Last updated : October 2020
AIG Malaysia Insurance Berhad (“AIG Malaysia”) together with other affiliates and subsidiary companies of American International Group, Inc. (“AIG”) (collectively called “AIG Affiliates”) are committed to protecting the privacy of the individuals we encounter in conducting our business. “Personal Data” is information that identifies and relates to you or other individuals (such as your dependants). This Privacy Notice is designed to provide notice of and assist you in understanding why and how AIG Malaysia collects and uses your Personal Data, to whom such data is disclosed and to whom data access requests can be addressed.
If you have any questions about our use of your Personal Data you can contact us at:
AIG Malaysia Insurance Berhad
Attn: Customer Care Executive
Level 18, Menara Worldwide,
198 Jalan Bukit Bintang,
55100 Kuala Lumpur.
The principal ways we collect Personal Data are through our application and claims forms in respect of our insurance products, by phone through telephone applications, AIG Electronic Services, e-mails, and other means of communications, as well as from other insurers, claims investigators, medical professionals, witnesses and/or other third parties involved in our business dealings with you.
We collect Personal Data through other means such as:
- this website (the “Site”);
- the software applications made available by us for use on or through computers and mobile devices (the “Apps”);
- our social media pages set forth in the links in the footer on AIG.MY (our “Social Media Content”) (collectively, including the Site, the Apps and our Social Media Content, referred to as the “AIG Electronic Services”)
Depending on your relationship with us (for example, as a consumer policyholder; non-policyholder insured or claimant; witness; commercial broker or appointed representative; or other person relating to our business), Personal Data collected about you and other individuals connected to you, may include:
- General identification and contact information
Your name; address; e-mail and telephone details; gender; marital status; family status; date of birth; passwords (including on our systems); educational background; physical attributes; activity records, such as driving records; photos; employment history, skills and experience; professional licenses and affiliations; relationship to the policyholder, insured or claimant; and date and cause of death, injury or disability.
- Identification numbers issued by government bodies or agencies
Identity card number; social security or national insurance number; passport number; employment pass or work permit number, employees’ provident fund member number; tax identification number; military identification number; or driver’s or other license number.
- Financial information and account details
Payment card number; bank account number and account details; credit history and credit score; assets; income; and other financial information.
- Medical condition and health status
Current or former physical or mental or medical condition; health status; injury or disability information; medical procedures performed; personal habits (for example, smoking or consumption of alcohol); prescription information; and medical history.
- Other sensitive information
In certain cases, we may receive sensitive information about your trade union membership, religious beliefs, political opinions, family medical history or genetic information (for example, if you apply for insurance through a third-party marketing partner that is a trade, religious or political organization). In addition, we may obtain information about your criminal record or civil litigation history in the process of preventing, detecting and investigating fraud, money laundering, drug trafficking or other serious crimes. We may also obtain sensitive information if you voluntarily provide it to us (for example, if you express preferences regarding medical treatment based on your religious beliefs).
- Telephone recordings
Recordings of telephone calls between you and our representatives and call centers.
- Information enabling us to provide products and services
Location and identification of property insured (for example, property address, vehicle license plate or identification number); travel plans; age categories of individuals you wish to insure; policy and claim numbers; coverage/peril details; cause of loss; prior accident or loss history; your status as director or partner, or other ownership or management interest in an organization; and other insurance you hold.
- Marketing preferences and customer feedback
You may let us know your marketing preferences, enter a contest or prize draw or other sales promotion, or respond to a voluntary customer satisfaction survey.
- Social media information
Your social media account ID and profile picture, and other Personal Data that you provide to us through AIG Electronic Services. If you elect to connect your social media account provided by another social media service provider to your account(s) on any of the AIG Electronic Services, Personal Data from your social media account will be shared with us, which may include Personal Data that is part of your social media account profile or your friends’ profiles.
Our overriding principle is only to collect Personal Data which we believe to be relevant and required to understand your insurance needs, to conduct our business and to provide better customer service and products.
The particular purposes for which we may collect and use Personal Data includes:
- To communicate with you and others as part of our business. To provide insurance, financial services or related products and services to you and administer, maintain, manage and operate such products and/or services including any renewals.
- To send you important information regarding changes to our policies, other terms and conditions, renewal of policies, AIG Electronic Services and other administrative information.
