page loading
Introduction
  1. In today’s digital world, privacy has become an increasing concern, we recognize the privacy requirements of individuals and treat this information with utmost respect and care. The personal data (“Personal Information” includes sensitive personal information) that we collect from you (our customer, their employees, channel partners, potential and prospective customers) is important to us for the fulfilment of various requirements and necessary safeguards are put in place to ensure that the privacy and security of the collected data are met.
  2. This Privacy Policy is applicable to our insurance broking services that we provide to our customers and their employees, and to those who are not our customers but interact with us as part of running our business such as:
    • Availing our services – paid for by someone else;
    • Reaching out to our helpdesk
    • Generally enquiring about our services
    • Prospective customers with whom discussions are ongoing and who might wish to engage our services in future.
    • Availing any services, either paid for by us or any other person, which requires sharing of personal information with us.
  3. This privacy policy will also apply, if you need to give us personal information about someone else in relation to our products and services. And if we need the permission of the other person to use that information, by providing us with the third party’s personal information you acknowledge that you have obtained their permission to share the information
  4. This Privacy Policy provides you with details about the manner in which your data is collected, stored, processed, transferred and / or used by Prudent Insurance Brokers Pvt. Ltd. (“us/we/PIBL/our”). You are advised to read this Privacy Policy carefully.
Why do we have a Privacy Policy ?
  1. We are under a legal obligation to let you know what personal information we collect about you, what we use it for and to explain to you your rights in relation to that information. You have the right to know what information we hold about you and to have a copy of it, and you can ask us to change or sometimes delete it. This has been written in line with our obligations under the Information Technology Act 2000 and its amendments and the rules thereunder, as they apply in India.
  2. The reasons we collect information are set out in this privacy policy. As an insurance broking service provider, most of what we do – from liaison with insurers and third-party administrators to developing and promoting our services – involves using personal information. And we believe that it is very important for our customers to trust us with that information. We want you to be confident that we will keep it secure and use it both lawfully and ethically, respecting your privacy.
  3. Our support for the right to privacy, as part of our broader commitment to good corporate citizenship is stated in our privacy by design framework. And our privacy policy explains in detail how we use your personal information. It describes what we do (or what we may do) from the moment you ask for a service from us, when we may use your information for checking best available insurance options, through to providing and billing for that service. It also applies to marketing other products that we think will interest you.
  4. But whatever we do with your information, we need a legal basis for doing it. We generally rely on one of three grounds (reasons) for our business processing. Firstly, if you have ordered or take a service from us, we are entitled to process your information so that we can provide that service to you and bill you or the insurer for it as the case may be.
  5. Secondly, if we want to collect and use your information for other purposes, we may need to ask for your consent (permission) and, if we do, that permission must always be indicated by a positive action from you (such as ticking a box) and be informed. You are also free to withdraw your permission at any time. We tend to need permission when what is proposed is more intrusive (for example, sharing your contact details with other organisations so they can market their own products and services to you).
  6. But we do not always need permission. In some cases, having assessed whether our use would be fair and not override your right to privacy, we may come to the view that it falls within the third ground – our ‘legitimate interests’ to use the information in a particular way without your permission (for example, to protect our network against cyber-attacks). But when we do this, we must tell you as you may have a right to object. And if you object specifically to us sending you marketing material, or to ‘profiling you’ for marketing purposes, we must then stop.
  7. This is all set out in detail in this policy, which focuses more on those items that we think are likely to be of most interest to you. As well as covering processing for business purposes, we give you information on circumstances in which we may have to, or can choose to, share your information.
  8. The term “Process/Processing” and other variations of the word include ‘to collect, record, organize, structure, adapt, alter, retrieve, use, process, store, transfer, align, combine, index, and disclose (by transmission, dissemination or otherwise), make available, restrict, erase or destroy’.
  9. This policy doesn’t apply to information about our employees or shareholders. It also doesn’t cover other companies or organisations (which advertise our products and services and use cookies, tags and other technology) collecting and using your personal information to offer relevant online advertisements to you.
  10. If you link to other organisations’ websites, apps, products, services and social media from our websites, this privacy policy doesn’t apply to how those other organisations use your personal information.
  11. You should review their privacy policies before giving them your personal information.
What Information We Collect And What We Use It For?
  1. The personal information we collect depends on the products and services you have and how you use them. We’ve explained the different ways we use your personal information.
  2. We’ll use your personal information to provide you our services. This applies when you register for service from us.
  3. This means we will:
    • record details about the services you use or structure through us;
    • send you service-information messages (we will send you messages to confirm your order and tell you about any changes that might affect your service, like when we have infrastructure work planned or need to fix something);
    • update you on when we’ll deliver the services;
    • let you log in to the online accounts we run;
    • filter any content you ask us to (any content our partners ask us to, such as your medical history for a wellness program);
    • give information to someone else (if we need to for the service you’ve registered to avail) or to the insurer or a third party administrator during a claim.
