Privacy Policy - Argus Bermuda
Sign In
This Privacy Policy was last modified in October 2021, and should be read together with the Terms and Conditions of Use.
PLEASE READ THIS PRIVACY POLICY (THE “POLICY”) CAREFULLY BEFORE USING THE ARGUS WEBSITES. BY ACCESSING AND USING THE ARGUS WEBSITES, YOU INDICATE YOUR ACCEPTANCE OF THIS POLICY.
This Policy is provided by Argus Group Holdings Limited (“Argus Holdings”), which controls and operates the Argus Websites. Argus Holdings and its wholly owned subsidiaries and affiliates operates under the name “the Argus Group”.
This Policy details the treatment of your Personal Information by the Argus Group whilst visiting the Argus Websites (the term "Argus Websites" refers to all web sites relating to the Argus Group, as well as to the content on them). By accessing the Argus Websites, you consent to the processing of your Personal Information as described in this Policy.
Please note that certain details of this Policy may depend on whether you deal with us through a professional advisor, directly as an individual, or whether the Argus Group provides group services to your employer or plan sponsor.
This Policy applies to the following companies currently within the Argus Group:
ARGUS GROUP HOLDINGS LIMITED;
ARGUS INSURANCE COMPANY LIMITED;
ARGUS INSURANCE COMPANY (EUROPE) LIMITED;
ARGUS INVESTMENT STRATEGIES FUND LIMITED:
ARGUS MANAGEMENT SERVICES LIMITED;
ARGUS WEALTH MANAGEMENT LIMITED;
BERMUDA LIFE INSURANCE COMPANY LIMITED;
CENTURION INSURANCE SERVICES LIMITED;
ANTES INSURANCE BROKERS LIMTED;
WESTMED INSURANCE SERVICES LIMITED;
ISLAND HEALTH SERVICES LTD.; AND
I.H.S. LABORATORIES LTD.
REGULATION AND PRIVACY
The protection of your privacy and the confidentiality of your personal information are of paramount concern to the Argus Group. As certain parts of the Argus Websites are located in different jurisdictions, information submitted through the Argus Websites may be stored inside or outside of Bermuda, Gibraltar or Malta.
Information stored in Bermuda is subject to Bermuda law, and relevant Argus Websites are regulated by the Electronic Transactions Act 1999 and the Standard for Electronic Transactions (the “Standard”) issued thereunder, and the Argus Group fully complies with the data protection principles stated in the Standard.
Information stored in Gibraltar is subject to the Data Protection Act 2004 and the Communications (Personal Data and Privacy) Regulations 2006.
Information stored in Malta is subject to the Data Protection Act, Chapter 440.
Information stored outside of Bermuda, Gibraltar and Malta is subject to the laws of the jurisdiction in which the information is stored.
Additionally, any processing of personal data within members of the Argus Group is done in accordance with the principles and various Articles established in the EU General Data Protection Regulation 2016 (GDPR) and in compliance with the rules on cross border transfers of personal data covered by the GDPR.
THE DATA PROTECTION OFFICER
The Argus Group have appointed a data protection officer (DPO) who is responsible for overseeing questions in relation to this privacy policy and other relating queries or issues relating to the Personal Information held by the Argus Group.
If you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the DPO using the details set out below.
COLLECTION OF INFORMATION
You can visit the Argus Websites without providing any personal information about yourself.
The Argus Group does not collect information about individual users (“Personal Information”), except where this is specifically stated and provided with the user’s knowledge. The information that the Argus Group collects via the Argus Websites consists of voluntarily submitted Personal Information that is required to provide information or goods and services requested through the website.
The Argus Group may also collect public and non-public Personal Information about you from any of the following sources:
- You or your representative on written applications or forms (for example, name, address, social insurance number, birth date, assets and income);
- You or your employer or plan sponsor if the Argus Group provides them with certain services (for example, pensions, group life or group health);
- Transactional activity in your account (for example, trading history and balances);
- Other interactions with the Argus Group (for example, discussions with our customer service staff);
- Information from other third-party data services (for example, to verify your identity and to better understand your product and service needs);
- You or your representative regarding your preferences (for example, your choice of electronic statement delivery, or the screen layout you specify if you use on certain Argus Web sites); or
- Other sources with your consent or with the consent of your representative (for example, from other institutions if you transfer into the Argus Group).
Personal Data does not include data where the identity has been removed (anonymous data).
We also collect, use and share aggregated data such as statistical or demographic data for any purpose. Aggregated data may be derived from your Personal Data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. However, if we combine or connect aggregated data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data which will be used in accordance with this privacy notice.
