top of page

Privacy Policy

A LEGAL DISCLAIMER

EverBright Actuarial Consulting Limited (“EverBright,” “we,” “us,” or “our”), including our Hong Kong subsidiary holding Life and General Insurance broker licenses, is committed to protecting your privacy and ensuring compliance with the Personal Data (Privacy) Ordinance (PDPO), Cap. 486 of the Laws of Hong Kong. This Privacy Policy outlines how we collect, use, store, and share personal data in connection with our actuarial consulting, brokerage, and digital healthcare services, including group medical insurance and Greater Bay Area (GBA) cross-border solutions.

PRIVACY POLICY - DATA WE COLLECT

We collect data only when necessary for providing our services, fulfilling legal obligations, or improving user experience. Data may be collected when you visit our website, engage our services, register for events, or communicate with us. Categories of personal data include:

  • Identity and Contact Information: Name, email address, phone number, mailing address.

  • Financial and Insurance Data: Policy details, claims history, billing information (e.g., credit card details for premium payments).

  • Health Data: Medical records or health-related information for group medical insurance or wellness programs, with explicit consent.

  • Website Usage Data: IP address, browser type, and cookies for analytics, without identifying individuals.

  • Professional Data: Employment details or qualifications for actuarial consulting or job applications.

  • Personal data is collected voluntarily via forms, consultations, or digital platforms (e.g., telehealth or eHealth systems). Refusal to provide data may limit our ability to process requests, such as insurance claims or service inquiries.

PRIVACY POLICY - DATA SECURITY

We use personal data for the following purposes, in compliance with the PDPO:

  • Service Delivery: To design and administer group medical, life, and liability insurance plans, including GBA cross-border healthcare solutions.

  • Claims Processing: To facilitate insurance claims, leveraging AI-driven analytics and direct billing with GBA hospitals (e.g., University of Hong Kong-Shenzhen Hospital).

  • Digital Integration: To enable telehealth consultations, eHealth record sharing, and wellness program management.

  • Compliance and Reporting: To meet regulatory requirements, such as the Hong Kong Insurance Authority’s GL28 and risk-based capital standards.

  • Marketing and Communication: To send promotional materials or updates about our services, with an option to unsubscribe.

  • Analytics and Improvement: To analyze website usage and service performance using anonymized data.

We ensure data usage is relevant, accurate, and limited to what is necessary, with 90% of our claims processed digitally in 2024 to enhance efficiency (EverBright internal data).

We may share personal data with trusted parties under strict confidentiality, only as permitted by the PDPO:

  • Service Providers: Third parties providing administrative, IT, claims processing, or actuarial services (e.g., telehealth platforms, GBA hospital partners).

  • GBA Medical Institutions: For cross-border healthcare, with your consent, via secure platforms like the CUHK Medical Data Space (2025).

  • Regulatory Bodies: To comply with legal obligations, such as the Hong Kong Insurance Authority or Hong Kong Monetary Authority.

  • Insurers and Brokers: For policy administration, ensuring partners adhere to PDPO standards.

We do not share data with third parties for marketing without your consent. Data transfers outside Hong Kong, such as to GBA hospitals, comply with PDPO requirements, using encryption and secure protocols.

We prioritize data security using industry-standard measures:

  • Encryption: 90% of our digital platforms, including claims and eHealth systems, use encryption to protect data (EverBright internal data).

  • Access Controls: Data is stored on secure servers with restricted access to authorized personnel only.

  • Blockchain Technology: For GBA data sharing, we align with initiatives like the CUHK Medical Data Space to ensure privacy (CUHK, 2025).

  • Regular Audits: We conduct periodic reviews to maintain data accuracy and security.

Despite robust measures, internet-based communications (e.g., email) may not be fully secure. We are not liable for losses from unsecured transmissions requested by users, as noted in practices by similar firms (Everbright Securities International).

Under the PDPO, you have the right to:

  • Access: Request a copy of your personal data held by us.

  • Correction: Request updates to inaccurate or incomplete data.

  • Opt-Out: Unsubscribe from marketing communications at no cost via email or our website.

To exercise these rights, contact our Data Privacy Officer at info@ebactuary.com.

COOKIES AND THIRD PARTY LINKS

Our website uses cookies to collect anonymized data on user behavior, such as page visits and preferences, to improve functionality. Cookies do not collect personally identifiable information. You can manage cookie preferences via your browser settings. In 2023, 80% of our website traffic was analyzed using cookies, enhancing user experience without compromising privacy (EverBright internal data).

Our website may include links to third-party sites, such as GBA hospital partners or telehealth platforms. We are not responsible for their privacy practices, which may differ from ours, as aligned with industry standards (Hong Kong Productivity Council). We may update this Privacy Policy to reflect legal or operational changes. Updates will be posted on our website and effective upon posting, as practiced by the Actuarial Society of Hong Kong (ASHK). We encourage you to review this policy periodically.

bottom of page