Privacy Policy
Data Privacy Statement
Generali Life Assurance Philippines, Inc. (“GLAPI”) is part of the Generali Group authorized to provide insurance products in the Philippines.
GLAPI considers its stakeholders’ personal data as a core value to be safeguarded and wishes to establish a relationship with them based on full transparency and awareness with respect to the purposes and modalities it uses when processing personal data. GLAPI respects your privacy and wants you to understand the ways it collects and uses information provided online. Please read this notice carefully.
Data Privacy Vision
At GLAPI, we envision a future where data privacy is at the forefront of everything we do. We aspire to create a culture of trust and transparency, where the protection of personal information is paramount. Our vision is to be recognized as a leader in data privacy practices within the insurance market, adhering to the most rigorous standards.
Data Privacy Mission
Our mission at GLAPI is to safeguard the privacy of personal information entrusted to us by our customers, employees, partners, and stakeholders. We are committed to upholding the principles of data protection and compliance with relevant laws and regulations. Through continuous education, robust policies, and state-of-the-art technologies, we strive to:
Foster Trust and Transparency: We prioritize building and maintaining trust with our stakeholders through transparent communication, proactive engagement, and ethical data handling practices.
Educate and Empower: We aim to educate all stakeholders about their rights regarding personal data and empower them to make informed decisions about its use, thus ensuring that data subjects always remain in control of their own personal information.
Ensure Accountability: We hold ourselves accountable for the protection of personal information entrusted to us, ensuring its confidentiality, integrity, and availability.
Promote Innovation: We embrace innovative solutions that enhance data privacy while enabling us to deliver exceptional services and experiences to our customers, tailored specifically to our insurance products.
Continuously Improve: We are committed to continuous improvement in our data privacy management systems, processes, and technologies, to adapt to evolving threats and regulatory requirements.
By adhering to our mission, Generali Life Assurance Philippines, Inc. endeavors to build lasting relationships built on trust, integrity, and respect for privacy in the digital age.
Who is the data controller?
Personal Information Controller (“PIC”) is a person who controls the processing of personal data or instructs another to process personal data on its behalf.
Generali Life Assurance Philippines, Inc. (GLAPI), with registered office at 10th floor Petron Mega Plaza, 358 Sen. Gil Puyat Avenue, Makati City, 1209 Philippines, acts as PIC of personal data.
GLAPI puts premium value on the privacy and security of the personal data entrusted to it by its stakeholders. It aims to comply with the Data Privacy Act of 2012, its Implementing Rules and Regulations and the issuances of the National Privacy Commission. It regards its stakeholders’ privacy with utmost importance.
What privacy principles does GLAPI follow?
When processing your personal data, GLAPI applies the following principles, and we ensure your personal data is:
- Processed lawfully, fairly and in a transparent manner
- Collected for specified, explicit and legitimate purposes and not further processed in a manner which is incompatible with those purposes
- Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed
- Accurate and, where necessary, kept up to date
- Kept in a form and retain for the time necessary in relation to the purposes for which the personal data are processed
- Kept secured
How does GLAPI protect your personal data?
GLAPI safeguards the confidentiality, integrity, and availability of your personal information by maintaining a combination of organizational, physical, and technical security measures based on generally accepted data privacy and information security standards to protect your personal data against accidental or unlawful destruction or accidental loss, alternation, unauthorized disclosure or access, and against all other unlawful forms of processing. Please visit our “Internet insurance security arrangements and policy” [link] for more information.
What risks are involved?
GLAPI recognizes the risks involved in processing personal data, such as breaches of confidentiality, integrity, and accessibility of personal information. We undertake to process only adequate and not excessive personal data in relation to the declared purpose. Personal data will be processed in accordance with the applicable regulation, and adequate security measures will be implemented to mitigate these risks.
What is the purpose of this privacy notice?
GLAPI has created this privacy notice to be clear about our commitment to keeping your personal information safe. We explain what kind of data we collect, how we use it, and how we protect it. If you're someone whose data GLAPI has, this notice tells you what rights you have over your data and helps you understand how it's used, so you can make informed choices.
How often does GLAPI review and update this Privacy Notice?
GLAPI regularly reviews and updates its privacy notices. We will ensure that the most recent version is available at [Link for Privacy Notice]. This privacy notice was last updated on September 10, 2024.
