Introduction
At Kiwi General Insurance Limited (“we”, “our”, “us”), we respect your privacy. This Privacy Policy explains in simple terms how we collect, use, share and protect personal information when you use our website, mobile app, customer portal, chatbot, telematics services, and our insurance products and services in India.
This Privacy Policy applies to:
• individuals who buy, use or enquire about our insurance products and services;
• and vendors, service providers, insurance intermediaries and agents/POSP who interact with us through our website, mobile app or other digital channels and whose information we collect for empanelment, onboarding and ongoing relationship management.
What information we collect
Depending on how you interact with us, we may collect the following information:
• Contact details such as your name, address, email and mobile number.
• KYC and ID details such as your date of birth, PAN, driving licence, or other ID documents needed for insurance and KYC.
• Policy and claim details such as your policy number, coverage, premium, nominees and claim information.
• Payment details such as bank account or payment instrument details used to pay premiums or receive claim amounts.
• Health and medical information needed to offer certain covers or process health or accident claims.
• Vehicle and asset details, including registration and inspection information.
• Technical information such as your IP address, device details, browser type, app version, cookies and usage logs when you use our website or app.
• Telematics and driving information if you choose a telematics or usage-based product, including distance, time, route, speed and driving behaviour.
• Call recordings, chatbot conversations and emails when you contact us.
We also collect limited information about our vendors, service providers, insurance intermediaries and agents when they interact with us through our website or mobile app, for example when they apply to empanel with us, log in to a partner portal, complete onboarding / KYC forms, or access our systems. This may include their contact details, KYC documents, registration details, bank details for fee or commission payments, login credentials and usage logs of our partner portals or apps.
How we use your information
We use your information to:
• issue, service, renew or cancel your insurance policy;
• process and settle your claims;
• perform KYC, prevent fraud and comply with law and regulatory requirements;
• provide customer support and handle complaints and grievances;
• operate, secure and improve our website, mobile app, portal, chatbot and telematics services;
• send service communications such as policy documents, updates, reminders and alerts; and
• comply with legal, regulatory, audit, tax and accounting requirements.
For vendors, intermediaries and agents/PoSP, we also use the information collected via our website and app to:
• verify identity and eligibility and conduct due diligence as required under IRDAI regulations;
• create and manage partner portal logins and access rights;
• track usage of our partner tools and monitor information security;
• make commission or fee payments and issue statements; and
• comply with IRDAI, tax and other legal or regulatory obligations.
Website and cookies
When you visit our website or customer portal, we may use cookies and similar technologies to:
• keep you logged in and secure your session;
• remember your preferences;
• understand how our website is used; and
• detect and prevent misuse or attacks.
You can manage cookies in your browser settings. If you disable certain cookies, some parts of the website may not work properly.
Mobile app
When you use our mobile app, we may ask for permissions for your camera, microphone, storage, location or notifications to enable features such as document upload, claim intimation, video KYC or roadside assistance.
You can control these permissions in your device settings. Some features may not work if certain permissions are switched off.
Telematics
If you opt for a telematics or usage-based insurance product, we may collect details about how, when and where your vehicle is driven through a telematics device or your mobile phone. This may include distance, time, speed, route and driving behaviour.
We use this information for underwriting, pricing, safety scores, improving services and supporting claims, only for the purposes explained when you opt in to such product or feature.
Health claims
For health, accident or hospitalisation claims, we may collect and use medical and health-related documents from you, hospitals and other service providers to check coverage, assess the claim and settle it.
We keep this information confidential and share it only with people and organisations who need it for the claim or for legal and regulatory reasons, such as hospitals, TPAs, surveyors, reinsurers or regulators.
Chatbot and virtual assistant
If you use our chatbot or virtual assistant, we may store your questions, answers and any files you upload so that we can respond to you and improve our services.
For complaints, claim disputes or sensitive issues, you can ask to speak to a human representative instead of relying only on automated responses.
Partners, intermediaries and agents
This Privacy Policy also applies, as relevant, when vendors, service providers, insurance intermediaries and agents use our website, mobile app or other digital channels and we collect their personal or business-contact information for empanelment, onboarding, due diligence, training, access to our systems or ongoing relationship management.
When we onboard or manage intermediaries and vendors, we may use the information collected via our website or app to:
• verify identity and eligibility (for example, to comply with IRDAI agent / intermediary due diligence requirements);
• create and manage partner portal logins and access rights;
• track usage of our partner tools and monitor information security;
• process and pay commissions, fees or other amounts; and
• comply with IRDAI, tax, audit and other legal or regulatory obligations.
Our expectation is that all such intermediaries and vendors will protect any customer or policyholder data they access through our systems and will use it only for authorised purposes, in line with IRDAI regulations, codes of conduct and their contracts with us.
Sharing your information
We may share your information with:
• Group companies and reinsurers who help design, underwrite or service products.
• Insurance intermediaries and partners approved or recognised by IRDAI, such as individual agents, corporate agents, brokers, web aggregators, TPAs, surveyors, loss assessors and other regulated entities who distribute our products or help service policies and claims.
• Vendors and outsourced service providers who support us with technology, cloud hosting, data centres, call centres, printing and dispatch, document management, telematics platforms, analytics, KYC, investigations and other support services, in line with IRDAI outsourcing guidelines.
• Regulators, law enforcement and other authorities where required by law, regulation or court / regulatory orders.
When we work with intermediaries, partners and vendors, we do so under written agreements that require them to:
• keep all customer and policyholder information confidential;
• use the information only for authorised purposes and only to perform the services for us;
• implement appropriate security measures to protect the information; and
• support regulatory access, inspections and data return or deletion on termination, in line with IRDAI outsourcing and cyber-security requirements.
We do not sell your personal information.
Security
We use reasonable technical and organisational measures to protect your information against unauthorised access, loss or misuse, consistent with regulatory expectations for insurers and IRDAI’s cyber security guidance.
We limit access to your information to people and service providers who need it for their work and who are bound by confidentiality obligations.
How long we keep your information
We keep your information for as long as needed for the purposes explained above and for as long as required by law, regulations, tax and accounting rules or to resolve disputes.
After that, we delete or anonymise it in a secure manner, in line with our internal retention and disposal policies.
Your rights
Subject to applicable law, you may be able to:
• ask for a summary of your personal information we hold;
• ask us to correct or update your information;
• withdraw consent where you had earlier given consent; and
• raise a complaint about how we use your information.
We may need to verify your identity before we act on your request and may retain certain data where we are required to do so by law or regulation.
Children
Our services are generally meant for adults. Where we process a child’s information as part of a policy or claim, we do so in line with applicable law and, where required, with consent from a parent or guardian.
We do not knowingly use children’s data for behavioural profiling or targeted advertising.
Grievance officer and contact details
If you have any questions, concerns or complaints about this Privacy Policy or how we handle your information, please contact:
Grievance Officer / Privacy Contact
Name: Chivukula Lakshmichaya
Designation: Chief Compliance Officer / Grievance Redressal Officer
Email: gro@kiwiinsurance.com
We will respond to your concerns within the timelines required by applicable law and our internal grievance framework.
Changes to this Policy
We may update this Privacy Policy from time to time. The latest version will always be available on our website and app, with the date it was last updated.