PRIVACY POLICY

INTRODUCTION

This Privacy Notice describes our policies and procedures on the collection, use and disclosure of Your information and tells you about your privacy rights and how the law protects you.

Our privacy policy describes what information we collect, how we use it and what rights you have in relation to it. Please read through it carefully and if there are any provisions in this privacy policy that you disagree with please discontinue use of this products and/or our services.

This privacy policy applies to all information collected by Prudential in relation to products and services offered or received by Prudential.

By using and/or offering any service, you agree to the collection and use of information in accordance with this Privacy Policy.

DEFINITIONS

We/Us means Prudential Beneficial insurance Companies which include Prudential Beneficial Life Insurance Cameroon, Prudential Beneficial General Insurance Cameroon, Prudential Beneficial Life Insurance Togo, Prudential Belife insurance and its affiliates

Prudential Group means any affiliates of Prudential Beneficial insurance Companies (including, Prudential Plc, Prudential Africa Holdings Limited and Prudential Corporation Asia).

Service Provider means any natural or legal person who processes the data on behalf of the Company. It refers to third-party companies or individuals employed by the Company to facilitate the Service, to provide the Service on behalf of the Company, to perform services related to the Service or to assist the Company in analyzing how the Service is used. It includes accountants, auditors, IT service and platform providers, intermediaries, reinsurers, investment managers, agents, selected third party financial and insurance product providers and our professional advisers.

Third-party Social Media Service refers to any website or any social network website through which a User may log in or create an account to use the site/service

Personal Data is any information that relates to an identified or identifiable individual.

Usage Data refers to data collected automatically, either generated using the site/service or from the Service infrastructure itself (for example, the duration of a page visit).

COLLECTING AND USING YOUR PERSONAL DATA

While using our Service or while accessing service from you, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you. This information may include, but is not limited to: Email address, First name and last name, Phone number, ID, Address, Postal code, City, Country, Photograph etc. All personal information that you provide to us must be true, complete, and accurate, and you must notify us of any changes to such personal information.

INFORMATION AUTOMATICALLY COLLECTED

Usage Data is collected automatically when using the site. Usage Data may include information such as your Device’s Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

When you access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device you use, your mobile device unique ID, the IP address of your mobile device, your mobile operating system, the type of mobile Internet browser you use, unique device identifiers and other diagnostic data. We may also collect information that your browser sends whenever you visit our Service or when you access the Service by or through a mobile device.

USE OF YOUR PERSONAL DATA

We will use the personal information for the following purposes: to communicate with you, to enable us to administer, process and service our products and services for you, to comply with legal or regulatory requirements, to improve our products and services, to send you marketing and promotional material, to request feedback, to carry out checks using third party agencies or publicly available information and keeping your information on record as well as carrying out other internal business purposes. For certain products or services, we will need to process your sensitive personal information, such as information relating to health.

If required, we may also pass on your personal information to financial crime prevention agencies and any legal, regulatory or government bodies. We may share your data with third party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information perform their services. We will not share any of your information with third parties for their promotional purposes or any without your consent.

Your information, including Personal Data, is processed at our operating offices and in any other places where the parties involved in the processing are located. This information may be transferred to other jurisdiction where the data protection laws may differ than those from those in the country you subscribed. As we, the Prudential Group, and some of our Business Partners are global companies, we might need to send your personal information overseas. Any transfer of personal data overseas will be in accordance with applicable local law requirements.

Your consent to this Privacy Notice followed by your submission of such information represents your agreement to that transfer.

The Company will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Notice and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

RETENTION OF YOUR PERSONAL DATA

We will retain your Personal Data only for as long as is necessary for the purposes set out and/or observe the regulatory retention period in force in the country where the company is located.

We will retain and use your Personal Data to the extent necessary to comply with our legal obligations, resolve disputes, and enforce our legal agreements and internal policies. All your information will be kept in line with our data retention policy.

When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it, or, if this is not possible we will securely store your personal information and isolate it from any further processing until deletion is possible.

You can request: a copy of your personal information, that we correct anything that is wrong, or complete any incomplete personal information or that we delete your personal information if it is no longer needed for the purposes set out above or there is no other legal basis for the processing of your personal information.

We will send you information by text, email, telephone or other means about our products and services.

DISCLOSURE OF YOUR PERSONAL DATA

We will disclose your personal data under the following circumstances:

• If we are involved in a merger, acquisition or asset sale, your Personal Data may be transferred. We will provide notice before your Personal Data is transferred and becomes subject to a different Privacy Policy

• Under certain circumstances, the Company may be required to disclose your Personal Data if required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

• We may disclose your Personal Data in the good faith belief that such action is necessary to: Comply with a legal obligation , Protect and defend the rights or property of the Company, Prevent or investigate possible wrongdoing in connection with the Service ,Protect the personal safety of Users of the Service or the public and/or Protect against legal liability

SECURITY OF YOUR PERSONAL DATA

We have taken measures to protect your personal information against unauthorized access or processing. We have implemented appropriate policies and procedures to protect all your personal information held by us.

