AXA Academy
th en
Find locations/branches Quote Now
icon-ask-question
Find locations/branches

This field is required.

This field is required.

Please enter a valid email address.

This field is required.

This field is required.

This field is required.

  1. Home
  2. Privacy Policy

Privacy Policy

AXA Insurance Public Company Limited (“AXA”, “we”, “us” or “our”) cares about your privacy and is fully committed to protect the privacy of your personal data.

This Privacy Policy covers how we deal with your personal data and gives you details information on how, what, when, and why we collect, use, disclose, transfer or process your personal data, what steps we take to ensure your personal data stays private and secure, how long we retain your personal data, how you can contact us, and your rights under the Personal Data Protection Act B.E. 2562, also known as the PDPA.

This Privacy Policy should be brought to the attention of any party who is included in your insurance policy, where they have given you consent to act on their behalf.

By providing your personal data or the personal data of someone included in your insurance policy, you acknowledge that we may use it only for the purposes which set out in this Privacy Policy. We may provide you with further notices highlighting certain uses we wish to make of your personal data.

Please take a moment to read our Privacy Policy to understand more about your rights with regards to the personal data that you have entrusted us with. This Privacy Policy is subject to change at any time, such as to comply with government regulations, new technologies, other development in PDPA or any data protection law, while our relationship with you continues, so you should come back and read this Privacy Policy from time to time to view the most up-to-date Privacy Policy. If there is any significant change to our Privacy Policy which may affect the rights to your personal data, we will inform you without delay.

This Privacy Notice shall take effect as of the date that the Personal Data Protection Act becomes effective.

 

1.        Our Privacy Principles

When we collect and use your personal data, we will make sure that we take appropriate care of your personal data and will use your personal data in accordance with our privacy principles set out below, keep your personal data safe and will not sell it to any third parties.

 

2.        How do we collect your personal data?

Whilst there are various channels which we collect your personal data, the two main channels we might collect your personal data are from things you inform us yourself, and from things we ask other people or organizations to share your personal data with us. Things you tell us could include conversations we have on the phone, what you’ve written on an application form or if you post something on one of our forums. We might also collect your personal data from other people and organizations, such as medical professionals and credit agencies, or by checking databases. Please see below for our channels which we use to collect your personal data.

We collect your personal data directly from you through the following channels (but not limited to):

  • via enquiry, registration and claim forms
  • via feedback forms and forums
  • when you purchase any of our products or services
  • when you fill out a survey on our website
  • through quotes and application forms
  • via cookies and other internet tracking software to collect data
  • via our telephone calls with you, which may be recorded
  • when you provide your details to us either online or offline
  • when you participate in our campaign

We also collect your personal data from several different sources including (but not limited to):

  • from social media; and
  • other third parties including:

o   your family members in case you may be incapacitated or unable to provide information relevant to your insurance policy,

o   medical professionals and hospitals,

o   third parties who assist us in checking that claims are eligible for payment,

o   third parties such as companies who provide consumer classification for marketing purposes e.g. market segmentation data, and

o   third parties who provide information which may be used by us to inform its risk selection, pricing and underwriting decisions

 

3.        What personal data do we collect?

We might collect your personal data, such as your contact details, information about your bank account or credit cards. The information we collect will depends on which product or service you are interested in for example if you are interested in obtaining car or travel insurance, we will collect information about the car you drive or your travel destination. For medical insurance, we may ask you about you or your family’s medical history. In certain circumstances we may request and/or receive sensitive personal information about you. For example, we may need access to health records for the purposes of providing you with a policy or processing claims, or details of any court judgments for the purposes of preventing, detecting and investigating fraud. Please see below for a more detailed list of personal data we collect.

The information that we collect will depend on our business relationship. Where other people are named on your insurance policy, we may ask you to provide the information below in relation to those people too, if this is relevant to your insurance or services which provided by us to you.

