AIG CyberPal — User Privacy Statement
Last Updated: 11 February 2021
Scope and Application
AIG Asia Pacific Insurance Pte. Ltd. (“AIG Singapore”, “we”, “us”) collects, uses and discloses information about you when you sign up for and use the AIG CyberPal mobile application (“AIG CyberPal”). This User Privacy Statement sets out what and how information is collected, why it is collected, to whom it may be transferred, how we store it, and how you may gain access to/request correction of such information or change your choice with regards to receiving promotional and/or marketing material.
It is entirely voluntary for you to provide such information, but there is certain information you must provide a) to access AIG CyberPal in the first place; and b) to use all functionalities of AIG CyberPal. By signing up to use AIG CyberPal, you agree and consent to the information you submit or which is collected through AIG CyberPal being collected, processed, used and transferred in the manner identified in this User Privacy Statement.
What information does AIG CyberPal collect?
What information do we ask you to provide directly to us?
When you sign up for and use AIG CyberPal, you will be asked to provide certain information about yourself, for the following reasons:
• Your phone number - When you first download AIG CyberPal, we ask you to provide your phone number for 2 step authentication. You, as the owner of the phone number, will be sent a time-sensitive numerical code via an SMS message which you then type back into the application to prove your identity.
• Your e-mail address - We ask you to provide your e-mail address as we will send a verification e-mail to you and send you the details of your rewards if you are entitled to any voucher redemptions on the app. Your e-mail address will also be shared with third party service providers when you click opt-in for “check if your e-mail was compromised in any cyber breach events/external sources.”
• Your username – We ask you to provide a username as the name which will be displayed within AIG CyberPal.
• Your Home WIFI Network – We ask you to provide details about your home WIFI network for eligibility and identification purposes. You are only allowed to connect to your personal home WIFI network when you use AIG CyberPal. As such, the provision of this information is a necessary condition of you accessing the functionality of AIG CyberPal.
• Your zip code – We ask you to provide your zip code to verify that it is a zip code for a residential address.
If you do not provide us with any of this information, you may not be able to access AIG CyberPal, or it may impact our ability to provide you with our services.
What information does AIG CyberPal collect and access when it is in use?
When you sign up for and use AIG CyberPal, AIG CyberPal will automatically collect certain information as follows:
• Network location - AIG Cyberpal collects the geo-location of your device and the network it is connected to. You may choose to disable geo-location tracking using the settings on your mobile device; however, this may affect your ability to access AIG CyberPal, or it may impact our ability to provide you with our services.
• Device Information – AIG CyberPal functions by collecting device information such as IP address, mac address, name, open ports, available applications, browser, screen resolution, screen colors, flash version, java support, network provider, host name device category, mobile input selector, mobile operating systems, device type/manufacturer, operating systems and versions, network type and wireless carrier/mobile network operator.
• Network/Wifi states – AIG CyberPal functions by collecting network configuration and network behavior information when you perform a scan.
Information from other sources
We may receive information about you from other sources as follows:
• Other AIG services – We may receive information about you if you use any other services (including websites or other mobile applications) operated by us or our affiliates.
• Third parties – We may also collect certain information from third parties (including our agents, vendors, suppliers, contractors, partners and any others who provide services to us, perform functions on our behalf, or whom we collaborate with). In such cases, we will only collect your information for or in connection with the purposes for which such third parties were engaged or the purposes of our collaboration with such third parties and as described above.
• Social media – If you connect with us via certain social media platforms, or if you use features on AIG CyberPal which connect you to our online profiles or social media accounts, we may collect information that you allow through your settings on those social media accounts. You can control what information is shared with us using the applicable social media account privacy settings.
Important information about platform permissions
Most mobile platforms have defined certain types of device data that apps cannot access without your permission and platforms provide different permission systems for gaining your consent. The iOS platform will alert you the first time AIG CyberPal wants access to a particular function (usually the first time you use that function) and asks you to give permission for that function to be used at that point. Android devices will notify you of all the permissions AIG CyberPal may need for all functions when you first register for the app and your use of the app constitutes your consent. The above explanations, we hope, gives you full details of the functionalities which AIG CyberPal needs access to, why and when it will use them.
How do we use your information?