The security of your Personal Data is important to us but no method of transmission over the Internet, or method of electronic storage is 100% secure. While we use commercially acceptable means to protect and secure your Personal Data, we cannot guarantee its absolute security. Please note to access our sites within a secure environment.

CHILDREN’S PRIVACY

We do not knowingly collect personally identifiable information from children (any person under 18 years of age). If you are a parent or guardian and you are aware that your child has provided Us with Personal Data, please contact Us via info@prudentiallife.co.ke If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from Our servers. By using our site, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor use of the Site

CHANGES TO THIS PRIVACY NOTICE

We may update our Privacy Notice from time to time. We will notify you of any changes by posting the new Privacy Notice on our website. If we make a material change to the policy, we will let you know via notice on Our website, prior to the change becoming effective and update the “Last updated” date at the top of this Privacy Notice. You are advised to review this Privacy Notice periodically for any changes. Changes to this Privacy Notice are effective when they are posted on this page.

CONTACT US

If you have any questions /comments about this Privacy Notice, you can contact us:

Prudential Beneficial Life Insurance Cameroon via email clientele@prubeneficial.cm or at our Head Office located at Boulevard de la République, Douala, Cameroon

Prudential Beneficial General Insurance Cameroon via email clientelegi@prubeneficial.cm or at our Head Office located at Boulevard de la République, Douala, Cameroon

Prudential Beneficial Life Insurance Togo via email infos@prubeneficial.tg or at our Head Office located at Rue de la Chance, Lomé, Togo

Prudential Belife Insurance via email infos@prubelife.com or at our Head Office located at Plateau – Avenue Nogues, Abidjan, Cote d’Ivoire

APPENDIX 1: PROTECTION OF PERSONAL DATA CLAUSES IN PARTNERSHIP CONTRACT

1- Obligation of the Parties

Both Parties, as well as their employees, agents, and subcontractors, shall comply with all applicable laws and regulations relating to confidentiality and the protection of personal data in the performance of their obligations under this Agreement, including the collection, use, transfer, processing and/or storage of any personal data (‘PD’) in connection therewith.

In particular, the two Parties undertake to:

Not, in connection with the performance of their obligations under this agreement received from Prudential, use the PADs for any purpose other than those intended, transfer or disclose such data to any third party or allow any third party access to such data, except where either Party is required to do so by applicable law, to the extent permitted, with the prior written consent of the other Party and to ensure that their employees, agents and subcontractors comply therewith;

Take all practicable steps and measures to ensure the secure storage of PD and to prevent any unauthorised or accidental access, disclosure, processing, erasure, loss or use of such data;

Rectify, return or, if instructed to do so by the other Party, immediately destroy PD at the request of the other Party and not retain such data any longer than is necessary for the performance of its obligations under this Agreement; and

Not, by any act or omission, put the other Party in breach of its obligations under all applicable laws and regulations relating to confidentiality and the protection of personal data;

2- Obligation of confidentiality

Each Party, on its own behalf and on behalf of its employees, officers, directors, affiliates, and agents, hereby agrees that confidential information made available to it will not be disclosed or made available to any third party, agent, or employee for any reason whatsoever, except in relation to

its employees on a ‘need to know’ basis,

its affiliates on a ‘need to know’ basis, provided that they are subject to a confidentiality agreement which shall be no less restrictive than the provisions of this clause and as required by applicable law or as otherwise permitted by this Agreement, either during the term of this Agreement or after termination of this Agreement, provided that prior to any disclosure of a Party’s Confidential Information as required by law, the Party is subject to the requirement

notify the other Party of any actual or threatened legal compulsion to disclose and any actual legal obligation to disclose as soon as it is compelled to do so and

co-operate with the reasonable and lawful efforts of the other Parties to resist, limit or delay disclosure.

The obligations of confidentiality shall survive termination of this Agreement.

In the event of non-compliance with this clause, the other party may, at its sole discretion, suspend the transmission of personal data until the terms of this agreement can be complied with.

3- Notification of breaches

In the event of a breach of the obligations set out in this clause (for the protection of personal data), each Party acknowledges that the other Party may not have an adequate remedy at law, in addition to any other remedies it may have, the other Party may obtain injunctive relief.

Each Party must notify the other Party, by any means that leaves a written record, of any personal data breach within a maximum of 24 hours of becoming aware of it.

4- Security measures

The Parties recognise that security is a fundamental criterion and that compliance with the security requirements defined in the Agreement constitutes an essential and determining obligation of the Parties’ consent to this Agreement.

5- Fate of data

At the end of the collaboration relating to the processing of this data, the parties undertake to delete the data of the co-contractor from their systems.

Each party reserves the right to carry out any checks it deems necessary in order to confirm that these obligations have been fulfilled.

6- Documentation

Each Party will make available to the other Party the documentation necessary to demonstrate compliance with all its obligations and to allow audits, including inspections, to be carried out by the data controller or another auditor appointed by it, and to contribute to these audits.

