Ambledown is committed to protecting your privacy and ensuring that your personal information is collected and used in an appropriate, lawful, and transparent manner. Ambledown subscribes to the terms outlined in the Protection of Personal Information Act 4 of 2013 (POPIA) and any other legislation relating to data privacy and confidentiality that the company is subject to.

The content of this document includes:

  • Ambledown’s role

  • Personal information we record and process

                  o Policyholders, insured persons and beneficiaries

                  o Service Providers

  • Retention of data

  • How your personal information is used

  • Who will receive your personal information and why

  • Security of personal information

  • Your rights

  • More information

  • Changes to our Privacy Policy

The objective of this document is to provide you with an understanding of how your personal information is managed and your rights. Please read this document carefully before providing personal information.

Ambledown, or any division of Ambledown, may from time to time include links on our websites or social media platforms of other organisations. Ambledown has no control over how these organisations store and process data, and we advise you to check their privacy policy before providing personal information through these links.


Ambledown’s role

Ambledown Financial Services (Ambledown) is a registered Financial Service Provider (FSP no. 10287), operating in the capacity of an Underwriting Manager Agency (UMA) and has signed binder agreements with various Short- term and Long-term insurance companies. These agreements specify the functions and information Ambledown is permitted to provide to and on behalf of the insurer. These functions include the processing of your personal information.

Unity Health is a division of Ambledown that operates in the same capacity as Ambledown. Any reference to Ambledown in this document shall include Unity Health, unless otherwise stated.

In terms of insurance legislation, Ambledown may not provide advice to any policyholder or potential policyholder, other than ER24 policy contracts. For this reason, a policyholder or potential policyholder is represented by a broker, who is required to be a registered Financial Service Provider (FSP). This FSP will obtain personal information, which could include financial and medical information. Ambledown has no control over how the FSP stores and processes your personal information, and we suggest you read their privacy policy before providing them with your personal details. The FSP will provide Ambledown with all relevant personal information for the processing and administration of a policy contract and the assessment of a claim (should any claim documentation be submitted to the FSP). Ambledown, in terms of its legislative obligations, will make available information in relation to your policy contract to the insurer. This information will include personal information.


Personal information we record and process

Policyholders, insured persons and beneficiaries

Personal information is collected directly from you through the completion of a policy application form, amendment forms, or a claim form. These forms are available in both electronic and paper formats. We may request personal information in subsequent communications to check your identity and fulfill legislative obligations. Additionally, we may also collect information about you from other sources, such as external third parties and cookies on our website.

This personal information about you will include:

  • Your name and personal information for identification purposes

  • The name of your dependants, along with their personal information for identification

  • Address, telephone numbers, and email address

  • Where relevant, your employment details

  • Where relevant, medical information for both you and your dependants

  • Data provided through you corresponding with us

  • Any updates to data provided to us

  • Your IP address, information about your visit to our websites or mobile application, your device

    information, and details on how you use our websites or mobile application.


Service Providers

We will hold information related to the individuals engaged in providing services to Ambledown. This information may include organisational data, service-related data, and any other information relevant to the performance of the services/relationship.


Retention of data

We will retain your personal information only as long as is necessary for the purpose for which it was collected or for any period as prescribed by legislation. The disposal of personal information is carried out in a secure manner once it is no longer required to be held.


How your personal information is used

We can only use your personal information for its intended purpose and in compliance with contractual and regulatory responsibilities. Personal information is utilized to perform the following functions:


  1. Perform our contractual obligations in the administration of policy contracts,
  2. Fulfill our contractual obligations in relation to any service contracts,
  3. Analyse data to manage the risk, calculate premium rates, and product design,
  4. Calculate the underlining costs associated with the administration of policy contracts, and 5. Fulfill legislative and legal responsibilities.


