2. WHO WE ARE
In this policy, the use of “MLIL”, “us”, “we” or “our” refer to Mahalaxmi Life Insurance Company, and its Branch and Sub Branch. Our head office is located at:
Mahalaxmi Life Insurance Company, Kathmandu Ma.Na.Pa Ward No 1, KamalPokhari
Phone : 977-1-4438720,4438884,4445634
Post Box No: 79
3. HOW WE COLLECT YOUR PERSONAL DATA
Personal data can be collected in the course of our relationship with you, and as you avail of our services, both directly from you and from other parties, when appropriate. Examples of when and the kind of data we may collect is listed below: When you make an application for Insurance. Insured Info/Proposer Info/Nominee Info/AgentInfo/Personel Info(Name/address/Date of birth/marital status/occupation/salary/employment/place of birth/bank details/e-mail/contact number/maiden name/previous address/Citizenship No/PanNo/residential status/Parents Info/Education Status ) When finalising the details of a successful application. (Identification verification docs) When you make a payment. (online card details) When you look for advice. (dependent on the query) When you contact us via phone. (dependent on the query) From information publicly available about you. (when data is collected on you, but not directly from you, we can provide any available information on its source at your request) Through mobile applications ( app –when viewing the Premium Information, when applying for Insurance – when for viewing Personal Detail ) During the recruitment process (Full name, address, nationality, occupation, gender, e-mail address, phone number, Citizenship No) When you make an application with us, in order to process your application fully, we may share with and receive personal data from third parties such as the Bank and other social media. More information on our sharing of personal data with third-parties can be found in the “Who we share personal data with” section (section 5).
4. HOW WE USE YOUR PERSONAL DATA
Our use of your personal data is primarily in relation to the performance of a contract with, or a service to, you. We have and will continue to keep our client’s personal data secure and ensure that it is only used for the needs of our relationship with you. This may require us to share your data with selected entities and organizations such as funding partners, back-up service providers, auditors, investors, and outsourcers of services.
Examples of how we use your personal data:
1. To make an informed decision on your Insurance application and its suitability.
2. To provide you with a quote or Company New product offering.
3. To verify your identity.
4. To manage your Premium Transaction with us.
5. To process Online payments of your Premium from you.
6. To maintain adherence to our legal and regulatory obligations.
7. To gather information when there is an insurance claim and Maturity Claim
8. To respond appropriately to any complaints or appeals.
9. To give an accurate reflection of your Policy Loans, Premium Installment with us to third party bank and their application.
10.To perform audits and have audits performed on the company.
11.To analyses and understand our Bonus Ratio.
12.To maintain your data rights.
13.To provide you with statutory and regulatory information.
14.To screen prospective and existing customers (Policyholder, Nominee, Proposer) for Anti-Money Laundering.
15.To comply with mandatory requests from regulatory bodies such as the Beema Samiti.
16.To send you SMS messages containing information requested by you.
17.To maintain backups of critical data.
For other purposes that may arise as we provide our services to you. In the processing of applications, we use technology to determine the risk profile of the applicant via a scoring system. Though this score is generated based on the data we have received and processed on you automatically, every application is presently processed independently, and accepted, or declined, following a review by our underwriters. In cases where a decision has been made automatically, you are able to contest this decision.
5. WHO WE SHARE PERSONAL DATA WITH
We only share your personal data with third-parties when it is required in the course of our contract with you, and to fulfil the requirements of the conducting of our business. Any third-parties who we share data with are expected to have their own adequate information security measures and to be fully compliant with all applicable data protection legislation. These third-parties must enter into Data Sharing agreements with Mahalaxmi Life Insurance prior to any transfer of personal data. We are also bound to provide personal data in relation to regulatory or lawful requests.
Examples of situations we would share your personal data with third-parties:
To perform Premium checks with, and provide reports on Policy Premium, Policy/Agent loan performance to, the Central Bank of Nepal or may be to the Insurance Board of Nepal. Where we service Transaction on behalf of our company, they have access to your personal data according to agreement. In situations where another entity or person is a member of the Mahalaxmi Life Insurance.
To report on yours of Premium, Loan, Maturity, owned by us but serviced by Third Party.
To collect debts, such as in the event of an insurance claim or the death of a client.
To trace missing customers.
To initiate legal proceedings.
To obtain legal advice.
