Sun Hing Insurance Holdings Limited and its subsidiaries (“SHIH”, “we”, “us”, “our”) respects personal data privacy and is committed to fully implementing and complying with the requirements under the Personal Data (Privacy) Ordinance (Cap. 486) (“PDPO”).  Personal data will be collected only for lawful and relevant purposes and all practicable steps will be taken to ensure that personal data held by us is accurate.  We will take all practicable steps to ensure security of the personal data and to avoid unauthorized or accidental access, erasure or other use.

This Privacy Statement (“Statement”) explains our information processing practices.  It applies to any personal data you provide to SHIH and, subject to local law, any personal information we collect from other sources.

What type of information does SHIH collect?

We collect personal data to offer and administer our services and products. These include insurance consultancy, claims management, risk management consulting, and other forms of insurance services.

We may collect data such as your name, contact details, date of birth, gender, marital status, financial details, employment details and benefit coverage.  We may also collect sensitive data about you such health data in relation to life, health, professional liability and workers compensation insurance or employee benefit programs.

When you request services, we ask that you provide accurate and necessary data that enables us to respond to your request.  In doing so, you consent to our collection, use, storage and disclosure of this data to appropriate third parties for the purposes described in this Statement.

While the personal data we collect may come directly from you, it may also be provided by our affiliates or other third parties (such as employers, insurance companies, insurance brokers or agents, credit organizations, motor vehicle and driver licensing authorities, financial institutions, medical professionals, etc.).  If you provide personal data about other individuals (such as employees, dependents etc.), you must obtain their consent prior to your disclosure to SHIH.

SHIH may collect information online when you visit our website.  For the purposes of this Privacy Statement, “website” includes our mobile applications.

By using our website and associated microsites, you agree to the processing of your personal data as explained in this Privacy Statement, including placing cookies on your device.

We collect personal data to fulfill your requests for products and services and to improve your online experience.  We strive to limit the amount of personal data collected to support the intended purpose of the collection.

We may ask you for some or all of the following types of data when you register for events, request services, manage accounts, access various content and features or directly visit our websites.  This includes, but is not limited to:

• contact information, such as name, e-mail address, postal address, phone number and mobile number;
• user name, password, password reminder questions and password answers;
• communication preferences, such as which newsletters you would like to receive;
• search queries;
• contact information about others when you refer a friend to a particular site or service; and
• information posted in community discussions and other interactive online features.

In some instances, SHIH automatically collects certain types of information when you visit our websites and through e-mails that we may exchange.  Automated technologies may include the use of web server logs to collect IP addresses, “cookies” and web beacons. The collection of this information will allow us to improve the effectiveness of SHIH websites and our marketing activities.

Cookies: SHIH collects information during your visit to our website through the use of cookie technology.  A cookie is a piece of programming information contained in a very small text file that is placed in your Internet browser or elsewhere on your hard drive.  You can control acceptance of cookies by modifying your Internet browser preferences.  You have the ability to accept all cookies, to be notified when a cookie is set or to reject all cookies.  Please note that, if you choose to block all cookies (including essential cookies) you may not be able to access all or part of our site and may be unable to use those services or engage in activities that require the placement of cookies.  SHIH uses cookies to distinguish you from other users of our website and to help us compile aggregate statistics about usage of our websites.

In addition, on some occasions, SHIH may use tracking technologies such as web beacons, to collect information about your visits to our website.  These are small electronic images embedded in web content or e-mail messages and are ordinarily not visible to users.  Like cookies, this tracking technology enables us to track pages and content accessed and viewed by users on our website.  The use of these technologies also helps us to provide you with a positive experience when you browse our websites, and it also helps refine our content and personalize your experience.

Links to other websites: SHIH website may contain links to other sites which are outside our control and are not covered by this Privacy Statement.  If you access other sites using the links provided, the operators of these sites may collect data from you which will be used by them in accordance with their privacy statement.  We encourage you to read the privacy statements on other websites you visit.  SHIH is not responsible for the content or privacy practices of linked sites or any use of those sites.

Access through mobile devices: If you access our website on your mobile telephone or mobile device, we may also collect your unique device identifier and mobile device IP address, as well as information about your device’s operating system, mobile carrier and your location information.

