1.1 OUTsurance Insurance Company Limited and OUTsurance Life Insurance Company Limited (hereinafter both referred to as “OUTsurance”) recognise the importance of protecting your personal information and your right to having your personal information kept private. OUTsurance ensures that it adheres to all applicable data protection laws and has the implemented safeguards to ensure that your personal information is kept safe from unauthorised access.
2. Personal Information
2.1 OUTsurance aligns its definition of “personal information” with that as set out in the Protection of Personal Information Act, 2013 (POPIA). All specific information that identifies you that is provided to us via any of our service channels or any other channel will be classified as personal information. This includes but is not limited to personal information that is provided to us in the course of our business, while obtaining an online quotation, using our mobile device app, enquiries via e-mail, during requests to amend or view your policy data or for the purpose of recruitment or potential employment.
2.2 To help you understand this policy, we include the explanations of the terms ‘personal information’ and ‘process’ as used in POPIA:
2.2.1 Personal information is any information relating to an identifiable natural or juristic person. Some examples are: race, gender, marital status, nationality, age, physical or mental health, disability, language, education, identity number, telephone number, email, location, postal or street address, biometric information and financial, criminal or employment history.
2.2.2 Process means any operation or activity, whether automated or not, concerning personal information, including: collection, receipt, recording, organisation, collation, storage, updating or modification, retrieval, alteration, consultation, use, dissemination by means of transmission, distribution or making available in any other form, merging, linking, as well as blocking, degradation, erasure or destruction of information. “Processing” will have a similar meaning.
3. What personal information do we collect from you
3.1 OUTsurance collects and processes different types of personal information in order to provide our services to you, which information is collected transparently throughout our various processes.
3.2 Should you decide to register with or engage with us and/or use any of our services, you thereby expressly consent to us processing your personal information that you provide or is provided by other responsible parties that you have consented to process your personal information and using the following types of information about you when you use any of our service channels or recruitment portal:
3.2.1. Information that is automatically collected
They also help us find information once you have logged in or help us link your browsing information to you and your personal information, for example, when you choose to register for a service. We may use a persistent Cookie (a Cookie that stays linked to your browser) to record your details so we can recognise you if you visit our Website again.
Cookies by themselves cannot be used to discover your identity. Cookies do not damage your computer. You can set your browser to notify you when you receive a Cookie. This enables you to decide if you want to accept it or not. If you choose not to accept Cookies from our Website this may limit its functionalities or performance.
3.2.2. You should not provide us with any personal information, where the provision of same will be considered to be in breach of these terms or POPIA
You warrant that the personal information disclosed to us is directly from you as the user or in connection with the services and all such personal information is lawfully yours to provide. You also warrant that any personal information provided to us from a third-party responsible party, was obtained from you and lawfully provided to us with your express consent to that responsible party to do so.
4. When do we collect your personal information
4.1 When you utilise any of our service channels, services or recruitment portal.
5. Sharing of Information
5..1 In terms of POPIA, personal information must be processed for a specified purpose. The purpose for which we process your personal information will only be for a legitimate business purpose and a necessary function of your engagement with any of our service channels, services and recruitment portal and you have expressly consented to this or in instances where same is permissible by law.
5.2 We use your personal information in order to do the following:
- identify you;
- provide the services and products you have requested for;
- process your requests or instructions;
- manage the services we provide to you;
- follow the laws of South Africa;
- detect and prevent fraud;
- offer our OUTsurance Group Holdings products and services to you, unless you have opted out from receiving marketing material;
- perform the necessary checks for the purpose of recruitment or potential employment;
- to enable you to provide us with your contracted services;
- for permissible reasons as provided for by POPIA or any other regulatory instrument;
- to improve our services or website.
5.3 Personal information will only be retained by OUTsurance for as long as necessary to fulfil the purposes for which that personal information was collected, or as permitted in terms of applicable law.
6. Sharing of Information
6.1 OUTsurance does not and will not sell or provide personal information to third parties for independent use. We may, however, share personal information with our business partners and/or associates if the sharing of information is required to provide any of our products or services to you, to protect our or your legitimate interest and where relevant recruitment purposes. However, our business partners and/or associates will adhere to using your information only as directed by OUTsurance. OUTsurance will enter into written agreements with such third party service providers to ensure that they comply with applicable laws pursuant to the processing of personal information provided to it by OUTsurance from time to time.
6.2 OUTsurance may transfer personal information to a third party who is in a foreign country in order to administer certain services, but may only do so subject to the provisions of POPIA. Whenever we transfer your personal information out of the country, we will ensure a similar degree of protection is afforded to it by ensuring that we will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information or our agreements with said parties will ensure this;
6.3 OUTsurance may collect information from certain public and third party sources for purposes of obtaining information.
6.4 Below is a list of instances of where we may disclose your personal information to third parties. Please note that the list below is not exhaustive:
- Personal information as well as information relating to claims, insurance and financial history with other insurers, government bodies, South African Insurance Crime Bureau and credit bureaus.