Who will receive your personal information and why

We share your personal information with trusted third parties who are contracted either by Ambledown or the insurer. These third parties may not delegate their responsibilities to any other party without the written consent of Ambledown and/or the insurer. They are contracted to perform functions on our behalf, assisting us in providing our products and/or services to you, and meeting legal and regulatory obligations. These parties are limited, by law and/or by contract, in their use of your personal information for any purpose other than to provide services for us or to meet a regulatory obligation. The third parties could include:


  • Your broker,
  • Financial institutions to facilitate the collection of premiums, payment of claims, and any other payments,
  • Medical service providers or any other organisation required for the assessment of a claim or recovery of a claim,
  • Organisations to prevent and investigate fraud, including the police and fraud investigators,
  • Analytics and search engine providers assisting in the improvement and optimization of our websites,
  • Information technology specialists assisting us with data storage, security, processing, analytics, etc.
  •  Auditors of Ambledown and the insurer,
  • Compliance Officers of Ambledown and the insurer,
  • Regulatory or governmental authorities.


Security of personal information

The main risks of processing your personal information are that data can be lost, stolen, or misused. Your personal information could fall into the hands of someone who may use it for fraudulent intentions or make public information you wish to keep private. Ambledown has policies and procedures in place to secure your personal information, which includes:

  •  Physical access control to our premises,

  •  Staff training and communication highlighting the importance of data privacy,

  • Internal policies relating to data privacy, information technology, and cyber security,

  • Regular computer updates,

  • Password protection for electronic devices and systems, and

  • Firewall protection and anti-virus software.


Please note that any transmission of data over the internet carries risks, and complete security cannot be guaranteed. Ambledown will make every e􏰀ort to minimize the risk, but any party transmitting or receiving data should be aware and take the necessary security precautions. Ambledown will not be held legally liable for any personal information you reveal to a third party. Using the internet is entirely at your own risk.

If Ambledown suffers a breach of your personal information, it will follow all requirements as specified in the POPIA. You will be informed of the nature and extent of the breach if you are materially impacted, unless directed by the Information Regulator. Ambledown will, to the best of its ability, immediately close the source of the attack.


Your rights

You have a right to the following:

  • Update incorrect or out-of-date personal information,

  • Delete any personal information in accordance with legislation,

  • Withdraw your consent where required for the use or processing of your personal information,

  • Consider any valid objections to the use or processing of your personal information (see Annexure B),

  • Details of the personal information we hold about you, why, and how it is being used (see Annexure A),

When exercising any of your rights, we may request specific personal information to verify your identity. This is to ensure that we are engaging with the rightful owner of the personal information. All requests will be considered in terms of your rights and requirements as specified by legislation.


More information

If you require more information concerning the use of your information or wish to exercise any rights in terms of this document and/or legislation, please contact us through the following means:

Complete the Personal Information Request Form as provided in Annexure A.

The Information Officer
Ambledown Financial Services (Pty) Ltd

PO Box 1862





Telephone:  (086) 126 2533

Facsimile:    (011) 463 1600


You have a right to complain to the Information Regulator if you feel your information has been misused. For further information, please refer to their website, as reflected below. Alternatively, you can contact the Information Regulator using the details provided below.

The Information Regulator

Physical Address:  JD House, 27 Stiemens Street, Braamfontein, Johannesburg, 2001


Telephone: (010) 023 5200



Chatbot Usage and Personal Information

Ambledown utilizes chatbot technology and artificial intelligence (AI) technologies, including OpenAI’s GPT4 and other reputable Large Language Models (LLMs), to enhance customer support and interaction. While we have implemented measures to train our AI systems to identify and redact personal information, we cannot guarantee complete accuracy or prevent inadvertent disclosure.

When engaging with our chatbots, we strongly advise against disclosing personal information such as full names, addresses, contact details, medical information, identification numbers, or any other sensitive data that may be used to identify you or your dependants. For any personal information-related queries, please contact your broker or Ambledown.

If you voluntarily provide personal information to our chatbots or other AI-powered systems despite our recommendations, you acknowledge that you do so at your own risk. Ambledown shall not be held liable for any unauthorised use or disclosure of personal information resulting from your decision to disregard our guidelines.

Changes to our Privacy Policy

From time-to-time our Privacy Policy may be changed. The latest version will be available on our websites.