HomePrivacy Policy

Privacy Policy

1. Introduction

Octium Group is made up of Octium Life DAC and Octium International Insurance Agent AG (including its Swiss and Greek Branches).

This Data Privacy Notice is issued on behalf of the Group, so when we mention “Octium Group”, “we”, “us” or “our”, we are referring to the relevant company in the Octium Group responsible for processing your data.

At Octium Group, we are committed to protecting the confidentiality, integrity, and privacy of your personal data. Personal data means any information relating to a natural person which can directly or indirectly identify that specific person.

Please take the time to read this Data Privacy Notice carefully, so that you understand how we will use your personal data and what rights you have under data protection law (including the EU General Data Protection Regulation 2016/679 (“GDPR”)).

Octium Group is classified as a Data Controller of your personal data which means that we, alone or jointly with others, determine the purposes and the means of processing your personal data.

This Data Privacy Notice should be read in conjunction with our Cookie Policy which is also available on our website.

2. How to Contact Us and/or our Data Protection Officer

We are committed to keeping your personal data safe and to only processing it for the specific purposes mentioned below in Section 6. To support this commitment, we have appointed Data Protection Officers to monitor and oversee the collection, processing and storing of your personal data.

If you have questions on how we process, store, and protect your personal data, you can contact the relevant Data Protection Officer at:

Octium Life DAC:
Data Protection Officer
Octium Life DAC
College Park House
South Frederick Street
Dublin 2
Ireland
Email: DataProtectionOfficer@Octiumgroup.com

Octium International Insurance Agent AG:
Data Protection Officer
Octium International Insurance Agent AG
Austrasse 61
9490 Vaduz
Liechtenstein
Email: dataprotection.fl@octiumgroup.com

3. What Personal Data We Collect from You

We collect and process only as much personal data as is necessary for us to provide you with our products and services or to enable you to submit a question in relation to our products or our customer service.

The following is a list of the personal data, about you, that we may collect and process in the context of assessing your application for a policy of insurance and arranging, issuing and administering yourpolicy, depending on your capacity as policy applicant, policy holder, insured person, beneficiary or other connected person:

3.1 Information to Identify You and Enable Us to Contact You

Full name, date of birth, gender, marital status, photographic identification, passport/identification information, nationality, postal address, tax residency, tax identification number, telephone number, email address, occupation, financial information, citizen status family details (e.g. number of children, if applicable), signature and details of your appointed insured persons and beneficiaries.

3.2 Information to Determine your Source of Funds and Source of Wealth

Bank name, bank account number, IBAN, bank account statements, income details and personal assets, information on the source of the premium, investment profile (e.g. conservative or aggressive).

4. Sensitive Categories - Medical Information for Underwriting Purposes

Personal medical history, including information on mental or physical health, prescription information etc. We may communicate or share sensitive data with professionals under contract to provide services to us e.g. insurers, co-insurers, reinsurers, doctors, lawyers, etc.

Under no circumstances do we collect, store, or further process your genetic data.

4.1 Other Information

Information relating to the issuing and administration of your policy, specifically to any payments, contributions and/or profits made, to any communications received including requests, queries, or complaints you may have, to politically exposed person checks, to anti-money laundering and anti-terrorist financing checks, and to any FATCA tax checks.

4.2 Your Duty to Inform us of Changes

It is important that your personal data is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

5. How We Collect Your Data

5.1 Personal Data You Provide

We collect personal data from you when:

  • you complete your application form
  • you use our products or services
  • you contact us
  • you use our website (for more information, see our Cookies Policy)
  • you are connected to a policy e.g. insured person, beneficiary, representative etc.

Important Note: When you send any forms by email, that contain personal data, we strongly advise that you encrypt the attachments before sending. The encryption password may then be disclosed by telephone or by separate email.

5.2 Personal Data Provided by Third Parties

We also collect your personal data from:

  • health professionals, where medical information is strictly necessary in order to underwrite or administer a policy, including the processing of a claim and in accordance with your explicit consent
  • intermediaries that you have chosen to service and advise you on our products i.e., your financial intermediary or broker
  • compliance systems, where necessary to comply with our regulatory obligations
  • the policy applicant, where you are connected to a policy e.g., beneficiary, representative of a policyholder, insured person etc., following your authorisation of that person, to release your personal data to us
  • a person otherwise connected to a policy, following your authorisation of that person.