- When any regulatory authority for the various financial sectors requests same;
- To comply with any regulation passed under relevant legislation, or any legal process;
- To enforce and protect our rights and property (including intellectual property) and/or where we have a legitimate interest to do so;
- When you have expressly authorised us to do so;
- If we undergo a change in ownership;
- In the interest of national security;
- For the purpose of recruitment or potential employment within OUTsurance
7. Protection of Information
7.1 We value the information that you choose to provide us and will therefore take reasonable steps to protect your personal information from loss, misuse or unauthorised alteration and/or access. The information we maintain concerning our customers, all our employees and potential job applicants is stored in databases that have built-in safeguards to ensure the privacy and confidentiality of that information.
7.2 OUTsurance uses state of the art technology and encryption to prevent any unauthorised access to your personal information. We keep up to date with latest global developments in security technology to ensure that your transactions and personal information stored with us is adequately secured and protected at all times.
7.3 You must always keep your personal information and any account numbers or App login details confidential and ensure that you do not disclose it to anyone.
7.4 Should you at any time feel that you no longer wish to be contacted by us for any purpose whatsoever, you should advise us to that effect via email or telephone.
7.5 We retain all data that is required for us to discharge our business activities for historical, statistical and research purposes. We have established appropriate safeguards against the records being used for any other purposes.
7.6 OUTsurance will ensure that you will be furnished with a reasonable opportunity to object (opt-out) to the use of your personal information for OUTsurance’ s marketing purposes when collecting the personal information and on the occasion of each communication to the data subject for purposes of direct marketing.
8. The OUTsurance App
8.1 By installing and using any of the services on our App you consent that we may send you promotional material or details which we think may be of interest to you and that we may contact you to provide you with a quote or offer you any products which we offer through various entities within the OUTsurance Holdings Group.
8.2 We will only use the personal information obtained through the use of our App, for the purpose for which it was collected subject to the terms and conditions relating to the App. Our mobile device app and website may contain hyperlinks to websites that are not operated by us. We urge you to review any privacy statement posted on any site you visit before using the site or providing any personal information about yourself and others.
8.3 In app features requiring location information:
8.3.1 In utilising some of our in-app features (SmartDrive, Roadside assist, Panic Assist), you expressly consent to the access, collection and use of your location data (the area which can be tracked via the location services settings (GPS) on your device).
8.3.2 How your location data is:
- your location data is accessed via a secured interface that's integrated to the Android and IOS software development kit's (sdk’s).
- your personal information (i.e. location) is accessed via HTTPS.
- your personal information (i.e. location) will be collected in the foreground via the OUTsurance app registration process;
- your location data will be collected in both the background and foreground;
- to determine your location data:
- SmartDrive – to monitor driving patterns
- Roadside assistance/Panic Assistance – to provide to the assisting service provider
9. Your rights and obligations
9.1 You have a right to access personal information that we hold about you and where such access is necessary for you to exercise and/or protect any of your rights.
9.2 In terms of POPIA, you have the following rights with regards to your personal information:
9.2.1. Have your personal information processed accordance with lawful processing conditions;
9.2.2. Be informed about how your personal information is being used;
9.2.3. Access personal information we hold about you in terms of section 10 below;
9.2.4. You can challenge the accuracy or completeness of your personal information in OUTsurance’s records at any time;
9.2.5. Request us to correct any mistake in your personal information that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading or obtained unlawfully;
9.2.6. Require us to delete or destroy a record of personal information where we are no longer authorised to retain the information;
9.2.7. Object at any time to processing of your personal information for direct marketing purposes by completing the prescribed form;
9.2.8. Object to automated decision making which results in legal effects concerning you or similarly significantly affects you;
9.2.9. Object in certain situations to our continued processing of your personal information in certain circumstances.
While it is our policy to respect the rights of individuals, please be aware that your rights are subject to certain exemptions provided for in terms of legislation.
10. Access to personal information request
10.1 In order to request access to your personal information that we hold about you, you have to follow the process outlined in our Access to Information Manual (“Manual”) for a personal access request. The manual can be found here.
11.1 If you have any questions, concerns or complaints about this policy or non-compliance relating to this policy or POPIA, you may contact our Information Officer in order for us to address your query. You can contact the Information Officer via the following:
Information Officer: Natasha Kawulesar
Phone: +27 (12) 675 4607
Postal address: P.O. Box 8443, Centurion, 0046
Physical address: 1241 Embankment Road, Centurion, 0157
11.2 Provide us with all relevant information to enable us to assist you efficiently. Your query should contain sufficient details including sufficient facts, dates and supporting documentation. You should also include your contact details.
11.3 If the matter is not resolved to your satisfaction, you have the right to lodge a complaint with the Information Regulator, under the provisions of POPIA. The contact details of the Information Regulator are as follows:
27 Stiemens Street
Complaints: complaints: POPIAComplaints.IR@justice.gov.za
General enquiries: firstname.lastname@example.org
Acceptance of the terms and conditions contained in this policy is voluntary. OUTsurance does however require your acceptance to enable OUTsurance to effectively offer services to you, liaise with you, exercise its right, or enforce obligations as they arise from the applicable relationship and comply with applicable laws.
12. Policy review
12.1.1 The Information Officer as the policy owner is responsible for ensuring the policy is maintained and that it addresses relevant legal, regulatory and other key documents.
12.1.2 The policy owner manages the process for updating the policy in accordance with the review timing outlined in this policy.
12.1.3 The policy is subject to annual review and approval by the Executive Committee.