Privacy Statement

We will collect and store any information you enter on our website, or provide to us through any other channels. We may also obtain lawfully collected personal or non-personal information about you from affiliated entities, business partners and other independent third parties sources. We may also collect some information about your computer or other devices used when you visit this website.

The personal data we collect includes all personal information that you directly share or through your representatives or produced by us in relation to your application for insurance and your insurance policy (which includes sensitive personal data as defined under relevant applicable laws and regulations). This includes, among others, the following:

• identity information – name, address, personal contact details (including email address and telephone numbers);
• financial information – details of your policies including face amount, documents showing proof of funds or source wealth, account numbers, value of your policy, bank statements, etc.,
• medical information necessary for underwriting, servicing, or processing surrender or claims on the insurance policy
• Other personal data you provided to us in the insurance application, servicing or claims forms in relation to the policy
   

If you make use of any social media features or platforms, either on our website, or on an application we provide, or otherwise through a social media provider, we may access and collect information about you via that social media provider in accordance with their policies. When using a social media feature, we may access and collect personal data you have chosen to make available and to include in your social media profile or account. Our access to this personal data may be limited or blocked based on your privacy settings with the relevant social media provider.

Personal data is collected for the following purposes:

• to process, administer, implement and effect the requests or transactions contemplated by the forms available on our website or any other documents you may submit to us from time to time;
• to process applications that may involve automatic decision making and profiling, mainly designed for efficiency purposes;
• to design new or enhance existing products and services provided by us;
• to communicate with you including to send you administrative communications about any account you may have with us or about future changes to this privacy statement
• for statistical or actuarial research undertaken by BPI AIA, the financial services industry or our respective regulators;
• for data matching, internal business and administrative purposes;
• to assist in law enforcement purposes, investigations by police or other government or regulatory authorities and to meet requirements imposed by applicable laws and regulations or other obligations committed to government or regulatory authorities or their duly designated third party service providers;
• to personalize the appearance of our websites, provide recommendations of relevant products and provide targeted advertising on our website or through other channels;
• other purposes as notified at the time of collection; and
• other legitimate purposes directly or indirectly relating to any of the above.
   

By providing your personal information to us, you accept that BPI AIA may retain your information for as long as necessary, to fulfil the purpose(s) for which it is collected in compliance with applicable laws and regulations. All types of personal data collected by BPI AIA are retained 10 years after the termination of the insurance policy, whether by full surrender, full claims payment, cancellation or rescission of the policy and such other means of policy termination or cancellation. Further, reasonable steps will be taken to delete or destroy the information when it is no longer necessary for any of the purpose above.

For our policy on use of your personal data for promotional or marketing purposes, please see the section entitled “Use of Personal Data for Direct Marketing Purposes”.

We use appropriate technical, organizational and physical safeguards to protect Personal Data and Shared Personal Data from misuse or unauthorized access, disclosure or use, including:

• Access rights to any personal data is granted on a need-to-know basis. Access rights granted are reviewed annually.
• Unmasked personal data should be encrypted according to the Cryptography Standard when transmitted over unsecured network.
• Outsourcing arrangement on data storage, processing or hosting should be approved by Group Information Security via the Third Party Security Assessment (TPSA) process before a contract is awarded.
• Data encryption at rest is required to protect the data according to the data classification.
• Personal data should be removed from computers, laptops, mobile devices when they are no longer required.
• Data storage media to be disposed or remove from BPI AIA should be sanitized.

BPI AIA applies reasonable security measures to prevent unauthorized or accidental access, processing, erasure, loss or use including limiting physical access to data within BPI AIA’s systems and encryption of sensitive data when transferring such data.

Personal data will be kept confidential but may, where permitted by law and where such disclosure is necessary to satisfy the purpose or a directly related purpose for which the personal data was collected, provide such personal data to the following parties (for our policy on sharing of your personal data for promotional and marketing purposes, please see the section entitled “Use of Personal Data for Direct Marketing Purposes”):

• any person authorized to act as an agent of BPI AIA in relation to the distribution of products and services offered by BPI AIA;
• any agent, contractor or third party service provider (within or outside BPI AIA) who provides administration, data processing, telecommunications, computer, payment, debt collection or securities clearing, technology outsourcing, call center services, mailing and printing services in connection with the operation of BPI AIA’s business and BPI AIA’s provision of services to you;
• any member company of BPI AIA in relation to the provision or marketing of insurance services;
• any agent, contractor or third party service provider (within or outside BPI AIA) including companies that help deliver our services, such as reinsurance companies, investment management companies, claims investigation companies, industry associations or federations, the Medical Information Bureau (MIB);
• other companies that help gather your information or communicate with you, such as research companies and ratings agencies, in order to enhance the services we provide to you; and
• government or regulatory bodies or any person to whom BPI AIA must disclose data: (a) under a legal and/or regulatory obligation in that jurisdiction applicable to that particular BPI AIA company; or (b) pursuant to an agreement between the BPI AIA and the relevant government, regulatory body or other person.