6. What Personal Data We Collect from You, about Other Persons

We may collect personal data from you that relates to the following persons:

  • Trustees
  • Insured Person
  • Beneficiaries
  • Assignees
  • Premium Payer
  • your health professionals
  • your legally appointed representatives

The personal data we collect with respect to these persons is limited to name, address and, where relevant, identifier number, and is used only for identification purposes.

We will ensure that any personal data you provide to us, that relates to any person, will receive the same level of protection and privacy as described in this Data Privacy Notice.

6.1 Your Duty to Inform Other Persons that You are Releasing Their Personal Data

Before you disclose any personal data to us in connection with another person, you should:

  • inform that person about the content of this Data Privacy Notice
  • obtain permission from that person to release their personal data.

7. Why We Process Your Personal Data

We collect and further process your personal data only to the extent that is necessary and under the following lawful bases and for the following specific purposes:

7.1 Contract

It is necessary for us to process your personal data as well as personal data of third parties included in your policy, in order to assess your application and to issue and administer your policy. This includes underwriting checks and risk assessments, undertaking investment and asset management activities, communicating with you and with persons appointed by you, handling any queries, requests, complaints, payments or claims in the context of your policy and, in general, providing you with the services set out in your policy.

7.2 Legal Obligations

In accordance with applicable legislation, including tax and other regulatory obligations, we process your personal data in order to establish your identity, residence, and tax status for the prevention of tax evasion, money laundering and terrorist financing, to fulfill requirements by law, to screen persons connected with policies for the prevention of terrorist and other criminal activities, to comply with binding requests from regulatory bodies, including the Central Bank of Ireland, Finanzmarktaufsicht Liechtenstein or tax authorities, and to comply with court orders arising from civil or criminal proceedings.

7.3 Legitimate Interests

It is in our legitimate interests to process your personal data in the context of establishing and defending our legal rights and those of companies connected to us, to manage our internal administrative activities, including security of our information systems, to analyse our products and services, to host data and applications, to manage internal controls and audits and to prevent, deter, identify, detect, report and remedy instances of fraudulent conduct. It is further in our legitimate interests to process strictly necessary personal data of persons other than the contracted parties (e.g. representative’s postal address), in order to issue and administer your policy and process claims and benefits under the policy.

7.4 Consent

As an insured person, we will request your explicit consent in order to process your health data, as provided through the Medical Questionnaire or as otherwise collected in order to clarify the said questionnaire.

Please be advised that in case you do not provide such consent, we will not be able to conclude a policy with you as an insured person, as a medical screening is a necessary industry standard before providing life insurance. You may withdraw such consent on the processing of your health data by contacting us at any time, however this may lead to the cancellation of your policy.

We also collect your personal data where you are not a policyholder but are connected to a policy.

8. Persons with Whom We Share Your Personal Data

We only share your personal data (as detailed in Section 3) with a select number of individuals and companies, as necessary.

When providing a policy to you, we share your personal data with:

  • Companies that are under contract to provide services to us, including document management, e-signature platforms, administration, underwriting, payment facilitation, financial sanctions, and PEP (politically exposed person) screening
  • Asset Managers and Custodians that are under contract to provide management and/or safekeeping services to us
  • Intermediaries that you have chosen to service and advise you on our products
  • Octium Group Companies that are under contract to provide support services to the Intermediaries you have chosen
  • Health Professionals when this is required for underwriting purposes and for the payment of policy benefits
  • Reinsurers that are under contract to provide claims and underwriting services to us
  • Regulators, Tax Authorities, and Revenue Commissioners, for reportable accounts under the Common Reporting Standards and, if you are a ‘US Person’, the Foreign Account Tax Compliance Act (‘FATCA’)
  • Other bodies or competent authorities, in order to comply with regulation and law
  • Third parties, such as investment funds and transfer agents, in order to facilitate their compliance with applicable regulatory and/or legal obligations and/or where it is necessary to provide you with the services you require
  • Courts and court appointed persons and/or entities
  • National Treasury Management Agency (NTMA) and its agents
  • The Irish Police Force if required by law
  • Any other administrative, judicial, or public authority or generally any legal or natural person to whom, by law or court decision, Octium Group may be obliged or has a right to disclose such data.