What are your rights when you provide your personal data to GLAPI?
Your data privacy rights are respected across everyone involved in processing your personal data at GLAPI. As per applicable law or regulation, you have the right to:
- Access and get information about your personal data that GLAPI holds about you;
- Obtain your personal data in an electronic format;
- Correct or update your personal data so that it is always accurate;
- Withdraw your consent at any time where your personal data has been processed with your express consent;
- Restrict or object the processing of your personal data in certain circumstances;
- Delete your personal data from our records upon your request;
- File a complaint with us and/or the National Privacy Commission and right to be indemnified for damages due to a violation of your rights as a customer;
- Data portability through which you may obtain and electronically move, copy, or transfer your data securely for further use.
The National Privacy Commission keeps updated information about your rights that you may find of interest (www.privacy.gov.ph).
How can you lodge a complaint before the National Privacy Commission?
"If you feel that GLAPI has not properly addressed your data protection request or if you consider that the processing of your personal information may violate applicable privacy laws, you have the right to lodge a complaint with the National Privacy Commission: https://privacy.gov.ph/
How can you reach GLAPI’s Data Protection Officer?
If you wish to access, rectify, or update your personal information, exercise any of your rights, or address any inquiries or concerns, please email us at privacy@generali.com.ph. Please use this form [link] to assist you in the process of exercising your rights. Notwithstanding, all requests from Data Subjects made in other formats will also be processed. For further information on how GLAPI manages your Personal Data, please contact GLAPI’s Data Protection Officer. Suggestions or comments regarding our Privacy Notice can also be directed to GLAPI through our Data Protection Officer. You can reach out by email or mail at Life Assurance Philippines, Inc., 10th Floor, Petron Mega Plaza Building, 358 Sen. Gil Puyat Avenue, Makati City.
Cookies
Cookies are text files (letters and/or numbers) containing groups of information stored on data subjects’ computer or mobile device every time they visit a website through a browser. At each subsequent visit, the browser sends these cookies to the website which originated them or to another website. Cookies allow websites to store certain information in order to ensure that users can navigate online in a simple and fast way. Cookies are used for different purposes, have different characteristics and they can be used either by the owner of the website you are visiting, or by third parties.
Technical cookies are necessary for the website to function and are always in use. Analytical cookies do not collect any personal data. We do not use profiling or targeting cookies.
I am… A website user
- What Data does GLAPI collect?
When you browse our website (www.generali.com.ph), read its content, or download information published on our site, GLAPI utilizes Google Analytics 4, a third-party service, to analyze non-identifiable web traffic data. This service includes using cookies but incorporates privacy controls such as cookieless-measurement. Only non-identifiable web traffic data -information that never identifies who you are- is analyzed, including:
- Traffic Acquisition or referring website (if any) through which you accessed this site: This indicates how you arrived at our site, whether it was through search engines, social media, direct visits, referral links, or paid ads. It offers detailed data on acquisition sources to identify the most effective channels for driving traffic.
- Engagement: Engagement measures show us how users interact with our site once they arrive. It reveals which sections or internal links they access, providing insights beyond simple page views or session counts. This deeper understanding of user behaviors helps us improve.
GLAPI makes no attempt to link the analyzed information to individuals who browse www.generali.com.ph.
The failure in the communication or the partial or inaccurate communication may have, as consequence, only the impossibility to ensure the best browsing experience.
GLAPI does not use first- or third-party trackers or targeting cookies. GLAPI does not use cookies in its website for commercial profiling. Please refer to our Cookie Section for further information.
What if I contact GLAPI by sending an email or participate in an initiative?
Please note that if you contact us via email or participate in an activity requiring information (such as a survey), we will collect the following information while ensuring the preservation of your rights as data subjects:
- E-mail: Your e-mail address and the contents of the e-mail will be collected. We will use your email address and the shared content to reply to you.
- Surveys and Feedback: Any information you volunteer in response to a survey will be collected. This information is not limited to text characters and may include audio, video, and graphic formats you send us.
- Registration: To access certain services, the website may require the acquisition of data through a specific form. GLAPI will only use this information to reply to your request or provide the requested services and not for other purposes.
- Discussion Rooms (Forums): If “discussion rooms” are activated on this website, certain personal data may be collected if you voluntarily participate in the discussion. This data will not be used for any other purposes.