- To process, assess and determine any applications or requests made by you for insurance products or services.
- For any purposes in connection with any claims made under any insurance products or in respect of any services provided by AIG Malaysia or AIG Affiliates, including without limitation making, defending, analyzing, assessing, processing, determining, settling, responding to and managing such claims.
- To assess your eligibility for payment plans, and process your premium and other payments.
- To provide improved quality, training and security (for example, with respect to recorded or monitored phone calls to our contact numbers).
- To prevent, detect and investigate crime, including fraud and money laundering, and analyze and manage other commercial risks.
- To carry out market research and analysis, including satisfaction surveys.
- To provide marketing information to you (including information about other products and services offered by selected third-party partners) in accordance with preferences you have expressed, if any.
- To personalize your experience on AIG Electronic Services by presenting information and advertisements tailored to you.
- To identify you to anyone to whom you send messages through AIG Electronic Services.
- To allow you to participate in contests, prize draws and similar promotions, and to administer these activities. Some of these activities have additional terms and conditions, which could contain additional information about how we use and disclose your Personal Data, so we suggest that you read these carefully.
- To manage our infrastructure and business operations, and comply with internal policies and procedures, including those relating to auditing; finance and accounting; billing and collections; IT systems; data and website hosting; business continuity; and records, document and print management.
- To resolve complaints, and handle requests for data access or correction.
- To comply with applicable laws and regulatory obligations (including laws outside of Malaysia), such as those relating to anti-money laundering and anti-terrorism; comply with legal process; and respond to requests from public and governmental authorities (including those outside of Malaysia).
- For audit, compliance, investigation and inspection purposes.
- For matching any Personal Data held by AIG Malaysia or AIG Affiliates relating to you from time to time for any of the purposes listed in this Privacy Notice.
- To meet the requirements to make disclosure pursuant to any law binding on AIG Malaysia or any of the AIG Affiliates or for the purposes of complying with any regulations or guidelines issued by any regulatory or other authorities which have jurisdiction over AIG Malaysia or any AIG Affiliates.
- To conduct background and identity checks, such as for the purposes of verifying your identity in order to respond to your request to be provided with a duplicate policy or other documentation, any request made by you to change your address in our records, or any request by you to change your bank account or payment or other details in our records.
- To conduct credit checks on you, such as analyzing, verifying, and/or checking your credit, payment and/or status in relation to your ability to use the services.
- To carry out due diligence or other screening activities in accordance with legal or regulatory obligations or risk management procedures that may be required by law or that may have been put in place by AIG Malaysia.
- To determine any amount of indebtedness owing to or from you and collecting or recovering any amount owing from you or any person who has provided security or an undertaking for such liabilities of yours.
- To enable an actual or proposed purchaser, assignee, transferee, participant or sub-participant of AIG Malaysia or any of AIG Affiliates’ rights or business to evaluate the transaction intended to be the subject of reorganization, merger, sale, joint venture, assignment transfer, participation or sub-participation.
- To establish and defend legal rights; to protect AIG Malaysia’s operations or those of any AIG Affiliates or insurance business partners, our rights, privacy, safety or property, and/or that of AIG Affiliates, you or others; and to pursue available remedies or limit our damages.
- To exercise any rights AIG Malaysia or AIG Affiliates may have in connection with the provision of insurance products and services to you.
Due to the global nature of our business, for the purposes set out above we may transfer Personal Data internationally to parties located in other countries that have a different data protection regime than is found in Malaysia. Personal Data collected by AIG Malaysia is likely to be transferred to places outside of Malaysia (such as to AIG or AIG secure data centers, AIG Affiliates, service providers, business partners and governmental or regulatory authorities) in order to carry out the purposes, or directly related purposes, for which the Personal Data was collected.
AIG Malaysia may make Personal Data available to:
- Our group companies
For a list of AIG Affiliates that may have access to and use of Personal Data, please refer to: http://www.aigcorporate.com/AIG_All_Entities.pdf. AIG Malaysia is responsible for the management and security of jointly used Personal Data. Access to Personal Data within AIG Malaysia is restricted to those individuals who have a need to access the information for our business purposes.