APPENDIX 2: CUSTOMER DATA CONFIDENTIALITY CLAUSE

This application for insurance, the general conditions, the special conditions, and any endorsements attached constitute the contract that we will issue to you. This includes all written statements of response provided in this application for insurance and all other information provided by you to any authorized person representing the company.

By the declarations below, you certify that all of the above declarations are sincere and accurate, subject to the penalties provided for in article 18 of the CIMA code, that you have read the entire contract and that you give your free and express consent for the company to process your personal and sensitive data.:

I have read the declaration and answers written in the insurance application and confirm that they are true and complete.

I authorise prudential beneficial life insurance, to use the personal information provided to communicate with me, to promote its products and services, to transfer it, within the framework of the execution of the contract, to the subsidiaries and the parent company prudential beneficial life insurance and possibly its subcontractors, which undertakes to respect the legal requirements in accordance with the law on the protection of personal data and its policy. For certain products or services, we may need to process your sensitive personal information, such as health information, in accordance with the Data Protection Act.

I authorize any doctor, hospital, clinic, insurance company or other organization, institution or person with a file or information on my health to give it to prudential beneficial life insurance. A photocopy of this authorization will be identical to the original.

I have read carefully and accept all the clauses of the contract.

I hereby accept that the insurance only comes into existence and takes effect after acceptance by both parties. Acceptance may be sent by any means chosen by me and provided for by prudential beneficial life insurance.

I authorize Prudential Beneficial life insurance to use the personal and sensitive information provided in accordance with the provisions of article 15 of the general terms and conditions of the contract.

APPENDIX 3: CONFIDENTIALITY CLAUSE ON WEBSITE

Dear user,

We would like to inform you that some of your personal data may be shared with our group, which Is based abroad. This sharing is essential to enable us to offer you high-quality services and to manage your requests efficiently. The transmission of your personal data will always comply with standards of integrity, confidentiality, and security, and in accordance with the legislation in force.

APPENDIX 4: THIRD-PARTY CONFIDENTIALITY CLAUSE 

[…] and PRUDENTIAL BENEFICIAL INSURANCE undertake to treat as strictly confidential, and not to disclose or transfer to third parties, all documents and information which they obtain or may obtain, or to which the parties may have had access in the context of their partnership, and concerning in particular either the business, products, customers, strategy, development, commercial or partnership agreements or the financial situation of either of the parties, except :

– If disclosure is made necessary by a request from the competent authorities, or for the purposes of any proceedings in the event of a dispute between the parties.

– With the prior consent of the party wishing to protect the information or document.

– In order to implement this Agreement, the Parties may receive and have access to certain information belonging to the other Party which the latter may designate as confidential information, it being understood that the Parties acknowledge that they will not have access to or share non-public personal information concerning customers in the context of this Agreement. The Parties agree that all Confidential Information is and shall remain the property of the Disclosing Party and that the Receiving Party shall use all reasonable and prudent means to safeguard such Confidential Information, including all means required by law. In addition, neither Party may copy, publish, disclose to third parties, or use such Confidential Information for any purpose other than in the performance of its obligations under this Agreement or as required by law.

–Each Party, on its own behalf and on behalf of its employees, officers, directors, affiliates and agents, hereby agrees that confidential information made available to it will not be disclosed or made available to any third party, agent or employee for any reason, except in relation to (i) its employees on a “need to know” basis, (ii) its affiliates on a “need to know” basis, provided that they are subject to a confidentiality agreement which shall be no less restrictive than the provisions of this clause ; and (iii) as required by applicable law or as otherwise permitted by this Agreement, either during the term of this Agreement or after termination of this Agreement, provided that prior to any disclosure of a Party’s Confidential Information as required by law, the Party subject to the requirement (iv) notifies the other Party of any actual or threatened legal compulsion to disclose, and any actual legal obligation to disclose as soon as it is compelled to do so and (v) co-operates with the reasonable and lawful efforts of the other Parties to resist, limit or delay disclosure.

– Upon termination of this Agreement, or at any time at the request of the other Party, each Party shall return all Confidential Information in its possession or in the possession of a third party (over which it exercises or may exercise control).

– In the event of a breach of the obligations under this Section 10.1, each Party acknowledges that the other Party may not have adequate remedies at law, in addition to any other remedies it may have, the other Party may obtain injunctive relief.

– The obligations relating to the confidential nature of the information shall survive the termination of this contract.

– In the event of failure to comply with this clause, the contract will be terminated automatically.

APPENDIX 5: DATA PROCESSOR CONTRACTUAL REQUIREMENTS

In order to engage with a Data Processor, BUs must ensure that they have first put in place a binding partnership agreement with all Data Processors, in accordance with the “Contractual Requirements” section of the Group’s Outsourcing and Third-Party Procurement Policy. This requirement applies to all data controllers, including intra-Group agreements.

All contracts with subcontractors must be approved in accordance with the Group’s approval process as set out in Table A of the GGM.

The additional requirements and guidelines in the following box apply only to BUs that fall within the scope of the RGPD.