Skip to main content

Privacy Notice

DATA PROTECTION POLICY

MARSH (Singapore) Pte Ltd ("MARSH", "our," "us" and "we", and such references include as appropriate other entities whose ultimate parent company is Marsh & McLennan Companies, Inc.) has created this Data Protection Policy in order to communicate our commitment to the privacy of information provided to us by the Law Society of Singapore (“LawSoc”), their members, and firms (including their employees) through the Law Society of Singapore Professional Indemnity Insurance online portal (“Website”). We understand the nature of the information entrusted to us and acknowledge that maintenance of the privacy of such information is of the highest importance to LawSoc and their members. The following discloses our information gathering and dissemination practices in relation to the services we provide through or in connection with the Website (the “Services”) that you (references to “you” include as appropriate LawSoc members, firms and their employees) have accessed.

MARSH safeguards your Personal Data (as defined in paragraph 2 below) in accordance with the Personal Data Protection Act (No.26 of 2012) (“The Act”). You are requested to read this Data Protection Policy so that you know and understand the purposes for which we may collect, use and disclose your Personal Data. This Data Protection Policy supplements but does not supersede nor replace any other consents which you may have previously provided to LawSoc, your firm,  or directly to us in respect of your Personal Data, and your consents herein are additional to any rights which we may have at law to collect, use or disclose your Personal Data except that the consent provided by you through acceptance of this Data Protection Policy supersedes any previous election in respect of any specific matter.

For the avoidance of doubt, this Data Protection Policy forms a part of the terms and conditions governing your relationship with us, written or implied, (“Terms and Conditions”) and should be read in conjunction with those Terms and Conditions.

1. Your consent is important

When you make use of our Website and the Services, you may be required to provide us with your Personal Data. In doing so, you agree and consent to MARSH and its business partners, respective agents, authorised service providers and relevant third parties collecting, using and/or disclosing your Personal Data in accordance with this Data Protection Policy. We may also ask for details of other individuals, including other members and employees of your firm for the purpose of administering the insurance policies. Where you submit such details, you do so on behalf of the relevant individual, you consent on their behalf to the terms of this Data Protection Policy and you warrant and represent to us that you have obtained the prior consent of such relevant individual to provide us with their personal data for the relevant purposes for which you made the disclosure or as was notified to you at the relevant time and all other purposes as set out in this Data Protection Policy, in accordance with all applicable laws, regulations and/or guidelines. You acknowledge and accept that it is your responsibility for letting them know (i) that personal data relating to them has been disclosed to us, our business partners, respective agents, authorised service providers and relevant third parties, (ii) what details you have submitted and (iii) that such personal data will be collected, used and disclosed in the manner and for the purposes as described in this Data Protection Policy. It is your responsibility to keep your personal details and those of any relevant individual updated.

You have the choice, at any time, not to provide your Personal Data or to withdraw your consent to MARSH’s collection, use and/or disclosure of your Personal Data. You are not obliged to provide your Personal Data to us. You should note, however that failure to provide certain Personal Data or a withdrawal of your consent for us to process your Personal Data may result in MARSH being unable to provide you with effective and continuous products and services you wish to receive from us. It is likely that in such a scenario, we may not be in a position to provide, or to continue to provide our products or services to you or administer any relationship which may be in place between us.

You should also be aware of your duty of disclosure that applies in relation to insurance policies. Your duty of disclosure requires you to disclose all material information relating to the risk under consideration. This duty continues until the insurance has been concluded and ‘resurrects’ in the event of any amendment to the risk during the insurance policy period or extension/renewal. You may also be subject to specific ongoing disclosure conditions or warranties according to the terms of the insurance policy, which effectively extend the duty of disclosure post inception of the insurance policy. The information you may need to disclose may in some cases be Personal Data. Please read the Terms and Conditions for more detail about this duty of disclosure. There are severe consequences for failing to comply with your duty of disclosure, including the avoidance of the insurance policy from its commencement and the obligation to return claims already paid.

