Skip Ribbon Commands
Skip to main content

Privacy Policy Privacy Policy

Skip Navigation LinksKenya

Let’s talk...

T: +254 (020) 5138200

M: +254 719 035035

Sanlam Kenya Plc Privacy Notice

This Privacy Notice describes how the Sanlam Kenya Plc group collects, uses, discloses, retains and protects your personal information, in accordance with the Kenya Data Protection Act (DPA) and other relevant laws.

The DPA defines personal information as “information which relates to an identified or identifiable natural person, and the definition may include, but is not limited to, your name, sex, gender, address, contact details, identity number and medical or health information.

The Privacy Notice applies to any website, application, form, document, product or service which references this Privacy Notice. It should be read together with the Terms and Conditions of Use for other Sanlam products and services. Where there is a conflict, this statement will prevail.

This statement applies to all customers, suppliers, agents, vendors and all visitors frequenting any of Sanlam premises.

Please note that this Privacy Notice may previously have been referred to on this website as a “privacy policy” or “privacy statement” and therefore some documents or forms may still refer to this Privacy Notice as a “privacy policy” or “privacy statement”.

In this Statement:

  • “Sanlam”, “Sanlam Kenya” or “we” refers to one or more of the entities, affiliates or subsidiaries of the Sanlam Kenya Plc operating in Kenya.
  • “You” means as a customer – the person who subscribes to, uses or purchases any of our products and services or accesses our websites and includes any person who accesses any of the products and services you have subscribed to.

2. How we collect Information

We collect personal information about you and any other person whose details you provide to us in accordance with the relevant laws, either:

  • Directly from you when you complete a product or service application form, electronically, telephonically or by way of a hard copy;
  • Indirectly from you when you interact with us electronically by way of our website, apps, or social media channels, which may include the collection of metadata (data about data);
  • From retirement funds, employers and other contracted entities in the context of medical schemes and group insurance policies; and
  • Where relevant, from third-party sources, such as other entities within Sanlam, financial intermediaries that are representatives of Sanlam Group entities or have intermediary agreements with Sanlam Group entities, public databases, data aggregators, other financial institutions, credit bureaus, and fraud prevention agencies.

We will also collect your information where you have only partially completed and/or abandoned any information which you began to apply to our website and/or other online forms. Given that we already consider you a customer at this stage, we may use this information to contact you to remind you to complete outstanding information.

Where we require personal information to provide you with our products and services, your failure to provide us with the necessary information, may result in Sanlam being unable to provide you with our products and services. Where such services include financial advice, the appropriateness of the advice may be compromised if you do not provide complete and accurate information. You are responsible for informing Sanlam if your information changes.

3. Collection of information by third parties

Owners or information system administrators of third-party websites that have links to the Sanlam website, may collect personal information about you when you use these links. Sanlam does not control the collection or use of personal information by third parties and this privacy statement does not apply to third parties. Sanlam does not accept any responsibility or liability for third-party policies or your use of a third-party app, platform or service.

Sanlam also uses certain social networking services such as Facebook, WhatsApp, Instagram and Twitter to communicate with the public and Sanlam clients. When you communicate with Sanlam through these services, that social networking service may collect your personal information for its own purposes. These services may track your use of our digital channels on those pages where the links are displayed. If you are logged into those services (including any Google service) while using our digital channels, their tracking will be associated with your profile with those service providers. These services have their own privacy policies which are independent of Sanlam’s privacy policies and practices. Please ensure that you fully acquaint yourself with the terms of any such third-party privacy policies and practices.

4. What Information we collect

Your relationship with Sanlam determines the exact nature of the personal information Sanlam processes, and the purpose for which such personal information is collected and used. However, in many cases, if we are handling your personal information as part of our role as an insurer, the personal information we may process includes the following:

Types of data

What kind of data might be involved

Examples of how Sanlam uses the data

Personal information that is required for structuring a suitable product or service.

Information about you – for example, your name, identity number, age, gender, date of birth, nationality, occupation, lifestyle, current status of health, medical history and any existing conditions of each person insured. In the event that you make a claim, we may also collect personal information from you about the claim and any relevant third parties.

We acknowledge that information about your health is sensitive personal information. Note that we will use that information strictly in accordance with applicable laws and for insurance purposes (including assessing the terms of the insurance contract, dealing with changes to the policy and/or dealing with claims).

