Our Privacy Principles
- Personal Data you provide is processed fairly, lawfully and in a transparent manner;
- Personal Data you provide is collected for a specific purpose and is not processed in a way which is incompatible with the purpose which TRM Insurance Brokers collected it;
- Your Personal Data is adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed;
- Your Personal Data is kept accurate and, where necessary kept up to date;
- Your Personal Data is kept no longer than is necessary for the purposes for which the Personal Data is processed;
- We will take appropriate steps to keep your Personal Data secure;
- Your Personal Data is processed in accordance with your rights;
- We will only transfer your Personal Data to another country or an international organization outside the European Economic Area where we have taken the required steps to ensure that your Personal Data is protected. Such steps may include placing the party we are transferring information to under contractual obligations to protect it to adequate standards;
- TRM Insurance Brokers will not sell your Personal Data and will also not permit the selling of customer data by any companies who provide a service to us
How do we collect your Personal Data?
We collect Personal Data directly from you:
- via enquiry, registration, claim forms, feedback forms and forums
- when you purchase any of our products or services;
- when you fill out a survey, or vote in a poll on our website;
- through quotes and application forms;
- via cookies.
- via our telephone calls with you, which may be recorded;
- when you provide your details to us either online or offline;
- via live chat, chatbot and profilers
- through web analytics tags
We also collect your Personal Data from several different sources including:
- directly from an individual or employer who has a policy with us under which you are insured, for example you are a named driver on your partner’s motor insurance policy;
- directly from an employer which funds a Health Insurance policy that we administer where you are a beneficiary;
- from social media, when fraud is suspected; and
- Other third parties including:
- your family members where you may be incapacitated or unable to provide information relevant to your policy;
- contractors, consultants, business partners who sell our products and services via their platforms and channels
- medical professionals and hospitals; aggregators (such as price comparison websites); third parties who assist us in checking that claims are eligible for payment; third parties such as companies who provide consumer classification for marketing purposes e.g. market segmentation data; and
- third parties who provide information which may be used by TRM Insurance Brokers to inform its risk selection, pricing and underwriting decisions.
What Personal Data do we collect?
The information that we collect will depend on our relationship with you. Where other people are named on your policy, we may ask you to provide the information below in relation to those people too, if this is relevant to your insurance.
Where TRM Insurance Brokers is the data controller of your Personal Data, we may collect the following about you:
- Personal Data contact details such as name, email address, home/office address and telephone number
- details of any other persons included on the policy where they are named on your policy and the relationship to you as policyholder;
- identification information such as your date of birth, national identity number, Bank verification number including other identification number from your passport, driving licence and other valid means of identification;
- financial information such as bank details
- information relevant to your insurance policy such as details about your vehicle, property, previous policies or claims, recent damage, information about your travel plans, destination, planned activities and dates of travel
- information relevant to your claim or your involvement in the matter giving rise to a claim
- information about the nature of your business and commercial assets
- your marketing preferences
- Sensitive Personal Data
- details of your current or former physical or mental health
- details concerning sexual life or sexual orientation, for example marital status
Privacy of Children
We respect the privacy of children. We do not knowingly collect names, email addresses or any other Personal Data from children except where this is required to register them as beneficiaries in relation to a policy or other products. We do not knowingly market to children nor do we allow children under 18 to purchase any of our products or services.
How do we use your Personal Data?
Under applicable data protection laws we need a reason to use and process your Personal Data and this is called a legal ground. We have set out below the main reasons why we process your Personal Data and the applicable circumstances when we will do so:
- Processing is necessary in order for us to provide your insurance policy and services, such as assessing your application and setting you up as a policyholder or investments account holder, beneficiary, administering and managing your insurance policy or benefits, providing all related services, providing a quote, handling and paying claims and communicating with you. In these circumstances, if you do not provide such information, we will be unable to offer you a policy or process your claim.
- We may use Cloud storage solutions within or outside Nigeria which are chosen to ensure efficiency and improved performance through up to date technology.
- Where we have a legal or regulatory obligation to use such Personal Data, for example, when our regulators such as the National Insurance Commission (NAICOM), Corporate Affairs Commission and our data protection regulator, the National Information Technology Development Agency (NITDA) wish us to maintain certain records of any dealings with you.
