Privacy and cookies

Your Privacy

This website contains both public and protected pages and links to other websites that provide online services.  Any information transmitted to us through public pages is not encrypted and could be intercepted by third parties or electronically delivered to parties other than the addressee.  Any such information is sent at your own risk and you should therefore carefully consider its sensitivity prior to transmitting it.

Some pages of the website offer the facility to email us with an enquiry. Email is not a secure medium of communication. For this reason, we request that you do not send private information to us by email. Where we do receive personal data from you by email, we will only respond by email if it is through a secure route.

The protected pages of our websites, which form our online services, are however protected by access via a secure server. Pages utilizing this technology will have URLs that start with HTTPS instead of HTTP. This ensures that all information transmitted between your browser and our server from such pages is encrypted.

In addition, to use the online services, you must have a valid user name and password. Data transmitted via the secure server is stored on databases, which are protected by further security measures (such as firewalls), and may only be accessed by authorized users. We have strict policies on the storing and disclosing of data to prevent unauthorized access.

Privacy Policy

We are committed to protecting your and, where applicable, your family’s personal data. This Privacy Policy relates to our use of any personal data we process about you in connection with online services and to our use of any personal data we collect through other means, such as email, via paper application forms, in person, by telephone or from other third party sources.

This Privacy Policy is issued by Friends Provident International Limited (referred to as “FPIL”, “we”, “us” and “our” in this Privacy Policy) that operates in the Isle of Man.

At the point at which you provide any personal data to us, you should be provided with key details about how your personal data will be used. The controller of your personal data is FPIL.

We will use the personal data provided to us for the purposes of providing the services and products available on the website and for other related activities. For these purposes we will disclose the personal data to other FPIL companies and to our agents and service providers. We will also disclose information where disclosure is required under a legal or regulatory obligation to do so.  Further detail is set out in the Personal Information Collection Statement (PDF).

Our approach to Privacy

The privacy and security of your personal data is very important to us. We want to assure you that your personal data will be properly managed and protected whilst in our hands.

The data we collect

Personal data you provide to FPIL may include:

  • basic personal details such as your name, address, email address, telephone number, date of birth, gender, marital status
  • sensitive personal data (referred to in data protection laws as special categories of personal data) such as health information (for example alcohol consumed, recreational drug use, tobacco use, current state of health, existing conditions, family or personal history in relation to some conditions) 

We will always be clear to explain why we need this information and the purposes for which we will use it and request your explicit consent.

You do not have to provide us with any personal data, however, if you choose not to provide your data we may be unable to continue with any application you make, or process any claim you make.

We may collect information about other members of your household or family, for example, family members on whose life you take out a life insurance policy.

If you give us information about another person it is your responsibility to ensure and confirm that:

  • you have told the individual who FPIL is and how we use personal data, as set out in this Privacy Policy; and
  • you have permission from the individual to provide that personal data (including any sensitive personal data) to us and for us to process it, as set out in this Privacy Policy.

Policy and contract administration

Your personal data may be used for the purposes of policy administration by FPIL, its agents and by re-insurers. It may be disclosed to regulatory bodies for the purposes of monitoring and/or enforcing FPIL’s compliance with any regulatory rules/codes. Your personal data may also be used for research and statistical purposes and crime prevention.

How we use information to improve our products, prices, offers and customer experience for all

We may also use your personal data for research or statistical purposes, including to analyse how people use our websites, view our products, respond to our advertising and to improve our understanding of what customers need.

We may use your personal data for training purposes, to improve our services and their delivery, for example by recording telephone calls.

How we use and share your personal data outside of FPIL

If you request a quote, or purchase a product or service, your personal data may be shared with and processed by our associated companies, introducers, intermediaries, reinsurers and agents, as well as the policy holder (if that is not you) and your broker or financial adviser for the purposes of administration, including third parties providing services to them (as detailed above).

Your personal data may be disclosed when we believe in good faith that the disclosure is:

  • required by law;
  • to protect the safety of our employees, the public or FPIL property; 
  • required to comply with a judicial proceeding, court order or legal process; or
  • in the event of a merger, asset sale, or other related transaction; or
  • for the prevention or detection of crime (including fraud).

