Version 2
This Data Processing Protocol (the “Protocol”) explains how Willis Towers Watson handles personal data on behalf of its clients, customers or licensees (together the “Client”).
The Protocol forms part of any agreement in place between a Willis Towers Watson entity and the Client which expressly refers to it (the “Agreement”). Where this Protocol uses terms which are defined in the privacy law of the respective country in Asia and Australasia to which the Agreement in question relates to (“Relevant Country”), the definitions set out in such privacy law shall apply.
The Willis Towers Watson entity that process the personal data is the entity which the Client has entered into the Agreement with (“Relevant Willis Towers Watson Entity”). The contact information of the Relevant Willis Towers Watson Entity can be found in the Agreement. The contact information of the Data Protection Officer, if required to be appointed under the privacy law of the Relevant Country, can be obtained through the Relevant Willis Towers Watson Entity.
Any request or feedback to, including any rights to which a Client or data subject has under the privacy law of the Relevant Country, can be directed to the Relevant Willis Towers Watson Entity.
In most cases, a Client or data subject can also refer their feedback to the data protection authority of Relevant Country.
Data Processing
With respect to personal data processed by the Relevant Willis Towers Watson Entity on a Client’s behalf (see Annex 1), the Relevant Willis Towers Watson Entity will comply with the following requirements:
Limitations on Use. The Relevant Willis Towers Watson Entity will process personal data only to deliver the relevant service, as instructed in writing by a Client from time to time, or as otherwise required by law.
Confidentiality. The Relevant Willis Towers Watson Entity will hold personal data in confidence and require the Relevant Willis Towers Watson Entity personnel who will process personal data to protect all personal data in accordance with the requirements of this Protocol.
Information Security Program. The Relevant Willis Towers Watson Entity will maintain a written information security program that contains appropriate administrative, technical and physical safeguards to protect personal data against anticipated threats or hazards to its security, confidentiality or integrity. Such security program will undergo periodic review.
Assistance
The Relevant Willis Towers Watson Entity will, taking into account the nature of the processing and the information available to it:
- I. provide reasonable assistance to assist a Client in fulfilling its obligation to respond to any requests from individuals exercising their rights under the privacy law of the Relevant Country. Such assistance might not be provided where allowed by the relevant privacy law, for example, where it might result in the disclosure of information relating to another data subject or where disclosure might prejudice any investigation; and
- II. where expressly required under the privacy law of the Relevant Country:
- assist a Client in complying with a Client's obligations to make available to a Client all information which a Client reasonably requests to assist it in demonstrating compliance with the obligations laid down in such privacy law of the Relevant Country;
- will immediately inform the Client if, in its opinion, an instruction infringes the privacy law of the Relevant Country.
The Relevant Willis Towers Watson Entity may charge a reasonable fee for such assistance described above, save where assistance was required directly as a result of its own acts or omissions, in which case such assistance will be at the Relevant Willis Towers Watson Entity's expense.
Audit. The Relevant Willis Towers Watson Entity will allow for and contribute to audits conducted by a Client or another auditor nominated by a Client on privacy obligations as agreed and/or under the privacy law of the Relevant Country. A Client shall provide the Relevant Willis Towers Watson Entity with thirty (30) days advance notice of any audit request and both parties shall agree on a mutually acceptable audit time and scope. A Client may not engage in an audit which would compromise confidentiality obligations to any other clients and customers of the Relevant Willis Towers Watson Entity and, if it wishes to nominate another auditor to undertake the audit, shall ensure that the auditor enters into a confidentiality agreement with the Relevant Willis Towers Watson Entity in such form as the Relevant Willis Towers Watson Entity shall reasonably require. The Relevant Willis Towers Watson Entity may charge for all reasonable fee costs and expenses incurred as a result of providing such assistance.
Notification. The Relevant Willis Towers Watson Entity will without undue delay notify a Client whenever there has been a confirmed data breach as defined in the privacy Law of the Relevant Country, as well as any other confirmed breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data processed by it in the context of this Protocol.