The Argus Group also collects non-specific visitor information. When you visit the Argus Websites, the Argus Group may collect usage information to help understand how the website is navigated and used, such as computer browser type, Internet protocol address (IP address), pages visited, and average time spent on the Argus Websites. This data does not include any Personal Information about you and is used only to measure and improve the effectiveness of the website or to perhaps alert you to software compatibility issues.
The Argus Group may use third-party service providers to help us analyze certain online activities, and may permit these service providers to use cookies and other technologies, such as web beacons or pixel tags, to perform these services for the Argus Group. The Argus Group does not control these third-party service providers and are not responsible for their privacy statements. When you leave the Argus Website website, the Argus Group encourages you to read the privacy notice of every website you visit. The Argus Group does not share Personal Information about our customers with these third-party service providers, and these service providers do not collect such information on behalf the Argus Group.
USE OF INFORMATION
The information you provide through the Argus Websites may be used:
- lawfully, fairly and in a transparent way;
- collected only for specified and legitimate purposes that we have clearly explained to you and not used in any way that is incompatible with those purposes;
- adequate, relevant and limited to what is necessary in relation to the purposes we have told you about;
- accurate and kept up to date;
- not kept in a form which permits your identification for longer than necessary and kept only as long as necessary for the purposes we have told you about;
- kept secure.
We set out in the table below the purposes for which we might use your Personal Data:
|
Purpose |
Categories of Data |
Basis for Processing |
Disclosures |
|
QUOTATION / Setting you up as a client, including fraud, credit and anti-money laundering and sanctions checks |
Personal Data:
|
Personal Data:
|
|
|
Special Categories of Personal Data:
|
Special Categories of Personal Data:
|
||
|
QUOTATION / INCEPTION Evaluating the risks to be covered and matching to appropriate policy/premium |
Personal Data:
|
Personal Data:
|
|
|
Special Categories of Personal Data:
|
Special Categories of Personal Data:
|
||
|
QUOTATION / INCEPTION Collection or refunding of premium |
Personal Data:
|
Personal Data:
|
|
|
POLICY ADMINISTRATION General client care, in accordance with your insurance plan (including reasonable and expected communication with healthcare providers, local and overseas case management services, transport services) This includes, communication with you regarding administration and requested changes to the insurance policy or any other services provided in conjunction with those benefits. Sending you updates regarding your insurance policy. Notifying you about changes to our terms or privacy notice |
Personal Data:
|
Personal Data:
|
|
|
Special Categories of Personal Data:
|
Special Categories of Personal Data:
|
||
|
CLAIMS PROCESSING
Managing insurance claims including fraud, credit and anti-money laundering and sanctions checks |
Personal Data:
|
Personal Data:
|
|
|
Special Categories of Personal Data:
|
Special Categories of Personal Data:
|
||
|
CLAIMS PROCESSING Defending or prosecuting legal claims |
Personal Data:
|
Personal Data:
|
|
|
Special Categories of Personal Data:
|
Special Categories of Personal Data:
|
||
|
CLAIMS PROCESSING Investigating and prosecuting fraud |
Personal Data:
|
Personal Data:
|
|
|
Special Categories of Personal Data:
|
Special Categories of Personal Data:
|
||
|
RENEWALS Contacting you in order to renew the insurance policy |
Personal Data:
|
Personal Data:
|
|
|
Special Categories of Personal Data:
|
Special Categories of Personal Data:
|
||
|
THROUGHOUT THE INSURANCE LIFECYCLE Transferring books of business, company sales and re-organisations. To administer and protect our business |
Personal Data:
|
Personal Data:
|
|
|
Special Categories of Personal Data:
|
Special Categories of Personal Data:
|
||
|
THROUGHOUT THE INSURANCE LIFECYCLE General risk modelling and underwriting |
Personal Data:
|
Personal Data:
|
|
|
Special Categories of Personal Data:
|
Special Categories of Personal Data:
|
||
|
THROUGHOUT THE INSURANCE LIFECYCLE Complying with our legal or regulatory obligations |
Personal Data:
|
Personal Data:
|
|
|
Special Categories of Personal Data:
|
Special Categories of Personal Data:
|
||
|
MARKETING |
Personal Data:
|
Personal Data:
|
|
FAILING TO PROVIDE PERSONAL INFORMATION
You do not have to provide any of this information but if you don’t, you may not be able to use our site or all of the services we offer on the site, and you are unlikely to receive an optimal customer service experience.
We may also anonymise and aggregate Personal Information (so that it does not identify you) and use it for purposes including testing out IT systems, research, data analysis, improving our site and app, and developing new products and services.
YOUR DUTY TO INFORM THE ARGUS GROUP OF CHANGES
It is important that the personal information that the Argus Group (or the relevant Argus company) holds about you is accurate and current. Please keep us informed if your personal information changes during your working relationship with the Argus Group.
