Privacy Policy

Privacy Policy

  •  INTRODUCTION

Welcome to Star Discover’s Privacy Policy. We appreciate you taking the time to read all our notices carefully. Star Discover Limited (“Star Discover”, “We” “Us” “Our”) is committed to ensuring that your personal data is collected and used lawfully and transparently. We process your personal information under the Data Protection Act 2019 and the Data Protection (General) Regulations, 2021.

  • WHO IS STAR DISCOVER?

Star Discover is a leading general and long-term insurance company, providing innovative underwriting solutions to individuals, families, and businesses. We offer products ranging from Family Plans, Personal Accident Insurance, School Insurance, Home Owners Insurance, Medical Insurance for SME’s and Corporates, Professional Indemnity, WIBA Cover, Travel Insurance, Marine Insurance and Landlord Insurance.

Our offices are located at 7th Floor, Arch Place on Nyangumi Road, in Kilimani, Nairobi, Kenya.

  1. WHAT IS THE PURPOSE OF THIS POLICY?

To perform our functions, we need to collect certain types of information from various people including prospective job applicants, our members and their dependents, suppliers and vendors, agents and brokers, or any other relevant individuals (referred to as “you” or “your” in this Privacy Policy).

This Privacy Policy sets out:

  • the types of personal data that we collect about you
  •  how and why we collect and use your personal data
  • how long we keep your personal data for
  • when, why and with whom we will share your personal data
  • the legal basis we have for using your personal data
  • the effect of refusing to provide the personal data collected
  • the different rights and choices you have when it comes to your personal data
  • how we may contact you and how you can contact us
  1. WHO DOES THIS PRIVACY POLICY APPLY TO?

This Privacy Policy applies to the personal data of:

  • Prospective Members
  • Members and their Dependents
  • Agents and Brokers
  • Job Applicants
  • Third-Party Service Providers
  • Website Users
  • Star Discover Mobile App users

It is important to point out that we may amend this Privacy Policy from time to time. Please visit this page if you want to stay up to date, as we will post any changes here.

  1. WHAT PERSONAL DATA DO WE COLLECT ABOUT YOU?

Star Discover collects Personal Data directly from you as well as from other available sources to the extent permitted by law. Star Discover endeavors only to collect Personal Data that is necessary for the purpose (s) for which it is collected and to retain such data for no longer than necessary for such purpose (s). Subject to applicable law and practice, the categories of Personal Data that are typically collected and processed are: 

Category of Data Subject Type of Data Collected
Prospective clients Name of the proposer, Nationality, postal address, postal code and town, telephone no., email address, mobile no., pin no., ID no., Occupation/Nature of business, source of income, current permanent address, spouse, and dependents names, dates of birth, height, and weight, next of kin details, confidential medical history.
Agents and Brokers Name, postal address, postal code and town PIN no., ID no., passport size-colored photos, email address, signature, certificate of proficiency, bank details.
Members and their dependants Name, telephone number, email address, date of birth/birth certificates, membership no., employer, diagnosis and treatment notes, fingerprints, nature of complaints lodged.
Third party service providers Name, telephone numbers, email addresses, postal address, identification details such as ID/Passport number, gender, passport photos, 

information contained in your curriculum vitae (CV) such as work/employment history including details of your employment background, position, work experience, skills, competencies;

information relating to your job expectations

education history including degrees, certificates, transcripts

your current and expected compensation i.e., your salary and benefits

referee names and contact details

questions and responses given during interviews, interview video recordings

interview notes and related documentation

background checks and psychometric test results

information from referees
Job applicants Name, telephone numbers, email addresses, postal address, identification details such as ID/Passport number, gender, passport photos, 

information contained in your curriculum vitae (CV) such as work/employment history including details of your employment background, position, work experience, skills, competencies;

  • information relating to your job expectations
  • education history including degrees, certificates, transcripts

your current and expected compensation i.e., your salary and benefits

referee names and contact details

questions and responses given during interviews

job interview video recordings

interview notes and related documentation

background checks and psychometric test results

information from referees
Website and App users IP address, access sites, the sites linked from, pages visited, cookies and online identifiers, the links and features used, the content viewed or requested, browser or application type, language, and such other information.

