INTERNET INSURANCE SECURITY ARRANGEMENTS AND POLICY

22nd of December, 2016 for Electronic Commerce of Insurance Products

Introduction

As part of the eight-point commitment stipulated in our Customer Charter, we strive to provide our clients with the highest level of confidentiality of their information as possible. We also commit to provide safe and secure operations in the conduct of transactions online.

Our Privacy and Security Policy, which can be found in our website and a copy of which is also included here, explains how we ensure the security and confidentiality of our clients’ information and manage it carefully. This document describes the security practices governing www.paramountdirect.com and www.ctpl.ph and supplements our Privacy and Security Policy.



Security Arrangements and Features

We recognize that technological attacks are unlikely to be eradicated hence we strive to maintain a strong cyber defense and response mechanism. We also recognize that absolute cyber security is unlikely to be ever achieved, thus we continuously monitor and strengthen our cyber security.

  • a. How we store data

    The Paramount Direct and ctpl.ph websites and store all information necessary to process an insurance coverage application in a POSTGRESQL database.


  • b. Who has access

    We have implemented procedures to ensure that only authorized representatives of PLGIC may view the clients’ information. Thus, Paramount Direct and ctpl.ph has designated administrators who have full access to and can authenticate the data in the system. All other individuals have limited access with designated usernames and passwords issued by the administrators, depending on their roles as employees or as agents.


    Only employees — who are also policy issuers — are authorized to manage the list of agents, user accounts, policy issuances, and the experience rating of every client. Agents are authorized only to insert credentials of clients and provide the quotation of the premium.


    In addition, access to our systems is logged. Hence, any possible breach can be traced right away.


  • c. How is the data protected

    We have implemented authentication mechanisms and security features to ensure the confidentiality, availability and integrity of information that is processed, stored and communicated by electronic or similar means through www.paramountdirect.com and www.ctpl.ph.


    Thus, information collected from the clients and other data generated for every transaction and stored within the system are encrypted with SSL certificates.


    Moreover, digital copies of the policy are embedded with hash codes and are digitally signed with our security certificate which can verify if there are any changes on the document after it has been generated and signed. A copy of the digital policy is also automatically sent to the e-mail of the client.