When you provide us your mobile device phone number as your contact phone number, you consent to the use of your mobile device phone number for the purposes identified in this Privacy Statement.  If you choose to receive notifications from us on your mobile device (e.g. text notifications), you also consent to the use of your mobile phone number for that purpose.

How does SHIH use your personal data?

The purposes for which we collect your personal data, which may be used, stored, held, processed, transferred, disclosed or shared by SHIH, are as follows:

• provide information and services as requested by you;
• determine eligibility and process applications for products and services;
• provide information and services as requested by clients;
• understand and assess clients’ ongoing needs and offer products and services to meet those needs;
• carry out client communication, service, billing and administration;
• administer claims;
• conduct data analysis;
• obtain and update credit information with appropriate third parties, such as credit reporting agencies, where transactions are made on credit;
• execute monitoring and training;
• develop new services;
• market products and services (subject to appropriate consent); and
• conduct processing necessary to fulfill other contractual obligations for the individual.

With your consent, we may also use your personal information for additional purposes.  It is up to you whether you provide your personal data to us.  However, if you do not provide us with your personal data, we may not be able to provide the information, products or services you need or to process your request.

Use and provision of personal data in direct marketing

From time to time, your personal data provided to us including name, contact details and demographic data, may be used, provided, disclosed and transferred by us to our affiliated businesses and third party service providers acting on SHIH’s behalf including but not limited to mailing house, telemarketing and direct sales agents and call centres for the purpose of direct marketing in relation to insurance and financial products and services via different communication channels including fax, direct mail, email, SMS and telemarketing.  We would not use your personal data for any direct marketing activities unless we have received your consent.

You may withdraw your consent to the use and provision of your personal data for direct marketing by contacting us using the contact information provided below.

Does SHIH disclose your personal data?

Business Partners

We disclose personal data to business partners that are necessary to provide our products and services, which may be located either within or outside of Hong Kong.  Examples include:

• insurers, reinsurers, other insurance intermediaries, insurance reference bureaus, medical service providers, fraud detection agencies, our advisers such as loss adjusters, lawyers and accountants and others involved in the claims handling process
• our related companies and affiliates who in the provision of our products and services may wish to tell you about their services, products or promotional opportunities which may be of advantage to you, unless you tell us not to, and your representatives such as your lawyers, accountants, financial advisers etc.

We do not rent, sell or otherwise disclose personal data about our online visitors with unaffiliated third parties for their own marketing use.

Authorized Service Providers

We may disclose your data to service providers we have retained to perform services on our behalf. 

Legal Requirements and Business Transfers

We may disclose personal data (i) if we are required to do so by law or legal process, (ii) in response to law enforcement authority or other government official requests, (iii) when we believe disclosure is necessary or appropriate to prevent physical harm or financial loss, (iv) in connection with an investigation of suspected or actual illegal activity or (v) in the event that SHIH is subject to a merger or acquisition to the new owner of the business.  Disclosure may also be required for company audits or to investigate a complaint or security threat.

Does SHIH transfer your personal data across geographies?

SHIH may transfer certain personal data across geographical borders to SHIH entities or service providers in other countries working on our behalf in accordance with applicable law.

By providing us with your data or using our websites, you consent to the collection, international transfer, storage, and processing of your data.  These transfers are governed by the appropriate data transfer mechanisms in order to protect the security and confidentiality of personal data.

How can you access and correct your data?

SHIH takes reasonable steps to keep your personal data accurate and complete.  You have the right to check whether we hold personal information about you, to access such information and to require us to correct any information relating to you which is inaccurate.  Such requests can be made in writing to the Personal Data Protection Officer at:

Personal Data Protection Officer
Sun Hing Insurance Holdings Limited
23/F, Excel Centre
No.483A Castle Peak Road, Lai Chi Kok
Kowloon, Hong Kong

A reasonable fee may be charged to offset SHIH’s administrative and actual costs incurred in complying with your data access requests.

Does SHIH have security measures in place to protect your data?

SHIH has implemented reasonable physical, technical and administrative security standards to protect personal data from loss, misuse, alteration or destruction.

Retention

We ensure personal data is not kept longer than is necessary for the fulfillment of the purpose for which the data is or is to be used.

Contact Us

If you have any questions relating to this Statement, please address them to shih-customer@shihins.com, or at:

Sun Hing Insurance Holdings Limited
23/F, Excel Centre
No.483A Castle Peak Road, Lai Chi Kok
Kowloon, Hong Kong