We may share your personal data with regulatory bodies in the Isle of Man or, if applicable, overseas, as well as with other insurance companies (directly or via shared databases) to prevent and detect fraud.

Fraud prevention and detection

In order to prevent and detect fraud we may at any time:

  • check and/or file your details with fraud prevention agencies and their databases, and if you give us false or inaccurate information and we suspect fraud, we will record this to prevent fraud and money laundering. 

We can supply on request further details of the agencies and databases we access or contribute to and how this information may be used. If you require further details contact us at: Data Protection Officer, Friends Provident International Limited, Royal Court, Castletown, Isle of Man, IM9 1RA.  Telephone: +44 (0) 1624 821212.  Email: DPO@fpiom.com.

We and other organisations may also search these agencies and databases to:

  • help make decisions about the provision and administration of your policy 
  • check your identity to prevent money laundering 
  • check details of job applicants and employees 

This may include any online or digital partners we work with, so we, or our online or digital partners on our behalf, can communicate with you through their platforms.

The legal grounds for processing your personal data

Data protection laws require us to tell you what legal basis we use for processing your personal data.  These bases are set out in the applicable data protection law.  We generally use the following:

  • the processing is necessary to perform a contract with you (e.g. the contract for insurance), or to take steps requested by you before entering into a contract (e.g. processing your application for insurance cover); 
  • the processing is necessary to meet a legal obligation which applies to us; 
  • you have given your consent to the processing of your data; or 
  • the processing is in FPIL's or someone else's legitimate interests, and these interests are not overridden by your interests or rights in the protection of your personal data. 

    Where we rely on the "legitimate interests" ground , the law requires us to explain to you the interest in question.  We consider that we have the following legitimate interests in processing personal data: 
    • ­ in relation to our website and portal- tailoring and improving services, understanding usage, tracking visits and enhancing the online experience, and the provision of software updates:
    • ­ analysing insurance and other markets for portfolio and risk assessment; 
    • ­ managing complaints; 
    • ­ marketing activities, tailoring offers and providing service enhancements; 
    • ­ research and statistical activities. 

Sometimes we process data about you which the law considers to fall within the special categories (see section "Personal data" for more details), in which case, we use one of the following grounds:  

  • you have freely given your informed, specific, consent to the processing; or
  • the processing is necessary for the establishment, exercise or defence of legal claims.   

If you have given your consent to our processing of your personal data, you have the right to withdraw that consent at any time.  You can do this by contacting us (see How to contact us). Please be aware however that withdrawing consent would result in the termination of your contract. 

Data transfer

Your personal data may be transferred by any FPIL company to any country, including countries outside of the Isle of Man, the European Economic Area (EEA), and the country in which your data was collected, for processing, storage, administration or any other use stated in this policy. The purposes and processing associated with any such transfer will comply with all applicable data protection regulations, and with our obligation to adequately protect and secure your personal data. Where required under applicable laws we will take measures to ensure that personal data handled in other countries will receive at least the same level of protection as it is given in the Isle of Man, the EEA and the country of data collection.

We generally do this by putting contracts in place with recipients of personal data located outside of the Isle of Man, the EEA, or country of data collection, which require the recipients to provide appropriate protection for your personal data.  These contracts are on a standard form which has been approved by data protection regulators as providing an appropriate level of protection for personal data.

Security

We are committed to protecting the confidentiality and security of the information that you provide to us and we put in place appropriate technical, physical and organisational security measures to protect against any unauthorised access or damage to, or disclosure or loss of, your personal data.

You should also be aware that communications over the internet, such as e-mails, are not secure unless they have been encrypted. The websites may contain links to other FPIL and other third party websites. These other websites will be subject to their own privacy policies which may differ from this Privacy Policy. You should carefully read the privacy policies of these websites before submitting any personal data.

Managing your marketing preferences

We will not normally carry out any direct marketing campaigns but if we do, we will always contact you first and give you the opportunity to opt in to direct marketing before any communications of this nature take place.  