 

  1. HOW AND FOR WHAT PURPOSE DO WE COLLECT YOUR PERSONAL DATA?

  • Prospective clients
How we collect your data Purpose of collecting data
Directly from you when you fill out: – 

1. New Member Application forms

2. Email 

3. Star Discover Website

4. Star Discover App

5.Insurance forms:

a) Through Agents/Broker

b) Through your employer when they enroll you onto our medical scheme

c) When you send an email or call us

 1. Assess your eligibility to onboard you onto the medical scheme or other non-medical covers

2. Assess your eligibility for payment plans and process your premium and other payments.

3. To facilitate the issuance of policy documents

4. To comply with legal requirements

5. To respond to requests from public and governmental authorities (including those outside your country of residence).

6. To establish and defend legal rights.

7. To pursue available remedies or limit our damages.

8. To provide marketing information to you (including information about other products and services offered by selected third-party partners) in accordance with the preferences you have expressed.

  • Agents and Brokers
How we Collect your data Purpose of collecting your data
  1. assess your suitability for the role applied
  2. communicate to you about the progress of your application
  3. facilitate the training process
  4. To onboard you as Star Discover’s authorized agent
  5. maintain records in relation to the recruitment process according to our data retention policy, develop and improve our recruitment processes, website, and other related services
  6. If you are hired, for populating your employee file and various systems and tools used in connection with your employment at Star Discover, 
  7. In compliance with any legal obligations imposed on us.
  8. To facilitate handling and resolution of complaints

  • Members and Dependants
How we collect your data Purpose of collecting Data
  • Directly from you when you fill out:
  1. Medical Claim forms
  2. Non-medical claim forms
  3. Pre-authorization forms
  4. M-TIBA
  5. SMART
  6. When you call us through phone calls
  7. Letters
  8. Emails
  9. Invoices
  10. Discharge Voucher
  11. Indirectly thorough:
  12. Doctor’s treatment notes/medical reports and medical tests
  • Indirectly through:
  1. Doctor’s treatment notes/medical reports and medical tests
  2. Loss Assessor/Adjuster’s report, Investigation Report
  1. To provide you with medical insurance services such as inpatient and outpatient services i.e., consultation, laboratory investigations, drugs administration and dispensing, dental healthcare services, radiological examinations, nursing and midwifery services, surgical services, radiotherapy and physiotherapy services
  2. to facilitate payment of medical services
  3. to make reimbursement for medical claims
  4. to offer you our non-medical products such as personal accident, travel insurance, home insurance, professional indemnity, landlord insurance, marine insurance, school insurance etc.
  5. to determine whether you qualify for our insurance covers by engaging the services of an independent assessor, investigator, loss assessor and adjusters
  6. to facilitate handling and resolution of medical-related complaints 
  7. to obtain consent to process data concerning your children and other sensitive personal data.
  8. to use your personal data to provide marketing information to you (including information about other products and services offered by selected third-party partners) in accordance with the preferences you have expressed.
  9. To comply with applicable laws and regulatory obligations (including laws outside your country of residence), such as those relating to anti-money laundering and anti-terrorism, and prevention of corruption. 
  10. To comply with legal process; and respond to requests from public and governmental authorities (including those outside your country of residence).
  11. To establish and defend legal rights; protect our operations or insurance business partners, our rights, privacy, safety or property, and/or that of our group companies, you or others; and 
  12. To pursue available remedies or limit our damages.

