Privacy Notice

October 2022

1. bolttech Privacy Notice

This Privacy Notice ("Notice") describes how bolttech Insurance Agency Pte Ltd and its affiliates (collectively referred to as "bolttech", "we", "us" or "our") collects, uses and shares personal data in the context of our websites, business contacts, suppliers, (together referred to as "you" or "your") or otherwise for the purposes of conducting or developing business relationships with you. This Notice also explains your ability to edit, update, correct, or delete your personal data and certain security procedures that we have implemented to protect personal data in line with relevant data protection legislation

In this Notice, you can find out more about:

How we collect personal data, the types of personal data we collect and the purposes for which personal data is collected
Direct Marketing and how you can manage your marketing preferences
How we share information within bolttech and with our service providers, regulators and other third parties
International transfers of personal data
Cookies and third-party links
How we store and protect personal data
Accessing or correcting your personal data
Modifications to this Notice
How you can contact us for more support.

2. When we collect personal data, the types of personal data we collect and the purposes for which personal data is collected

In this section, you can find out more about:

When we collect personal data
The types of personal data we collect and how we use personal data

This website is not intended for children, and we do not knowingly collect data relating to children.

3. When we collect personal data

We may collect personal data about you if you:

use one of our websites or online services, you are a registered user, or you choose to register on our websites (Website Users);
obtain one of our services (Customers); or
work with us as a business partner (Business Partners).

4. The types of personal data we collect and how we use personal data

On using our website, bolttech collects metadata that result from your usage of our websites including referral page, date and time of access, type of web browser, IP-address, geographic location as determined by your IP address, operating system and interface, language and version of browser software, session information (such as download errors and page response times).

Your IP address will be used to enable your access to our websites. The metadata will be used to improve the quality and services of our websites by analyzing the usage behavior of our users.

If you commence direct communications via our websites enquiry form, by telephone or writing to us, the nature of the enquiry (e.g., as tick box selection from service type/careers/other) and your message will also be collected and processed to respond to your communications and to improve our services. If you are a registered user or choose to register on a bolttech website, you may be asked to provide the following personal data about you: first and last name, work phone number, company name, email address, personal telephone number, address, and primary usage.

Bolttech will process this personal data to provide you with the services for registered users, verify the legitimacy of your account, to avoid fraudulent accounts being opened, provide you with the products and services requested by you, customer support, contact forms, marketing materials as selected by you, inform you about system issues, comply with legal obligations, and defend, establish and exercise legal claims.

The personal data collected from Website Users is also used to personalize your experience of our websites. We may use such information in the aggregate to understand how you use our services and the resources provided on our websites. We may also use the feedback you provide to improve our services.


If you obtain products or services from bolttech, you may be asked to provide, among other things, the following personal data about you, your representative and/or your contact person:

Information about you (such as name, gender, nationality, race, occupation), contact information (such as residential address, email address, mobile phone number), family background (such as spouse and children’s information)
Your health and medical information (such as pre-existing medical condition, medical history, health records)
Your financial information (such as credit card details, bank account number)
Your account user information (such as user name, password)
Your personal government-issued identification document numbers such as NRIC/FIN/work permit/birth certificate, and passport numbers; as required by financial / insurance sectoral law or necessary to accurately establish or verify your identity to a high degree of fidelity
Your other information relevant to your insurance application or claim (such as motor vehicle licence number, photos, videos, travel history, previous claim history)
Your CCTV images when you visit our offices
Your academic and employment history, professional and work experience, and other relevant information usually provided in the Curriculum Vitae

bolttech will use such personal data to process your order, deliver the products or services ordered, provide customer care services, provide you with marketing materials as selected by you, provide you with bolttech updates and/or newsletters, to maintain our client relationship management systems, to investigate any complaint you may make, provide evidence in any dispute or anticipated dispute between you and us, to detect, investigate, report and seek to prevent fraud and anti-money laundering, for example through know-your-customer (KYC) checks, anti-money laundering (AML) and counter terrorism financing (CTF), economic and financial sanctions screening and other identity checks, comply with other legal obligations, defend, establish and exercise legal claims, and aggregate it on an anonymous basis with other data for data analytic and reporting purposes. We may also need to conduct credit and fraud checks on business customers and certain officers of your business, such as your directors.

