PURPOSE AND CONTEXT

Purpose

This Data Protection and privacy Policy outlines Padre Pio Insurance Brokers' (Padre Pio) commitment to protecting the personal data entrusted to us by our clients and other stakeholders. It details how we collect, store, use, and disclose this data while adhering to Ugandan data privacy laws and regulations.

Context;

Padre Pio, situated in Kampala, Uganda, operates in a legal environment that prioritizes data privacy. This policy is designed to comply with the following relevant laws and regulations:

• The Constitution of the Republic of Uganda (1995): Article 27 guarantees the right to privacy, including the protection of personal data.
• The Data Protection and Privacy Act, 2019 (DPA): This act establishes a legal framework for the collection, storage, processing, and disclosure of personal data. It outlines principles for data protection and the rights of individuals regarding their personal information.

Importance of Data Protection

Padre Pio recognizes the importance of protecting personal data. This policy assures you that we:

• Collect only the data necessary to provide our insurance brokerage services.
• Store data securely and confidentially.
• Obtain consent before using data for specific purposes.
• Respect right to access, rectify, or erase personal data.

Transparency and Accountability;

This policy is a commitment to transparency. It informs all stakeholders about our data handling practices and empowers exercise of data privacy rights.

Continuous Improvement

Padre Pio is committed to continuously improving its data protection practices. We will regularly review and update this policy to reflect any changes in Ugandan data privacy laws and regulations or our data handling practices.

IMPLEMENTATION

Padre Pio Insurance Brokers is committed to protecting the privacy of our clients and website visitors. This Data Protection Policy outlines how we collect, use, disclose, and store personal data. It applies to all personal data we collect through our website, email, phone calls, and in-person interactions.

1. Data We Collect

We may collect the following personal data

• Contact Information: Name, address, phone number, email address.
• Identification Information: National Identification Number (NIN), passport details (if applicable).
• Financial Information: Bank account details (for Claim payment, remuneration with consent).
• Demographic Information: Age, gender, occupation (for insurance product tailoring).
• Medical Information: Only with explicit consent for specific insurance purposes.
• Website Usage Data: IP address, browsing history, and cookies (refer to Cookie Policy below).

2. How We Use Data

We use data for the following purposes:

Clients;

• To provide insurance quotes and products.
• To process insurance applications and claims.
• To manage insurance policies.
• To comply with legal and regulatory requirements.
• KYC

Staff;

• Employment and HR management
• To comply with legal and regulatory requirements.
• Health and safety
• Emergency contact and next of kin

Vendors;

• For performance of contracts

3. Data Sharing

We will only share data with third parties in the following circumstances:

• With insurance companies to process applications and claims.
• With service providers who help us operate our business (e.g., IT support, marketing agencies).
• With regulatory bodies as required by law.
• We will never sell or share data for marketing purposes without explicit consent of the data subject.

4. Data Security

We shall take appropriate technical and organizational measures to protect data from unauthorized access, disclosure, alteration, or destruction. These measures include:

• Secure storage of data.
• Access controls and password protection.
• Regular security audits and updates.

5. Data Retention

We will retain data for as long as necessary to fulfill the purposes outlined in this policy, or as required by law. We will then securely delete it.