SHARING OF YOUR INFORMATION
The Argus Group may share Personal Information about you with various including both internal and external service providers which perform, for example, printing, mailing, data processing and digital services. For customers in the EEA, the Argus Group ensures that all companies in the Argus Group have adequate and appropriate safeguards in order to protect that Personal Information.
The Argus Group may share overall visitor trends and other generic information collected on this website with third-parties but we do not pass on any personal details or personally identifiable information without your specific consent. Except as provided herein, the Argus Group will not share your Personal Information with any unaffiliated third-party without your prior consent. The Argus Group does not sell, trade or rent Personal Information to any unaffiliated third-party without your prior consent.
We may share Personal Information with the following entities:
- Unaffiliated service providers (for example, printing and mailing companies, securities clearinghouses, digital platforms and marketing service providers) who provide services at the direction of the Argus Group;
- Government agencies, other regulatory bodies and law enforcement officials (for example, for reporting suspicious transactions or for tax purposes if relevant, the respective financial services regulator, the Financial Services Compensation Scheme); or
- Other organizations, with your consent or as directed by your representative (for example, if you use the Argus Group as a financial reference in applying for credit with another institution), or as permitted or required by law (for example, for fraud prevention).
Our service providers are obligated to keep the Personal Information we share with them confidential and use it only to provide services specified by the Argus Group - although it should be noted that, ultimately, the Argus Group monitors, but does not have control over these service providers.
Based on the nature of your relationship with the Argus Group, we may exchange information with other third-parties as described below:
- If the Argus Group provides services to your employer or plan sponsor, such as pensions, group life or group health, the Argus Group may exchange any information received in connection with such services with your employer or plan sponsor or others they may authorize; or
- If you conduct business with the Argus Group through your professional advisor or personal representative, we may exchange information we collect with your professional advisor or personal representative or with others they may authorize.
- Other insurance market participants, such as insurers, reinsurers and other intermediaries
MARKETING AND OPTING OUT
The Argus Group currently engages in direct marketing to its members to make suggestions and recommendations about products or services or events that may be of interest to you and to provide industry insight. If this policy changes at a future date you will be given the opportunity to withhold or give your permission to receive such materials through an opt out or in message. You can subsequently request that the Argus Group stop sending you marketing messages at any time by unsubscribing or contacting us at any time.
CHANGE OF PURPOSE
The Argus Group will only use your personal data for the purposes for which we collected and as set out in this Privacy Notice.
If the Argus Group need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
DATA RETENTION
We will retain your Personal Information only for as long as it is necessary in connection with the performance of our contractual obligations to you or if it becomes necessary or required to meet legal and regulatory requirements, resolve disputes, prevent fraud and abuse or enforce our terms and conditions.
We will keep your Personal Information while your account with us is active or until such time as you ask us to stop communications with you, unless we need to keep the information for longer.
You may obtain more information as to the retention periods or the criteria used by us to determine the retention periods by contacting us at DPO@argus.bm
SECURITY
The Argus Group recognizes the importance of confidentiality and uses secure servers and various other technological means to ensure the security of your Personal Information and of your online session, and to protect the Argus Group’s systems from unauthorized access.
Please note however that no data transmission over the internet can be guaranteed to be totally secure and we cannot guarantee or warrant the security of any information which you send to us.
You may complete a registration process when you sign up to parts of the website. This may include creation of a username, password and/or other identification information. Any such information should be kept confidential by you and should not be disclosed to or shared with anyone.
The Argus Group restricts access to Personal Information to those who require it to develop, support, offer and deliver products and services to you.
The Argus Group has put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
COOKIES
Details of your visits to our websites and information are collected through cookies and other tracking technologies, including, but not limited to, your IP address and domain name, your browser version and operating system, traffic data, location data, web logs and other communication data, and the resources that you access.
The Argus Websites may use "cookies".
A cookie is a small file of letters and numbers that we store on your browser. Cookies contain information that is transferred to your computer's hard drive. This helps us track basic visitor information in order that we can better tailor the site to our visitors' needs. Most web browsers automatically accept cookies but you can disable this function by changing your browser settings if you so wish.
Certain strictly necessary cookies (such as those required for the sole purpose of carrying out the transmission of a communication) do not require your consent. Other cookies, that are helpful or convenient for your navigation of our website, may require your consent. In such cases you consent will be requested.
Our cookies do not identify you by name as an individual or by account number. Please note, however, that if you reject cookies, your access to certain information may be restricted or you may have to re-enter information.
ONGOING APPLICATION
If you are a former customer, these policies also apply to you; the Argus Group will treat your information with the same care as we do information about current customers.
YOUR RIGHTS
All users enjoy certain rights relating to their Personal Information that The Argus Group commits to upholding. The below list contains the principal rights generic across all jurisdictions but you may be entitled to other rights in your specific location.
