Liberty Privacy and Security Notice

Your right to privacy and security as guaranteed by Zambia’s Electronic Communications and Transactions Act (ECTA) and Data Protection Act (DPA) are very important to us. Liberty Holdings Limited and its subsidiaries (Liberty, Liberty Health, we, us, our) treat your personal data as private and confidential.

How and why we collect personal data

  • We collect personal data for the purposes set out in this notice or otherwise communicated to you.
  • We collect personal data directly from you when you contact us directly or provide information through this website.
  • This personal data is used to create a policy in your name and to issue you with any and all of the following: policy schedule; key facts statement; member certificate and card as proof of cover and to gain access to medical service and the benefits of the policy. This information is also used to authenticate and verify that you are you when interacting with Liberty or any nominated third parties assigned to perform any processing on our behalf. It is used for security purposes to ensure that unauthorised persons do not get access to your Liberty information or benefits.
  • We may collect from and share your personal data with selected third parties to ensure we meet our responsibilities as a Long Term Insurance Provider offering Health Insurance Product Services as well as Life Insurance Services. These third parties may include, but are not limited to:
    • Regulatory bodies
    • Financial Advisers and other intermediaries
    • Member companies of the Standard Bank Group – Our parent company
    • Credit bureaus – to establish credit worthiness (If Liberty is requested by any regulatory body / bureau to confirm whether or not we have a certain client covered by policy we have to provide this information).
    • Anti-money laundering and other financial crime service providers offering screening, adverse media and any other regulatory checks as may be required by law.
    • Health Care Providers when medicals are being done for the purposes of establishing eligibility to take up cover or where you access services using your Liberty Health Cover policy.
    • Other insurers, reinsurers or authorised financial services providers for prevention of fraud – Forensics investigations.
    • Other third parties involved in any issues relating to litigation. Sharing of information would come into play when we have litigation cases and this information is shared with the respective legal representative with Liberty and/or member’s employer.
  • We collect personal data from and about you for the following purposes, but not limited to:
    • Assess your individual requirements accurately
    • Deliver effective and personalised services to you that comply with applicable regulations.
    • Carry out statistical and other analyses to identify potential markets and trends, evaluate and improve our business (this includes improving existing and developing new products and services).
    • Set-up premium collection for your policy
    • Verify information submitted for claims purposes and in order to process claims at the point of claiming
    • Tell you about services and products available within the Liberty Group. This information is used for Marketing purposes giving you access to the broader Liberty Group product offering.
    • Constantly improve our offerings to suit your unique needs.
    • To verify and protect your identity. This information is also used to authenticate or verify your identity when interacting with Liberty (us). It is used for security purposes to ensure that unauthorised persons do not get access to your Liberty information or benefits.
    • Regulatory reporting – Liberty (and the wider Liberty Group) is obliged to provide regulatory reporting to the insurance and other regulatory bodies.
    • Comply with relevant regulatory requirements, including monitoring and analysing your account for credit, fraud, anti-money laundering, compliance and other risk-related purposes as required by law.
    • As otherwise allowed by law


Without your personal data, we may not be able to provide or continue to provide you with the products or services that you need. This personal data is used to create a policy in your name and to issue you with a member certificate and card as proof of cover and to gain access to medical service and manage your policy. This information is also used to authenticate or verify that you are you when interacting with Liberty. It is used for security purposes to ensure that unauthorised persons do not get access to your Liberty information or benefits.

What personal data do we collect?

The personal data collected includes, but is not limited to the following:

  • Information about who you are e.g. your name, date of birth and contact details
  • Information connected to your product or service with us e.g. your bank account details
  • Information about your contact with us e.g. meetings, phone calls, emails / letters
  • Information that is automatically collected e.g. via cookies when you visit one of our websites
  • Information to allow you to access our online services e.g. user name, email address
  • Information if you visit one of our offices e.g. visual images collected via closed circuit television (CCTV)
  • Information if you call our contact number e.g. phone call recordings
  • Information classified as special category data [‘sensitive’ personal data] e.g. relating to your (a) race, marital status, ethnic origin or sex; (b) genetic data and biometric data; (c) child abuse data; (d) political opinions; (e) religious beliefs or other beliefs of a similar nature; (f) whether you are a member of a trade union; or (g) physical or mental health, or physical or mental condition
  • Information you may provide us about other people e.g. joint applicants or beneficiaries for products you have with us
  • Information to allow us to provide reinsurance services to other companies within the Liberty Group
  • Children are not able to buy products and services from us. However, a parent or guardian can, and a child can also be named as a beneficiary on some of our products. In these cases, we collect limited personal data to identify the child (such as their name, age, gender). Any communication about these policies will be with the policyholder.


