Personal Data Protection Statement
This PDP Statement sets out the basis on which Auto & General Insurance (Singapore) Pte. Limited (trading as Direct Asia Insurance) (“we”, “us” or “our”) may collect, use, disclose or otherwise process your personal data in accordance with the Personal Data Protection Act of Singapore (“PDPA”) when you visit our website, use our online resources, interact with us through any means in relation to our promotions, products and services, or enter into a contract with us or is otherwise insured under a contract for our provision of any products or services.
The security of your personal data is important to us. We have in place safeguards to protect your personal data.
What personal data we may collect
We may collect, use and disclose personal data including but not limited to the following:
- your personal particulars such as your name, date of birth, gender, marital status;
- your contact details (including phone number, residential address and email address);
- your financial information such as credit card and other payment details;
- your occupation and relevant employment information;
- your health, lifestyle and relevant medical information such as medical history;
- your previous or current insurance;
- your driving history;
- your travel related information;
- personal data of a third party that you provide to us in connection with the provision of our products and services to you;
and such other information which is relevant and necessary for us to provide our products and/or services to you, or to comply with the law.
Purposes for which personal data may be used
The purposes for which we may collect, use and disclose your personal data include:
- considering your insurance application, establishing and administering your policy;
- assessing your eligibility to participate in promotions and administering events such as lucky draws;
- processing premiums and payments, and recovering monies owed to us;
- assessing our risks and underwriting your insurance;
- assessing, processing and investigating your insurance claim or complaint;
- performing obligations in the course of or in connection with our provision of the products or services requested by you;
- verifying your identity and the identity of third parties whose personal data you have provided to us;
- managing your relationship with us, communicating with you with respect to your policy including updates, changes and renewals;
- conducting checks with Singapore’s Do Not Call Registry;
- responding to, handling and processing queries, requests, applications, complaints, and feedback from you;
- preventing, investigating and detecting fraud, loss, other unlawful or improper activities, including performing anti-money laundering/counter terrorism financing checks in adherence with applicable laws;
- conducting due diligence, compliance, monitoring and audit reviews and checks;
- complying with applicable laws, regulations, codes of practice, guidelines or rules, or to assist in law enforcement and investigations conducted by any governmental and/or regulatory body within or outside Singapore;
- complying with internal policies and procedures of the Auto & General group which we are a part of;
- conducting market, statistical or actuarial research and trend analysis of our products and services for internal, regulatory or industry exercises and studies;
- enhancing our products and services which may include conducting surveys and requesting for feedback to improve the quality of our products and services;
- quality assurance and training for our employees and representatives;
- telling you about our products and services as well as our other products and services which may include those of our business partners, which we believe may interest you (see “Marketing” section below for more details);
- processing your application to us for employment and conducting pre-employment checks;
- for any other purpose for which you have provided your personal data; and/or
- for any other incidental business purposes related to or in connection with the above.
The purposes listed above may continue to apply even when you do not have a relationship with us or your relationship with us has been terminated or altered in any way (for example, you participated in a promotion without resulting in a purchase of our product or services).
Disclosure to third parties
The personal data that we collect from you may be disclosed to other parties who are involved with the provision of our products and services to you, assist us in the conduct of our business activities or in our handling of applications, requests or feedback from you. Such third parties include but are not limited to:
- your current and/or past insurers;
- our group companies,
- partners, service providers or contractors who provide operational services to us such as distribution of our products and services, postal, courier, telecommunications, information technology, cloud storage, payment, payroll, training, human resource, market research, document retention or disposal, storage archival, customer support fulfilment and/or other services;
- your banks, credit card companies, their respective service providers and your authorised personnel in relation to payment from or to you;
- emergency assistance companies, repairers, surveyors, loss adjusters, claims investigators, hospitals, clinics, doctors, lawyers or other professional advisers whom we engage;
- other insurers (for the purpose of seeking claims recoveries or to assist us or them to assess insurance risks), insurance reference service providers, risk intelligence providers, credit reporting agencies, or in the event of default or disputes, debt collection agencies or dispute resolution centres;
- your family members, relatives, appointed executors or administrators and their professional advisors in connection with the administration of your policy in the event of death, bankruptcy or insolvency;
- government bodies, regulators, law enforcement agencies, industry bodies;
- selected marketing and social media platforms that we use (including but not limited to Google and Facebook), and their respective service providers.;
- any other party to whom you consented or authorise us to disclose your personal data to.
Our group companies or external service providers who help us web-host, maintain our website and mobile applications, provide cloud storage and related services, may also have access to your personal data for the sole purpose of providing those services.
