Internet Insurance Security Arrangements And Policy


As part of our engagement stipulated in our Customer Charter, we aim to give our customersthe highest level of confidentiality and data protection. We are also committed in providing safe and secure operations in the conduct of online transactions.

Our Privacy and Security Policy, which can be found in our web page and a copy of which is also included here, states how we ensure the security and confidentiality of our costumers’ information and how we manage with the highest level of diligence. This document describes the security practices governing and supplements our Privacy and Security.

Security Arrangements and Features

We do recognize that technological attacks are inevitable. That is why we aim to maintain a strong cyber defense and breach response mechanism. While we are aware that absolute cyber security is unlikely to be achieved, we continuously monitor, strengthen, and enforce our cyber security to protect ourselves from possible harm.

  1. How we store/save data web pages collects only the information necessary for us to process the insurance coverage application of a potential customer. These information include the name and contact information details of the client, health and medical history, and information regarding prior applications for life, health, accident, fire, motor, and other perils insurance coverage. We also collect demographic information such as preferences and general interests as these information helps us assess the potential risks of a client.

    The data is collected online when the client registers with us through our website. The data disclosed online is stored in a secured location and protected with encryption.

  2. Who will have access/Who collects

    Only authorized representatives of Manila Bankers Life may access personal data of our clients. Furthermore, only those authorized representatives of Manila Bankers Life who require access to personal data to fulfill their essential functions with Manila Bankers Life are given access to personal data through security controls imposed by our breach management team. Thus, Manila Bankers Life and General Assurance Corporation has designated administrators who have full access to and can authenticate the data in the system. All other personnel have limited access with designated usernames and passwords issued by the administrators, depending on their roles as employees or as agents and their access to personal data are registered through system logs in order to implement strict accountability for those who handle personal data.

    When it comes to agents, only employees - who are policy users as well - are authorized to manage the list of agents, including user accounts, policy issuances, and the experience rating of every costumer. For this purpose, agents are only authorized to insert credentials of costumers and provide quotation of the premium.

    Our technical team ensures that all system access are logged so that any breach can be immediately identified, contained, and addressed. We do not share or disclose third personal data collected through our website to third parties.

    Should you have any concerns with regard to data collected, you may reach us through our customer service details.

  3. How is the data protected

    We have implemented authentication mechanisms and security features to ensure the the confidentiality, availability and integrity of data that is processed, stored and communicated through electronic or similar means via

    Thus, information collected from the costumers and other data gathered for every transaction and stored within the system are encrypted with SSL certificates.

    Digital copies of the policy are embedded with hash codes and are signed digitally with our security certificate which can verify if there are any changes on the document after it has been generated and signed. A copy of the digital policy is also sent automatically to the e-mail of the costumers. In addition to these technical measures, we have also implemented organizational security measures to limit the access of individuals to data. Physical measures are also in place to address physical security threats.

  4. How long will the data be stored.

    Personal data shared with us shall be retained by us for a period of time necessary for us to fulfill our obligations with regard to the insurance application. When an application is disapproved, personal data shared with us is immediately destroyed unless a client should opt in to receive updates from us regarding our latest products and services. If an application is approved, your data remains with us for a longer period of time. For hospitalization coverage, personal data shared with us is retained five (5) years from the date of termination. For life coverage, personal data shared with us is retained for ten (10) years from the date of termination or expiration. These periods are consistent with industry best practices.

  5. How you can exercise your rights.

    As a data subject, your rights are protected by Republic Act No. 10173, otherwise known as the Data Privacy Act of 2012. These rights include the right to be informed and the right to access your information, among others. However, in the exercise of certain rights, relevant fees and charges may apply. In order to effectively exercise your rights, you may reach our Data Protection Officer at

  6. How this privacy policy is updated.

    This privacy policy may be updated from time to time but always with prior notice. Part of the purpose of collecting your contact details is so that we may revert to you for any updates or amendments in our data privacy policy.