Privacy & Cookie Policy

We are committed to protecting the confidentiality of your personal information.

DNA24 operates in various geographical locations, collectively herein refers to as “the Company”, “we”, “our” or “us”. Please refer to our website (https://www.dna-24.com) for more information about our company. We operates multiple digital/online platform, collectively herein refers to as “Platform”. Our Platforms includes, website, portals, mobile application, API’s and etc.

This Privacy Policy applies to all the products and services offered by DNA24. (we, us, our) and contains important information about the type of personal information we collect, the purposes for which it is used, how it is managed, to whom we disclose it and what measures we take to comply with privacy laws in respect of our websites and our call centre.

This Privacy Policy is governed by the Personal Data Protection Act (the “Act”) of our operating countries, such as Malaysia PDPA Act, Singapore PDPA Act, Hong Kong PDPO Act and etc. We are bound by the Act and are committed to complying with its provisions.

What personal information we collect

The personal information we collect and store about you may include the following but not limited to:
– your name;
– contact details (including mobile phone, telephone, address and email);
– age;
– gender;
– marital status;
– occupational information;
– health and other medical information;
– lifestyle information that relates to insurance;
– previous or current insurance; or
– driving history
– travel related information;
– and such other information which is relevant and necessary to providing products and services to you or to comply with the law.

Why we collect personal information

We will inform you of the main reasons for collecting your personal information at the time we request it. The purposes for which we will generally collect and use your information include:

– to confirm and verify your identity;
– considering any application you make to us;
– providing products and services to you;
– responding to, processing, and handling your queries, feedback, suggestion and complaint;
– performing administrative functions and tasks;
– collection and reimbursement of payments, premiums, claims and debts;
– communicating with you;
– preventing and detecting fraud or loss;
– to comply with any legal, regulatory, governmental, statutory authorities of the geography that we operate in;
– carrying out data and statistical analysis;
– enhancing our products and services and telling you about our other products and services which may include those of our business partners, which we believe may interest you. You may tell us at any time that you do not want us to advise you about other products and services (see “Marketing” below for more details).
– employee training and monitoring the quality of our products and services.

How we collect personal information

We collect information from you in various ways:

–  when you submit any form, both online and offline, including but not limited to application, declaration, proposal, consent and referrals;
– when you enter into an agreement or provide any documentation or information in respect of your interactions, transactions with us;
– when you interact with our staff, via any means, including but not limited to telephone call (which may be recorded), SMS, emails, letters, fax, face-to-face, Nomad live-chat, social media and digital platforms (including but not limited to social media messaging platform);
– when you visit or use any of our online Platforms and electronic services;
– when you are contacted by, and respond to, our marketing materials;
– when you are contacted by, and respond to our service agents, partners and providers (including but not limited to other insurers, claims managers, insurance investigators, medical providers, clinics, hospitals, diagnostic labs, second medical opinion providers, towing providers, motor workshops, repairers, airlines, aircraft providers, travel agents, bereavement managers and etc) necessary in rendering our product and services to you;
– when you submit an employment application (including but not limited to resume, CV and certificates) to us;
– when your images was captured by our CCTV cameras in our office premises, or photographs or videos taken by us or our representatives;
– when you submit any information to us for any other reason.

Information collected online

We collect information about our visitors using our online Platforms. Any information collected is used to provide products and services, and to identify online behavioural patterns. We may collect digital information about you and when you visit our online Platforms:

– IP address / MAC address;
– Date and time of visit to our site;
– Pages visited;
– Documents downloaded;
– The browser you are using to access our resources;
– If you have visited our website before;
– Your GPS and location data;

From time to time, we may use data collection devices such as ‘cookies’ in conjunction with our website. Cookies are commonly used on the internet. They are a small file placed onto a computer by a server. A cookie can later be identified by a server. We may use both ‘persistent’ and ‘session’ cookies. We may (or our marketing company may) evaluate the cookie information collected to measure the effectiveness of our advertising and how visitors use our site. Where our marketing company manages the information coming from our site on our behalf, we control how that data may and may not be used. Any information that is collected in this way is used in an aggregated form, we do not use it to identify you as an individual.

We may use cookies for various purposes such as:
– to provide you with better and more customised service and a more effective website;
– collecting anonymous statistical information on things such as how many visitors our sites receive, how those visitors use the sites and where they came from;
– Most of our online resources use sessions and/or cookies. If you wish, you can configure your browser so it does not accept cookies, but this may affect the functionality of the website.

Collecting personal information from third parties

Where possible, we collect personal information directly from you. However, in some circumstances we may also collect personal information from other sources so that we can provide you the product or services necessary. Third parties may include another insurer, our group of companies, claims managers, insurance investigators, medical providers, clinics, hospitals, diagnostic labs, second medical opinion providers, towing providers, repairers, motor workshops, airlines, aircraft providers, travel agents, bereavement managers and etc);

If you authorise someone else (for example your spouse) to provide your personal information to us, then you also authorise such other person to provide your consent to this Privacy Policy.

We will deal with your spouse or partner if they call us on your behalf provided they are named on the policy and they satisfy our identification and verification checks. If you would like someone else to deal with your policy on your behalf on a regular basis, please let us know. In some exceptional cases we may also deal with other people who call on your behalf and with your consent. If at any time you want us to deal only with you, please let us know.

We may also collect personal information about someone else from you. For example, you may wish to purchase insurance in joint names or where you are nominating other people on your policy (for example, another driver or travel companion). Where you provide us with personal information about other people you must have their consent to do this, and to provide it on their behalf. If not, you must tell us.

Marketing

We will only send you marketing materials about our products and services or those of selected third parties if we have your consent to do so. We will normally obtain your consent when you purchase a policy from us.