For external audits by audit companies assigned by Mahalaxmi Life Insurance Company.
Assigning loans to Agent Vehicles (AV) owned by Agents, but serviced by Mahalaxmi Life Insurance Company.
In relation to providing services to politically exposed persons or sanctioned persons.
To prevent money-laundering / financial crime.
In the case of joint Policies with guarantors, they will have access to certain data on the other Policy holder.
6. HOW LONG WE HOLD YOUR PERSONAL DATA FOR
How long we hold your personal data for depends on several factors: Our regulatory obligations in holding the particular data. Whether you are an active customer(Policyholder/Agent) of ours or just an applicant. If you or (MLIL) are involved in legal proceedings which require the retention of the personal data. If you requested, we retain your data for a valid reason. Other extenuating circumstances which necessitates the retention of your data. Our current policy for the retention and deletion of personal data states that in typical cases we will hold your data.
In practice, may also involve the anonymization of some data so that it may be retained, and subsequently used, for statistical or analytical purposes.
7. OUR LAWFUL BASES FOR USING PERSONAL DATA
Under data protection lawful bases for processing, we may collect and use personal data under one or more of the following lawful bases, depending on the context:
In compliance to a legal obligation to which we are subject.
1. To protect your vital interests, or those of another natural person. For the purposes of the legitimate interests pursued by us or a third-party, except where such interests are overridden by your interests or fundamental rights and freedoms. Where you have given consent to the processing of your data for specific purposes. We process limited amounts of sensitive data (special category data) but where we do, we will have a lawful basis for doing so.
2. In any situation where we have sought and acquired consent to process your personal data, you may withdraw your consent at any time by notifying us. Any processing of the data done prior to the withdrawal of consent is unaffected. Please do not hesitate to contact us if you wish to identify the specific basis for our holding of particular personal data of yours. We may rely on different lawful bases for different data elements.
8. THE IMPLICATIONS OF NOT GIVING REQUESTED PERSONAL DATA
We will only ever use your personal data for one or more of the reasons outlined in the lawful bases section of this document (section 7). If we ever require more personal data which falls outside of our general lawful bases (contract, legal obligation or legitimate interest) we will seek your express agreement in the collection and processing of this data.
Though you are not obligated to provide us with any data we request, if you choose not to, it is possible we will not be able to provide the service you requested or adequately assess your application for a product.
If you are ever concerned about what our basis for wanting particular personal data is, we can tell you under which category it falls and why.
10. YOUR DATA RIGHTS
Your rights are as follows:
Right of Access: You may request a copy of any personal data we hold on you for processing. Data can be provided via electronic or physical means. You may also request information regarding the purpose of the processing of this data, the categories of personal data concerned, with which third-parties your information was shared, and how long your data will be stored for.
Right of Rectification: You have the right to request the correction of any inaccurate personal data we hold concerning you. Incomplete data may also be completed via supporting information/documentation.
Right to Erasure (or to be forgotten): You may have the right to instruct us to erase the personal data we hold on you. This is subject to various criteria such as; that the data is no longer necessary, that there is no lawful basis for our holding/processing of this data, that the data was unlawfully processed, or in legal compliance. In a case where we can justify the holding of your personal data, the instruction to erase this data may be declined.
Right to Restriction: You may have the right to restrict our processing of your personal data in certain cases. For example, when the accuracy of the data we hold is contested (while the accuracy is verified), where the processing is unlawful but you do not wish it erased, where we no longer require your data for processing but it is needed by you for legal reasons, where you have objected to the processing but legitimate grounds have not yet been verified.
Right to Portability: You may have the right to request that we transmit your personal data to another data controller(App), where technically feasible.
Right to Object: You may have the right to object to your personal data being processed, or used for direct marketing and profiling purposes providing we do not demonstrate a compelling legitimate reason in using this data, that also does not compromise your interests, rights or freedoms. You have the right not to be subject to automated decision making (ADM). However, as outlined in section 4, we do not engage wholly in ADM and our decisions are made by our underwriters.
11. OUR CONTACT DETAILS / HOW TO MAKE A COMPLAINT
If you have any queries regarding this policy, or MLIL in general, you can contact us by:
Mahalaxmi Life Insurance Limited,
Kathmandu Ma.Na.Pa Ward No 1, KamalPokhari
Phone : 977-1-4438720,4438884,4445634
Post Box No: 79