Data Protection Policy
CAMSRep collects, records, stores and use investor personal data either received directly from the policy holder or received by virtue of contractual business arrangements from the insurer. The information collected includes sensitive information as defined in the Information Technology (Reasonable security Practices and Procedures and Sensitive Personal Information) Rules, 2011 as follows
- Investor Bank Account details provided either as part of the e-Insurance application submitted by the policy holder or based on written request such as change of bank account registered as part of e-insurance account.
- Payment instrument details provided as part of e-insurance account or received towards Premium both for existing and new policies or as proof for carrying out change of bank account or any other Details of debit card obtained in this regard.
- Generation and storing Password in encrypted form based on the request from the investor.
- Biometric information obtained, if any while opening e-Insurance account.
- Physical, physiological and mental health condition, Sexual orientation, Medical Records received as part of information provided in the policy documents or received from the insurer as part of business arrangement for record and storage.
The above information shall be received from the policy holders or through their authorized representative or approved persons or Insurer for processing, storage and maintenance under lawful contract or otherwise.
The Information collected is stored in a secure manner in accordance with the ISO 27001 standards
We aspire to adhere to certain generally accepted principles of data protection, to the extent these are in our control as insurance repository
These general principles state that personal data must be:
- Fairly and lawfully collected and processed.
- Processed for limited purposes and not in any other way which would be incompatible with those purposes.
- Accurate and kept up to date.
- Not kept for longer than is necessary.
- Kept secure.
In order to meet the requirements of the principles, following process and controls are adhered:
We have a responsible data security policy and implemented technology and policies with the objective of protecting your privacy from unauthorised access and improper use.
We provide details of the policy holders only based on consent from the policy holder to , authorized representative, insurer, banks and similar representatives to fulfill business obligation.
We may be required from time to time to disclose your personal information to governmental or judicial bodies or agencies or our regulators based on their requirement.
We will permit only authorized employees who are trained in the proper handling of customer information, to have access to that information.
Grievance Officer – Information Security
R. Sanjay Jain
No. 158, Rayala Towers,
Anna Salai, Chennai – 600 002
The users of the computer resources including website of CAMSRep or any victim who has suffered due to access or usage of the sensitive information shall notify the complaints, if any to the above officer either through email or written compliant and such compliant shall be redressed within in one month from the date of receipt of the complaint.