Notwithstanding the generality of the foregoing and for avoidance of doubt, upon the termination or expiry of your contractual relationship (written or implied) with us (howsoever caused), we may still continue using or disclosing your personal data as may be necessary, required, authorised or permitted for compliance with applicable law or as may be requested by the relevant regulatory bodies, government agencies, statutory boards, administrative bodies, authorities or law enforcement agencies to comply with any laws, rules, guidelines and regulations or schemes to which we may be subject, whether situated locally or overseas.

2. What types of Personal Data do we collect?

In this Data Protection Policy, “Personal Data” refers to any data, whether true or not, about an individual who can be identified (a) from that data; or (b) from that data and other information to which we have or are likely to have access, including data in our records as may be updated from time to time.

Examples of such Personal Data you may provide to us may include (depending on the nature of your interaction with us), without limitation, the name, identity card number (including Singapore ID card number and Singapore NRIC) or passport number (and/or copies thereof), contact information and, family history.

3. How do we collect your Personal Data?

Generally, we obtain your Personal Data from you, your firm, LawSoc or from third parties in various ways:

  • when clients and prospective clients engage us or inquire about our services, we ask them to provide us with company/firm contact information, some examples of which are the company/firm's name, address, contact person details (name, phone number and designation), number of employees/partners;
  • when LawSoc and/or your firm uses our services to enable you to join and manage your insurance coverage, your firm may provide us with information which may include, but is not limited to, your name, address, ID card number (including Singapore ID card number and passport number), title, salary, commencement of employment and information regarding your employment;
  • we may obtain personal data about you from other insurance companies or agents, for example if you make a claim that is covered by two policies;
  • we may occasionally obtain personal data about you from government agencies, for example if they request information about you;
  • we may receive personal data about you from credit reporting agencies in connection with arranging financial products and services for you that you request; we may obtain personal data about you from courts or public records from time to time, for example in connection with any legal proceedings you are involved in;
  • when you provide any data required for the use of the Services (whether the Services are provided by MARSH or a third party service provider);
  • when you request that we contact you, be included in an email or other mailing list; or when you respond to our request for additional Personal Data;
  • when you contact MARSH through various methods such as completing application forms, emails and letters, telephone calls and conversations you have with our staff. If you contact us or we contact you using telephone, we may monitor or record the phone call for quality assurance, training and security purposes; and
  • when you submit your Personal Data to us for any other reason.

If you do not wish us to collect, use or disclose your personal data in order to use our Services, please send an email to privacycoordinator@marsh.com

Cookie and related technologies

  • Information on Cookies

A cookie is an element of data that a website can send to your browser, which may then store it on your system. We use cookies in some of our pages to store visitors' preferences and record session information. The information that we collect is then used to ensure a more personalised service level for our users. You can adjust the settings on your browser so that you will be notified when you receive a cookie, or to disable the cookies associated with our Website. Please refer to your browser documentation to check if cookies have been enabled on your computer or to request not to receive cookies. Please note however that you may not be able to enter certain part(s) of our Website, and some of the functions and services may not be able to function without cookies. This may also impact your user experience while on our Website.

  • IP Address

An IP address is a number that is automatically assigned to your computer when you signed up with an Internet Service Provider. When you visit our Website, your IP address is automatically logged in our server. We use your IP address to help diagnose problems with our server, and to administer our website. From your IP address, we may identify the general geographic area from which you are accessing our Website however; we will not be able to pinpoint the exact geographic location from which you are accessing our Website. Generally we do not link your IP address to anything that can enable us to identify you unless it is required by applicable laws and regulations.

  • Login Identification/Passwords

Our Services require users to choose a username and password in order to activate their account and these will be the login credentials to access the Website. You agree to maintain the confidentiality of your username and password and agreed to notify us immediately should you become aware of any unauthorised use of your username, password, account or information on the Website. You are responsible for the security of your username and password and MARSH accepts no responsibility howsoever arising and will not be liable for any and all activities that occur under your account to the extent that they result from your failure to comply with this paragraph.