If we do carry out any direct marketing, we may: 

  • provide you with updates and offers for FPIL’s products and services via marketing tailored to you, by direct marketing (e.g. phone, e-mail, text, post); and 
  • use information we hold about you to help us identify, tailor and package our products and services, determine pricing and offer discounts that may be of interest to you. 
  • share your personal data with third parties who help run our marketing campaigns 

We will not use sensitive personal details (such as information relating to your health record or any criminal issues) in order to provide you with marketing, discounts or pricing unless you have given your explicit consent to allow us to use this information for these purposes.

How long do we keep your personal data

We will not retain your personal data for longer than is necessary for the maintenance of your contract, or for legal or regulatory requirements and in any event such retention will be in accordance with our record keeping policy. 

Update or correct your personal data

Please let us know if your personal data changes as it is important that the information we hold about you is accurate and up to date.

You can ask us to update or correct your personal data or opt out of FPIL’s use of your personal data for direct marketing purposes by contacting us using any of the following methods:

By Phone: +44 (0) 1624 821212 

By email: DPO@fpiom.com 

By writing to: Data Protection Officer, Friends Provident International Limited, Royal Court, Castletown, Isle of Man, IM9 1RA 

Your rights

You have several rights in relation to your personal data.  In most cases, there are conditions attached to these rights.  Please click on each of the headings below to find out more.  You can exercise your rights by contacting us (see How to contact us).  We may take steps to verify your identity when you contact us with a request to exercise any of your rights.

Accessing your data

You can ask us to:

  • confirm whether we are processing your personal data 
  • provide you with details of the information we hold 
  • provide you with other information about your personal data such as what data we have, what we use it for, who we disclose it to, whether we transfer it abroad and how we protect it, how long we keep it for, what rights you have, how you can make a complaint, where we got your data from and whether we carry out any automated decision making or profiling.  We aim to give you all this information in this Privacy Policy, although if anything is unclear, please speak to our Data Protection Officer (see How to contact us).

You do not have to pay a fee for provision of the information that makes up your personal data unless your request is unfounded or excessive, in which case we will charge a reasonable amount in the circumstances.  We will let you know of any charges before completing your request.

We aim to respond to you within 1 month of receiving your request unless it is particularly complicated or you have made several requests, in which case we aim to respond within 3 months. We will let you know if we are going to take longer than 1 month in dealing with your request.  If we have a lot of information about you we might ask you if you can tell us what exactly you want to receive.  This will help us action your request more quickly.

Correcting your data

You can ask us to correct any data which is inaccurate or incomplete.  This is free of charge.

If we have shared the data with anyone else, we will tell them about the correction wherever possible. We aim to deal with requests for correction within 1 month, although it might take us up to 3 months if your request is particularly complicated. 

If we can't action a request to correct your data, we will let you know and explain why this is. 

Erasing your data

This right is sometimes referred to as "the right to be forgotten".  This is not an absolute right but you have the right to have your data erased, free of charge, in certain circumstances.  

You can ask for your data to be erased where: 

  • it is no longer necessary for the purpose for which it was originally collected or processed; 
  • we are processing your data based on your consent, and you withdraw that consent; 
  • you object to the processing and we do not have an overriding legitimate interest for continuing; 
  • your data has been unlawfully processed; 
  • your data must be erased to comply with a legal obligation; 
  • the data was processed to offer information society services to a child. 

There are some exceptions to this right.  If one of these applies, we do not have to delete the data. 

If we have shared your data with third parties, we will tell them about the erasure of your data unless this is impossible or would involve disproportionate effort.

Restricting the processing of your data

You can ask us to restrict the processing of your personal data in some circumstances, free of charge. This is not an absolute right. If processing is restricted we can store the data and retain enough information to make sure the restriction is respected, but we cannot further process your data.

You can restrict the processing of your personal data in the following cases: 

  • if you contest the accuracy of your data, we will restrict processing until we have made sure the data is accurate; 
  • if you object to our processing and we are considering this objection; 
  • if the processing is unlawful but you do not want us to erase your data; 
  • if we no longer need the personal data but you require the data to establish, exercise or defend a legal claim. 

