Press enter to see results or esc to cancel.

We have updated our privacy policy

On May 25, the European Union’s new data privacy law will come into force. Because this law is so wide-reaching, we feel it is important to ensure that we are doing everything we can as a company to meet the new privacy regulations and protect the data of our clients or anyone interacting with us. To that end, we have updated our Privacy Policy and in this article will go over not only the new regulation but also provide a short FAQ around it and its impact on people in Hong Kong.

About the European Union’s new data privacy law

There is a good chance that over the past few months you have had a number of emails from companies about how they have updated their privacy policies. Pretty much every major company around the world has actually done so in the past few months and the main reason as to why is that the EU’s General Data Protection Regulation (GDPR) becomes enforceable on 25 May 2018.

General insurance banner

The GDPR is a regulation passed by the EU that has been put in place to protect the data, information, and privacy of citizens of the EU’s member countries. The primary aim of this regulation is to give people the right to, and control of, their personal data. It also pushes for clearer and easier to understand data privacy policies.

The most important aspect of this law however is that it does not just apply to EU citizens living and residing in the EU. Instead, it applies to all foreign companies who process the data of EU residents (both foreign and citizen).

In other words, companies who have operations, say, only in Hong Kong, Singapore, or countries outside of the EU but who sell to Europeans and collect data on these customers are now required to meet the regulations set out by the GDPR.

Why update now?

Here at Pacific Prime Hong Kong, one of the insurance products we sell is International Private Medical Insurance (IPMI). These products are designed to cover people on a world-wide basis and are incredibly popular with expats.

As Hong Kong has a sizeable expat population, many of whom are from the EU, we are required to be compliant with the GDPR. One of the ways to show this is by providing an updated Privacy Policy that not only explains our compliance, but explains in greater detail how we collect, use, and define the data of our clients.

Our new Privacy Policy has been published (available here), and takes effect immediately for new clients, and as of May 18, 2018 for existing clients.  

What does Pacific Prime’s new Privacy Policy cover?

Our new Privacy Policy has been written to cover not only the requirements set out by the GDPR but also the requirements of Hong Kong’s Personal Data (Privacy) Ordinance. To make this policy as easy to read as possible, we have broken it up into sections.

These sections include:

  • Our stance on data collection, processing, and protection
  • What data we collect
  • Who collects the data
  • How data is collected
  • Consent and data
  • Why we collect data
  • How we use the data collected
  • When we share data
  • How you can view, edit, or delete your data
  • How we utilize cookies

There is a fair amount of information in this policy but the gist of it is: We only collect data that is contractually necessary (insurers require specific pieces of data in order to underwrite and sell you a plan – as a broker we are required to collect this data if you purchase a plan from us) and data for marketing purposes.

Data collected by us is never sold and only provided to third parties (e.g., insurers) as contractually necessary. Data that is not required for specific applications is either not collected or shared if it has been collected in the past.

All people who have provided data to us in Hong Kong, regardless of where they are from, have the right to view, modify, and request for us to delete their personal data. Instructions on how to do this are in the Privacy Policy.

Is Pacific Prime compliant with the GDPR?

We have taken every possible step to ensure that the data we collect and store is done so in a compliant manner with not only the GDPR but also Hong Kong’s Personal Data (Privacy) Ordinance.

I am not from Europe, does this law apply to me?

It is important to stress here that while the GDPR regulations only pertain to EU residents and citizens, we have taken steps to implement these requirements across the company.

If you are not a member of the EU yet request us to delete your data, we will do so. Be aware that if you are in the process of applying for health insurance or other coverage and request your data to be deleted, you could face delays or complications with the application process.

Where relevant, we will also follow local privacy regulations.

Will I need to provide Pacific Prime Hong Kong any information?

Pacific Prime Hong Kong has been following the GDPR’s regulations in some form or another for a number of years now. As such, any processes already in place are already compliant. This means that you do not have to do anything or provide us with any information if you are already a client.

If you are not a client, we will not request any data from you unless you choose to provide it, or it is required in order for us to start the process of securing insurance.

Should you have any questions about this policy or any other business that we undertake please do contact us today.  

Get a quote banner

Content Strategist at Pacific Prime Hong Kong
Jessica Lindeman is a Content Strategist at Pacific Prime. She comes to work every day living and breathing the motto of "simplifying insurance", and injects her unbridled enthusiasm for health and insurance related topics into every article and piece of content she creates for Pacific Prime.

When she's not typing away on her keyboard, she's reading poetry, fueling her insatiable wanderlust, getting her coffee fix, and perpetually browsing animal Instagram accounts.
Jess Lindeman
Latest posts by Jess Lindeman (see all)