- GLAPI Chatbox: If you contact us via GLAPI Chatbox, your interactions and messages will be logged and stored for record-keeping and customer service purposes. This includes any inquiries, requests for assistance, or other communications exchanged through the Chatbox interface. The information collected may include your name, contact details, and the content of your messages.
When necessary, you will have access to privacy notices for any initiatives that may be launched.
When does GLAPI collect Data?
GLAPI collects this information when you connect to our website, surf through its sections, read its content or download any available feature.
Why does GLAPI collect Data?
Analyzing non-identifiable web traffic data helps us ensure that you can freely surf our website www.generali.com.ph, utilize all its features, ensure its proper functioning (including system administration activities), gauge our website’s engagement, and enhance your browsing experience with available online features.
With whom does GLAPI share or transfer Data?
GLAPI may share the information collected from the website with third-party service providers who assist in configuring traffic acquisition and engagement modules or ensuring the website and its sections function correctly and display information for visitors. Additionally, we may share the data with the Generali Group to ensure we offer the best browsing experience and can improve our website for you. However, aside from these purposes, GLAPI will not share or disclose data generated by your browsing experience with any third party, except as legally required or authorized by law, or if we believe such action is necessary to protect or defend GLAPI’s rights, property, or the personal safety of GLAPI users or other individuals.
Where does GLAPI store Data?
Web traffic data is stored on Google Analytics 4’s server. Additionally, GLAPI may store the data collected from the website in its internal system, located in the Philippines, which is equipped with information security controls. We do not use any printed copies of the data. Access to this information is restricted to authorized personnel only.
How long does GLAPI retain web-traffic-Data?
Web traffic data will be retained solely for the time required to perform the activities mentioned above, with a maximum period of 14 months from collection. After this period, browsing data will be deleted unless business needs justify further retention.
I am… a customer or other person interested in GLAPI products
- What Personal Data does GLAPI collect?
GLAPI processes only the personal data strictly necessary to achieve the purposes outlined in our privacy policy.
GLAPI may collect and process various types of personal information about you, such as your name, address, contact information, place of birth, occupation, and other biographical and identification data, as well as contract information.
When necessary and in strict compliance with consumers’ rights to privacy, GLAPI may also collect and process sensitive personal information, such as your country of citizenship, marital status, age or birthday, health information, educational background, account numbers, financial information, and IDs issued by government agencies like SSS, TIN, and Driver’s License, among others.
Depending on the insurance service requested, we may also process information related to your insurance policy contract, tax or bank account details.
GLAPI is committed to protecting the confidentiality and security of all personal information, particularly sensitive personal information, in our possession, custody, or control. This commitment includes limiting access to such information and maintaining organizational, technical, and physical safeguards to protect against loss, misuse, or unlawful disclosure.
To ensure that GLAPI can always be available and guarantee a seamless customer experience, please communicate any requests for rectification or deletion of personal data to GLAPI’s Data Protection Officer at: privacy@generali.com.ph.
In accordance with applicable laws and regulations, GLAPI recognizes the importance of protecting the privacy of minors. Therefore, we ensure that any processing of personal data of minors, such as beneficiaries or dependents, is conducted with utmost care and attention to their rights and interests. We commit to providing clear and transparent information to guardians or legal representatives regarding such processing activities, and we take appropriate measures to obtain consent where required.
When does GLAPI collect your Personal Data?
GLAPI collects your Personal Data when you engage with us to request insurance services or products. This includes submitting an application for insurance coverage or making a request related to an existing policy, providing information during the underwriting process, prior to changes or renewals, or when filing a claim.
Additionally, we may obtain Personal Data from third-party sources, such as medical providers or credit agencies, to evaluate your eligibility for insurance coverage or to fulfill our contractual obligations. We may also process personal data from publicly available sources (e.g., media, Internet) that we lawfully obtain and are permitted to process, exclusively for the purposes described in this Privacy Policy.
How do we use your Personal Data and based on which ground?