Business Partners

If you work with us as a Business Partner or a service provider, we will collect personal data from you, your representative and/or your contact person such as your full name, job title, email address, phone number.
Most of the personal data is obtained directly from you. In addition, we will collect personal data from other public sources such as credit reference agencies.
We use this information to review/assess your suitability as a Business Partner or service provider, to comply with our legal obligations, to detect investigate, report, and seek to prevent fraud and anti-money laundering, for example through know- your-customer (KYC) checks, economic and financial sanctions screening and other identity checks and to meet our obligations under any contracts we have with you, we may also need to conduct credit and fraud checks on your business and certain officers of your business, such as directors.

5. Emails

If you send to, or receive emails from us, we may monitor their content to ensure compliance with our internal policies and to protect our business.

6. How we manage the collection and processing of your personal data

We will only collect, use, and share your personal data where we are satisfied that we have an appropriate legal basis to do this. In general, we do this by obtaining your consent at the point of data collection and notify you of what we are collecting and why we are collecting it, such as by providing a link to this Notice. In some cases, we may rely on deemed consent such as where you have voluntarily provided us with your personal data along with a specific request or for a specific purpose.

If you engage with us on behalf of another individual, you must first obtain consent or otherwise demonstrate that you are authorized to act on behalf of that individual in order for us to collect, use or disclose their personal data. Where consent can be obtained, that individual must be notified of the purposes for the collection, use or disclosure of their personal data. You may contact us to withdraw your consent upon reasonable notice by contacting us through the bolttech Data Subject Request Web Portal or [email protected]. Please be aware that by withdrawing your consent you may no longer be receive important information from us about our products or services, and in certain circumstances we may no longer be able to offer you our services at all.

7. Direct marketing and how you can manage your marketing preferences

How we use personal data to keep you up to date with our products and services

We may use personal data to let you know about our products or services that we believe will be of interest to you and/or provide you with our newsletters. We may contact you by email, post, or telephone or through other communication channels that we think you may find helpful. In all cases, we will respect your preferences for how you would like us to manage marketing activity with you.

As a rule, we will obtain your consent prior to sending you marketing materials. We will only contact you with marketing materials without your prior consent if this is permitted by law.

How you can manage your marketing preferences

To protect privacy rights and to ensure you have control over how we manage marketing with you:
we will take steps to limit direct marketing to a reasonable and proportionate level and bolttech will only send you communications which we believe may be of interest or relevance to you;
you can ask us to stop direct marketing at any time you can ask us to stop sending email marketing, by following the "unsubscribe" link you will find on all the email marketing messages we send you. Alternatively, you can submit a request through the bolttech Data Subject Request Web Portal or by email to [email protected]. Please specify whether you would like us to stop all forms of marketing or just a particular type (e.g. email); and
you can change the way your browser manages cookies, which may be used to deliver online advertising, by following the settings on your browser as explained in the section on Cookies.

8. How we share information within bolttech group and with our service providers, regulators and other third parties

We share your personal data in the manner and for the purposes described below:

With other bolttech entities within our group: Your personal data will be received by different recipients such as other bolttech entities. We make such transfers where it is necessary to provide you with our services or to manage our business.
With third parties who help manage our business and deliver services: bolttech engages external service providers such as legal services, website service providers, marketing service providers, IT support service providers, email administrators, payment processors, insurance companies, banks, underwriters, and customer service providers. When providing such services, the external service providers may have access to and process your personal data. We request those external service providers to implement and apply security safeguards to ensure the privacy and security of your personal data. These third parties have agreed to confidentiality restrictions and to use of any personal data we share with them or which they collect on our behalf solely for the purpose of providing the contracted service to us.
With clinics and hospitals.
Where bolttech is acting as a broker and you purchase a product or service through us, your personal data may be shared with the insurer and/or business partner for the purposes of enrolling you in the service and processing your claim.
With regulatory authorities and government agencies e.g. Monetary Authority of Singapore, Ministry of Manpower.
In the event of a corporate merger and acquisition, your personal data will be transferred to the third parties being involved in the merger and acquisition in accordance with applicable law.

