Get Started

Data Protection and Privacy Policy

Last updated: 27 June 2025

1. Purpose of this Policy

At Poni Insurtech Pte. Ltd. (“Poni”, the “Company” or “we”) and its subsidiaries (including but not limited to Poni Financial Advisory Pte. Ltd., “PFA”) are committed to protecting your personal data in compliance with the Personal Data Protection Act 2012 (PDPA) of Singapore. This Data Protection Policy outlines how we collect, use, disclose, and safeguard your personal data, and your rights in respect of this information.

2. Definitions

  • Personal Data refers to data, whether true or not, about an individual who can be identified from that data or from that data and other information to which we have or are likely to have access. Personal data refers to any information about an individual that can identify that person, either from the data itself or when combined with other accessible information. Common examples of personal data include names, identification numbers, birth date, health details, and contact information.

  • You refer to any individual whose personal data is collected, used, or disclosed by us.

3. Collection of Personal Data

We collect your Personal Data in three main ways: when you provide it to us, with automatic technologies and when third party sources provide it to us. We handle all collected Personal Data in accordance with applicable data protection laws.

We collect your personal data through various channels, including:

  • When you use our website and/ or mobile app
  • When you submit forms or applications
  • When you interact with our customer service or representatives
  • When you sign up for newsletters, promotions, or events

Examples of personal data we may collect include:

  • Name, NRIC/FIN/ Passport Number, contact details, email address
  • Financial information (e.g. income, CPF contributions)
  • Insurance or investment preferences
  • IP address, device information, cookies, and usage data (for digital services)

Information Provided to us by Third-Party Sources

When you use the Services, we may also receive information about you from other third parties we have engaged such as business associates, subcontractors, analytics providers, platform providers and search information providers or, pursuant to your request, from credit reference agencies and/or third party providers of our Partners.

4. Purpose of Collection and Use

We collect personal data to provide and improve our services, process payments, communicate with clients, manage customer relationships, and meet legal obligations. The below are some examples of the purpose and usage of your data:

  • To provide our services and respond to your queries
  • To assess your financial needs and provide tailored advice
  • When we conduct Know Your Customer (KYC) processes to comply with applicable regulatory requirements, we may collect your Personal Data to verify your identity and evaluate potential risks associated with or related to financial information. This process is essential for adhering to applicable Anti-Money Laundering (AML) regulations, and preventing fraud.
  • To facilitate transactions and administer your accounts
  • To comply with legal and regulatory requirements
  • To conduct research, analysis, and improve our services
  • To send marketing updates, promotions, and service information (only with your consent)

5. Disclosure of Personal Data

We value your trust and are committed to maintaining the confidentiality of your Personal Data. However, there are certain circumstances under which we may disclose or transfer your Personal Data to third parties, without requiring further notice to you, as described below:

Group Companies

We may share your Personal Data with our related companies within the Huize Group (subsidiaries and affiliated companies of Huize Holding Limited), where such sharing supports the provision of services to you or helps streamline our operations across the Group.[1] 

Business Transfers

In the event of a business restructuring, such as a merger, acquisition, sale of assets, or any change in control, your Personal Data may be transferred to the relevant third party as part of the transaction or its due diligence process.

Partners

Your Personal Data may be shared with our business partners — including financial institutions, such as insurance providers — in the following cases:

  • When you request a product or service from them through us
  • When we need to pre-fill application forms or connect via APIs
  • When required to process your reward redemptions

These parties may contact you directly to follow up on your request or application.

Service Providers and Vendors

We engage third-party service providers to support our operations and deliver our services. These include, but are not limited to:

  • Payment processors
  • IT infrastructure and cloud storage providers
  • Customer support and back-office services
  • Analytics, marketing, and advertising partners
  • KYC/AML screening service providers
  • Legal, compliance, and business consultants

These providers are only given access to the data necessary for them to perform their functions, and they are required to handle such data in accordance with our data protection standards.

Marketing Partners

We may work with selected marketing partners — such as ad networks, media agencies, and data platforms — to personalise and deliver targeted advertising. This may involve matching your Personal Data with audience data to serve relevant ads on third-party platforms. Data shared for these purposes will be subject to appropriate safeguards.

Legal and Regulatory Obligations

We may disclose your Personal Data if required to do so by law, regulation, legal process, or government request. This may include:

  • Responding to lawful requests by public authorities, regulators, or courts
  • Complying with obligations under anti-money laundering (AML) and counter-terrorism financing laws
  • Enforcing our rights or protecting our legal interests and property

Overseas Transfers

Our operations — and those of our Group and partners — may involve the transfer of your Personal Data outside of Singapore, including to countries such as Hong Kong and the United States. While data protection standards may differ across jurisdictions, we will take all reasonable steps to ensure that your Personal Data is protected in accordance with applicable Singapore data protection laws.

By using our Services and submitting your Personal Data, you acknowledge and consent to such international transfers and the processing of your data in jurisdictions that may offer different (and potentially less comprehensive) data protection frameworks.

6. Consent

By providing your personal data, you consent to our collection, use, and disclosure for the purposes stated above. You may withdraw consent at any time by contacting our Data Protection Officer (DPO). Please note that withdrawal of consent may affect our ability to serve you.

7. Accuracy and Access

We will take reasonable steps to ensure that your personal data is accurate and complete. You may:

  • Request access to your personal data
  • Request correction of any inaccuracies

Please contact our DPO for assistance.

8. Protection and Retention

We take data protection seriously and implement appropriate security measures such as encryption, access controls, and regular audits. Your data will be retained only as long as necessary to fulfill the purpose for which it was collected or as required by law.

9. Use of Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your user experience and gather analytics. You can manage your preferences through your browser settings.

10. Service Improvement

To help us ensure that our services continue to meet your needs, we may occasionally request your feedback. Any feedback or information you provide will be handled in accordance with this Privacy Policy and our Terms and Conditions, unless stated otherwise.

11. Data Protection Officer (DPO)

For any queries, access or correction requests, or complaints regarding your personal data, please contact:

Email: dpo@poni.insure

Mailing Address: 168 Robinson Road #20-01 Capital Tower Singapore 068912

12. Policy Updates

We may update this Policy from time to time to reflect changes in our services, business practices, or legal and regulatory requirements. We reserve the right to amend the Policy at our discretion without prior notice.

Any changes will take effect upon publication on this page, and your continued use of our Services following the update will constitute your acceptance of the revised Policy. The most current version will always include the “Last Updated” date at the top of the page.

We encourage you to review this Policy periodically to stay informed about how we protect your personal data.

This covers us for Introducer Arrangements – where cust data are passed within entities of the Group.

Stay Connected with Poni

Join our journey in shaping the future of insurance

Get in touch
Become a Partner

Links

Legal

© Copyright 2025 Poni Insurtech. All Rights Reserved
Disclaimer: Poni Insurtech is a licensed insurance intermediary operating as a digital platform to connect users with third-party insurance providers. All insurance products and services are offered by our licensed partners. Information provided on this website is for general informational purposes only and does not constitute financial or insurance advice. Users should consult with qualified professionals before making any insurance decisions.