We process your personal data to enable the provision of insurance services you have requested or expected, or those you are covered by, including, but not limited to:
- Preparation of insurance estimates, proposal, and conclusion of insurance contracts, as well as the implementation and performance of services and/or supply of related or accessory products.*
- Compliance with applicable laws, regulations, or obligations of GLAPI to any competent authority, regulator, enforcement agency, judicial and quasi-judicial body or tribunal. This includes identifying, investigating, and preventing financial crimes such as money laundering, terrorist financing, international sanctions, or bribery.
- If necessary, the prevention, detection, and prosecution of insurance frauds (e.g. the fraudulent exaggeration of claims, fake claims, verifying identifies…).
- Understanding your preferences as a customer through data analysis and soliciting feedback, which may include voluntary customer satisfaction surveys.
- Designing and providing competitive and tailored insurance products and services.
- Informing you about GLAPI’s products and services that may interest you, including marketing or promotional information through phone calls, email, SMS, or other electronic channels, as well as conducting direct marketing activities such as contests, prize draws, or sales promotions.
GLAPI will also collect your email address to share our proposals and information about your products and services, keep you duly updated, provide support any time you need it, and communicate with you.
* To provide you with insurance services, your personal data may be used for the following purposes: (i) Formulation of insurance proposals tailored to your insurance needs. (ii) Processing and assessment of applications and policies for GLAPI insurance products and services (quotation and proposal). (iii) Preparation of estimates and subsequent renewals. (iv) Execution of life insurance contracts and/or supplementary products. (v) Administration of insurance products and services, including collection of premiums, additional payments, switches, and other activities provided for by the contract and other contractual activities. (vi) Processing and settlement of claims or other services. (vii) Execution of reinsurance agreements. (viii) Stipulation of any co-insurance agreements. (ix) Exercise and defense of GLAPI’s rights. (x) Performance of internal control activities and statistical activities.
For managing our relationship, the communication of your personal data is necessary to implement the insurance relationship established with you, whether you are a policyholder, an insured individual, a beneficiary, or any relevant party. Therefore, failure to communicate or providing partial or inaccurate information may result in the inability to carry out activities required by applicable laws, and may prevent GLAPI from fulfilling its contractual obligations. Consequently, we may not be able to provide you with insurance products or services or fulfill the purposes mentioned above.
The processing of personal data for the purposes indicated under the previous point 1 above is necessary for the provision of insurance services by GLAPI and/or for the implementation of contracts. If this involves the processing of sensitive personal information (such as personal data relating to your health status), you must provide explicit consent, if not already provided.
The processing of personal data for the purposes indicated under the previous point 2 above is necessary to comply with the legal obligations to which GLAPI is subject.
The processing of personal data for the other purposes indicated above is based on GLAPI’s legitimate interest in preventing and identifying potential insurance fraud, also for the protection of the insured community, and enhancing the efficiency of our relationships. In the event of proven fraud, GLAPI may initiate criminal proceedings and implement relevant measures to protect its interests and the interests of its customers. In instances where processing relies on your consent (e.g., sharing feedback or participating in customer satisfaction surveys), this consent will be explicitly requested. Any consent granted may be revoked at any time.
At GLAPI, one of our core principles is the Human Touch. We prioritize the protection of your privacy and rights. While some of our business processes are digitized or automated for efficiency and convenience, we want to assure you that any automated decision-making processes are always overseen by human intervention. This means that no decision impacting you or your data is made solely by machines; rather, our GLAPI team carefully reviews and verifies each decision to ensure fairness, accuracy, and the safeguarding of your rights. We believe in the importance of the human touch in all aspects of our operations, especially when it comes to decisions that affect you directly.
Where does GLAPI store your Personal Data?
GLAPI stores your personal data in its internal system (located in the Philippines), which we have employed with information security controls and data loss/corruption safeguards. We will not be using any printed copies of your personal data. Only authorized GLAPI employees and you are allowed to access your personal data for privacy and security purposes. GLAPI will be storing your personal data on the laptops used by GLAPI members. Additionally, our GLAPI teams might store your personal data in OneDrive or SharePoint (Microsoft Cloud); if this is the case, your data will be secured in its Asia-Pacific location.
With whom does GLAPI share or transfer your Personal Data?
As a general rule, GLAPI does not transfer your personal data outside the Philippines, nor to third parties. Thus, except as set out in this Privacy Notice, GLAPI will not disclose any personal data without your express consent unless we are legally entitled or required to do so or if we believe that such action is necessary to protect or defend GLAPI’s rights, property or personal safety and those of our users/customers or other individuals.
