ECICS Limited is committed to protecting the privacy and Personal Data of individuals whom We encounter in the course of Our business dealings. This Privacy Policy explains how ECICS Limited and its related corporations and affiliates (collectively, “We”, “Our” or “Us”) may collect, use, disclose, store, retain, transfer and protect Your Personal Data in accordance with Singapore’s Personal Data Protection Act 2012 (“PDPA”), applicable insurance laws and regulations, and Our internal policies and procedures.
“Personal Data” means data, whether true or not, about an individual who can be identified from that data, or from that data and other information to which We have or are likely to have access.
References to “You”, “Your” or “Yours” include policyholders, prospective policyholders, insured persons, claimants, beneficiaries, witnesses, brokers, agents, intermediaries, appointed representatives and other individuals whose Personal Data We may handle in connection with Our business.
By providing Personal Data to Us, or by continuing to use Our products, services, websites, applications or other channels after being notified of the relevant purposes, You consent, or are deemed to have consented where permitted by the PDPA, to Our collection, use and disclosure of Your Personal Data for those purposes. We will collect, use or disclose Personal Data only for purposes that a reasonable person would consider appropriate in the circumstances and, where required, after notifying You of those purposes.
1. Who To Contact About Your Personal Data
If You have any questions about Our use of Your Personal Data, You can contact Us at:
ECICS Limited Data Protection Officer
10 Eunos Road 8, #09-04A
Singapore Post Centre
Singapore 408600
Email: dataprotection@ecics.com.sg
2. How We Collect Personal Data
We collect Personal Data that are relevant to Our business dealings with You, through a variety of sources, including:
- application, proposal and claim forms, and other forms, whether submitted physically or electronically;
- telephone calls, emails, meetings and other communications;
- service providers, brokers and agents, claims investigators, witnesses, medical professionals, driver and vehicle licensing authorities, credit reference agencies, your employer, and other third parties;
- this website (the “Website”);
- software applications made available by Us for use on or through computers and mobile devices (the “Software Applications”), including telematics, and driving behaviour analytics where relevant to Your policy; and
- social media pages maintainedt by Us on or through various social media platforms (Our “Social Media Content”) collectively referred to as the “ECICS Electronic Services”;
3. Personal Data That We Collect
Depending on Your relationship and dealings with Us, the Personal Data collected may include, where relevant and permitted by law, the following:
- General identification and contact information such as name, address, telephone number, age, date of birth, gender, occupation, marital status, NRIC numbers, passport numbers or Foreign Identification number (FIN), vehicle registration number;
- Financial information such as income, bank account numbers, Central Provident Fund (CPF) statements, bank statements, credit card details, GIRO records, credit history, credit score, assets and financial information;
- Employment information, employment history and salary details;
- Education background and professional licenses and affiliations;
- Skills and experience;
- Medical information such as medical history, consultation history, prescriptions, clinical notes, treatments, description of medical services rendered and medical reports;
- Claims related information including previous claims history;
- Personal data of a third party that You provide to Us in connection with the purchase of Our products and services, or for beneficiaries or referrals; and
- Other information which We need to facilitate Our business dealings with You.
