BPI AIA Privacy Statement

We will collect and store any information you enter on our website, or provide to us through any other channels. We may also obtain lawfully collected personal or non-personal information about you from affiliated entities, business partners and other independent third parties sources. We may also collect some information about your computer or other devices used when you visit this website.

If you make use of any social media features or platforms, either on our website, or on an application we provide, or otherwise through a social media provider, we may access and collect information about you via that social media provider in accordance with their policies. When using a social media feature, we may access and collect personal data you have chosen to make available and to include in your social media profile or account. Our access to this personal data may be limited or blocked based on your privacy settings with the relevant social media provider.

Personal data is collected for the following purposes:

• to process, administer, implement and effect the requests or transactions contemplated by the forms available on our website or any other documents you may submit to us from time to time;
• to process applications that may involve automatic decision making/profiling, mainly designed for efficiency purposes
• to design new or enhance existing products and services provided by us;
• to communicate with you including to send you administrative communications about any account you may have with us or about future changes to this privacy statement;
• for statistical or actuarial research undertaken by BPI AIA, the financial services industry or our respective regulators;
• for data matching, internal business and administrative purposes;
• to assist in law enforcement purposes, investigations by police or other government or regulatory authorities and to meet requirements imposed by applicable laws and regulations or other obligations committed to government or regulatory authorities or their duly-designated thirdparty service providers;
• to personalize the appearance of our websites, provide recommendations of relevant products and provide targeted advertising on our website or through other channels;
• other purposes as notified at the time of collection; and
• other purposes directly relating to any of the above.

By providing your personal information to us, you accept that BPI AIA may retain your information for as long as necessary, to fulfil the purpose(s) for which it is collected in compliance with applicable laws and regulations. BPI AIA applies reasonable security measures to prevent unauthorized or accidental access, processing, erasure, loss or use including limiting physical access to data within BPI AIA’s systems and encryption of sensitive data when transferring such data. Reasonable steps will be taken to delete or destroy the information when it is no longer necessary for any of the purpose above.

For our policy on use of your personal data for promotional or marketing purposes, please see the section entitled “Use of Personal Data for Direct Marketing Purposes”.

Personal data will be kept confidential but may, where permitted by law and where such disclosure is necessary to satisfy the purpose or a directly related

purpose for which the personal data was collected, provide such personal data to the following parties (for our policy on sharing of your personal data for promotional and marketing purposes, please see the section entitled “Use of Personal Data for Direct Marketing Purposes”):

• any person authorized to act as an agent of BPI AIA in relation to the distribution of products and services offered by BPI AIA;
• any agent, contractor or third party service provider (within or outside BPI AIA) who provides administration, data processing, telecommunications, computer, payment, debt collection or securities clearing, technology outsourcing, call center services, mailing and printing services in connection with the operation of BPI AIA’s business and BPI AIA’s provision of services to you;
• any member company of BPI AIA in relation to the provision or marketing of insurance services;
• any agent, contractor or third party service provider (within or outside BPI AIA) including companies that help deliver our services, such as reinsurance companies, investment management companies, claims investigation companies, industry associations or federations, the Medical Information Bureau (MIB);
• other companies that help gather your information or communicate with you, such as research companies and ratings agencies, in order to enhance the services we provide to you; and
• government or regulatory bodies or any person to whom BPI AIA company must disclose data: (a) under a legal and/or regulatory obligation in that jurisdiction applicable to that particular BPI AIA company; or (b) pursuant to an agreement between the BPI AIA company and the relevant government, regulatory body or other person.

In relation to any personal data collected by us whilst providing any services in respect of our mandatory provident fund master trust schemes, such personal data would only be transferred to the above parties for the purpose of providing any mandatory provident fund related services. From time to time, we may purchase a business or sell one or more of our businesses (or portions thereof) and where permitted by law your personal data may be transferred or disclosed as a part of the purchase or sale or a proposed purchase or sale. In the event that we purchase a business, the personal data received with that business would be treated in accordance with this privacy statement, if it is practicable and permissible to do so.

Your information may be transferred to, stored, and processed in Philippines or any other jurisdictions where any Philippines company is located, or jurisdictions where a third party contractor is located or from which the third party contractor provides us services. By providing us with your personal information or using our services or our website or applications, you consent to the transfer of such information outside your jurisdiction to our facilities or to those third parties with whom we share it as described above.