The right to be informed: We need to be clear with you about what data is being collected, how it’s being used, how long it will be kept and whether it will be shared with any third parties. This information must be communicated concisely and in plain language.
The right to access: You may submit subject access requests, which oblige us to provide a copy of any personal data concerning you. We have one month to produce this information, although there are exceptions for requests that are manifestly unfounded, repetitive or excessive.
The right to rectification: If you discover that the information we hold on you is inaccurate or incomplete, you may request that it be updated. As with the right to access, we have one month to do this, and the same exceptions apply.
The right to erasure: (also known as ‘the right to be forgotten’) You may request that we erase your data in certain circumstances, such as when the data is no longer necessary, the data was unlawfully processed or it no longer meets the lawful ground for which it was collected. This includes instances where you withdraw consent. This is not an absolute right, we may be justified in keeping certain personal data in order to perform a contract with you, comply with legal obligations or in relation to the exercise or defence of legal claims.
The right to restrict processing: You may request that we limit the way we use your personal data. It’s an alternative to requesting the erasure of data, and might be used when you contest the accuracy of the personal data or when you no longer need the information but we require it to establish, exercise or defend a legal claim.
The right to data portability: You are permitted to obtain and reuse your personal data for your purposes across different services. This right only applies to personal data that you have provided to us by way of a contract or consent.
The right to object: You may object to the processing of personal data that is collected on the grounds of legitimate interests or the performance of a task in the interest/exercise of official authority. We must stop processing information unless we can demonstrate compelling legitimate grounds for the processing that overrides your interests, rights and freedoms or if the processing is for the establishment or exercise of defence of legal claims.
Rights related to automated decision making including profiling: The GDPR includes provisions for decisions made with no human involvement, such as profiling, which uses personal data to make calculated assumptions about you. There are strict rules about this kind of processing, and you are permitted to challenge and request a review of the processing if you believe the rules aren’t being followed.
The right to stop direct marketing messages: You may disable direct marketing messages by pressing the unsubscribe button at the bottom of the message. Please note that it may take a few days for your preferences to be updated in all of our systems, so you may receive messages from us while we process your request.
The right to complain to your data protection regulator: you are able to submit a complaint to the regulator for data protection of each the respective companies about any matter concerning your personal information, using the details below. However, we take our obligations seriously, so if you have any questions or concerns, we would encourage you to raise them with us first, so that we can try to resolve them.
ACCESS REQUESTS
You will not have to pay a fee to accessing the Personal Information controlled by the Argus Group. However, the Argus Group may refuse to comply with your request in circumstances where your request is clearly unfounded, repetitive or excessive.
We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.
We try to respond to all legitimate requests as soon as reasonably practicable and, in any event, within 30 days of receipt of the request. Where we cannot comply within 30 days we will inform you immediately.
THE REGULATORS
|
Country |
Supervisory Authority |
Contact Information |
|
Bermuda |
Office of the Privacy Commissioner |
Office of the Privacy Commissioner |
|
Gibraltar |
Gibraltar Regulatory Authority |
Gibraltar Regulatory Authority Tel: (+350) 20074636 |
|
Malta |
Office of the Information and Data Protection Commissioner |
IDPC Tel: +356 2328 7100 |
CONTACT
If you have any questions concerning this Policy, wish to review your Personal Information that the Argus Group may have stored or exercise any of your rights listed above, please contact the DPO at:
The Argus Group
Tel: (441) 298-0888
Fax: (441) 292-6763
Email: DPO@argus.bm
Website: www.argus.bm
Keeping your information accurate and up to date is very important to the Argus Group. In some jurisdictions, you may have the right to write to us in order to request that you have reasonable access to your non-public Personal Information (this includes a record of any subsequent disclosures of medical record information). If you believe the information the Argus Group may have collected about you is inaccurate, you may request that we amend, correct or delete it. The Argus Group will notify you of our decision, give you our reasons and the opportunity to file a concise statement of dispute with us if you do not agree. Your statement will be made a part of our file and sent to persons or organizations that received your information in the past and in the future as may be required by applicable law.
LINKS TO OTHER WEBSITES
This privacy notice does not cover the links within this site linking to other websites which are not controlled by us. We are not responsible for the collection or use of your Personal Information from these third-party websites and we therefore encourage you to read the privacy statements on the other websites you visit.
CHANGES TO PRIVACY POLICY
Please note that this Policy may be reviewed and amended from time to time and without prior notice to reflect changes in our practices, current guidance or relevant laws. Any changes to the Privacy Policy will be effective upon posting of the revised policy on this website so that you are aware of the information we collect, how it is used and under what circumstances we disclose it. At the top of this page it shall be indicated when the Policy was last updated.