  • Third Party Service Providers
How we Collect your Data Purpose of Collecting Data 
  • Directly through emails, phone calls and letters to us
  • Indirectly through:
  1. Our procurement portal
  2. Our human resource and procurement representatives
  1. assess your suitability for the role applied
  2. communicate to you about the progress of your application
  3. facilitate the training process
  4. To onboard you as Star Discover’s authorized agent
  5. To maintain records in relation to the recruitment process according to our data retention policy, develop and improve our recruitment processes, website, and other related services
  6. If you are hired, for populating your file and various systems and tools used in connection with your service provision at Star Discover
  7. To comply with any legal obligations imposed on us.

Facilitate handling and resolution of complaints

  • Job Applicants
How we Collect your Data Purpose of Collecting Data
Directly through emails, phone calls and letters to us

Indirectly through:

1. Our procurement portal

2. Our human resource and procurement representatives
  1. assess your suitability for the role applied
  2. communicate to you about the progress of your application
  3. facilitate the training process
  4. To onboard you as Star Discover’s authorized agent
  5. To maintain records in relation to the recruitment process according to our data retention policy, develop and improve our recruitment processes, website, and other related services
  6. If you are hired, for populating your file and various systems and tools used in connection with your service provision at Star Discover
  7. To comply with any legal obligations imposed on us.
  8. Facilitate handling and resolution of complaints

 

Star Discover does not usually request for sensitive personal information, that is, information regarding your race, ethnicity, political opinions, religion and religious beliefs, details of your spouse or children, sexual orientation or political affiliation. Unless specifically responding to a question asked by us, please do not include sensitive personal data as part of your application. If we do require this information in connection with your application, this will be highlighted to you where we will obtain necessary consents and acknowledgements.

Star Discover is committed to leveraging each applicant’s skills and competencies to find the right match for a role in the organization as opportunities arise.

If you are successfully hired, Star Discover keeps this information for the course of the employment relationship and, to the extent permitted, after the termination of employment.

If your application is not successful, we may retain and use your personal data for a further one (1) year to consider you for other job opportunities where permitted by applicable law and/or for as long as necessary to comply with legal record retention requirements. if you do not wish us to retain your personal data, please contact us on [email protected]

  • Website and App users
How we Collect your Data Purpose of Collecting Data
Online identifiers such as cookies and related tags, IP address
  1. to improve your experience when using our website.
  2. to position our products on social media sites that you visit.

 

  1. OUR LAWFUL BASIS FOR PROCESSING YOUR PERSON DATA

Star Discover only processes your personal data under the following lawful basis:

  • where you consent to the processing for one or more specified purposes and;
  • where the processing is necessary: –
  1. for the performance of a contract to which you are a party or to take certain steps at your request before entering a contract
  2. for compliance with any legal obligation to which Star Discover is subject
  3. to protect your vital interests or another person/individual
  4. to enable us to perform a task carried on in public interest or in the exercise of official authority vested in Star Discover;
  5. to perform any task carried out by a public authority
  6. for legitimate interests pursued by Star Discover by a third party to whom the data is disclosed, except if the processing is unwarranted in any case having regard to the harm and prejudice to your rights and freedoms or legitimate interests.
  7. for purpose of historical, statistical, journalistic, literature and art or scientific research.

 

  1. WHO DO WE SHARE YOUR PERSONAL DATA WITH?

Where appropriate, we may share your personal data in various ways and for various reasons with: 

  • appropriate personnel within Star Discover.
  • individuals and organizations who hold information related to your reference or application to work for us, such as current, past, or prospective employers, educators and examining bodies.
  • insurance regulators, tax audit or other authorities when we believe in good faith that the law or other regulations requires us to share this data
  • third-party service providers who perform functions on our behalf (including medical professionals, accountants, actuaries, loss assessors/adjusters, claims investigators, auditors, outsourced legal services, MTIBA, SMART, travel agencies, Re-Insurance service providers, call center service providers; IT systems, support and hosting service providers; printing, advertising, marketing and market research and analysis service providers; banks and financial institutions that service our accounts; document and records management providers; claim investigators and adjusters; construction consultants; engineers and document storage providers where we have an appropriate processing agreement (or similar protections) in place.

