1 Brolink’s privacy assurance
Brolink is an Authorised Financial Service Provider with FSP number 10834 providing services in the South African short-term insurance industry. We have put in place suitable physical, technological and managerial measures in order to comply with the Protection of Personal Information Act No 4 of 2013 and to safeguard the privacy of the individuals we encounter in conducting our business.
2 Why do we collect data?
We process personal information for a specific purpose as follows:
When we provide insurance-related services to you, we process personal information to issue a quotation that you have requested from a broker or an insurer, or to perform our duties in connection with an insurance contract as described in more detail below.
When we process personal information about people entering our premises, we do so to manage security and access to our building.
3 What data do we collect?
We collect data mainly about policyholders but also about third party claimants and other parties. The data that we collect includes but is not limited to:
• General identification and contact information such as name, ID number, physical address, postal address, email address, telephone numbers, gender, marital status, date of birth and details of a driving licence;
• Financial information and account details, such as bank account numbers and premiums paid;
• Telephone recordings of conversations;
• Information related to the property insured, such as vehicle registration numbers, previous insurance and claims experience;
• Credit rating information;
• Tracing information to assist with claims recoveries;
• Information relating to claims investigations, such as reports and photos.
When you visit our premises, we record the date and time of your visit, your name, car registration, contact details and purpose of your visit. We also use video recordings to manage building security. To the extent that it is required by government regulation, we also collect health-related information during a pandemic, including your temperature and possible symptoms.
The supply of personal information is mandatory. If the information provided by you is incomplete then we may not be able to process insurance-related transactions on your behalf or grant you access to our premises.
4 How do we collect your data?
We collect personal information through:
• Our computer systems;
• Our web site;
• Insurance proposal forms;
• Claim forms;
• Telephone calls;
• Social media and
Information about insurance policies is collected by brokers or insurers who use Brolink’s insurance computer systems. Brolink does not ordinarily collect personal information directly from policyholders except where Brolink handles claims on behalf of insurers.
Brolink obtains credit rating information and additional personal information, either directly from a credit reference agency or the system of an insurer or broker.
Where Brolink handles claims on behalf of insurers, Brolink obtains personal information when claimants or third parties complete documents or forms, speak to one of Brolink’s consultants, communicate with Brolink by email, or deal with Brolink’s business partners or service providers such as loss adjusters.
5 How do we use your data?
We only collect personal information where it is reasonably necessary for our activities, including:
• Issuing and administering insurance quotations and policies;
• Collecting insurance premiums, for example via debit orders;
• Handling insurance claims;
• Performing statistical analysis on insurance portfolios;
• Resolving complaints;
• Complying with applicable laws and regulations such as the Financial Advisory and Intermediary Services Act.
We ordinarily process personal information on behalf of an insurer who is the Responsible Party as defined in the Protection of Personal Information Act. The name and address of the insurer is disclosed in your policy schedule.
6 How do we store your data?
The personal information of policyholders, claimants, third parties and visitors is securely stored in Brolink’s computer systems at different locations in South Africa. Security measures include access control and encryption.
7 Do we transfer your data outside the country?
Brolink does not transfer personal information outside the borders of South Africa. Policy exceptions, when they occur, require authorisation by the Information Officer.
8 How do we use your data for marketing?
Brolink does not use your personal information for marketing.
9 How do we share your data?
Brolink does not and will not sell personal information to any third party.
We follow common practice in the South African short term insurance industry by sharing personal information with various third parties. Depending on the specific insurance product such third parties include:
• Credit reference agencies so we can obtain information used for assessing risk and calculating insurance premium;
• Insurers, reinsurers, brokers and third party service providers (like loss adjusters) so Brolink can administer policies and handle claims;
• Banks so Brolink can collect insurance premiums and pay claims;
• Agencies who assist with fraud prevention;
• Other parties when we are required to do so by law or any regulatory authority.
When we outsource any processes we ensure that our service providers have appropriate security measures in place. All third parties are obliged to keep your personal information strictly confidential.
10 For how long do we keep your data?
Your personal information is stored for a minimum of five years as required by the Financial Advisory and Intermediary Services Act and/ or other legislation. We will take all reasonable steps to destroy or de-identify your personal information when the law no longer requires us to keep it.
Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our website, we may collect anonymous data about your interaction with our website from you in the form of cookies and IP addresses. No personal information, such as your name or email address, is required or stored in this process.
12 What are your data protection rights?
Every person whose personal information we process has the following rights:
• You have the right to request copies of your personal information, subject to the terms and conditions described in our Promotion of Access to Information (“PAIA”) manual which is available at our website www.brolink.co.za;
• You have the right to request that we correct any information you believe is inaccurate;
• You have the right to request that we erase your personal information, under certain conditions;
• You have the right to object to us processing your personal information, under certain conditions;
• You have the right to lodge a complaint with the Information Regulator whose contact details are available at https://www.justice.gov.za/inforeg/contact.html.
If you wish to object to the processing of personal information or if you wish to request for correction or deletion of personal information then please complete Form 1 or Form 2 at the end of this privacy notice.
13 How can you contact us?
Brolink’s aim is to always have accurate, complete, up-to-date and relevant personal information. Requests for access to and possible correction of personal information as envisaged by the Protection of Personal Information Act should be addressed to the party who collected that information from you, normally the broker or insurer.
General complaints should be handled according to the contact information that is shown on your policy schedule.
If you have direct dealings with Brolink then you may contact:
The Information Officer
Brolink (Pty) Ltd
Westend Office Park
254 Hall Street
Telephone: 012 673 0000
14 When was this notice last updated?
This notice was last updated on 8 June 2021 and supersedes any previous privacy notice. We will publish any future versions to our website www.brolink.co.za.