  • Service Activity Logging

All transactions conducted through the Website will be monitored and recorded for the purposes of logging Website usage, diagnosing problems, enhancing features and functionality of the Services, the purposes described elsewhere in this Data Protection Policy, and for other legitimate business purposes.

  • Third party sites

Our Website may contain links to other web sites which are not maintained by or under the control of MARSH. This Data Protection Policy only applies to the Website. When visiting these third party web sites, you should read their privacy policies which will apply to your use of such third party web sites. Should you decide to leave the Website to access such third party web sites, you agree to do so at your own risk.

4. What is the purpose of processing your Personal Data?

Generally, MARSH collects, uses, discloses and/or processes Personal Data for the following purposes:

  • allowing us to process your enrolment, provide you with updated details of your insurance coverage, to assist you in applying for further benefits or products and to allow us to process those applications;
  • providing the Services, and other products, services and benefits to you, including administering and processing payment instructions, insurance policies, insurance claims and medical claims, security and underwriting checks;
  • conducting identity and/or credit checks and/or debt collection;
  • evaluating the financial needs and/or verifying the eligibility information of you, your spouse, partner, children or other immediate family member, for insurance, financial or wealth management products and services that you may request or any other products provided in connection with the Services;
  • to design and provide you with insurance, financial and related services and products if you request;
  • using company contact information to provide information to clients and prospective clients (paper and electronic) in relation to our services and to maintain a record of inquiries regarding our services;
  • aggregating user information from multiple firms to monitor Website usage, assist us to develop our Services and to analyse performance. Examples of analyses performed include, but are not limited to: number of employees/partners enrolled in plans provided by a particular insurance carrier, average number of employees/partners employed by firms and average number of benefit plans sponsored by our clients. When used to perform such analyses, information provided by a firm (including its employees and partners) is never disclosed in a level of detail sufficient to permit the identification of any individual firm or individual employee/partner record;
  • conducting research and analysis in relation to products and services provided by or through MARSH, including analytics performed on insurance claims (and claims data) and analytics to determine which products and services may be of interest to you;
  • performing a policy review or needs analysis;
  • subject to your consent, contacting you for the purposes of marketing or providing you with promotional materials relating to (a) insurance or financial services or related wealth management products arranged by MARSH or partnering insurance companies or financial institutions; or (b) other products and services provided by MARSH (as described in paragraph 5 below);
  • subject to your consent, disclosing your information to (a) within MARSH so that that other entities within MARSH may contact you with respect to their products and services; and (b) selected business partners so that they can contact in relation to insurance services (as described in paragraph 5 below);
  • organising promotional events and corporate social responsibility projects (including but not limited to taking pictures and recording your video/audio feedback and testimony in relation thereto);
  • conducting market research, understanding and determining customer location, preferences and demographics for us to review, develop and improve our products, services and also develop special offers and marketing programmes;
  • from time to time, we may provide your information to our client service agencies for research and analysis purposes so that we can monitor and improve the Services. We, or our agents and sub-contractors may contact you by post, e-mail or telephone to ask you for your feedback and comments on the Services;
  • subject to your consent, providing cross-referrals to other entities of MARSH;
  • sharing such data with sub-contractors or service providers of MARSH in relation to the Services;
  • managing the administrative and business operations of MARSH and complying with internal policies and procedures, including but not related to transferring (through secured means) and populating databases in secured sites outside our premises in Singapore as part of our data backup programmes;
  • matching any Personal Data held which relates to you for any of the purposes listed herein;
  • matching Personal Data with other data collected for other purposes and from other sources (including third parties) in connection with the provision or offering of products and services, whether by MARSH or other third parties;
  • subject to your consent, contacting you regarding details of products or services which we send to firms or their employees/partners generally, or which we have identified may be of interest to you (including but not limited to cross selling);
  • communicating with you, including resolving complaints and handling requests and enquiries;
  • providing media announcements and responses;
  • meeting or complying with any applicable laws, regulations, regulatory policies, directives, rules, codes of practice or guidelines of any jurisdiction, judgments, orders, directions or requests issued by any court, legal or regulatory bodies which MARSH may be subject to, whether local or overseas (including but not limited to disclosures to regulatory bodies, rules and regulations relating to anti-money laundering and countering the financing of terrorism, and conducting audit checks, surveillance and investigation);
  • obtaining legal services, seeking legal advice and engaging in dispute resolution; and
  • purposes which are reasonably related to the aforesaid.