In addition to the reasons set out above, we may also use your information for the following purposes:
• Identification and registration - We may use your information to register you as a user and to manage your account, and to identify you to us and to others (such as to other users of AIG CyberPal).
• Communications - We may use your information to communicate with you. This may include communications related to cyber safety such as alerts relating to potential cyber attacks, or reminders about activities which are important for your cyber safety. We may also use your information to communicate with you about AIG CyberPal, such as to answer your queries or send notifications about AIG CyberPal (for example, if we need to suspend AIG CyberPal for maintenance).
• Providing features and funtionality available on CyberPal - We may use your information to provide the features and functionality available on CyberPal, such as scanning your network, performing background updates, detecting cyber vulnerabilities including checks to ascertain whether your e-mail address was compromised in any cyber breach events/ external sources if you have opted-in for such service, executing risk prediction and matching security recommendations and chatbot activities to your device.
• Marketing and promotional activities - We may use your information to provide advertising and marketing information to you, including marketing our (or our affiliates’) insurance products and services. We may also use your information to enroll you in contests and other similar promotions.
• Personalizing your experience - We may use your information to personalize AIG CyberPal to meet your needs and preferences, such as providing information and recommendations which are tailored to you.
• Monitoring and analysis – We may use your information to monitor and analyze user activity, including for statistical analysis, quality control, improvement and marketing, promotional and advertising purposes.
• Matching information about you – We may match any information about you collected by or through your use of AIG CyberPal with other information about you held by us or our affiliates from time to time for any of the purposes listed in this Privacy Statement.
How do we share your information?
Who are our affiliates?
We may share your information with our affiliates.
Which third parties we may transfer your information to?
We may disclose to or share your information to third parties as follows:
• Services providers - Information collected through AIG CyberPal is stored on cloud servers run by AIG affiliates or third party cloud hosting providers. On-going application support for AIG CyberPal is provided by third party software service providers with whom AIG Singapore contracts, who in providing such support may require access to the information collected through AIG CyberPal. If you have opted-in for checks to be conducted on your e-mail address to ascertain whether it was compromised in any cyber breach events/ external sources, we will share your e-mail address with third party service providers to conduct the checks. We may also share your information with other service providers including auditors, lawyers, banks, financial institutions and other professional advisors, as well as advertising, marketing, research and analysis service providers, and any other service providers which help us carry out our business.
• Transactions – We may share your information with purchasers and prospective purchasers or other parties in connection with any actual or proposed reorganization, merger, sale, joint venture, assignment, transfer or other transaction relating to all or any portion of our business, assets or stock.
• Government authorities and law enforcement - We may share your information with government authorities and/or law enforcement agencies, or with our lawyers and other advisors, where required or authorized by applicable laws or other guidelines or codes of practice issued by regulatory authorities or in connection with legal proceedings.
Where do we store your information?
For the above third parties to access your information, data collected through AIG CyberPal may be transferred to places outside of Singapore (where the cloud data centers and AIG data centers are based and where the service providers are based). The countries/jurisdictions to which personal data is transferred by AIG Singapore include, without limitation:
• United States of America, Australia, Malaysia, Philippines, India, Canada, United Kingdom and European Union.
Can you opt-out?
Opt-out for Promotional Communications
We may use your information to contact you from time to time about our insurance products which may be of interest to you. You may opt out of receiving such promotional messages from us at any time by sending SMS to 76161 in the following format “optoutNRIC/FIN number” or call us at +65 6419 3000. Alternatively, you can opt out via our website at https://www-411.aig.com.sg/contactus/CustomerForm.aspx
Upon receipt of any opt-out request from you, we will, at no cost to you, act on your request and ensure that your information will not be used as indicated in your request.
Changes to this User Privacy Statement
We reserve the right to make changes to this User Privacy Statement at any time. We will publish the updates on AIG CyberPal and/or our website. Please refer to the “Last Updated" date at the top of this User Privacy Statement to see when it was last updated. You agree that it is your responsibility to review this User Privacy Statement regularly for any updates, and that your continued use of AIG CyberPal constitutes your acceptance to this User Privacy Statement and any of its amendments.
If you have any questions regarding this User Privacy Statement, please contact us at: firstname.lastname@example.org