Information that allows an individual to be identified directly or indirectly.

Name, address, telephone number, e-mail address, information provided in your identity documents to fulfill Sanlam’s Know Your Customer (KYC) requirements.

For identification purposes, to draw up an agreement/contract or to contact you.

Contractual information

For example, details about the policies you hold and with whom you hold them.

To perform any risk analysis or for purposes of risk management to you or our business in general.

To enhance your experience when interacting with Sanlam and to help us improve our offerings to you.

Financial information

We may process information related to payments you make or receive in the context of an insurance policy or claim.

We may process information regarding your income, expenses, assets, liabilities, investments, retirement and other financial provisions in the context of providing financial advice and intermediary services.

To ensure correct/timely processing of funds is performed. Also, for anti-money laundering/counter terrorism financing and sanctions monitoring.

Special categories of personal/health data/criminal data

Information concerning your health, information about criminal convictions, biometric data.

Health information such as smoker status or medical-related issues.

Sanlam processes biometric data for identification purposes. In the context of combating money laundering/ terrorism financing and tax obligations, we are required to record information about your country of birth. In addition, we may record special categories of data such as as criminal data in the context of anti-money laundering.

Relevant to a policy or a claim you have made.

Recorded calls, documentation of e-mails and physical access, CCTV

Online information – for example, cookies and IP address (your computer’s internet address), if you use our websites, apps and/or social media channels.

We use Closed Circuit Television (CCTV) surveillance recordings. CCTV Devices are installed at strategic locations to provide a safe and secure environment in all Sanlam premises.

We maintain a register of visitors in which we collect and keep your personal data such as names, company/institution details, telephone number, vehicle registration details and National ID number.

To enable our online services to be used and to combat fraud. To improve our website. For displaying targeted adverts or banners.

Allowing customers to carry information across pages of our site and avoid having to re-enter same information.

Enabling Sanlam to evaluate the effectiveness of its advertising and promotions.

Safety and Security reasons.

Data we receive from third parties.

Data may be obtained from third parties such as government identification databases, Company Registry, etc.

We use this information to verify KYC as part of customer due diligence.

Data we require to combat fraud, to ensure your security and ours, and to prevent money laundering and the financing of terrorism.

The data we keep in our internal and external referral registers, sanction lists, location information, transaction data, identity information, camera images and payment details, cookies, IP address and data relating to the device on which you use online services.

To comply with legal obligations and prevent you, the financial sector, Sanlam or our employees from becoming the victims of fraud, for security reasons and to protect the financial markets, we might check whether you appear in our external or internal referral registers and we have to check whether your name appears in sanction lists.

We may use your IP address, device details and cookies to combat online fraud (DDoS attacks) and botnets.

In certain instances, we may need consent to process your personal information. If you give us your consent for a specific context, you are free to withdraw this consent at any time. Please note that where you have withdrawn your consent, this will not affect the processing that took place prior to such withdrawal and it will not affect the processing of your personal information where consent is not required.

You may refuse to provide us with your personal information in which case we may not be able to provide you with a relevant service or would have to terminate our business relationship. The supply of certain items of personal information, especially those collected to comply with regulation, is legally mandatory.

5. How we use your Information

We have regulatory obligations, including compliance with anti-money laundering legislation, which require us to process your personal information. This includes verifying your identity or the identity of your beneficial owner and/or controlling persons. We are also required by various laws to maintain a record of our dealings with clients.

For us to provide clients with the financial products and services they have requested and to notify them of important changes to such products and services, we need to collect, use and disclose the personal information of clients, their representatives, controlling persons of entities, business contacts, staff of clients and service providers.