5. Direct marketing

Provided you give your consent (which includes an indication of no objection), we may use your Personal Data (including your name, address, email address and telephone number) to contact you with news, offers and information on insurance, financial, wealth management or related products and services that may be of interest to you. We may also use other Personal Data about you (such as your age, gender and income group) to customise our direct marketing and to ensure you receive information about products and services that are likely to be most suitable for you.

Provided you give your consent (which includes an indication of no objection), we may also provide your Personal Data (including your name, address, email address and telephone number) to (a) other MARSH entities so that they may contact you with respect to their insurance and financial products and services; and (b) selected business partners within the financial and insurance sector, so that they can contact you with news, offers and information on insurance, financial, wealth management or related products and services that may be of interest to you. We may also provide other Personal Data about you (such as your age, gender and income group) to enable them to customise their direct marketing and to ensure you receive information about products and services that are likely to be most suitable for you. We may provide your Personal Data to these third parties for gain.

We cannot use or provide your Personal Data for direct marketing purposes without your consent (which includes an indication of no objection). You can opt out of direct marketing, free of charge, at any time. You may do so by providing notice to us via one of the following response channels:

a) by email to privacycoordinator@marsh.com or

b) by post to:

Data Privacy Officer

Marsh (Singapore) Pte Ltd
8 Marina View,
#09-02 Asia Square Tower 1
Singapore 018960.

Please be aware that once we receive confirmation that you wish to withdraw your consent for marketing or promotional materials/communication, we will require a reasonable period of time to process your withdrawal request. During this period of time you may still receive marketing or promotional materials/communications. Please note that even if you withdraw your consent for the receipt of direct marketing materials, we may still contact you for other purposes in relation to the facilities or services that you hold or have subscribed to with MARSH.

6. To whom do we disclose your Personal Data?

Personal Data held by us shall be kept confidential. However, in order to provide you with effective and continuous products and services, and for the purposes listed above (where applicable), your Personal Data may be disclosed to the following parties, who may be located within or outside Singapore:

  • insurance and re-insurance companies;
  • insurance brokers and agents;
  • claims investigation and adjuster companies;
  • other MARSH entities including our head office and any branches, representatives offices, subsidiaries, related corporations and affiliates;
  • agents, contractors or third party service providers who provide administrative and operational services to MARSH, such as courier services, telecommunications, information technology, payment, printing, redemption, payroll, processing, training, survey, market research, storage, archival or other services to MARSH;
  • when you apply for any benefits and/or products offered through the Website, we will pass your personal details and those of your beneficiary, where applicable, to the provider of those benefits and/or products. Thereafter, the provider may correspond with you directly. Information we have gathered from your firm and you may also be used by us to communicate with you on any matter relating to your benefits and the provision of our Services in general;
  • vendors and other third party administrators and/or service providers in connection with services, promotions and events offered by MARSH, including without limitation, bankers, lawyers, healthcare providers and accountants;
  • any business partner, investor, assignee or transferee (actual or prospective) to facilitate business asset transactions (which may extend to any merger, acquisition or asset sale);
  • researchers;
  • credit reference agencies;
  • debt collection agencies;
  • partnering financial institutions;
  • our business partners for the purpose of contacting you with information about insurance, financial, wealth management or related products and services;
  • our professional advisers such as financial advisors, auditors and lawyers;
  • industry associations and federations;
  • relevant courts, regulatory bodies, government agencies, statutory boards, administrative bodies, industry bodies, authorities or law enforcement agencies located anywhere in the world, in order to comply with any laws, rules, guidelines and regulations or schemes to which MARSH may be subject, whether situated locally or overseas;
  • external business, referral and charity partners in relation to the marketing and promotion of products and corporate promotional events; and
  • any other party to whom you authorise us to disclose your Personal Data to.