We may disclose your personal data to third parties* exclusively when they have been assigned tasks related to the management of the relationship with GLAPI, for the purposes outlined above, including:
- Accredited third-party service providers and vendors necessary for carrying out GLAPI products and services.
- Third-party service providers that assist in collecting customer feedback and preferences through satisfaction surveys.
- Third-party service providers and vendors necessary for preventing financial crimes (including combatting insurance fraud) and ensuring compliance with applicable laws and regulations (including AML/CTF and international sanctions regulation).
- Third-party providers responsible for maintaining our files securely and ensuring information availability while upholding integrity and confidentiality.
- Other companies within the Generali Group.
- Banks and financial institutions for managing collections and payments.
- Medical Information Database administered by the Philippine Life Insurance Association (PLIA) and accessible to life insurance companies for purposes allowed under IC Circular Letter No. 2016-54, Loan Database administered by the Credit Information Corporation and other databases administered by similar agencies.
- Our government or regulatory bodies or any person to whom GLAPI must disclose data: under a legal and/or regulatory obligation; or pursuant to an agreement between GLAPI and the relevant government regulatory body or other person.
*Third parties belong to the so-called “insurance chain”, i.e. persons who, for various reasons, provide services connected with the insurance contract (such as, for example, agents, insurance brokers, banks, credit institutions, co-insurers and reinsurers, technical consultants, lawyers, doctors, experts, hospitals, contracts and claim settlement companies and any other affiliated service providers, etc.), companies of Generali Group and any other external companies performing, as outsourcers, IT, telematics, financial, administrative, archiving, correspondence management, auditing and financial statements certification services as well as companies specialized in surveys on service quality.
These third parties may be located outside of the Philippines. However, any transfer of your personal data will comply with applicable laws and international agreements and will be subject to appropriate safeguards. For instance, our service providers are required to protect your personal information in accordance with GLAPI’s privacy principles, policies, and best practices.
Additionally, GLAPI may share your personal data in the following circumstances:
- In the event of reorganization, joint ventures, sales, mergers, assignments, transfers, or other dispositions of our business, assets, or stock.
- To meet any legal obligation, including providing information to relevant regulatory agencies if you make a complaint about GLAPI’s products and services.
In all cases, the transfer of your personal data will adhere to applicable laws and international agreements and will be safeguarded appropriately.
How long does GLAPI retain your Personal Data?
Generally, we retain your personal data only for as long as necessary for the fulfillment of the purposes for which the data was obtained or for the establishment, exercise or defense of legal claims, or for legitimate business purposes, or as provided by law.
However, GLAPI shall retain the personal data throughout the duration of the insurance policy and for a period of five (5) years from termination or, in case of disputes, for the statute of limitations set forth under the applicable laws, unless otherwise required by applicable laws, rules, or regulations.
After the retention period expires, your Personal Data will be securely disposed of, unless there is a legal or legitimate interest requiring further retention.
I am… a supplier or professional
Before partnering with GLAPI
Thank you for considering us as a business partner for your professional endeavors.
We are dedicated to safeguarding the privacy of all our associates. In compliance with the Data Privacy Law of 2012, its Implementing Rules and Regulations, and the directives of the National Privacy Commission, GLAPI informs you that any personal information provided in connection with your partnership inquiry will be collected and stored by GLAPI. We assure you that the information and documentation you provide to us (e.g., by uploading within the accreditation section) will be utilized solely for the purposes outlined in our Privacy Policy.
What Personal Data does GLAPI collect?
We only process personal data that is strictly necessary for the purpose of establishing legitimate business relationships and transactions with suppliers, ensuring we effectively serve our clients together. This mainly includes:
- Your full name
- Date and place of birth
- Contact details (email, phone number)
- Address
- Tax Identification Number (TIN)
- Professional Regulation Commission License Number
- PhilHealth Accredited Professional Number
- Curriculum Vitae (including educational background and medical training) and supporting certificates (diplomate, fellow)
- Background information from third party providers
- Certificate of Registration (BIR Form 2303)
- Area of specialization (including sub-specialization, if applicable)
- Affiliations with Hospitals, Clinics, or Medical Organizations
- Supporting documentation if you are a licensed medical practitioner recognized and authorized by the Philippine Medical Association
- Bank account details (for payment processing) and proof of bank (e.g., copy of passbook, deposit slip)
Additionally, we may process any other personal data provided by you to assess your suitability as a qualified supplier or professional.