To the extent permissible under applicable laws, Sanlam may use your information:

  • To provide you with our financial products and services, and maintain our relationship with you;
  • To provide you with financial advice and intermediary services;
  • To conclude and administer your application, which may include underwriting;
  • To execute a transaction in accordance with your request;
  • To assess, check, and process claims;
  • To meet our contractual obligations with you or take steps necessary for the conclusion of a contract with you;
  • In relation to administering any securities you may hold in respect of a Sanlam Group entity (where relevant);
  • To comply with legislative and regulatory requirements, including codes of conduct and requirements of our regulators;
  • To undertake due diligence or credit reference searches and/or identity verification;
  • For the detection and prevention of unlawful activity, fraud, money-laundering and loss, including as part of party due diligence required under applicable laws and in terms of Sanlam Group policies;
  • For debt recovery or debt tracing;
  • For purposes of online login and authorisation;
  • To execute the Sanlam’s strategic initiatives;
  • To perform any risk analysis or for purposes of risk management to you or our business in general;
  • To record and/or monitor and have access to your telephone calls (i.e. voice recordings), correspondence and electronic communications to/with us (or any of our employees, agents or contractors) to accurately carry out your instructions and requests, to use as evidence and in the interests of crime prevention;
  • To maintain the security of our digital channels and systems;
  • For statistical analysis and research purposes;
  • For audit and record-keeping purposes;
  • For purposes of proof and legal proceedings;
  • To enhance your experience when interacting with Sanlam and to help us improve our offerings to you;
  • To share with other entities in Sanlam, so that we can market our financial products and services which we deem similar, with the aim of offering you the opportunity to take up some of the financial products to fulfil your needs, provided that you have not objected to receiving such marketing;
  • To conduct market research and provide you with information about our products and services from time to time via email, telephone or other means (for example, invite you to events);
  • To process your marketing preferences (where you have unsubscribed from certain direct marketing communications, keeping a record of your information and request to ensure that we do not send such direct marketing to you again);
  • To prevent or control the spread of any disease; and
  • For any purpose related to and compatible with the above.

6. Sharing your Information

Entities within Sanlam will only share your personal information with third parties if there is a legitimate reason to do so. We may disclose the personal information you provide to us to the following entities:

  • Our third-party service providers and other Sanlam Group entities who are involved in the delivery and/or administration of financial advice products and services;
  • Other third parties in relation to the purposes set out under the previous section (How we use your information);
  • Other insurers, public bodies and law enforcement (either directly or through shared databases) for fraud detection and prevention; and
  • Reinsurers who provide reinsurance services to Sanlam and for each other. Reinsurers will use your personal information to decide whether to provide reinsurance cover, assess and deal with reinsurance claims, and to meet legal obligations.

Sanlam will not sell, rent, or trade your personal information to any third party. Sanlam will share information about you with financial advisers that are Sanlam representatives or who have intermediary agreements with Sanlam. Sanlam may also share information within Sanlam where it is in Sanlam’s legitimate interest to do so.

Sanlam will disclose information when lawfully required to do so:

  • To comply with any relevant legislation;
  • To comply with any legal process; and
  • By any regulatory authority.

On occasion, Sanlam may – for legitimate purposes – share aggregated information with its stakeholders and business partners (for example, demographic data) in a manner that does not identify the persons to whom the information applies. However, Sanlam will not disclose your personal information to third parties unless there is valid processing ground as set out in applicable law.

7. Transfer across borders

Some of the persons to whom we disclose your personal information may be situated outside of the Republic of Kenya in jurisdictions that may not have similar data protection laws to Kenya. In this regard, we may send your personal information to service providers outside of the country for storage or processing on Sanlam’s behalf. However, we will not send your information to a country that does not have information protection legislation similar to that of Kenya, unless we have ensured that the recipient agrees to effectively adhere to the principles for processing of information in accordance with the Kenya Data Protection Act.

8. Security, storage and retention of information

Sanlam intends to protect the integrity and confidentiality of your personal information. Sanlam has implemented appropriate technical and organisational information security measures (including, but not limited to, using encryption for transmission of financial information) to keep your information secure, accurate, current, and complete. However, we cannot guarantee the security of any information you transmit to us online and you do so at your own risk.

Where third parties are required to process your personal information in relation to the purposes set out in this notice and for other lawful requirements, we ensure that they are contractually bound to apply the appropriate security practices.

We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, the need to comply with our internal policy and the applicable legal, regulatory, tax, accounting or other requirements.

9. Your rights

Subject to legal and contractual exceptions, you have rights under data protection laws in relation to your personal data. These are listed below:

  • Right to be informed that we are collecting personal data about you;
  • Right to access personal data that we hold about you and request for information about how we process it;
  • Right to request that we correct your personal data where it is inaccurate or incomplete;
  • Right to request that we erase your personal data noting that we may continue to retain your information if obligated by the law or entitled to do so;
  • Right to object and withdraw your consent to processing of your personal data. We may continue to process if we have a legitimate or legal reason to do so;
  • Right to request restricted processing of your personal data noting that we may be entitled or legally obligated to continue processing your data and refuse your request;
  • Right to request transfer of your personal data in an electronic format.