If we have disclosed the data to a third party, we will inform them about the restriction unless it is impossible or would require a disproportionate effort.  We will tell you if we decide to lift a restriction on processing your data.

Objecting to the processing of your data

Objecting to the processing of your data is free of charge. It is not an absolute right but you can object to our processing of your data where it is:

  • based on the legitimate interests ground; or 
  • for the purposes of scientific/historical research and statistics. 

We will stop processing your personal data unless we have compelling legitimate grounds for the processing which override your interests and rights, or unless we are processing the data for the establishment, exercise or defence of legal claims.

You can require us to stop using your data for direct marketing purposes. We will stop as soon as we receive your request. There are no exemptions or reasons for us to refuse.

Data Portability

This allows you to obtain and reuse your personal data for your own purposes across different services. It applies where the following conditions are met:

  • you provided the personal data to us yourself; 
  • we are processing the data either based on your consent or because it is necessary for the performance of a contract; and 
  • the processing is carried out by automated means. 

We will provide your data free of charge in a structured, commonly used and machine readable form. We aim to provide your data within 1 month of receiving your request unless it is particularly complicated or you have made several requests, in which case we aim to respond within 3 months.  If we are going to take longer than 1 month we will let you know and explain why we need more time.  If we consider that we cannot provide you with your data, we will contact you and explain why this is.

Automated decision making and profiling

You have the right not to be subject to a decision which is based on automated processing and which produces a legal (or similarly significant) effect on you.  

We will tell you about any automated decision making that affects you. You have the right to:

  • request human intervention; 
  • express your point of view; 
  • ask for the decision to be explained; and
  • challenge the decision.

These rights are not absolute. They do not apply if the decision is:

  • necessary for us to enter into or perform a contract with you;
  • authorised by law (e.g. for fraud prevention); or
  • based on your explicit consent.

FPIL only carries out automated processing on some policies that require underwriting.  Where an automated decision results in an outcome of non-standard rates, human intervention is always undertaken.

Changes to this Privacy Policy

We may amend this Privacy Policy from time to time for example, to keep it up to date or to comply with legal requirements. You should regularly check this Privacy Policy for updates. If there will be any significant changes made to the use of your personal data in a manner different from that stated at the time of collection, we will notify you by posting a notice on our website.

Cookies

What are cookies?

Cookies are small text files that some websites place on your computer or other device when you visit.

Websites commonly use cookies to improve the experience of the site or to remember aspects of your current or previous visits. This can include choices you’ve made or preferences you have chosen during that visit.

Session cookies are automatically deleted at the end of each browsing session (typically when the browser is closed).

Persistent cookies remain until the expiry date and time set by the website (or when manually deleted by the user).

How Friends Provident International uses cookies

Our policy is to use cookies to improve the way we do business with you or when they are essential to the way the site works. We may use cookies to;

  • understand how people use our sites so we can improve them, and 
  • present the right information to people who have logged into our sites, for instance to manage their policies. 

You can set your browser to reject cookies but if you do so you will be unable to use some areas of our website(s).

For information about how to block and delete cookies please visit AboutCookies.org

How to contact us

Friends Provident International Limited Hong Kong Branch complies with its obligations under the Hong Kong Personal Data (Privacy) Ordinance (PDPO) and also under the Isle of Man General Data Protection Regulation (GDPR).  For any questions or concerns relating to this Privacy Policy or our data protection practices, or to make a subject access request, please contact our data protection officer at:

    Data Protection Officer 
    Friends Provident International Limited 
    Royal Court 
    Castletown 
    Isle of Man 
    IM9 1RA 
    Email Address: DPO@fpiom.com

If you are unhappy about how we are processing your personal data or how we have responded to a request or complaint, you have the right to make a complaint to the Isle of Man's data protection regulator. You can find more details about how to contact them on their website https://www.inforights.im/ 

Alternatively, you may wish to contact the Office of the Privacy Commissioner for Personal Data at: 12/F, Sunlight Tower, 248 Queen's Road East, Wanchai, Hong Kong. Telephone: + 852 2827 2827, or via their website https://www.pcpd.org.hk