Personal data may be provided directly by you, sourced from public sources, or collected by third parties (such as the Professional Regulation Commission and Professional Regulatory Boards or third-party providers).
To manage our relationship effectively, communication of your personal data is required as it is necessary to comply with obligations outlined in contracts (if accredited and onboarded to our network) or mandated by law. Therefore, failure in communication or partial or inaccurate communication may result in the inability to carry out activities required by applicable laws, and may prevent GLAPI from fulfilling its contractual and legal obligations.
To ensure that GLAPI can maintain effective data management practices, kindly communicate any rectification or deletion of personal data to GLAPI’s Data Protection Officer at privacy@generali.com.ph.
When does GLAPI collect your Personal Data?
GLAPI will collect Personal Data when you submit your application for accreditation (online or offline) and may also obtain information from third parties while overseeing your accreditation process through GLAPI’s Provider Relations Team. This data will be processed throughout our business relationship with you.
How do we use your Personal Data and based on which ground?
We process your personal data within the context of establishing (pre-contractual) and maintaining (contractual) legitimate business relationships and transactions within our network. This encompasses activities such as supplier accreditation, professional vetting, and facilitating collaborations and services for our clients. Therefore, GLAPI will process your personal data to take necessary steps, at your request, prior to entering into an agreement and to facilitate your onboarding process as a GLAPI network member if your accreditation is approved.
Specifically, we will use your personal data to:
- Consider your accreditation and onboarding to our network.
- Communicate with you regarding the accreditation process.
- Conduct reference checks.
- Supplement any information provided by you with information obtained from third-party data providers.
- Maintain and improve our accreditation processes.
We may also process your Personal Data to comply with legal or regulatory provisions, such as compliance with applicable laws and regulations governing the medical industry, anti-financial crime compliance, financial obligations, and directives issued by supervisory and control authorities. This includes requirements related to healthcare regulations, anti-money laundering and counter-terrorism financing (e.g., performing due diligence or mandatory screening of suppliers before onboarding), international sanctions, and financial reporting.
Once onboarded as part of our network, the legal grounds for processing your personal data are based on contractual necessity and legitimate interests.
Contractual necessity arises from our need to fulfill our contractual obligations with you as a supplier or professional within our network. This includes activities such as managing your engagements, monitoring services, or processing payments for your services. It encompasses all necessary activities for implementing the contractual relationship, such as:
- Implementing current contracts and performing GLAPI’s administrative, accounting, and fiscal activities.
- Organizing and managing activities assigned to you for implementing the current agreement.
Additionally, we process your Personal Data based on our legitimate interests (and also for the protection of the insured community), which encompass maintaining the integrity and efficiency of our medical network, ensuring quality service delivery to our clients, and safeguarding the interests of all parties involved (including fraud identification and prevention, risk management, pursuing legal actions, and exercising GLAPI’s right of defense, or facilitating GLAPI to conduct, participate in, manage, and plan corporate transactions). This may entail soliciting feedback to improve our processes within our network, which may include voluntary satisfaction surveys. These legitimate interests are carefully balanced with your rights and freedoms, and we ensure that any processing activities are proportionate, necessary, and conducted in a manner that respects your privacy and data protection rights.
At GLAPI, one of our core principles is the Human Touch. This means that we do not make decisions based solely on automated processing; human intervention is always and exclusively involved before any decision is made regarding your accreditation. To check the status of your accreditation, you can reach out to us at any time at: glapiproviderrelations@generali.com.ph.
Where does GLAPI store your Personal Data?
We store files containing personal information in our computers and servers located in the Philippines, which are kept in a secure environment. We may also store your personal information with cloud-based third-party data storage providers (those providers will not have access to your Personal Data). We shall ensure that proper measures are adopted to protect your information before sharing it.
With whom does GLAPI share or transfer your Personal Data?
GLAPI will only transfer your Personal Data where it is strictly required or necessary to satisfy the purpose for which the personal data was collected.
Please note that the primary team responsible for processing your Personal Data will be internal stakeholders, specifically individuals involved in the accreditation process (GLAPI’s Provider Relations Team) and those managing the relationship with our network.