If you wish to exercise any of the rights set out above, please contact us on customerservice@sanlam.co.ke.

We try to respond to all legitimate requests within reasonable time. Occasionally it could take us longer if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.

10. Marketing

Where you provide your personal information to a Sanlam Group entity in the context of a sale of one of our products or services, you agree to such Sanlam Group entity sending you information on news, trends, services, events and promotions for our own similar products and/or services, always subject to your right to opt out of receiving such marketing at the time your information is collected and on each subsequent marketing communication thereafter. You may object to receiving direct marketing from Sanlam at any time by contacting the Sanlam Client Care Centre on 020 5138200 or +254 719035035).

Where you choose to exercise your right to opt out of direct marketing, please allow up to 21 days for Sanlam to effect that change.

11. Clickstream data

In the interests of better customer service, Sanlam may collect anonymous information from visitors to its websites. For example, Sanlam keeps track of the domains from which people visit its website and also measures visitor activity on its website. In the process, Sanlam ensures the information cannot be used to identify you. This information is sometimes known as "clickstream data". Sanlam or its analytics vendors (including Google Analytics) may use this data to analyse trends and statistics and to provide better customer service.

The information, referred to as traffic data, which may be collected includes:

  • Your IP address;
  • The search terms you have used;
  • The pages accessed on the website and the links you’ve clicked on;
  • The date and time you visited the website;
  • The referring website (if any) through which you clicked through to our website; and
  • The type of website browser you use.

As mentioned, the traffic data is aggregated and not personally identifiable and our website analysis will also respect any ‘do not track’ setting you might have on your web browser.

12. Cookies

A cookie is a small text file that is downloaded onto ‘terminal equipment’ (for example, a computer or smartphone) when you access a website. It allows the website to recognise your device and store some information about your preferences or past actions.

What cookies do we use?

Some cookies which we use are essential to the functioning of our website. Some cookies help us with the performance and design of our website. This allows us to measure how many times a page has been visited, whether a page has been visited on the website through an advertisement or by other means. Other cookies help us to remember your settings which you may have selected or assist with other functionality when you browse and use our website. This helps us to remember what you have selected, so on your return visit – we remember your preferences. On certain pages of the website we use cookies to help us understand your interests as you browse the internet, so we can tailor and render to you more personalised content and services in the future. This assists us in delivering relevant advertising to you during various advertising campaigns we may run from time to time through participating third-party sites.

In addition, we also use cookies on certain pages of our website to communicate with third-party data suppliers in order to extrapolate your digital behaviour. This helps us to understand and target more relevant advertising in the future. The information we receive is all aggregate and anonymous, but will include statistics such as demographics, online behaviour, product interests and lifestyle.

How do I disable cookies?

If you do not want to receive a cookie from the website, you have the option of setting your browser to notify you when you receive a cookie, so that you may determine whether to accept it or not. However, please be aware that if you do turn off 'cookies' in your browser, you will not be able to fully experience some of the features of the website. For example, you will not be able to benefit from automatic log-on and other personalisation features.

13. Children

While few, if any, of Sanlam's websites are directed towards children, Sanlam is committed to complying with all applicable laws aimed at the protection of children and in particular the protection of their personal information.

14. Updates

This privacy statement was last updated on 14 October 2021. A notice will be posted on the Sanlam website home page whenever the Privacy Notice is materially changed.

Please check the website regularly to ensure that you are aware of the latest version of this Privacy Notice.

15. Questions regarding this statement

Questions, comments and requests regarding this statement may be directed to customerservice@sanlam.co.ke for clarification.

As a Data Controller and Processor, below are the contact details of our Data Protection Officer:

Sanlam Kenya Plc
Sanlam Tower, Waiyaki Way, Westlands
P.O. Box 10496 Nairobi 0100, Tel: +2542781000, +254722206900
For more information on Sanlam, please visit our website.

Sanlam Life Insurance is a licensed financial service provider.
Copyright © Sanlam