Return or Disposal. A Client may instruct the Relevant Willis Towers Watson Entity to delete or return personal data at the end of the period during which it will process such Client personal data, as specified in Annex 1. However, there may be instances where the Relevant Willis Towers Watson Entity would hold the personal data in archive to the extent necessary for legitimate business and/or lawful purposes.
Subprocessing
A Client understands that the Relevant Willis Towers Watson Entity may use sub processors to provide the services under the Agreement. The Relevant Willis Towers Watson Entity shall remain primarily responsible for the performance of its obligations under this Protocol.
Anonymized and Pseudonymized Data
A Client acknowledges that the services include pseudonymization and anonymization for the purpose of aggregate reporting and (trends) research, and agrees that the Relevant Willis Towers Watson Entity may use pseudonymized and anonymized data for its own business purposes, and the Relevant Willis Towers Watson Entity will comply with all applicable data protection laws in respect of such processing.
Data Transfers
A Client confirms that the Relevant Willis Towers Watson Entity may transfer personal data to its affiliates and sub processors inside and outside the Relevant Country for purposes of support and back-up. The list of such affiliates and subprocessors can be obtained from the Relevant Willis Towers Watson Entity and, to the extent practicable, the Relevant Willis Towers Watson Entity will inform the Client of the countries in which such recipients are likely to be located. The Relevant Willis Towers Watson Entity has established safeguards to protect such transferred personal data at a level comparable at least comparable with the law of the Relevant Country.
Annex 1 - Description of processing of personal data
1. Subject Matter, Nature and Purpose
All processing activities (including the collection, organization and analysis of personal data) as are reasonably required to facilitate or support the provision of the services described under the Agreement.
Where the Client/data subject refuses to allow the Relevant Willis Towers Watson Entity to process the personal data, such refusal can potentially disadvantage or frustrate the provision of the services described under the Agreement. In addition, the Relevant Willis Towers Watson Entity might process the personal data regardless of the Client/data subject’s wish where the law allows/ requires the Relevant Willis Towers Watson Entity to do so.
2. Duration of processing and retention of personal data
The Relevant Willis Towers Watson Entity will process the personal data for as long as it provides services to Client and will hold the personal data in archive after that date to the extent necessary for legitimate business and/or lawful purposes.
3. Categories of individuals
The data subjects may include individuals named in any policy or scheme in respect of which the Relevant Willis Towers Watson Entity is engaged to provide its services and/or individuals that are beneficiaries of, or have made claims under, or are otherwise involved in, any such policy or scheme. Most commonly the data subjects will include: (1) employees, contractors or other workers of the Client ("Workers") and/or their family members, representatives or others connected with Workers; (2) past, existing or prospective clients of the Client, and/or their employees or other individuals connected with them, and/or their family members, representatives or others connected with them; and/or (3) past, existing or prospective complainants or claimants in connection with any insurance policy, and/or their family members, representatives or others connected with them.
4. Types of personal data
The services under the Agreement may involve the processing of the following types of personal data:
- names and contact information, including but not limited to home address and telephone number;
- demographic information (such as gender, age, date of birth, marital status, nationality, education/work histories, academic/professional qualifications, employment details, hobbies, family composition, and dependents);
- employee identification numbers;
- information related to the provision of the services, such as policy information and claims information, including information relating to incidents giving rise to claims and related losses;
- system user credentials including but not limited to email addresses, user names and passwords; and
- human resources data, such as job title and role; benefits and compensation information; dependent/beneficiary information; educational, academic and professional qualifications information; emergency contact information; and performance management information.
5. Types of data which might be more sensitive:
The personal data processed by the Relevant Willis Towers Watson Entity may include the some categories of personal data: personal characteristics and circumstances of sensitive nature such as racial or ethnic origin, sex life or sexual orientation, mental and physical health, genetic information, details of injuries, medication/treatment received, lifestyle such as smoking and drinking habits, and criminal records, fines and other like judicial records, personal identification documentation and related information such as passport numbers, financial and payment data such as bank account numbers and transaction information.