GLAPI may share or transfer your Personal Data with trusted third parties, such as service providers, vendors, or partners who assist us in your onboarding as a member of our network (e.g., background check providers), operating our business, providing services to you, or managing our relationship with you. These entities are obligated to maintain the confidentiality and security of your Personal Data and are prohibited from using it for any other purpose than assisting GLAPI in accordance with our instructions and policies.
Additionally, your data may be shared with third-party service providers or vendors necessary for preventing financial crimes (including combating insurance fraud) and ensuring compliance with applicable laws and regulations (including AML/CTF and international sanctions regulations).
These third parties may be located outside of the Philippines. In any case, the transfer of your personal data will be performed in compliance with the applicable laws and international agreements in force, as well as on the basis of appropriate and suitable safeguards. As an example, our service providers are required to protect your personal information in a manner that is consistent with GLAPI’s privacy principles, policies and best practices.
Furthermore, where required by law, we may need to share it with legal and regulatory authorities. We may be required to share it with Government or regulatory bodies or any person to whom GLAPI must disclose data: under a legal and/or regulatory obligation; or pursuant to an agreement between GLAPI and the relevant government, regulatory body, or other person.
How long does GLAPI retain your Personal Data as supplier or professional candidate? And once onboarded as part of our network?
Generally, we retain your personal data only for as long as necessary to fulfill the purposes for which the data was obtained, in compliance with applicable privacy laws. The retention period for your personal data varies depending on the purposes of the processing.
For the purpose of accreditation prior to onboarding, your personal data will be retained for a period of 12 months from the date of decision on your submission if your application was discarded. After this period, your Personal Data will be removed from our computers and servers, unless there is a legal obligation or legitimate interest requiring further retention.
If you are successfully onboarded, for contractual purposes, your personal data will be retained for the entire duration of the contractual relationship and, in compliance with applicable laws, for a period of 10 years from the termination of the agreement or the latest payment, whichever occurs later. In case of disputes, your personal data may be retained for the statute of limitations set forth under the applicable laws, without prejudice to longer storage periods provided for by specific laws.
Upon expiration of the specified retention periods, your personal data will be securely disposed of, unless there is a legal obligation or legitimate interest requiring further retention.
I am… A job candidate
Before joining GLAPI
Thank you for thinking about us for developing your professional career.
We are committed to protecting the privacy of all our candidates and, therefore, in compliance with the Data Privacy Law of 2012, its Implementing Rules and Regulations and the issuances of the National Privacy, GLAPI informs you that the personal information that you will provide by reason of your Job Application are and will be incorporated in a register kept by GLAPI.
We will ensure that the information and documentation you submit to us, or which we collect, via various channels (through written correspondence, including e-mail, conversations, or meetings with us), is only used for the purposes set out in this Privacy Policy.
What Personal Data does GLAPI collect?
We only process personal data that is strictly necessary to fulfill the recruitment process’s sole purpose. This mainly includes:
- Your full name
- Contact details (email, phone number)
- Educational background
- Information related to your employment history
- Skills, experience, and details provided in your application, CV or resume
- References
- Interview notes and assessment results
- Current benefits and your expectations for future roles
- Health status data, exclusively for the purpose of assessing candidates’ ability to perform job-related tasks safely or identifying any necessary workplace adaptations in compliance with our Diversity, Equity and Inclusion policies. This information will be used solely to ensure the safety and well-being of all candidates during their potential employment with GLAPI. We are committed to preventing any form of discrimination or bias in our recruitment process, and the collection of health status data is strictly for legitimate and nondiscriminatory purposes. All health-related information will be treated with the utmost confidentiality and handled in accordance with applicable privacy laws and regulations.
Additionally, we may process any other personal data provided by you to determine your suitability as the best candidate.
GLAPI is committed to upholding Diversity, Equity and Inclusion principles in our recruitment practices. To ensure non-discrimination, we do not request or collect personal data related to race, ethnicity, religion/belief, sexual orientation, marital status, political views, nationality, disability, or age. Our aim is to foster a fair and inclusive environment for all candidates.
GLAPI does not request photographs or other visual representations of candidates during the recruitment process unless specifically required for identification purposes (e.g., for security clearance). The selection of candidates is based solely on qualifications, skills, and experience relevant to the job role.
