Kwiksure launches new Privacy Policy

GDPR Privacy Policy Update

There is a good chance that over the past few weeks and even months you have received more than one email regarding the update or introduction of new privacy policies for websites and tweaks/clarifications on how a website/company collects, stores, and utilizes personal data. This is not a coincidence, and actually has to do with the European Union's latest data privacy regulation: the General Data Protection Regulation (GDPR).

It is largely due to this that Kwiksure has updated the Privacy Policy on our own website. In this article we discuss why we have updated the policy, what it now covers, and some frequently asked questions around how we handle data and the new policy itself.  

About the GDPR

First introduced a few years ago, the GDPR is an EU regulation that becomes enforceable on May 25th, 2018. This law focuses on protecting the private data of EU residents and citizens, as well as on giving people much more control over their own data. The regulation also sets out how businesses should store this private data.

While many countries have adopted privacy laws that aim to address data in the modern era, e.g., Hong Kong has the Personal Data (Privacy) Ordinance, the GDPR is different in that it does not apply to just one country, but rather all EU citizens and the companies who they work with on a global basis.

This means that companies who don't have a presence in the EU but do have clients/hold data on people who are citizens of the region are required to be compliant with the new regulation.  

Why update the Privacy Policy now?

Here at Kwiksure, we offer a variety of insurance solutions for all residents of Hong Kong, including expats. Of the expats in the city, and those whom we call our clients, we do have clients who are from the EU.

Due to this, we are required to be compliant with the regulations set out by the GDPR. This includes private data collection, storage, and the privacy of our customers.

In order to show that we are compliant, we have updated our Privacy Policy to not only make it clearer, but also to better explain how we handle data. Feel free to view the new Privacy Policy on our website (note: the Chinese translation will be uploaded at a later date.)

What does the new policy cover?

Our newly updated Privacy Policy has been expanded and clarified in order to show our compliance with not only with the GDPR, but also the Personal Data (Privacy) Ordinance of Hong Kong. Ultimately, the goal of this update is to provide you clear terms on how and why we collect personal data, what we do with this data, and the rights you have.  

In order to do this, we have broken the policy down into the following sections:

  • Our stance on data collection, processing, and protection

  • What data we collect

  • Who collects the data

  • How data is collected

  • Consent and data

  • Why we collect data

  • How we use the data collected

  • When we share data

  • How you can view, edit, or delete your data

  • How we utilize cookies

You will find that the sections above all contain a fairly large amount of data to process. To summarize, we strive to only collect data for two reasons:

  • It is contractually necessary - Insurers have set requirements regarding the relevant data that is necessary to obtain in order to underwrite and offer plans.

  • For marketing purposes - Data collected in order to execute marketing activities.

Any data collected by Kwiksure is never sold to third parties, and only collected and shared with third parties like insurers when necessary. Also, the data collected and shared is only done so when contractually necessary.  

If you have already provided Kwiksure with personal data - e.g., you have a car insurance plan - you have the right to view, edit, and even request deletion of the data we have collected on you. Be aware, however, that if you do request the deletion of your data while in the process of securing a plan, we might be unable to finish the process.

Is Kwiksure GDPR compliant

We have taken every possible step to ensure that we are compliant with the regulations set by the GDPR and the local Hong Kong data privacy act. In fact, we have implemented a number of systems that aim to ensure we have leading security features that ensure the security of your data.

I am not from the EU, does the GDPR apply to me?

Unfortunately, no. The GDPR only applies to citizens of the EU. That said, our privacy policy applies to all of our clients, regardless of where you are from.

What this means is that you have the same rights to see, edit, and request deletion of your data as those under the GDPR.

Do I need to provide Kwiksure with extra data?

No, Kwiksure does not require you to provide any extra data at this time. The only time we will ask for data is when you want to secure a new plan and the potential insurer is requesting data that you have not provided.

If you are not a client at this time, you will not be required to provide data that is not contractually necessary, and you will also retain the rights to edit, view, or request the deletion your own data.

Should you wish to learn more about our new Privacy Policy, please feel free to review it here or contact us to learn more.