Where we collect and use sensitive personal data, this information will only be collected and used where it’s needed to provide the product or service you have requested or to comply with our legal obligations, and where we have also obtained your explicit consent to process such information.

Transfer across borders

Sometimes we will process your personal data in other countries, either to carry out your instructions or for ordinary business purposes. These countries may not have the same level of protection. We will only process your personal data with your consent. If necessary, we will ask the party to whom we transfer your personal data to agree to our privacy principles, associated policies and practices.

Storage

We store personal data as required by law.

Our use of technology to follow your use of our website

We collect and examine information about visits to this website. We use this information to find out which areas of the website people visit most. This helps us to add more value to our services. This information is gathered in such a way that we do not get personal data about any individual or their online behaviour on other websites.

Cookies

We use cookies and other tracking technologies on some parts of our website. Cookies are small pieces of text that are saved on your Internet browser when you use our website. A cookie is sent back to our computer each time you visit our website. Cookies make it easier for us to give you a better experience online. You can stop your browser from accepting cookies, but if you do, some parts of our website or online services may not work properly. We recommend that you allow cookies. Please read our comprehensive cookies policy here.

Marketing by post, email or text messages

If you give us permission, we may use your personal or other information to tell you about products, services and special offers from us or other companies that may interest you. We will do this by post, email or text message (SMS) or other electronic means. If you later decide that you do not want us to do this, please contact us at [email protected] for health products and [email protected] for all other products and we will stop doing so.

Third parties

We ask other organisations to provide support services to us. When we do this, they have to agree to our privacy policies if they need access to any personal data to carry out their services.

Our website may contain links to or from other websites. We try to link only to websites that also have high standards and respect for privacy, but we are not responsible for their security and privacy practices or their content. We recommend that you always read the privacy and security notices on these websites.

When we may reveal personal data without consent

We will not reveal personal data to anyone outside Liberty or certain of our service providers without your permission, unless:

  • we must do so by law or in terms of a court order
  • it is in the public interest
  • we need to do so to protect our rights
  • there is a legitimate purpose for the sharing.

 
Our security practices

  • We are committed and obliged to implement all reasonable controls to safeguard access to your personal data.
  • Where third parties are required to process your personal data in relation to the purposes set out in this notice and for other legal requirements, we ensure that they are contractually bound to apply the appropriate security practices.
  • All use of our website and transactions through it are protected by encryption (secret codes) in line with international standards.

 
Your right to access information

You have the right to request access to the personal data we process about you. You may exercise this right by emailing us at [email protected] for health products or [email protected] for all other products.

Your right to rectification

You have the right to request that Liberty corrects any personal data you believe in inaccurate. You also have the right to request Liberty to complete information you believe is incomplete. You may exercise this right by emailing us at [email protected] for health products and [email protected] for all other products.

Your right to erasure

You have the right to request that Liberty erases your personal data. You may exercise this right by emailing us at [email protected] for health products and [email protected] for all other products.

Your right to restrict processing

You have the right to request that Liberty restrict the processing of your personal data under certain conditions. You may exercise this right by emailing us at [email protected] for health products and [email protected] for all other products.

Liberty complying with all requests under this notice

Please note that in some cases we may not be able to comply with any of your requests under this notice, your request for reasons such as our own obligations to comply with other legal or regulatory requirements. We will always respond to any request you make and if we can’t comply with your request, we will inform you of the reasons why. If you have any questions regarding this, please let us know at [email protected] for health products and [email protected] for all other products.

Your right to lodge a complaint

You have a right to complain to the Zambian Information and Communication Technology Authority or the Data Protection Commissioner at any time if you object to the way in which we use your personal data. More information can be found on the Zambian Information and Communication Technology Authority’s website: https://www.zicta.zm/ and/or the Ministry of Technology and Science or any other regulatory or governmental authority that may be appropriate.

Privacy and security statements that apply to specific online services

Different online services or businesses of Liberty may have their own privacy and security policies because the service or product they offer may need different or extra policies. These specific policies will apply to your use of the particular service where they are different from our general policies.

Personal use of emails and notice about checking on emails

Our communication and information systems are for business use. However, we realise that our employees occasionally use our systems for personal use. Personal use includes sending or receiving personal emails within or outside Liberty. We do not accept responsibility for the contents of personal emails sent by our employees using our systems. Please note that we may intercept, check on and delete any communications created, stored, sent, or received using our systems, according to any law that applies.

Right to change this privacy and security notice

We may always change this privacy and security notice. We will put all changes on our website. The latest version of our privacy and security notice will replace all earlier versions of it, unless it says differently.

Email us at [email protected] for health products or [email protected] for all other products if you have any questions about this privacy and security notice.