We will never sell or disclose your personal information to other companies, however, we may provide your personal information to our business partners so that they can provide you with information about their products and services that you might be interested in (where you have agreed). Should you purchase products or services on our business partner websites, their privacy policy will apply to those products and services.

If you do not want to receive any marketing material, you can choose to opt out of our marketing activities. To opt out, you can either:
– use the unsubscribe function from our emails, or
– contact us using the Contact Details below.

You can, however, change your mind about opting out of receiving information about our products and services at any time by contacting us using our Contact Details noted below.

Withdrawing your Consent

Your consent for the collection, use and disclosure of your personal information will remain valid until such time it is being withdrawn by you in writing via the Contact Details below. Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal information where it is permitted and required under applicable laws. Upon receipt for your written request to withdraw your consent, we may require reasonable time to process your request. We will also notify you of the consequences of us acceding to your request, including legal consequences which may affect your rights and liabilities to us. We will process your withdrawal of consent within 14 days following our receipt of your written request.

How we store personal information

We will store your personal information in a number of ways including:
– in electronic systems and devices;
– in telephone recordings;
– in paper files;
– secure document retention services off-site; and/or
– cloud facilities operated by us (or by third parties on our behalf)

We will only hold your personal information for as long as is necessary for the purposes described in this Privacy Policy or for legal or business purposes.

Information Security

We will take reasonable precautions to ensure that the personal information that we have about you is protected against any unlawful use, unauthorised access, modification or disclosure and these precautions include:
– using appropriate information technology and processes;
– using computer and network security systems with appropriate firewalls, encryption technology and passwords for the protection of electronic files;
– securely destroying or “de-identifying” personal information if we no longer require it subject to our legal obligations to keep some information for certain prescribed periods;
– restricting access to your personal information to our employees and those who perform services for us who need your personal information to do what we have engaged them to do; and
– requesting certain personal information from you when you wish to discuss any issues relating to the products and services we provide to you.

While we undertake reasonable steps to protect your personal information, no guarantee can be given that information sent over the internet is always 100% secured. Sending and receiving information over the internet is at the your own risk, however we will take all reasonable steps to ensure your data is secure once we receive it.

Disclosure to third parties

The personal information that we collect from you may be disclosed to other parties who are involved with the provision of our products and services to you or who assist us in the conduct of our business activities in relation to the products and services we provide to you. Such parties include your insurer, our group companies, service providers such as repairers, claims assessors, investigators or lawyers (should they be required in the event of a claim) other insurers (for the purpose of seeking claims recoveries or to assist them to assess insurance risks), insurance reference services selected marketing services platforms including but not limited to Google, used by us and other relevant service providers. We may also disclose to the police, credit enforcement groups, legal advisors and health providers assisting us to provide our services to you.

Our group companies or external companies who help us web-host, maintain our website, provide communication services (such as mailing) may also have access to your personal information for the sole purpose of providing those services.

We impose security and confidentiality requirements on how these parties handle your personal information and we limit the use of it to the specific purpose for which we supplied it.

The information we provide to third parties will be strictly limited to what is required to provide the products and services, where disclosure is required, or authorised by or under law (for example, we may disclose information to government agencies) or where you have requested us to or have consented to the disclosure to a third party. The third parties may include overseas organisations (see below).

Exchange of information with overseas parties

Some of the parties with which we exchange your personal information, including our service providers and other third parties referenced above, may be located outside your local country. Where we do this, we make sure that such organisations have the appropriate data handling and security arrangements in place.

Access to and accuracy of personal information

You can request access to, as well as removal of, the personal information we hold about you at any time by contacting us using the Contact Details noted below and we will provide you with that information unless we are prevented by law from giving you that access. If we are unable to provide you with the requested information, we will provide you with a written explanation.

We will respond to your request as soon as reasonably possible. In general, we will respond within thirty (30) business days’ following our receipt of your request. Should we not be able to respond to your access request by such date, we will inform you in writing as soon as possible. If we are unable to provide you with any personal data or to make a correction requested by you, we shall generally inform you of the reasons why we are unable to do so (except where we are not required to do so under the Act).

Please note that depending on the request that is being made, we will only need to provide you with access to the personal data contained in the documents requested, and not to the entire documents themselves. In those cases, it may be appropriate for us to simply provide you with confirmation of the personal data that our organisation has on record, if the record of your personal data forms a negligible part of the document.

Where access is granted to your information, we may charge a reasonable fee for such access.

We take reasonable measures to ensure that the personal information we hold about you is accurate, complete and up to date. Under the Act, you also have a right to request that we correct information, if you believe your personal information is not accurate and up to date. We would encourage you to inform us by contacting us using the Contact Details noted below. We will promptly update any information that is incorrect.

Retention of Personal Information

The personal information that we collected from you may be retained for as long as it is necessary to fulfill the purposes for which they were collected, or as required or permitted by applicable laws. We will cease to retain your personal data, or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purposes for which the personal information were collected, and are no longer necessary for legal or business purposes.

How to contact us

– Questions, comments and requests regarding this Privacy Policy are welcome and should be addressed to our Data Protection Officer by emailing to contact@asar-csg.com

– To access, correct or remove your personal information, please contact contact@asar-csg.com. Please refer to “Access to and accuracy of personal information” section above for more information.

– To unsubscribe from receiving marketing materials, please refer to “Marketing” section above for more information.

Effect of Privacy Policy and Notification of Changes

This Privacy Policy applies in conjunction with our other policies, notices and contractual documents that apply in relation to the collection, use and disclosure of your personal information by us.

We may make changes to this Privacy Policy from time to time for any reason without any prior notice. We will publish changes to this Privacy Policy on our websites. You may determine if any such revision has taken place by referring to the date on which this Privacy Policy was last updated. It is important that you read and understand this Privacy Policy.

Last updated : 12 June 2024