In connection with the purposes set out in this  Data Protection Policy, your Personal Data may be transferred outside Singapore. That means your Personal Data may not be protected to the same or a similar level as it would in Singapore. However, we will take all reasonable measures to ensure that your Personal Data is processed and stored securely, regardless of the country in which it is processed or stored.

7. How do we protect your data?

The security of Personal Data is our priority. MARSH takes all practicable physical, technical and organisational measures to ensure the security and confidentiality of Personal Data. We protect your information in a highly secure data centre, adhering to strict computer security standards. We have put in place, privacy protection control systems designed to ensure that our customers' information remain safe, secure and private. For more information on our security measures, please write to us to seek our security statement.

MARSH employee access is only limited to authorised employees who are fully trained in handling your information. These authorised personnel are required to ensure the confidentiality of your information and to respect your privacy at all times. Employees who have access to your information will be subjected to disciplinary action should they fail to observe this Data Protection Policy and other guidelines, codes or policies which we may issue to them from time to time.

If we disclose any of your Personal Data to our authorised agents or service providers, we will require them to appropriately safeguard the Personal Data provided to them.

When disclosing Personal Data to persons both within and outside Singapore, we shall:

  • require that such recipients are subject to duties of confidentiality in relation to your Personal Data;
  • require that such recipients abide by the requirements of the Ordinance; and
  • prohibit such recipients from using your Personal Data for any purpose other than for the purpose for which MARSH originally collected your Personal Information.

Your firm and/or LawSoc may provide us with your business e-mail address in order for us to communicate your benefit offering and the Services. E-mail messages sent over the Internet cannot be guaranteed to be completely secure as they may be subject to possible interception or loss. If you do not want to be contacted on your business e-mail address, please send an email to privacycoordinator@marsh.com

8. How long may we retain your Personal Data?

We will only retain Personal Data for as long as necessary to fulfil the purpose(s) for which it was collected (and any related purposes) or to comply with legal, regulatory and internal requirements

9. Changes to this Data Protection Policy

Please note that we may update this Data Protection Policy from time to time to ensure that this  Data Protection Policy is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements. If there are material changes to any of the content of this Data Protection Policy, we will notify you by posting a notice of such changes on our Website or by sending you a notification directly. Any revised version of this  Data Protection Policy will take effect immediately upon publishing it on the Website. Do periodically review this  Data Protection Policy to stay informed on how we are protecting and managing your information.

Subject to your rights at law, you agree to be bound by the prevailing terms of this Data Protection Policy.

10. Access and correction of your Personal Data

You should ensure that all Personal Data submitted to us is complete, accurate, true and correct. Failure on your part to do so may result in our inability to provide you with products and services you have requested / applied for or you not being able to use such product and/or service. In some circumstances, the provision of inaccurate or incomplete information may amount to a breach of your duty of disclosure, which may result in more serious consequences, such as avoidance of the insurance policy and recovery of claims already paid under it.

We are committed to ensuring that the Personal Data we hold about you is accurate, complete, and up-to-date. If there are any changes to your Personal Data or if you believe that the Personal Data we have about you is inaccurate, incomplete, misleading or not up-to-date, please contact us so that we may take steps to update your Personal Data.

You have the right to access your Personal Data. If you would like to request access to your Personal Data, please send us a request in writing to the email address or postal address below. Please note that depending on the information requested we may charge a reasonable fee. We may also take steps to verify your identity before fulfilling your request for access to your Personal Data.

11. How can you contact us?

Requests for access and correction or for information regarding policies and practices and kinds of Personal Information held by Marsh should be directed to any one of the following response channels:

a) by email to privacycoordinator@marsh.com or

b) by post to:

Data Privacy Officer

Marsh (Singapore) Pte Ltd
8 Marina View,
#09-02 Asia Square Tower 1
Singapore 018960.

© Marsh LLC. All Rights Reserved