4. How We Use Personal Data
We may collect, use, disclose and otherwise process Your Personal Data for purposes that are reasonably necessary for Our business, to provide products and services to You, to comply with applicable laws and regulatory requirements, and for other purposes notified to You. Personal Data may be processed, stored, transferred or disclosed in or outside Singapore, provided that We take steps required under the PDPA to ensure that transferred Personal Data receives a standard of protection comparable to that under the PDPA, unless an exception applies. We may use Your Personal Data for one or more of the following purposes:
Verifying Your identity and information;
- Providing insurance, financial services or related products and services to You and administering, maintaining, managing and operating such products and/or services including any renewals;
- Sending you important information regarding changes to Our policies, other terms and conditions, renewal of policies and other administrative information;
- Processing, assessing and determining any applications or requests made by You for insurance products or services;
- Processing, assessing and determining any claims made under any insurance products or in respect of any services provided by Us including, without limitation, making, defending, analysing, investigating, processing, assessing, determining or responding to such claims, including conducting automated data analytics or profiling to detect or prevent fraudulent activities;
- Performing any functions and activities related to the insurance products and/or services provided by Us including, without limitation, obtaining reinsurance, auditing, reporting and general servicing and maintenance of online and other services;
- Providing improved quality, training and security (for example, with respect to recorded or monitored phone calls to Our contact numbers);
- Assessing Your eligibility for payment plans, and processing Your premium and other payments;
- Preventing, detecting and investigating crime, including fraud and money laundering, and analysing and managing other commercial risks;
- Carrying out market research and analysis, including satisfaction surveys;
- Providing marketing information to You about products and services offered by Us, Our related corporations, affiliates or selected partners, where permitted by law and in accordance with applicable consent, withdrawal and Do Not Call requirements;
- Personalising Your experience on ECICS Electronic Services by presenting marketing information tailored to You;
- Identifying You to anyone to whom you send messages through ECICS Electronic Services;
- Facilitating social media sharing functionality;
- Managing Our infrastructure and business operations, and complying with internal policies and procedures, including those relating to auditing; finance and accounting; billing and collections; IT systems; data and website hosting; business continuity; and records, document and print management;
- Resolving complaints, and handling requests for data access or correction;
- Carrying out due diligence or other screening activities in accordance with legal or regulatory obligations or risk management procedures that may be required by law or that may have been put in place by Us;
- Complying with applicable laws and regulatory obligations (including laws outside of Singapore), rules (including stock exchange rules) such as those relating to anti-money laundering and anti-terrorism;
- Complying with legal process; responding to requests from public and governmental authorities (including those outside of Singapore) and for audit, compliance, investigation and inspection purposes;
- Meeting the requirements to make disclosure pursuant to any law binding on Us or Our related corporations and affiliates or for the purposes of complying with any regulations or rules (including stock exchange rules) or guidelines issued by any regulatory or other authorities which have jurisdiction over ECICS Limited and any of its related corporations and affiliates;
- Conducting credit checks on You- such as analysing verifying and/or checking Your credit, payment and/or status in relation to Your ability to use the services;
- Matching any Personal Data held by Us relating to You from time to time for any of the purposes listed in this Privacy Policy;
- Recovering any and all amounts owing from You or any person who has provided security or an undertaking for such liabilities of Yours;
- Enforcing or defending the legal rights of Ours, contractual or otherwise;
- Enabling any actual or proposed assignee or transferee of all or any part of Our rights or obligations;
- Notifying You, regulators or other relevant parties of data incidents or data breaches where required under the PDPA or other applicable laws and regulations; and
- Any other purposes reasonably related to any of the above.
5. Disclosure of Personal Data
We may disclose Personal Data, where relevant and permitted by law, to the following parties for the purposes described in this Privacy Policy or as otherwise notified to You:
- ECICS Limited’s related corporations and affiliates and any of their director, officer, staff and relevant personnel;
- third parties (whether in or outside Singapore) such as other insurers, reinsurers, insurance and reinsurance brokers, other intermediaries and agents, appointed representatives, distributors, affinity marketing partners and financial institutions, securities firms and other business partners;
- third party service providers such as medical professionals, accountants, actuaries, auditors, experts, lawyers and other outside professional advisors, travel and medical assistance providers, call center service providers, IT systems, support and hosting service providers, printing, advertising, marketing and market research and analysis service providers, banks and financial institutions that service our accounts, third-party claim administrators, document and records management providers, claim investigators and adjusters, construction consultants, engineers, examiners, jury consultants, translators and similar third-party vendors and outsourced service providers that assist Us in carrying out business activities;
- any regulators, law enforcement agency, statutory board, governmental or other public authorities, dispute resolution or industry bodies as necessary to comply with any laws, rules, regulations, agreements or schemes;
- other third parties such as payees, emergency providers (fire, police and medical emergency services), retailers, medical networks, organizations and providers, travel carriers, credit bureaus, credit reporting agencies and other people involved in an incident that is the subject of a claim;
- any purchasers and prospective purchasers or other parties in any actual or proposed reorganization, merger, sale, joint venture, assignment, transfer or other transaction relating to all or any portion of our business, assets or stock.
To check information provided, and to detect and prevent fraudulent claims, Personal Data (including details of injuries) may be shared with other insurers when dealing with claims to detect, prevent and investigate fraud.