9. International transfers of personal data

The personal data that we collect or receive about you may be transferred to and processed by recipients who are located within and outside of Singapore (such as our offices in Malaysia, Hong Kong, or the EU), where the level of data protection may not be equivalent to the level of protection applicable in Singapore. When we transfer personal data outside of Singapore to a location that does not have equivalent levels of data protection, we enter into a contract with the recipient requiring them to provide the data with an equivalent level of protection.

10. Cookies

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.

Cookie Subgroup   CookiesCookies Used  NoneNone  NoneNone

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance.

Cookie Subgroup   CookiesCookies Used  NoneNone  _gid, _gaFirst Party

Targeting Cookies

These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Cookie Subgroup   CookiesCookies Used  NoneNone  Cookies set by YouTube including YSC, VISITOR_INFO1_LIVE, CONSENT, yt.innertube::nextId, yt.innertube::requestsThird Party

11. Third-party links

Our websites contain links to websites operated and maintained by third parties over which bolttech has no control. Any information you provide to third-party websites will be governed under the terms of each website’s privacy policy, and we encourage you to investigate and ask questions before disclosing any information to the operators of third-party websites. We have no responsibility or liability whatsoever for the content, actions, or policies of third-party websites. The inclusion of third-party websites on our site in no way constitutes an endorsement of such websites’ content, actions, or policies.

12. How we store and protect personal data

How long does bolttech keep your personal data? We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements.

Details of retention periods for different aspects of your personal data are available in our retention policy. For queries about bolttech data retention processes please submit an Information Request through the bolttech Data Subject Request Web Portal or by contacting [email protected].

In some circumstances we will anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may retain this information indefinitely without further notice to you.

We have adopted appropriate data collection, storage and processing practices, technical, organisational and security measures designed to protect against unauthorized access, alteration, disclosure or destruction of the personal data that you share with us. For example, such measures include: placing confidentiality requirements on our staff members and service providers;
permanently removing personal data if it is no longer needed for the purposes for which it was collected;
following security procedures in the storage and disclosure of your personal data to prevent unauthorised access to it; and
using secure communication channels such as SSL ("secure sockets layer") for transmitting data that is sent to us. SSL is an industry standard encryption protocol used to protect online transaction channels. As the security of information depends in part on the security of the computer you use to communicate with us and the security you use to protect user IDs and passwords, please take appropriate measures to protect this information.

13. Accessing or correcting your personal data

We will take steps in accordance with applicable legislation to keep your personal data accurate, complete and up-to-date. Depending on the purposes of the processing, you have the right to have incomplete personal data completed, including by means of providing a supplementary statement. You also have the right to request access to your personal data as well as additional information about the processing and to request us to erase the personal data we hold about you.
To make a request to access or correct your personal data, please visit the bolttech Data Subject Request Web Portal or contact [email protected]. We endeavor to fulfil data subject request within 30 days of their receipt and verification of the individual.
We may ask you for additional information to confirm your identity and for security purposes, before disclosing the personal data requested to you. We reserve the right to charge a fee where permitted by law, and may do so, for example, in cases where your request is manifestly unfounded or excessive.

We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.

14. Modifications to this notice

bolttech reserves the right to change this Notice at any time. Any changes to this Notice will be effective immediately upon notice, by posting the latest version on our websites.

15. Contact us

If you have any questions, concerns or complaints regarding our compliance with this Notice, the information we hold about you or if you wish to exercise your rights, we encourage you to first submit an Information Request or File a Complaint through the bolttech Data Subject Request Web Portal or contact [email protected].

We will investigate and attempt to resolve complaints and disputes and make every reasonable effort to honor your wish to exercise your rights as quickly as possible and in any event, within the timescales provided by data protection laws.