 

  1. HOW DO WE SAFEGUARD YOUR PERSONAL DATA?
  • We care about protecting your information. That is why we have put in place appropriate measures that are designed to prevent unauthorized access to, and misuse of, your personal data.
  • We do this by having in place a range of appropriate technical and organizational measures including measures to deal with any suspected breaches.
  • If you suspect any misuse or loss of or unauthorized access to your personal data, please let us know immediately by sending us an email on [email protected] 
  1. HOW LONG DO WE KEEP YOUR PERSONAL DATA FOR?
  • We will only keep your personal data for as long is necessary to achieve the purposes for which it was required unless the retention is required or authorized by law, reasonably necessary for a lawful purpose, you have consented to longer retention periods or if the personal data is required for statistical, journalistic, literature and art or research purposes.
  • For the avoidance of doubt: –
  1. If you are a Member, Third-Party Service Provider, we will retain your personal data to provide you with services or to receive services from you or to provide you with information about our services that we believe you may be interested in. If you have expressly indicated that you would rather, we did not retain your personal data, then we will delete it from our systems and records.
  2. If you are a Prospective Member, Job Applicant or Member of the Public and we have not had any meaningful contact with you for a period of two years, we will delete your personal data from our systems unless we believe in good faith that the law or other regulation requires us to preserve it (for example because of our obligations to tax authorities or in connection with any anticipated litigation). If you expressly indicate that you are not interested in our services, then we will delete your personal data from our systems unless we believe in good faith that the law or other regulation requires us to preserve it. For purpose of this clause, “meaningful contact” means communication between us either verbal or written.
  3. If you are a Website User, we will retain your personal data for as long as it is necessary to achieve the purpose it was collected or processed for. If this time has come or you have expressly indicated that you are not interested in our website or mobile app services anymore, we will delete it from our systems unless we believe in good faith that the law or other regulation requires us to preserve it for example because of our obligations to tax authorities or in connection with any anticipated litigation).

 

  1. WHAT HAPPENS IF YOU DO NOT PROVIDE US WITH THE PERSONAL DATA WE REQUEST OR ASK THAT WE STOP PROCESSING YOUR PERSONAL DATA?

Our ability to perform our obligations derived from your contract with Star Discover and our ability to comply with our legal and contractual obligations sometimes depends on Star Discover accessing to and being able to use certain personal data. Therefore, and depending on the circumstances, if you do not provide us with the personal data we request or if you ask that we stop processing your personal data, we may not be able to perform our contractual obligations, we may be in breach of one or more legal obligations applicable to us. In some cases, if we are not allowed to process your personal data, this may result in us being required to terminate our work relationship with you.

 

  1. WHAT RIGHTS DO YOU HAVE OVER YOUR DATA?

The Data Protection Act accords you with several rights over your data.

  • right to information: you have a right to be informed of how Star Discover will use your personal data.
  • right of access: you are entitled to access your personal data that is in our possession or custody.
  • right to object:   you can object to the processing of all part of your personal data, unless we can demonstrate a compelling legitimate interest for the processing which overrides your interests or for the establishment, exercise or defence of a legal claim.
  • right to rectification: you have the right to request us to rectify or correct, without undue delay, personal data in our possession or under our control that is inaccurate, outdated, incomplete or misleading
  • right to erasure: you can request us to delete or destroy, without undue delay personal data that we are no longer authorized to retain, or which is irrelevant, excessive, or obtained unlawfully.
  • right to data portability:  you have the right to receive personal data concerning you in a structured, commonly used and machine-readable format and to transmit the data to another data controller without hindrance. Where technically possible. have personal data transmitted directly from us to another data controller or data processor.
  • automated decision making you have the right not to be subjected to a decision based solely on automated processing, including profiling, which produces legal effects concerning or that significantly affects you. Star Discover may from time to time make decisions based on the automated processing of your personal data. In such instances, you will be informed, in writing, whenever a decision based on automated processing is taken. In addition, you can request us to reconsider any decisions made based on automated processing or to take a new decision that is not based solely on automated processing.
  • right of restriction: You have the right to request us to restrict the processing of personal data where: –
    1. you contest the accuracy of the personal data 
    2. the personal data is no longer required for the purpose of the processing
    3. the processing is unlawful of you have opposed the erasure of the personal data and requested for restriction of its use instead.
    4. you have objected to the processing of personal data, pending verification as to whether the legitimate interests of the data controller or data processor override those of the data subject.
  • right to raise a complaint: You can raise a complaint about our processing with the Regulator i.e. the Data Commissioner in Kenya. You may also be able to seek a remedy through the courts if you believe that your rights have been breached.
  • If you wish to exercise any of our rights above, please contact us on [email protected]. We will seek to deal with your request without undue delay and in any event in accordance with the Data Protection Act, 2019 and the Data Protection (General) Regulations, 2021.
  • We may ask for identification, because we need to know for certain whether we are issuing the data to the right person