We impose security and confidentiality requirements on how these third parties handle your personal data and we limit the use of it to the specific purpose for which we supplied it.
The information we provide to third parties will be strictly limited to what is required for the purposes outlined above.
Where the third parties are located overseas, we may be required to transfer your personal data outside Singapore. If this happens, we will ensure that the receiving third parties are bound by laws or contractual obligations to protect your personal data to a standard comparable to the PDPA.
How we collect personal data
We may collect information from you in various ways. It might be through our call centre, over the internet when you access our website, submit applications, claims, obtain quotes or transact with us online, respond to our sent communications, promotions or feedback requests via SMS, email, social media messaging platforms or other means, submit queries or employment applications to us. We may also collect information through our third party service providers or partners.
When you are at our offices, we may capture your images using CCTV and record our meetings with you. Your phone calls with us are also recorded for quality, training, security and record keeping purposes.
Information collected online
We collect information about visitors using our online resources. Any information collected is used to provide our products and services and to identify online behavioural patterns.
Our online resources include but are not limited to websites and webpage applications “apps”. Information collected by these resources may include:
- Server address/IP address
- Date and time of visit to our site
- Pages visited
- Documents downloaded
- The site you visited prior to visiting our website
- The browser you are using to access our resources
- If you have visited our website before
- Tracking user preferences
In addition to the above, webpage apps may collect location data.
From time to time, we may use data collection devices such as 'cookies' in conjunction with our website. Cookies are commonly used on the internet. They are small files placed onto your device by a server and can be used to identify your device later. We may use both 'persistent' and 'session cookies'. These cookies help us and our marketing partners to evaluate the effectiveness of our advertising and understand how visitors use our site. We retain control over how that data is used. Any information that is collected in this way is used in an aggregated form and we do not use it to identify you as an individual.
We may use cookies for various purposes such as:
- to provide you with better and more customised service and a more effective website
- collecting anonymous statistical information on things such as how many visitors our sites receive, how those visitors use the sites and where they came from.
Most of our online resources use sessions and/or cookies. If you wish, you can configure your browser so it does not accept cookies, but this may affect the functionality of the website.
Our website uses Google Analytics, a web traffic analysis service provided by Google Inc. (Google). Google Analytics uses cookies or similar technologies to collect and analyse information on how users use our website. For more information on how Google uses data when you visit our website and how to control information sent to Google, please refer to http://www.google.com/policies/privacy/partners.
You may opt-out from Google Analytics tracking through your Google Ads Settings page or by downloading and installing the Google Analytics Opt-out Browser Add-on at https://tools.google.com/dlpage/gaoptout/.
Collecting personal data from third parties
Where possible, we collect personal data directly from you. However, in some circumstances we may also collect personal data from other sources so that we can provide you with a policy, assess a claim you make, manage their enquiry, handle your request or employment application. These other sources may include other insurers, claims investigators, credit reporting and employment screening agencies, medical providers, government bodies or law enforcement agencies.
If you authorise someone else (for example, your family member, relative, employer or representative) to provide your personal data to us, then you also authorise such other person to provide your consent to this PDP Statement.
We will deal with such persons only if you inform us that they are authorised by you and provided they satisfy our identification and verification checks.
We may also collect personal data about someone else from you. For example, you may wish to purchase insurance in joint names or where you are nominating other people as insured persons on your policy (for example, another driver or travel companion). Where you provide us with personal data of another individual, it is deemed that you are authorised and have obtained their consent to the collection, use and disclosure of their personal data in accordance with this PDP Statement. You will notify us in writing as soon as practicable should you be aware that such consent has been withdrawn. Notwithstanding anything to the contrary, you undertake to indemnify us against any loss, damages and/or costs as may be suffered by us due to your providing another person’s personal data to us without their consent.
Marketing
We will only send you marketing materials about our products and services or those of selected third parties if we have your consent to do so. We will normally obtain your consent when you get a quote from us or purchase a policy with us or participate in our marketing campaign, events or promotions.
We will never sell your personal data to other companies. However, where you have provided your consent, we may provide your personal data to our business partners so that they can provide you with information about their products and services that you might be interested in. Should you purchase products or services on our business partner websites, their privacy policies or equivalent statements will apply to those products and services.
If you no longer wish to receive such marketing material, you can choose to opt out of our marketing activities. To opt out, you can either:
- use the unsubscribe function from our emails or
- log in to your Policy Manager to unsubscribe ; or
- contact us using the Contact Details below.