Where we are the Data Controller of your personal data, we may collect the following information about you:

Personal information

  • contact details such as name, e-mail address, postal address and telephone number
  • details of any other persons included on the policy where they are named on your policy and the relationship with you as policyholder
  • identification information such as your date of birth, identification number, passport number
  • financial information such as bank account details, credit card details and information obtained as a result of our credit checks
  • information relevant to your insurance policy such as details about your previous policies or claims
  • information relevant to your claim or your involvement in the matter giving rise to a claim
  • information obtained through our use of cookies and other internet tracking software to collect data
  • your marketing preferences
  • lifestyle and social circumstances, for example, your interests, such as whether you play a sport, your housing status and number of dependents

Sensitive personal information

  • information regarding your current and/or former physical and/or mental health
  • details concerning sexual life or sexual orientation
  • details regarding criminal offences, including alleged offences, criminal proceedings, outcomes and sentences (previous criminal convictions, bankruptcies and other financial sanctions such as court judgements)

 

4.        How do we use your personal data?

We mainly use your personal data to provide you with an insurance policy or benefits and to provide you with the right services based on your situation. Therefore, if you encounter a problem, we will ensure that the right network of providers and specialists are accessible and we can also update you swiftly on the progress and amount of claims and protect you from fraud.

However, there are several other reasons why we use your personal data; please see below for a more detailed list of uses of your personal data, which constitute a legal basis under the PDPA.

  • Processing is necessary for us to provide your insurance policy and services, such as assessing your application and setting you up as a policyholder, or trust beneficiary, administering and managing your insurance policy or benefits, providing all related services, providing a quote, handling and paying claims and communicating with you. In these circumstances, if you do not provide such information, we will be unable to offer you a policy or process your claim.
  • Where we have a legal or regulatory obligation to use such personal data, for example, when our regulators, The Office of Insurance Commission, The Securities and Exchange Commission, The Anti-Money Laundering Office, our data protection regulator, and The Office of the Personal Data Protection Committee wish us to maintain certain records of any dealings with you, investigating fraudulent claims and carrying out fraud, credit and anti-money laundering checks.
  • Where we need to use your personal data to establish, exercise or defend our legal rights, for example when we are faced with any legal claims or where we want to pursue any legal claims ourselves.
  • Where we have appropriate legitimate business need to use your personal information such as maintaining our business records all whilst ensuring that such business need does not interfere with your rights and freedoms and does not cause you any harm.
  • Where you have provided your consent to our use of your personal data.
  • Where we need to use your personal data because it is necessary for your vital interests, this being a life or death matter.

We will usually only ask for your consent in relation to processing your sensitive personal information (such as health data) or when providing marketing information to you (including information about other products and services) except for cases where we are authorized by law or regulation to process your sensitive personal information without your consent. This will be made clear when you provide your personal data to us. If we ask for your consent, we will explain why it is necessary. Without your consent in some circumstances, we may not be able to provide you with cover under the policy or handle claims or you may not be able to benefit from some of our services. Where you provide sensitive personal information about a third party, we may ask you to confirm that the third party has provided his or her consent for you to act on their behalf.

You will find the purposes that we may use and process your personal data as below,

5.        Who do we share your personal data with?

We might share your personal data with two types of organization – companies inside the AXA Group and other third parties outside the Group. We won’t share any of your personal data other than for the purposes described in this Privacy Policy. If we share anything outside the Group, it’ll be kept strictly secured and will only be used for reasons that we’ve described. For further details of disclosures, please see below.

  • Disclosures within our group and affiliates

In order to provide our services your personal data is shared with other companies in our group. Your personal data might be shared for our general business administration, efficiency and accuracy purposes or for the prevention and/or detection of fraud and screening against international sanctions, counter-financing terrorism and anti-money laundering.

We may use Cloud storage solutions within Singapore, where we have Data Centre, or any other designated AXA group entity (as the case may be) which are chosen to ensure efficiency and improved performance through up to date technology.

You can find our Binding Corporate Rules as below,

 

  • Disclosures to third parties and affiliates

We also disclose your information to the third parties listed below for the purposes described in this Privacy Policy. This might include:

o   Your relatives or, guardians (on your behalf where you are incapacitated or unable) or other people or organizations associated with you such as your insurance broker or your lawyer.

o   Where you have named an alternative contact (such as a relative) to speak with us on your behalf. Once you have told us your alternative contact, this person will be able to discuss all aspects of your policy (including claims and cancellation) with us and make changes on your behalf.

o   Our insurance partners such as our agents, i.e. agency, Financial Service Advisor (FSA), brokers, other insurers, reinsurers, Bancassurance, or other companies who act as insurance distributors.