  4. We use the following to provide services and manage your account
    • Your contact details and other information to confirm your identity and your communications with us. This includes your name, gender, address, phone number, date of birth, email address
    • Your communications with us, including emails, webchats and phone calls. We’ll also keep records of any settings or communication preferences you choose.
    • Details of the services you have registered to avail with us, how they are performing and how you use them – including your policy structuring and claims records.
    • Information from cookies placed on your connected devices that we need so we can provide a service.
  5. We use this information to carry out our contract (or to prepare a contract) and provide services to you. If you don’t give us the correct information or ask us to delete it, we might not be able to provide you with the service you requested from us.
  6. We’ll use your personal information if we consider it is in our legitimate business interests so that we can operate as an efficient and effective business. We use your information to:
    • Identify, and let you know about services that interest you;
    • share within PIBL for administrative purposes and to tailor the information we provide to you and inform you about products that may be of interest to you;
    • create aggregated and anonymised information for further use;
    • detect and prevent fraud including sharing with identified agencies/ law enforcement bodies so they can protect you against fraud and maintain accurate records; and
    • secure and protect our network.
  7. To market to you and to identify permissible products and services that interest you, we will use your personal information to send you direct marketing and to better identify permissible services that interest you. We do that if you’re one of our customers or if you’ve been in touch with us another way (such as entering a wellness program, prize promotion or competition).
  8. This means we’ll:
    • create a profile about you to better understand you as a customer and tailor the communications we send you (including our mailing and marketing messages);
    • tell you about other products and services you might be interested in;
    • recommend better ways to manage what you spend with us, like suggesting a more suitable product based on what you use;
    • try to identify products and services you’re interested in; and
    • show you more relevant content (both on our and other parties’ apps and sites) and work with other well-known brands to make theirs more suitable too.
  9. We use the following for marketing and to identify the products and services you’re interested in, where applicable.
    • Your contact details. This includes your name, gender, address, phone number, date of birth and email address.
    • Your health and financial information.
    • Information from cookies and tags placed on your connected devices.
    • Information from other organisations such as aggregated demographic data, data brokers (such as DnB), our partners and publicly available sources like the LinkedIn and business directories.
    • Details of the products and services you've bought with PIBL and how you use them – including your insurance policy structure and claims records.
  10. We’ll send you information (about the services we provide) by phone, post, email, text message, online banner advertising or a notice using our apps. We also use the information we have about you to personalise these messages wherever we can as we believe it is important to make them relevant to you. We do this because we have a legitimate business interest in keeping you up to date with our products and services, making them relevant to you and making sure you manage your spending with us. We also check that you are happy for us to send you marketing messages by text or email before we do so. In each message we send, you also have the option to opt out.
  11. We’ll only market other organisations’ products and services if you have said it is OK for us to do so and it is permitted under applicable laws and IRDA regulations.
  12. You can ask us to stop sending you marketing information or withdraw your permission at any time, as set out above.
  13. Read our cookie policy for more details on how we use cookies.
  14. To create aggregated and anonymised data, we will use your personal information to create aggregated and anonymised information. Nobody can identify you from that information and we’ll use it to:
    • make sure our services are working properly and continuously improve and develop our services for our customers;
    • run management and corporate reporting, research and analytics, and to improve the business; and
    • provide other organisations with aggregated and anonymous reports where required
  15. We may have a legitimate interest in generating insights that will help us operate our network and business or would be useful to other organisations.
  16. To develop our business and build a better understanding of what our customers want
  17. This means we’ll:
    • maintain, develop and test our services, to provide you with a better service;
    • train our people and suppliers to provide you with services (but we make the information anonymous beforehand wherever possible);
    • create a profile about you to better understand you as our customer;
    • share personal information within PIBL for administrative purposes, such as sharing contact details so we can get in touch with you and details of what you buy from different verticals within PIBL; and
    • make and defend claims to protect our business interests.
    • run surveys and market research about our services.
  18. If we use this information for market research, training, testing, development purposes, defend or bring claims, or to create a profile about you, we do so because it is in our legitimate business interests of running an efficient and effective business which can adapt to meet our customers’ needs.
  19. We create a profile about you based on what you have registered to avail from us and how you use our services. This helps us tailor the offers we share with you. You can ask us to stop profiling you for marketing purposes at any time, as set out above.
Who Do We Share Your Information With?
  1. Being an insurance broker, requires us to liaise with our customer, the insurance company and appointed third party administrators and surveyors. To fulfill our role as a broker and to provide you with the contracted services, we will share your information with:
    • Identified personnel from your organization – (for corporate clients)
    • Insurance Company – for seeking quotes
    • Third Party Administrator – as appointed by the Insurance Company
    • Insurance Surveyors and Valuers
    • Partnered agencies offering value added services like Vehicle details based on registration number furnished to us.
    • Third Party service providers providing services to us. (Note: broking services and other core services are not outsourced)
  2. We might have to release personal information about you to meet our legal and regulatory obligations.
  3. With law enforcement agencies, for the investigatory powers conferred to them under various laws, we might have to share personal information about you to government and law-enforcement agencies, such as the police, to help detect and stop crime, prosecute offenders and protect national security. They might ask for the following details.
