COLLECTION OF NON-PERSONAL INFORMATION

We may automatically collect non-personal information about you, such as the type of internet browser you use or the Online Media/Device that directed you to our Online Media/Device. We also collect data that you submit to our Online Media/Device (e.g., your age and the city where you live). You cannot be identified through this information, and the data is used only to help us provide an effective service on this Online Media/Device. From time to time, we may provide this non-personal or aggregated data to third parties in connection with this Online Media/Device.


YOUR INTERACTION WITH US

We are interested in hearing your views and appreciate feedback from our clients and visitors. We have set up a disclaimer, mailing lists, feedback forms, emails, forums, and/or chat rooms. If at any time this Online Media/Device provides a chat room, bulletin board, mailing list, etc., we may collect personal data that you disclose. Such information will be used in accordance with this privacy policy. However, we cannot control and are not responsible for the use of personal data by other parties to whom you provide information via this Online Media/Device. We urge you to be cautious regarding the personal information you disclose in this manner.


MAINTAINING ACCURACY OF OUR RECORDS

We aim to keep your information as accurate as possible. If you wish to review, amend, or delete any data you have provided to us, please contact us via the address listed below.


SECURITY OF YOUR PERSONAL DATA

We have implemented technology and policies with the objective of protecting your privacy from unauthorized access and improper use, and we will update these measures as new technology becomes available, as needed. Use of personal information submitted to other Online Media/Devices:

We are not responsible for the privacy policies and practices of other Online Media/Devices even if:

  1. You access a third-party Online Media/Device using links from our Online Media/Device; or
  2. You are linked or directed to our Online Media/Device from a third-party Online Media/Device.

We encourage you to read the privacy policies of each Online Media/Device you visit to understand your rights and obligations, especially when you provide any content to such third-party Online Media/Devices. You may contact the owner or operator of that Online Media/Device if you have any complaints or inquiries.


CHANGES OR UPDATES TO THE POLICY

We may amend the contents of this privacy policy from time to time. If we make substantial changes to this privacy policy and how we use your personal data, we will post those changes on this page.

We also encourage you to review MSIG Life’s Privacy Policy periodically to understand how your Personal Data is protected.

With the issuance of a new Privacy Notice, the previous version shall be considered invalid. The applicable Privacy Notice is the most recent version displayed on this Online Media/Device.


ONLINE MEDIA/DEVICE OR THIRD-PARTY LINKS

Our Online Media/Device may include links to other Online Media/Devices. MSIG Life is not responsible for the privacy practices or content of those Online Media/Devices. We encourage you to read the privacy statements of each Online Media/Device, as their privacy policies may differ from MSIG Life’s Privacy Policy.


Cookies POLICY

Cookies contain a small amount of information stored on your device in the form of small text files. We use cookies to tailor your experience and provide relevant advertisements to you. By using this Online Media/Device, you have agreed to our placement of cookies on your device. You can adjust cookies settings through your device or internet browser.


CONTACT US

If you want to contact PT MSIG Life Insurance Indonesia Tbk (MSIG Life) regarding this privacy policy, please reach us through the contact center below:

Head Office
Sinarmas Land Plaza Sudirman, 6th Floor
Jl. Jend. Sudirman Kav. 21
South Jakarta 12920

Customer Service Hours:
Monday–Friday, 08.00–17.00 WIB (except national holidays)

Customer Care:
(021) 2650 8300
(021) 5060 9999

WhatsApp:
088-1234-1088

Email:
[email protected]

AJSM