o   Other third parties who assist in the administration of insurance policies.

o   Other third parties who provide information which may be used by us to inform its risk selection, pricing and underwriting decisions

o   Fraud detection agencies and other third parties who operate and maintain fraud detection registers

o   The police and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime

o   Our third-party services providers such as IT suppliers, actuaries, auditors, lawyers, marketing agencies, research specialists, document management providers and tax advisers

o   Customer satisfaction survey providers

o   Financial institution and advisory

o   The Office of Insurance Commission (“OIC”)(You can find the OIC’s Privacy Policy by visit www.oic.or.th )

o   The Anti-Money Laundering Office

o   The Securities and Exchange Commission, The Office of the Personal Data Protection Committee and other relevant government authorities

o   Loss Adjusters

o   Your healthcare provider

o   Debt collection agencies

o   Credit reference agencies

Disclosure of your personal data to a third party outside of AXA Group will only be made where the third party has committed to appropriate data protection safeguards as per AXA requirements and shall only be used for the specific purpose for which we provide it to them.

We may also disclose your personal data to other third parties where:

  • We are required or permitted to do so by law or by regulatory bodies such as where there is a court order, statutory obligation, The Office of Insurance Commission, The Securities and Exchange Commission and other relevant government authorities; or
  • We believe that such disclosure is necessary in order to assist in the prevention or detection of any criminal action (including fraud) or is otherwise in the overriding public interest; or
  • Exemptions under PDPA or the data protection legislation allow us to do so

Where we make a transfer of your personal data outside of Thailand, in all cases where personal data is transferred to a country which is deemed not to have the same standards of protection for personal data as Thailand will ensure Appropriate Safeguards have been implemented to ensure that your personal data is protected where standards are not the same or similar to those standards within Thailand. Such steps may include placing the party we are transferring personal data to under contractual obligations to protect it to adequate standards. Occasionally there may also be some circumstances where we are required to transfer your personal data outside of Thailand and we shall rely on the basis of processing it for being necessary for the performance of your contract; for example, where you have a travel insurance policy and we need to contact you when you are on holiday.

 

1.        How long do we keep records for?

The time period we retain your personal information for will differ depending on the nature of the personal data, what we do with it, why we hold it and what we’re obliged to do by the regulator or the law. In most cases, we will retain your information for 10 years after the termination of your policy.

We keep your personal data for as long as reasonably necessary to fulfil the relevant purposes set out in this Privacy Policy and in order to comply with our legal and regulatory obligations. In some instances, we will minimize personal data; or de-identify data to use for statistical or analytical purposes, this activity is undertaken in accordance with PDPA.

2.        Your Rights

You can ask us to do various things with your personal data. For example, at any time you can ask us for a copy of your personal data, correct mistakes, change the way we use your information, or even delete it. We’ll either do what you’ve asked or explain why we cannot.

You have the following rights in relation to our use of your personal information.

  • The right to access your personal data

You are entitled to a copy of the personal data we hold about you and certain details of how we use it. There will not usually be a charge for dealing with these requests. Your personal information will usually be provided to you in writing, unless otherwise requested.

  • The right to rectification

We take reasonable steps to ensure that the personal data we hold about you is accurate and complete. However, if you do not believe this is the case, please contact our DPO team by using the contact information as specified in article 7 of this policy and you can ask us to update or amend it.

  • The right to erasure

In certain circumstances, you have the right to ask us to erase your personal data, for example where the personal data we collected is no longer necessary for the original purpose or where you withdraw your consent. However, this will need to be balanced against other factors, for example according to the type of personal information we hold about you and why we have collected it, there may be some legal and regulatory obligations which mean we cannot comply with your request.

  • Right to restriction of processing

In certain circumstances, you are entitled to ask us to stop using your personal data, for example where you think that the personal data we hold about you may be inaccurate or where you think that we no longer need to process your personal information.

  • Right to data portability:

In certain circumstances, you have the right to ask that we transfer any personal data that you have provided to us to another third party of your choice. Once transferred, the other party will be responsible for looking after your personal data.

  • Right to object:

You have the right to object to the collection, use or disclosure of your personal information for direct marketing purposes or on grounds stipulated by law.