Octium Group will take all reasonable steps as required by law to ensure the privacy, confidentiality, integrity, and safety of the personal data held by us. To this end, where applicable, we will have entered into corresponding data privacy agreements with any third-party service provider under contract to us

9. Sharing Your Personal Data Outside the European Union or European Economic Area

The personal data we collect from you will, for the purposes specified in this Data Privacy Notice, be transferred to, and stored with, an outsourced service provider appointed by us and located in Switzerland, which is outside the European Economic Area (‘EEA’). Switzerland is a designated secure third country which means that the European Commission has confirmed Swiss national laws provide a level of protection for personal data that is comparable with EU law, having issued the corresponding Adequacy Decision in such regard.

10. How Long We Retain Your Personal Data

Your personal data is retained only for as long as it is required to provide you with the services requested, to meet the needs of our business or to comply with legal, tax and regulatory requirements, and then only for as long as required by applicable law.

11. How We Protect Your Personal Data

We have measures in place to protect the security of your personal data and to prevent your personal data from being lost or being processed, accessed, altered, or disclosed in an unauthorised manner.

Your personal data is stored in systems in our premises, with providers of data storage in the EU and Switzerland. We take all reasonable steps to ensure that your data is protected and that any transfer of personal data is carefully managed to protect your privacy rights.

We also limit access to your personal data to those employees, agents, contractors, Data Processors and other third parties who have a legitimate business reason to obtain it, who are subject to a duty of confidentiality and who process your personal data only on our instructions.

We have procedures in place to deal with any suspected data security breach and will notify you and any applicable regulator of any suspected breach, where we are legally required to do so.

12. Your Rights in Respect of Your Personal Data

In accordance with applicable legislation, you have the right to:

  • access and receive copies of your personal data
  • have inaccurate and incomplete personal data about you corrected and updated
  • request the deletion of your personal data, where it is no longer necessary for us to retain it
  • withdraw any consent provided for data processing, at any time and without affecting the processing that has already taken place
  • require us to provide your personal data to another provider (where that does not result in a disclosure of personal data relating to other persons)
  • restrict our processing of your personal data
  • object to the processing of your personal data, where it is processed based on our legitimate interests.

If you wish to exercise any of these rights, you should contact the relevant Data Protection Officer, at the contact details provided under section 2. We will respond to you within one month of receipt of your request, unless the request is of significant complexity, in which case the deadline may be extended for a further month.

If you make your request electronically and unless otherwise requested, we will provide you with the relevant information electronically.

We reserve the right to verify your identity by requesting that you send us an identification document or different suitable documentation for this purpose (e.g., through the confirmation of personal data held by the Group).

We also reserve the right to request clarification on the request received, in order to ensure fast and targeted assistance.

13 Complaints

If you believe we have processed your personal data incorrectly, you should contact the relevant Data Protection Officer, at the contact details provided under section 2.

If you are dissatisfied with how our Data Protection Officer has dealt with your request or complaint, you can complain to the competent Supervisory Authority (in Ireland or Liechtenstein) at the contact details below:

Ireland
Data Protection Commissioner
21 Fitzwilliam Square South
Dublin 2
D02 RD28
Ireland

Telephone: +353 (01) 7650100 or +353 1800 437 737
Email: dpo@dataprotection.ie

Liechtenstein
Datenschutzstelle
Kirchstrasse 8
Postfach 684
FL-9490 Vaduz
Liechtenstein

Telephone: +42 32 36 60 90
Email: info.dss@llv.li

14. Updating our Data Privacy Notice

We may update our Data Privacy Notice from time to time. Any updates will be made available on our website at www.octiumgroup.com and, where you are a policyholder and have requested access, on our client portal.

Please review this Data Privacy Notice each time you visit our website or use our services.