- To comply with: local or foreign laws, regulations, voluntary codes, directives, judgments or court orders, agreements between any member of TRM Insurance Brokers, SIFAX Group and any authority, regulator, or enforcement agency; policies (including the SIFAX Group’s policies), good practice, government sanctions or embargoes, reporting requirements under financial transactions legislation and demands or requests of any authority, regulator, tribunal, enforcement agencies including but not limited to the Nigerian Financial Intelligence Unit (“NFIU”) and the Economic and Financial Crimes Commission (“EFCC”), or exchange bodies;
- Where we need to use your Personal Data to establish, exercise or defend our legal rights, for example when we are faced with any legal claims or where we want to pursue any legal claims ourselves;
- Where we need to use your Personal Data for reasons of substantial public interest, such as investigating fraudulent claims and carrying out fraud, credit and anti-money laundering checks, identification checks;
- Where we need to communicate with you to resolve complaints or other issues;
- Where we have a specific legal exemption to process sensitive Personal Data for insurance purposes. This exemption applies where we need to process your Personal Data as an essential part of the insurance cover, for example health data.
- Where you have provided your consent to our use of your Personal Data. We will usually only ask for your consent in relation to processing your sensitive Personal Data (such as health data) or when providing marketing information to you (including information about other products and services). This will be made clear when you provide your Personal Data. If we ask for your consent, we will explain why it is necessary. Without your consent in some circumstances, we may not be able to provide you with cover under the policy or handle claims or you may not be able to benefit from some of our services. Where you provide sensitive Personal Data about a third party, we may ask you to confirm and provide proof that the third party has provided his or her consent for you to act on their behalf;
- Where we have appropriate legitimate business need to use your Personal Data such as maintaining our business records, developing and improving our products and services, all whilst ensuring that such business need does not interfere with your rights and freedoms and does not cause you any harm.
- Where we need to use your Sensitive Personal Data such as health data because it is necessary for your vital interests, this being a life or death matter.
Who do we share your Personal Data with?
Disclosures within our Group
In order to provide our services your personal information may be shared with other companies in the SIFAX Group. Your personal information might be shared for our general business administration, efficiency and accuracy purposes or for the prevention and detection of fraud.
Disclosures to Third Parties
- Your relatives or, guardians (on your behalf where you are incapacitated or unable) or other people or organization associated with you such as your Insurer or your lawyer
- Where you have named an alternative contact (such as a relative) to speak with us on your behalf. Once you have told us your alternative contact, this person will be able to discuss all aspects of your policy (including claims and cancellation) with us and make changes on your behalf;
- Our insurance partners such as Insurers, reinsurers or other companies who act as insurance distributors;
- Other third parties who assist in the administration of insurance policies such as Insurance Company if there has been an accident which requires a claim to or from that Insurance Company;
- We may share the Personal Data of any persons named on the policy with third parties to obtain information which may be used by AXA to inform its risk selection, pricing and underwriting decisions;
- Fraud detection agencies and other third parties who operate and maintain fraud detection registers;
- The police and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime;
- Nigerian Insurance Industry Database;
- Our third-party services providers such as IT suppliers, actuaries, auditors, lawyers, marketing agencies, research specialists, document management providers and tax advisers;
- Other suppliers, providers of goods and services associated with this insurance and/or to enable us to deal with any claims you make;
- Customer satisfaction survey providers;
- Financial organizations and advisers;
- Overseas assistance companies;
- Loss Adjusters;
- Emergency Assistance Companies;
- Your healthcare practitioner;
- Your Insurers for the purpose of obtaining a claims payment
- Selected third parties in connection with the sale, transfer or disposal of our products
- Disclosure of your Personal Data to a third party outside of the SIFAX Group will only be made where the third party has agreed to keep your information strictly confidential and shall only be used for the specific purpose for which we provide it to them.
We may also disclose your personal information to other third parties where:
- We are required or permitted to do so by law or by regulatory bodies such as where there is a court order, statutory obligation or Prudential Regulatory Authority / Financial Conduct Authority; or
- We believe that such disclosure is necessary in order to assist in the prevention or detection of any criminal action (including fraud) or is otherwise in the overriding public interest; or
- Exemptions under the data protection legislation allow us to do so
Some of the recipients and technical solutions set out above may be in other countries outside Nigeria. Where we make a transfer of your Personal Data outside of Nigeria, in all cases where Personal Data is transferred to a country which is deemed not to have the same standards of protection for personal data as Nigeria, TRM Insurance Brokers will ensure appropriate safeguards have been implemented to ensure that your Personal Data is protected where standards are not the same or similar to those standards within Nigeria. Such steps may include placing the party we are transferring Personal Data to under contractual obligations to protect it to adequate standards. Occasionally, there may also be some circumstances where we are required to transfer your Personal Data outside of Nigeria and we shall rely on the basis of processing it for being necessary for the performance of your contract; for example, where you have a travel insurance policy and we need to contact you when you are outside Nigeria.
How long do we keep records for?
You can ask us to do various things with your Personal Data. For example, at any time you can ask us for a copy of your Personal Data, ask us to correct mistakes, change the way we use your information, or even delete it. We will either do what you have asked or explain why we cannot – usually because of a legal or regulatory issue. You have the following rights in relation to our use of your Personal Date.