You have the right to:

• verify whether BPI AIA holds any personal data about you and to access any such data;
• require BPI AIA to correct any personal data relating to you which is inaccurate; and
• enquire about BPI AIA’s policies and practices in relation to personal data.
• access, correction or other queries relating to your personal data
• suspend, withdraw or order the blocking, removal or destruction of his or her personal data from the Company's filing system as allowed by provisions of the Data Privacy Act and its Implementing Rules and Regulations.
• object to the processing of your personal data as allowed by the provisions of the Data Privacy Act and its Implementing Rules and Regulations

All other rights granted to you as data subject under prevailing Data Privacy laws and regulations

BPI AIA has the right to charge costs which are directly related to and necessary for the processing of any personal data access request.

In addition to the purposes set out above, where permitted by law, BPI AIA may use your name and contact details for promotional or marketing purposes including sending you promotional materials and conducting direct marketing in relation to the following products, services, advice and subjects: insurance; annuities; AIA Vitality; investment; banking; financial services; credit cards; medical/health treatment; educational; recruitment; training; reward/loyalty/privilege programmes; charitable/non-profitable causes; ("Classes of Marketing Subjects"). However, in relation to any personal data collected by BPI AIA, such personal data would only be used for promoting or marketing any products or services.

For the purposes of direct marketing, we may, where permitted by law, provide your personal information (with the exception of any personal data collected by BPI AIA whilst providing any services to providers (whether within or outside of BPI AIA) of any of the Classes of Marketing Subjects described above and call center, marketing or research services so that they can send you promotional materials and conduct direct marketing in relation to the products and services they offer (these materials may be sent to you by postal mail, email, SMS (text messages) or other means).

Before using or providing your personal data for the purposes and to the transferees set out in this section, we may be required by law to obtain your written consent, and in such cases, only after having obtained such written consent, may we use and provide your personal data for any promotional or marketing purpose.

The types of personal data that BPI AIA would use and provide for direct marketing purposes as described above are your name and relevant contact details, although we may possess additional personal data.

If your consent is required, and you provide such consent, you may thereafter withdraw your consent to the use and provision to a third party by BPI AIA of your personal data for direct marketing purposes and thereafter BPI AIA shall cease to use or provide such data for direct marketing purposes.

If you have provided consent and wish to withdraw it, please inform us by writing to the address in the section on “Access Rights to Personal Data” or sending us an email to BPIAIA.CustomerService@aia.com. Any such request should clearly state details of the personal data in respect of which the request is being made.

Cookies are unique identifiers placed on your computer or other device by a web server, which contains information that can later be read by the server that issued the cookie to you. BPI AIA may use cookies on various websites we maintain. The information collected (including but not limited to: your IP addresses (and domain names), browser software, types and configurations of your browser, language settings, geo-locations, operating systems, referring website, pages and content viewed, and durations of visit) will be used for compiling aggregate statistics on how our visitors reach and browse our websites to help us understand how we can improve your experience on it. Such information is collected anonymously and you cannot be identified unless you have logged on as a member. We use such data only for website enhancement and optimization purposes. The cookies also enable our website to remember you and your preferences, and tailor the website for your needs. Advertising cookies will allow us to provide advertisements on our websites that are as relevant to you as possible, e.g. by selecting interest-based advertisements for you, or preventing the same advisement from constantly reappearing to you.

Most web browsers are initially set up to accept cookies. If you do not want to receive cookies, you can disable this function in your browser settings. However, by doing so you may not be able to fully enjoy the benefits of our websites and certain features may not work properly.

If any part of this website contains links to other websites, those sites may not operate under this privacy statement. You are advised to check the privacy statements on those websites to understand their policies on the collection, usage, transferal and disclosure of personal data.

BPI AIA reserves the right, at any time and without notice, to add to, change, update or modify this privacy statement, simply by notifying you of such change, update or modification. If we decide to change our personal data policy, those changes will be notified on our website so that you are always aware of what information we collect, how we use the information and under what circumstances the information is disclosed. Any such change, update or modification will be effective immediately upon posting.

Should you have any questions on any part of this privacy statement or would like additional information regarding BPI AIA’s Data Privacy practices please do not hesitate to contact us through:

The Data Protection Officer

Tiara Fatima Cruz

TiaraFatima.Cruz@aia.com

15/F BPI-Philam Makati (formerly Ayala-FGU Building)

6811 Ayala Avenue Makati City 1226

(632) 77537490

(063) 9178050183

Philippines

Or email us at bpiaia.dpo@aia.com