You can also, at any time thereafter, change your mind about opting out of receiving marketing material, by changing your preferences in your Policy Manager or contacting us using our Contact Details noted below.
Withdrawing your Consent
Your consent for the collection, use and disclosure of your personal data will remain valid until such time it is withdrawn by you in writing via the Contact Details below. Upon receipt of your written request to withdraw your consent, we may require reasonable time to process your request (depending on the complexity of the request and its impact on our relationship with you). We will also notify you of the consequences of us acceding to your request, including any legal consequences which may affect your rights and liabilities to us.
Whilst we respect your decision to withdraw your consent, please note that depending on the nature and scope of your request, we may not be in a position to continue providing our products and/or services to you or to manage the customer relationship in place with you, which might inevitably result in termination of any contract or arrangement you have with us. In such circumstances, we will notify you and confirm your acquiescence to such consequences before completing the processing of your request.
Access to and correction of personal data
You can request access to or correct the personal data we hold about you at any time by contacting us in writing using the Contact Details noted below and we will provide you with that information unless we are prevented by law from doing so. We will respond to your request as soon as reasonably possible. If we are unable to accede to your request, we shall generally inform you of the reasons why we are unable to do so.
We may charge a reasonable fee to handle and process your request for such access.
Please note that depending on the request that is being made, we will only need to provide you with access to the personal data contained in the documents requested, and not to the entire documents themselves. In those cases, it may be appropriate for us to simply provide you with confirmation of your personal data that we have on record in those documents if your personal data forms a negligible part of the document.
While we take reasonable measures to ensure that the personal data we hold about you is accurate, complete and up to date, you have the right to request that we correct or update any of your personal data. If you believe your personal data in our records is not accurate or up to date, we strongly encourage you to log in to your Policy Manager to update your personal data, or where not possible to update on Policy Manager, inform us in writing using the Contact Details noted below. We will respond to your request as soon as reasonably possible.
Storage and Retention of Personal data
We store your personal data in a number of ways including in:
- electronic systems and devices;
- telephone and CCTV recordings;
- paper files;
- secure storage achival or document retention services off-site; and/or
- cloud storage facilities operated by us (or by third parties on our behalf)
The personal data that we collect from you may be retained for as long as it is necessary to fulfill the purposes for which they were collected, or as required or permitted by applicable laws. We will cease to retain your personal data or remove the means by which the data can be associated with you, as soon as it is reasonable to assume that such retention no longer serves the purposes for which the personal data was collected or no longer necessary for legal or business purposes.
Website Links
This PDP Statement applies to websites operated by us or on our behalf which we authorise to provide a link to this PDP Statement.
When you use a link from our websites to access the websites of third parties, we have no control over those third-party websites. Those third-party websites are not subject to our PDP Statement, and we take no responsibility for how those third-party websites handle your personal data. Always read the privacy and security statements when using other websites.
Contact Details
For data protection concerns or queries, you may contact our Data Protection Officer at:
- Email: [email protected]
To withdraw your consent, request access to your personal data, update or correct your personal data, you may visit our website at https://www.directasia.com/contact to submit your request to us.
Effect of PDP Statement and Notification of Changes
This PDP Statement applies in conjunction with our other policies, notices and contractual documents that apply in relation to the collection, use and disclosure of your personal data by us.
We may make changes to this PDP Statement from time to time for any reason without any prior notice, and publish our new PDP Statement on our websites. You may determine if any revision has taken place by referring to the date on which this PDP Statement was last updated. It is important that you read and understand this PDP Statement. Your continued use of our website, products and services constitutes your acknowledgment and acceptance of such changes.
Last updated: 1 July 2026
Frequently Asked Questions
Can I buy insurance/ purchase insurance without providing my NRIC?
As we are an MAS licensed insurer, we require your NRIC information if you would like to proceed with the purchase of your policy.
Would you share my data to a Third Party?
Any disclosure of your data is only for the purposes outlined in our PDP Statement on our website. If you need further information, please email us at [email protected] or you can write in to the Data Protection Officer at [email protected]
How can I be assured that my data is protected?
Direct Asia complies with the requirements of the Personal Data Protection Act of 2012 and one of our obligations as per the Act is to ensure the protection of all customer data.
How long will you keep my personal data?
No personal data is kept for longer than is necessary and Direct Asia will comply with all statutory and regulatory requirements in Singapore. If you need further information, please email us [email protected] or you can write in to the Data Protection Officer at [email protected]
Who can I contact for questions related to my data?
Questions, comments and requests regarding your personal data are welcomed and should be addressed to our Data Protection Officer.
You can write in to the Data Protection Officer at [email protected]