  • The right to withdraw consent

For certain uses of your personal data, we will ask for your consent. Where we do this, you have the right to withdraw your consent to further use of your personal data. Please note in some cases we may not be able to process your insurance if you withdraw your consent.

Please note that your withdrawal shall have no effect to previous legitimated personal data processing.

  • The right to lodge a complaint

You have a right to complain to the Personal Data Protection Committee at any time if you object to the way in which we use your personal data.

You can make any of the requests set out above using the contact details provided to you in your policy documentation, the contact details of the Data Protection Officer (DPO) as specified in section 8 of this Privacy Policy. Please note that in some cases we may not be able to comply with your request for reasons such as our own obligations to comply with other legal or regulatory requirements. However, we will always respond to any request you make and if we can't comply with your request, we will tell you why.

In some circumstances exercising some of these rights will mean we are unable to continue providing you with cover under your insurance policy and may therefore result in the cancellation of the policy. You will therefore lose the right to bring any claim or receive any benefit under the policy, including in relation to any event that occurred before you exercised your right, if our ability to handle the claim has been prejudiced. Your policy terms and conditions set out what will happen in the event your policy is cancelled.

 

8.        Contact Details of the Data Protection Officer

If you wish to contact AXA or the Data Protection Officer, the details are below:

AXA Insurance Public Company Limited.

Address:      414 Siam Patumwan House, Floor 25th, unit2511-1-2, Phayathai Rd., Wangmai Sub-district, Pathumwan, Bangkok 10330 Thailand

Call Center: 02 – 118 – 8111

Monday to Friday - 8:30 AM - 6:30 PM and Saturday - 9:30 AM - 6:00 PM

Closed on Sunday and official holidays

The Data Protection Officer

Address:      414 Siam Patumwan House, Floor 25th, unit2511-1-2, Phayathai Rd., Wangmai Sub-district, Pathumwan, Bangkok 10330 Thailand

E-mail:     dpo@axa.co.th

Channels for exercise your right as Data Subject : https://direct.axa.co.th/PDPA

 

9.        Our Data Privacy Declaration

Your personal data can help us give you a better, more personalized service. But looking after that data is a big responsibility. We take our responsibilities seriously, so we’ve introduced internationally recognized data privacy rules to protect you. We keep your data safe, confidential and will never sell it. And, if you ask us to, we’ll tell you exactly what information we have so you can be sure it’s up-to-date and accurate.

AXA mission is to assist you as our customers, live your lives with more peace of mind by protecting you and your family and various assets against the risks. Performance of our mission involves the collection of data so that we can understand the nature of these risks that we can protect you, and that we may provide you with the right products and services to meet your needs.

Today's world is one in which the amount of available data is growing exponentially. Ultimately, this allows us to enhance your experience through tailor-made protection, more relevant information and simplified, efficient procedures. In this case we believe that protecting your personal data is essential when seizing these opportunities. This is why we considered it important to share with you the principles that will guide us with regard to the treatment of personal data.

9.1           Our Commitment to Safeguard Personal Data

We know that respecting the confidentiality of personal data is critical to preserving your trust and therefore have developed security procedures and we use a range of organizational and technical security measures designed to protect your personal data from unauthorized use or disclosure.

We have a Data Privacy team at a global level and a network of Data Privacy Officers throughout our businesses to oversee data safety.

9.2           Our Commitment in Respect to the Use of Personal Data

We provide you with up-to-date prevention and protection solutions, we also collect your personal data and use it in compliance with data protection.

We have in place procedures and contractual arrangements designed to ensure that all employees, sales representatives, advisers and service providers keep client files confidential.

Our customers often entrust us with sensitive personal information in connection with insurance coverage we provide to them - both at the time of their initial subscription and during the term of their coverage. We view ourselves as custodians of this data and do not sell it to third parties outside AXA. We may market products jointly with other companies in cases where we believe there is a unique or compelling value proposition for our customers.

9.3           Our Commitment to Dialogue and Transparency

As a leading international insurance group, we play a proactive role in public policy and regulatory debates around personal information protection.

These are our continuing commitments to you. We will keep pace with future developments surrounding data privacy to adapt them to your evolving needs.

Facebook
Line
Youtube
instagram
twitter
Telephone
AXA Callcenter
02 118 8111

Privacy Policy © 2024 AXA All Rights.