From time to time, we may purchase a business or sell one or more of our businesses (or portions thereof) and where permitted by law, your personal data may be transferred or disclosed as part of the purchase or sale or proposed purchase or sale. In the event that we purchase a business, the personal data received with that business would be treated in accordance with this privacy statement, if it is practicable and permissible to do so.

Your information may be transferred to, stored, and processed in Philippines or any other jurisdictions where any BPI AIA company is located, or jurisdictions where a third party contractor is located or from which the third party contractor provides us services. By providing us with your personal information or using our services or our website or applications, you consent to the transfer of such information outside your jurisdiction to our facilities or to those third parties with whom we share it as described above.

You have the right to:

• verify whether BPI AIA holds any personal data about you and to access any such data;
• require BPI AIA to correct any personal data relating to you which is inaccurate; and
• enquire about BPI AIA’s policies and practices in relation to personal data.
• access, correction or other queries relating to your personal data
• suspend, withdraw or order the blocking, removal or destruction of your personal data from the BPI AIA's filing system as may be allowed by provisions of the Data Privacy Act and its Implementing Rules and Regulations.
• object to the processing of your personal data as allowed by the provisions of the Data Privacy Act and its Implementing Rules and Regulations.
  
  

All other rights granted to you as data subject under prevailing Data Privacy laws and regulations.

BPI AIA has the right to charge costs which are directly related to and necessary for the processing of any personal data access request.

In addition to the purposes set out above, where permitted by law, BPI AIA may use your name and contact details for promotional or marketing purposes including sending you promotional materials and conducting direct marketing in relation to the following products, services, advice and subjects: insurance; annuities; AIA Vitality; investment; banking; financial services; credit cards; medical/health treatment; educational; recruitment; training; reward/loyalty/privilege programmes; charitable/non-profitable causes; ("Classes of Marketing Subjects"). However, in relation to any personal data collected by BPI AIA, such personal data would only be used for promoting or marketing any products or services.

For the purposes of direct marketing, we may, where permitted by law, provide your personal information (with the exception of any personal data collected by BPI AIA whilst providing any services to providers (whether within or outside of BPI AIA) of any of the Classes of Marketing Subjects described above and call center, marketing or research services so that they can send you promotional materials and conduct direct marketing in relation to the products and services they offer (these materials may be sent to you by postal mail, email, SMS (text messages) or other means).

Before using or providing your personal data for the purposes and to the transferees set out in this section, we may be required by law to obtain your written consent, and in such cases, only after having obtained such written consent, may we use and provide your personal data for any promotional or marketing purpose.

The types of personal data that BPI AIA would use and provide for direct marketing purposes as described above are your name and relevant contact details, although we may possess additional personal data.

If your consent is required, and you provide such consent, you may thereafter withdraw your consent to the use and provision to a third party by BPI AIA of your personal data for direct marketing purposes and thereafter BPI AIA shall cease to use or provide such data for direct marketing purposes.

If you have provided consent and wish to withdraw it, please inform us by writing to the address in the section on “Access Rights to Personal Data” or sending us an email to BPIAIA.CustomerService@aia.com. Any such request should clearly state details of the personal data in respect of which the request is being made.

Please refer to BPI AIA’s cookie policy Cookie Policy | BPI AIA

If any part of this website contains links to other websites, those sites may not operate under this privacy statement. You are advised to check the privacy statements on those websites to understand their policies on the collection, usage, transferal and disclosure of personal data.

BPI AIA reserves the right, at any time and without notice, to add to, change, update or modify this privacy statement, simply by notifying you of such change, update or modification. If we decide to change our personal data policy, those changes will be notified on our website so that you are always aware of what information we collect, how we use the information and under what circumstances the information is disclosed. Any such change, update or modification will be effective immediately upon posting.

Should you have any questions on any part of this privacy statement or would like additional information regarding BPI AIA’s Data Privacy practices please do not hesitate to contact us through:

The Data Protection Officer

Tiara Fatima Cruz

BPI AIA Life Assurance Corporation
15/F BPI Philam Life Makati,
6811 Ayala Avenue, Makati City, 1226
Philippines

(632) 77537490

Or email us at Bpiaia.dpo@aia.com