The right to access your Personal Data:
You are entitled to a copy of the Personal Data we hold about you and certain details of how we use it. Your Personal Data will usually be provided to you in writing, unless otherwise requested. We may charge you a reasonable fee to cover the cost.
The right to rectification:
We take reasonable steps to ensure that the Personal Data we hold about you is accurate and complete. However, if you do not believe this is the case, please contact us by using the details shown in your documentation and you can ask us to update or amend it.
The right to erasure:
In certain circumstances, you have the right to ask us to erase your Personal Data, for example where the Personal Data we collected is no longer necessary for the original purpose or where you withdraw your consent. However, this will need to be balanced against other factors, for example according to the type of Personal Data we hold about you and why we have collected it, there may be some legal and regulatory obligations which mean we cannot comply with your request.
Right to restriction of processing:
In certain circumstances, you are entitled to ask us to stop using your Personal Data, for example where you think that the Personal Data we hold about you may be inaccurate or where you think that we no longer need to process your Personal Data.
Right to data portability:
In certain circumstances, you have the right to ask that we transfer any Personal Data that you have provided to us to another third party of your choice. Once transferred, the other party will be responsible for looking after your Personal Data.
The right to withdraw consent:
For certain uses of your Personal Data, we will ask for your consent. Where we do this, you have the right to withdraw your consent to further use of your Personal Data. Please note in some cases we may not be able to process your insurance if you withdraw your consent.
Changing and accessing your Personal Data:
To the extent required by applicable law, you may be able to request that we inform you about the Personal Data we maintain about you and, where appropriate, withdraw your consent for certain data processing activity and/or request that we update, correct, delete, and/or stop processing your Personal Data. We will respond to your access requests within the period specified by relevant legislation and make all required updates and changes within the time specified by applicable law and as required by law.
When permitted by law, we may charge an appropriate fee to cover the costs of responding to the request. Where the timeline specified in an applicable law cannot be met, we will communicate same to you and take steps to notify you where we require an extension.
How we protect Personal Data:
We take reasonable measures to protect Personal Data from unauthorized access, disclosure, alteration, or destruction to ensure that Personal Data is accurate and up-to-date as appropriate because:
- We have put in place strict measures and technologies to prevent fraud and intrusion.
- Our employees are trained in data protection and security to respect and preserve confidentiality, integrity and availability of information held by us.
Breach/ Privacy Violation
In the event of a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal information, TRM Insurance Brokers shall within 72 (seventy- two) hours of having knowledge of such breach report the details of the breach to NITDA. Furthermore, TRM Insurance Brokers shall within 7 (seven) days of having knowledge of the occurrence of such breach take steps to inform the Data Subject of the breach incident, the risk to the rights and freedoms of the Data Subject resulting from such breach and any course of action to remedy said breach.
We may share information with other TRM Insurance Brokers entities in order to inform you of other products and services that may be of interest to you or members of your family, but we will only do this where you have provided your consent. You can always change your mind by contacting us using the details shown in your documentation and telling us you no longer wish to be contacted.
If you wish to unsubscribe from emails sent by us, you may do so at any time by following the unsubscribe instructions that appear in all emails. Otherwise you can always contact us using the details set out in your documentation to update your contact preferences. In such circumstances, we will continue to send you service related (non-marketing) communications where necessary.
We would like to keep you informed, from time to time about relevant products and services. We may do this by mail, email, telephone or other electronic methods such as text message. In order to help us get to know you and identify what products and services may interest you we obtain information about you from other sources inside and outside the SIFAX Group for example, companies who provide consumer classification and market segmentation data for marketing purposes.
From time to time, we may run specific marketing campaigns through social media and digital advertising that you may see which are based on general demographics and interests. Individual personal information is not used for these campaigns. If you do not want to see any campaigns, then you will need to adjust your preferences within social media settings and your cookie browser settings.
We may also share information that we collect about you for marketing within the SIFAX Group. If you do not want to receive such promotional materials from us, you can opt out at any time by sending an email to firstname.lastname@example.org.
Please note that we may retain any data provided to us on our websites for a limited period, even if you do not complete your quote. The information may be used to enquire as to why you did not complete your quote or for us to better understand your needs.
Our Contact Information
If you would like any more information about the way we use your information, or if you wish to exercise the rights listed above, please contact us using the details below:
The Compliance Officer
TRM Insurance Brokers Limited
10 Anifowoshe Street,
Off Adeola Odeku,
You have a right to complain to the Information Regulator if you think that your information has been misused. The contact details are:
National Information Technology Development Agency
Tel: +234929220263, +2348168401851, +2347052420189