 

  1. HOW WE TRANSFER YOUR DATA INTERNATIONALLY
  • To provide you with the best services and carry out the purposes outlined in this Privacy Policy, your data will be transferred:
  1. to third party advisors or other suppliers to the Star Discover’s business
  2. to overseas clients, where applicable
  3. clients within your country, where applicable, who may in turn transfer your data internationally
  4. to a cloud-based storage provider
  5. to other third parties as stated in clause 9 of this Privacy Policy
  • We will only transfer your personal data outside Kenya where such transfer is compliant with the provisions of the Data Protection Act 2019 and the Data Protection (General) Regulations,2021
  • To ensure that your personal data receives adequate levels of protection, we shall put in place appropriate procedures with the third parties we share your personal data with to ensure that your personal information is treated by those third parties in a way that is consistent with, and which respects the data protection laws.

 

  1. WHAT ARE COOKIES AND HOW DO WE USE THEM?
  • A “cookie” is a bite-sized piece of data that is stored on your computer’s hard drive. They are used by nearly all websites and do not harm your system. We use them to track your activity to help ensure you get the smoothest possible experience when visiting our website. We can use the information from cookies to ensure we present you with options tailored to your preferences on your next visit. We can also use cookies to analyze traffic and for advertising purposes.
  • If you want to check or change what types of cookies you accept, this can usually be altered within your browser settings, or you visit our Cookie Preference Center. 
  • When you first visit our website(s) you will be asked to choose what kind of cookies you want to receive, so we ask for your prior consent for some cookies through our Cookies Preference Center while strictly necessary cookies will be set within our legitimate interests. You may also use your browser’s privacy settings to do this. However, rejecting all cookies through your browser’s privacy settings means that you may not be able to take full advantage of all our website’s features. Each browser is different, so check the “Help” menu of your browser to learn how to change your cookie preferences.
  • You can update your given consent at any time by visiting our Cookie Preference Center which can be found by clicking on the “Cookie Preferences” link either on the top or bottom of our website. Instead of using our Cookie Preference Center you may choose to opt-out to cookies which are not strictly necessary to perform basic features of our site by changing your browser settings.
  • If you choose to delete all cookies through your browser’s privacy settings, this will also delete any placed opt-out cookie on your computer, and you may need to actively opt-out again.

 

  1. YOUR RESPONSIBILITIES
  • You are responsible for the information you make available to Star Discover, and you must ensure it is accurate, honest, truthful, and not misleading in any way. You must ensure that the information does not contain material that is obscene, defamatory, or infringing on any rights of any third party.
  • Further, if you provide any information concerning any other person, such as individuals you provide as references or next of kin, you are responsible for providing any notices and obtaining any consents necessary for Star Discover to collect and use that information before you provide the referee’s or next of kin’s Personal Data to Star Discover. 

 

  1. TO WHOM SHOULD I DIRECT A QUESTION A COMPLAINT

If you have any questions or complaints about the processing of personal data, you can contact Star Discover on [email protected]

Updated on: (insert date)