6. Security
We will make reasonable security arrangements to protect Personal Data in Our possession or under Our control against unauthorised access, collection, use, disclosure, copying, modification, disposal or similar risks. These measures may include administrative, physical and technical safeguards, access controls, confidentiality obligations, staff training, secure storage and disposal practices, and controls over service providers who process Personal Data on Our behalf. However, no transmission over the Internet or electronic storage system can be guaranteed to be completely secure. If You have reason to believe that Your interaction with Us is no longer secure or that Your Personal Data may have been compromised, please notify Our Data Protection Officer immediately.
Where We engage service providers or other third parties to process Personal Data on Our behalf, We will take reasonable steps to ensure that they protect Personal Data in a manner consistent with the PDPA and any applicable contractual or legal requirements.
7. Retention of Personal Data
We will retain Personal Data only for as long as it is necessary to fulfil the purposes described in this Privacy Policy. Personal Data will be kept by Us only for so long as it is needed for the purposes for which it was collected and as required for business or to comply with legal, regulatory and internal requirements.
8. Personal Data of Other Individuals
If you provide Personal Data to Us regarding other individuals (e.g. insured persons, family members, and beneficiaries), you agree:
- to inform the individual about the content of this Privacy Policy; and
- to obtain consent for the collection, use, disclosure, and transfer (including cross-border transfer) of Personal Data about the individual in accordance with this Privacy Policy and has retained the proof of such consent which will be provided to Us upon Our request.
9. Withdrawal of Consent
You may withdraw Your consent for Us to collect, use or disclose Your Personal Data, by giving us a written notice via email addressed to Our Data Protection Officer (DPO), so long as there are no legal or contractual restrictions preventing You from doing so.
If You withdraw Your consent for us to use, collect or disclose your personal data for the above authorized purposes, it will affect or prohibit Our ability to continue providing You with insurance coverage or to adequately process Your claim and may inevitably result in a termination of Your contract or policies You have with Us. ECICS Limited’s legal rights and remedies are expressly reserved in such event.
- We will provide a response to You within 14 days from date of receipt of Your request.
- Please allow up to 30 days for Us to process and update Your request. You may continue to receive marketing messages and other product information from Us within these 30 days.
- Although You may have withdrawn consent for the collection, use or disclosure of Your Personal Data, We may retain Your personal data for purpose of administering your insurance products and/or services with Us and in accordance with Our internal procedures.
10. Access and Correction of Personal Data
To the extent that the applicable law allows, You may request access to, and correction of, the Personal Data. However, some Personal Data may be exempt from such access and correction rights in accordance with the PDPA. All requests for access to, and/or correction of, the Personal Data can be submitted to ECICS’ Data Protection Officer (DPO) via email address at dataprotection@ecics.com.sg Please note that ECICS Limited has the right to charge a reasonable fee for the handling and processing of such requests.
11. Use of Cookies
When You visit Our website, information about Your browsing behaviour on Your website may be collected with the use of “cookies”. A cookie is a small piece of data sent from a website and automatically stored in a user’s web browser when a user visits the website. The information collected by “cookies” may include items such as language preference, the pages visited and aggregated research data such as number of visitors but contain no personally identifiable information.
We use cookies to maintain the state of user connection with Our website and gather statistics on users’ overall website browsing behaviour so that We can evaluate Our website’s effectiveness and improve the user experience. If You prefer, You may disable the cookies by changing the setting on Your web browser. However, You may not be able to fully utilise the functions of our website if cookies are disabled.
We may work with or engage third parties to conduct research on the usage and activities of users on Our website on Our behalf. No personally identifiable information about You is collected or shared with third parties as a result of the research.
12. Governing Law
This Privacy Policy shall be governed by and construed in accordance with the laws of Singapore. Any dispute arising out of or in connection with this Privacy Policy including any question regarding its existence, validity or termination, shall be referred to and finally resolved by the Courts of Singapore.
13. Changes to This Privacy Policy
We may update this Privacy Policy from time to time and reserve the right to make amendments at any time to reflect changes in Our business and legal requirements. Notice of such revision will be indicated on Our website and/or by such other means of communication deemed suitable by Us.
This Privacy Policy is last updated on 6 July 2026.