    • Your contact details. This includes your name, gender, address, phone number, date of birth, email address needed to confirm your identity and your communications with us.
    • Your communications with us, such as calls, emails, texts, chats and webchats.
    • Your health and financial information.
    • Details of the services you have availed and how you use them – including your policy and claims records.
  4. The balance between privacy and investigatory powers is challenging. We share your personal information when the law says we have to, but we have strong oversight of what we do and get expert advice to make sure we’re doing the right thing to protect your right to privacy.
  5. We’ll also share personal information about you where we have to legally share it with another person. That might be when a law says we have to share that information or because of a court order.
  6. In limited circumstances, we may also share your information with other public authorities. However, we would need to be satisfied that a request for information is lawful and proportionate (in other words, appropriate to the request).
  7. We will be required to share information with regulators like IRDAI when called upon and store all such collected information for a period as prescribed from time to time.
Where Is Your Information Processed?
  1. We are an organization registered in India having business functions and processing facilities in India only. All information is processed by our employees in company owned assets having adequate security controls and in our private cloud hosted in India availed through a leading service provider in India
  2. We do not transfer your personal information outside India nor process any component outside India.
  3. If we need to transfer your personal information to another organisation for processing in other countries, we will only do so if we have model contracts or other appropriate safeguards (protection) in place and as permissible by prevailing law.
  4. If there’s a change (or expected change) in who owns us or any of our assets, we might share personal information to the new (or prospective) owner. If we do, they will have to keep it confidential.
  5. We always follow the law and delete your information when we no longer need to keep it.
Security of Your Information.
  1. We have strict security measures to protect your personal information. We check your identity when you get in touch with us, and we follow our security procedures and apply suitable technical measures, such as encryption, to protect your information.
How Long Do We Retain Your Information.
  1. We Retain information for the following time period, unless a longer retention duration is prescribed under applicable law or pursuant to an order of a court or authority:
    • All insurance related data and components associated with such are retained for 10 years.
    • Emails and communication for 10 years
    • CCTV footages for 90 days
  2. In other cases we store personal information for the period needed for the purposes for which the information was collected or for which it is to be further processed. And sometimes we will keep it for longer if we need to by law, regulations or order of a court, or similar authority. Otherwise we delete it.
Accessing And Updating Your Information
  1. As allowed by law, you can access and update the information we hold about you using our online form. Once we’ve looked at your request, we’ll let you know when you can expect to hear from us.
  2. We’ll always try to help you with your request but we can refuse if we believe doing so would have a negative effect on others or the law prevents us. And even though we have to complete your request free of charge, we are allowed to reject requests if:
    • they’re repetitive;
    • you don’t have the right to ask for the information; or
    • the requests made are excessive.
    • If that’s the case, we’ll explain why we believe we don’t have to fulfil the request.

  3. If you want a copy of your information, you may log in to your Prudent Protect account or you may reach out to the identified account manager for your organization and we’ll send it to you. (You must be the account holder to ask for this information).
  4. If you want to see what contact information we hold about you, you can also log in to your account. It’s quick and simple to access it this way.
  5. You can also ask us for a copy of the information we hold about you by writing to us on email ID.
  6. If you work for one of our corporate customers, where possible, please ask your employer – they’ll ask for this on your behalf.
  7. It will normally take us up to one month to get back to you but could take longer (up to a further two months) if it’s a complicated request or you send us a lot of requests at once.
  8. You can ask us to correct, complete, delete or stop using any personal information we hold about you by by writing to us on email ID.
  9. If you’re worried about how we send you marketing information, have a look at the section above on how to check or change those settings.
  10. If you want us to stop using personal information we’ve collected via cookies on our website or apps, you should either change your cookie settings here or change the settings for your app. In some cases, we might decide to keep information, even if you ask us not to. This could be for legal or regulatory reasons, so that we can keep providing our products and services, or for another legitimate reason. For example, we keep certain claims information to show we have advised you correctly. But we’ll always tell you why we keep the information.
  11. We aim to provide our services in a way that protects information and respects your request. Because of this, when you delete or change (or ask us to delete or change) your information from our systems, we might not do so straight away from our back-up systems or copies on our active servers. And we may need to keep some information to fulfil your request (for example, keeping your email address to make sure it’s not on our mailing list).
  12. Where we can, we’ll confirm any changes. For example, we’ll check a change of address against the Postal Address File, or we might ask you to confirm it.
  13. If we’ve asked for your permission to provide a service, you can withdraw that permission at any time. It’ll take us up to 30 days to do that. And it only applies to how we use your personal information in the future, not what we’ve done in the past (for example, if we’ve run an eligibility check at the start of your contract).
Notification of Changes to the Privacy Policy

PIBL reserves the right to revise this Privacy Policy from time to time as per organization needs or to abide by new regulations, by posting notice of the amendment as appropriate. To the extent permitted by applicable law, such changes will be applicable from the time they are posted.