Ambledown is committed to protecting your privacy and ensuring your personal information is collected and used in an appropriate, lawful and transparent manner. Ambledown subscribes to the terms outlined in the Protection of Personal Information Act and any other legislation relating to data privacy and confidentiality the company is subject to.
The content of this document includes:

  •  Ambledown’s role
  • Personal information we record and process 

                o Policyholders and insured persons

                o Service Providers

  • Retention of data
  • How your personal information is used
  • Who will receive your personal information and why
  • Security of personal information
  • Your rights
  • More information
  • Changes to our Privacy Policy

The objective of this document is to provide you with an understanding of how your personal information is managed and your rights. Please read this document carefully before providing personal information.

Ambledown, or any division of Ambledown, may from time to time include links on our websites or social media
platforms of other organisations. Ambledown has no control over how they store and process data, and we advise you to check their privacy policy before providing personal information through these links.


Ambledown’s role

Ambledown Financial Services (Ambledown) is a registered Financial Service Provider (FSP no. 10287), operating in the capacity of an Underwriting Manager Agency (UMA) and has signed binder agreements with various Short-term and Long-term insurance companies. These agreements specify the functions Ambledown is permitted to provide to and on behalf of the insurer. These functions include the processing of your personal information.

Unity Health is a division of Ambledown, who operate in the same capacity as Ambledown. Any reference to
Ambledown in this document shall include Unity Health, unless otherwise stated.

In terms of insurance legislation, Ambledown may not provide advice to any policyholder or potential policyholder. For this reason, a policyholder or potential policyholder is represented by a broker, who is required to be a registered Financial Service Provider (FSP). This FSP will obtain personal information, which could include financial and medical information. Ambledown has no control over how the FSP stores and processes your personal information and we suggest you read their privacy policy before providing them with your personal information. The FSP will provide Ambledown with all relevant personal information for the processing and administration of a policy contract, and the assessment of a claim (should any claim documentation be submitted to the FSP). Ambledown, in terms of its legislative obligations, will make available information in relation to your policy contract to the insurer. This information will include personal information.


Personal information we record and process

Policyholders and insured persons

Personal information is collected directly from you through the completion of a policy application form, amendment forms and a claim form. These forms are available in both electronic and paper formats. We may request personal information in subsequent communications to check your identity to fulfill legislative obligations. We may also collect information about you from other sources such as external third parties and from cookies on our website.

This personal information about you will include:


  •  Your name and personal information to identify you
  •  The name of your dependents, as well as their personal information to identify them
  • Address, telephone numbers and e-mail address
  • Where relevant, your employment details
  • Where relevant, you and your dependents medical information
  • Data provided through you corresponding with us
  • Any updates to data provided to us
  • Your IP address, information about your visit to our websites or mobile application, your device information
    and how you use our websites or mobile application.


Service Providers

We will hold information in relation to the persons engaged in providing services to Ambledown, which could include organisational data, service related data and any other information relevant to the performance of the


Retention of data

We will retain your personal information only as long as is necessary for the purpose for which it was collected, or for any period as prescribed by legislation. The disposal of personal information is done in a secure manner once no longer required to be held.


How your personal information is used

We can only use your personal information for its intended use and complying with contractual and regulatory
responsibilities. Personal information is used to perform the following functions:

  1. Perform our contractual obligations in the administration of policy contracts,
  2. Perform our contractual obligations in relation to any service contracts,
  3.  Data is analysed to manage the risk, calculate premium rates and product design,
  4. Calculate the underlining costs associated with the administration of policy contracts, and
  5.  Any legislative and legal responsibilities.


Who will receive your personal information and why

We share your personal information with trusted third parties who are contracted either by Ambledown or the insurer.
These third parties may not delegate their responsibilities to any other party without the written consent of
Ambledown and/or the insurer. These third parties are contracted to perform functions on our behalf and assist us to provide our products and/or services to you and meet legal and regulatory obligations. These parties are limited, by law and/or by contract, in their use of your personal information for any purpose other than to provide services for us or to meet a regulatory obligation. The third parties could include:


  • Your broker,
  • Financial institutions to facilitate the collection of premiums, payment of claims and any other payments,
  • Medical Service Providers or any other organisation required for the assessment of a claim or recovery of a
  • Organisations to prevent and investigate fraud, including the police and fraud investigators,
  • Analytics and search engine providers assisting in the improvement and optimisation of our websites,
  • Information Technology specialists assisting us with data storage, security, processing, analytics, etc.
  • Auditors of Ambledown and the insurer,
  • Compliance Officers of Ambledown and the insurer,
  • Regulatory or governmental authorities.


Security of personal information

The main risks of processing your personal information are data can be lost, stolen or misused. Your personal
information could fall into the hands of someone who may use it for fraudulent intentions or make public information you wish to keep private.  Ambledown has policies and procedures in place to secure your personal information, which includes:


  • Physical access control to our premises,
  • Staff training and communication highlighting the importance of data privacy,
  • Internal policies relating to data privacy, information technology and cyber security,
  • Computers are updated regularly,
  • Password protection for electronic devices and systems, and
  • Firewall protection and anti-virus software.


Please note, any transmission of data over the internet has risks and security cannot be completely guaranteed.
Ambledown will make every effort to minimize the risk, but any party transmitting or receiving data should be aware and take the necessary security precautions. Ambledown will not be held legally liable for any personal information you reveal to a third party. Using the internet is entirely at your own risk.

If Ambledown suffers a breach of your personal information, it will follow all requirements as specified in the POPIA. You will be informed of the nature and extent of the breach where you are materially impacted, unless directed by the Information Regulator. Ambledown will to the best of its ability, close the source of the attack immediately.


Your rights

You have a right to the following:


  • Update incorrect or out of date personal information,
  •  Delete any personal information in terms of any legislation,
  •  Withdraw your consent where consent is required to use or process your personal information,
  • Consider any valid objections to the use or processing of your personal information (see Annexure B),
  • Details of the personal information we hold about you, why and how it is being used (see Annexure A),
  • Lodge a complaint with the Information Regulator (see Annexure B).

When exercising any of your rights we may request specific personal information to verify your identity. This is to ensure we are engaging with the rightful owner of the personal information. All requests will be considered in terms of your rights and requirements in terms of legislation.


More information

If you require more information concerning the use of your information, or to exercise any rights in terms of this
document and/or legislation, please contact us through the following means:
Complete the Personal Information Request Form as reflected in Annexure A.
The Information Officer

Ambledown Financial Services (Pty) Ltd
PO Box 1862

Telephone: (086) 126 2533
Facsimile: (011) 463 1600

You have a right to complain to the Information Regulator if you feel your information has been misused. For further information please refer to their website, as reflected below. Alternatively, you can contact the Information Regulator through the details provided below.

The Information Regulator: Ms Mmamoroke Mphelo
Physical Address: SALU Building, 316 Thabo Sehume Street, Pretoria

Changes to our Privacy Policy

From time-to-time our Privacy Policy may be changed. The latest version will be available on our websites.