Personal data may be provided directly by you, sourced from public sources, or collected by third parties (such as headhunting companies).
To ensure that GLAPI can maintain effective data management practices, kindly communicate any rectification or deletion of personal data to GLAPI’s Data Protection Officer at privacy@generali.com.ph.
When does GLAPI collect your Personal Data?
GLAPI will be collecting Personal Data at the time of submission of your application online and from third parties during the time that your recruitment process will be overseen by GLAPI’s HR Department.
How do we use your Personal Data and based on which ground?
We process your personal data in the context of staff recruitment for our business with the purpose of conducting all necessary activities to find suitable candidates to fill our job openings and select the most appropriate candidates. Therefore, we will process your personal data to assess your job application. The legal basis for this processing is to evaluate your application in order to undertake the steps prior to concluding an employment contract with you, if you are deemed the best fit for the position.
In particular, we use your personal data to:
- Consider your application for the role you have applied for or other roles that may match your profile.
- Assess your qualifications and suitability for the job.
- Communicate with you regarding the recruitment process.
- Conduct reference checks and criminal records checks.
- Supplement any information provided by you with information obtained from third-party data providers.
- To maintain and improve our recruitment processes
Thus, GLAPI will process your Personal Data to take necessary steps, at your request, prior to entering into an employment contract and to facilitate your onboarding process as a GLAPI employee if your candidacy is chosen.
To ensure compliance with applicable anti-financial crime laws (e.g., mandatory screening of candidates before onboarding), we may also need to process your personal information to comply with legal or regulatory provisions.
GLAPI also relies on legitimate interest as the lawful basis on which we collect and use your personal data. Our legitimate interest lies in the pursuit of recruiting the most suitable talent and maintaining your profile for future opportunities. We may also contact you regarding new positions that resonate with your expertise and career aspirations, aiming to facilitate your journey towards finding the perfect job fit. Rest assured, we prioritize upholding your fundamental rights throughout our processes, ensuring your privacy and dignity are always respected.
In some circumstances, we may request your consent to process your personal data in a particular way. If we are processing your personal data based on your consent, you have the right to withdraw it at any time (privacy@generali.com.ph).
At GLAPI, one of our core principles is the Human Touch. This means that we do not make decisions based solely on automated processing; human intervention is always and exclusively involved before any decision is made regarding your job application.
Where does GLAPI store your Personal Data?
We store files containing personal information in our computers and servers located in the Philippines, which are kept in a secure environment. We may also store your personal information with cloud-based third-party data storage providers (those providers will not have access to your Personal Data). We shall ensure that proper measures are adopted to protect your information before sharing it.
With whom does GLAPI share or transfer your Personal Data?
GLAPI will only transfer your Personal Data where it is strictly required or necessary to satisfy the purpose for which the personal data was collected.
Please note that the primary team responsible for processing your Personal Data will be internal stakeholders, namely, relevant individuals involved in the recruitment process such as hiring managers, interviewers, and HR personnel, who will assess talents.
Additionally, GLAPI may engage recruitment agencies or headhunters to assist in the recruitment process, especially if your candidacy has been submitted through them.
Furthermore, your data may be shared with third-party service providers, such as background check providers and anti-financial crime screening providers.
These third parties may be located outside of the Philippines. In any case, the transfer of your personal data will be performed in compliance with the applicable laws and international agreements in force, as well as on the basis of appropriate and suitable safeguards. As an example, our service providers are required to protect your personal information in a manner that is consistent with GLAPI’s privacy principles, policies and best practices.
Additionally, where required by law, we may need to share it with legal and regulatory authorities.
How long does GLAPI retain your Personal Data as Job Candidate?
For achieving the purposes above indicated, your personal data will be retained for a period of 12 months from the date of the hiring decision referred to the position you have applied for.
If you have registered for similar job alerts, we will be retaining your personal information for 12 months after the latest application (regardless or not if you were actively participating in the recruitment process).
After this period, your Personal Data will be removed from our computers and servers, unless there is a legal obligation or legitimate interest requiring further retention.
Generali Life Assurance Philippines, Inc. 2024 NPC Seal of Registration
Generali Life Assurance Philippines, Inc. 2024 NPC Certificate of Registration