- Other insurance and distribution parties
In the course of marketing and providing insurance, and processing claims, we may make Personal Data available to third parties such as other insurers; reinsurers; insurance and reinsurance brokers and other intermediaries and agents; appointed representatives; distributors; affinity marketing partners; and financial institutions, securities firms and other business partners.
- Our service providers
External third-party service providers, such as medical professionals, accountants, actuaries, auditors, experts, lawyers and other outside professional advisors; travel and medical assistance providers; call center service providers; IT systems, support and hosting service providers; printing, advertising, marketing and market research and analysis service providers; banks and financial institutions that service our accounts; third-party claim administrators; document and records management providers; claim investigators and adjusters; construction consultants; engineers; examiners; jury consultants; translators; and similar third-party vendors and outsourced service providers that assist us in carrying out business activities.
- Recipients of your social sharing activity
- Governmental authorities and third parties involved in court action
We may also share Personal Data with governmental or other public authorities (including, but not limited to, workers’ compensation boards, courts, law enforcement, tax authorities and criminal investigations agencies); and third-party civil legal process participants and their accountants, auditors, lawyers and other advisors and representatives as we believe to be necessary or appropriate: (a) to comply with applicable law, including laws outside Malaysia; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside Malaysia; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our group companies; (f) to protect our rights, privacy, safety or property, and/or that of our group companies, you or others; (g) to allow us to pursue available remedies or limit our damages;and (h) for audit, compliance, investigation and inspection purposes
- Other Third Parties
We may share Personal Data with payees; emergency providers (fire, police and medical emergency services); retailers; medical networks, organizations and providers; travel carriers; credit bureaus; credit reporting agencies; and other people involved in an incident that is the subject of a claim; as well as purchasers and prospective purchasers or other parties in any actual or proposed reorganization, merger, sale, joint venture, assignment, transfer or other transaction relating to all or any portion of our business, assets or stock. To check information provided, and to detect and prevent fraudulent claims, Personal Data (including details of injuries) may be shared with other insurers when dealing with claims to detect, prevent and investigate fraud.
Personal Data may also be shared by you, on message boards, chat, profile pages and blogs, and other AIG Electronic Services to which you are able to post data and materials. Please note that any data you post or disclose through these services will become public information, and may be available to visitors and users of the AIG Electronic Services and to the general public. We urge you to be very careful when deciding to disclose your Personal Data, or any other information, when using AIG Electronic Services.
AIG Malaysia will take appropriate technical, physical, legal and organizational measures, which are consistent with applicable privacy and data security laws. Unfortunately, no data transmission over the Internet or data storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any Personal Data you might have with us has been compromised), please immediately notify us. (See the “Who to Contact About Your Personal Data” section above.)
When AIG Malaysia provides Personal Data to a service provider, the service provider will be selected carefully and required to use appropriate measures to protect the confidentiality and security of the Personal Data.
AIG Malaysia takes reasonable steps to ensure that the Personal Data we process is reliable for its intended use, and as accurate and complete as is necessary to carry out the purposes described in this Privacy Notice. AIG Malaysia will retain Personal Data for the period necessary to fulfill the purposes outlined in this Privacy Notice unless a longer retention period is required or permitted by law.
If you provide Personal Data to AIG Malaysia regarding other individuals, you agree: (a) to inform the individual about the content of this Privacy Notice; and (b) to obtain any legally-required consent for the collection, use, disclosure, and transfer (including cross-border transfer) of Personal Data about the individual in accordance with this Privacy Notice.
We will provide you with regular opportunities to tell us your marketing preferences, including in our communications to you. You can also contact us by e-mail at AIGMYCare@aig.com or by writing to AIG Malaysia Insurance Berhad at Level 18, Menara Worldwide, 198 Jalan Bukit Bintang,55100 Kuala Lumpur to tell us your marketing preferences and to opt-out.
If you no longer want to receive marketing-related e-mails from AIG Malaysia on a going-forward basis, you may opt-out of receiving these marketing-related emails by clicking on the link to “unsubscribe” provided in each e-mail or by contacting us at the above addresses.
We aim to comply with your opt-out request(s) within a reasonable time period. Please note that if you opt-out as described above, we will not be able to remove your Personal Data from the databases of third parties with whom we have already shared your Personal Data (i.e., to those to whom we have already provided your Personal Data as of the date on which we respond to your opt-out request). Please also note that if you do opt-out of receiving marketing communications from us, we may still send you other important administrative communications from which you cannot opt-out.
In certain countries, an individual may have the right to access, correct, object to the use of, or request deletion or suppression of Personal Data on certain grounds. Please contact us as set out in the “Who to Contact About Your Personal Data” section above with any such requests or if you have any questions or concerns about how we process Personal Data. Please note that some Personal Data may be exempt from access, correction, objection, deletion or suppression rights in accordance with local privacy and data protection laws.
“Other Information” is any information that does not reveal your specific identity, such as:
- Browser and electronic device information;
- App usage data;
- Information collected through cookies, pixel tags and other technologies;
- Demographic information and other information provided by you; and
- Aggregated information
We and our third-party service providers may collect Other Information in a variety of ways, including:
- Through your internet browser or electronic device: Certain information is collected by most websites, such as your IP address (i.e., your computer’s address on the internet), screen resolution, operating system type (Windows or Mac) and version, internet browser type and version, electronic device manufacturer and model, language, time of the visit and the page(s) visited, name and version of the AIG Electronic Services (such as the App) you are using. We use this information to ensure that the AIG Electronic Services function properly.
- Through your use of the Apps: when you download and use the Apps, we and our service providers may track and collect App usage data, such as the date and time the Apps on your electronic device accesses our servers and what information and files have been downloaded to the Apps based on your device number.
One of the advertisement companies that we use is Google, Inc, trading as DoubleClick. For more information on the DoubleClick cookie, or to opt out from the DoubleClick advertisement cookie please visit: http://www.google.com/privacy/ads/. You can refuse to accept other cookies we use by adjusting your browser settings. However, if you do not accept these cookies, you may experience some inconvenience in your use the AIG Electronic Services and some online products.
- Using pixel tags, web beacons, clear GIFs or other similar technologies: These may be used in connection with some AIG Electronic Services and HTML-formatted e-mail messages to, among other things, track the actions of users of the AIG Electronic Services and e-mail recipients, measure the success of our marketing campaigns and compile statistics about usage of the AIG Electronic Services and response rates.
- Physical Location: Subject to applicable law, we may collect information regarding the physical location of your electronic device by, for example, using satellite, mobile/cell phone tower or WiFi signals. We may use your device’s physical location to provide you with personalized location-based services and content. Subject to your marketing preferences as indicated to us or applicable law, we may also share your device’s physical location, combined with information about what advertisements you viewed and other information we collect, with our marketing partners to enable them to provide you with more personalized content and to study the effectiveness of advertising campaigns. In some instances, you may be permitted to allow or deny such uses and/or sharing of your device’s location, but if you choose to deny such uses and/or sharing, we and/or our marketing partners may not be able to provide you with the applicable personalized services and content.
- From you: Some information (for example, your location or preferred means of communication) is collected when you voluntarily provide it. Unless combined with Personal Data, this information does not personally identify you.
- By aggregating information: We may aggregate and use certain information (for example, we may aggregate information to calculate the percentage of our users who have a particular telephone area code).
Please note that we may use and disclose Other Information for any purpose, except where we are required to do otherwise under applicable law. If we are required to treat Other Information as Personal Data under applicable law, then, in addition to the uses listed in the “Other Information We Collect” section above, we may use and disclose Other Information for all the purposes for which we use and disclose Personal Data.
This Privacy Notice does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including any third party operating any site to which this AIG Electronic Services link. The inclusion of a link on AIG Electronic Services does not imply endorsement of the linked site by us or by our group companies.
Please note that we are not responsible for the collection, usage and disclosure policies and practices (including the information security practices) of other organizations, such as Facebook®, Twitter®, Apple®, Google®, Microsoft®, RIM/Blackberry® or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or electronic device manufacturer, including any Personal Data you disclose to other organizations through or in connection with the AIG Electronic Services.
AIG Electronic Services are not directed to individuals under the age of 18, and we request that these individuals do not provide Personal Data through AIG Electronic Services.
We review this Privacy Notice regularly and reserve the right to make changes at any time to take account of changes in our business and legal requirements. We will place updates on this Site.
Please take a look at the “LAST UPDATED” date at the top of this Privacy Notice to see when it was last revised; any change will be effective immediately upon being posted on this Site.
Click here for Bahasa Malaysia translation of Privacy Notice.