Privacy Policy

Effective Date: 01/04/2023  |  Last Updated: 01/04/2025

1. Introduction

Welcome to HBR Insurance Brokers Private Limited (“HBR”, “we”, “our”, or “us”).

We are committed to maintaining the privacy, confidentiality, and security of the personal information entrusted to us. This Privacy Policy outlines how we collect, use, store, disclose, and safeguard your information when you use our website (https://www.hbrbrokers.com), mobile application, or advisory services (collectively referred to as the “Platform”).

By accessing or using our Platform, you agree to this Privacy Policy. If you do not agree, please do not use our services.

2. Legal Framework

This Privacy Policy is published in accordance with:

  • Section 43A of the Information Technology Act, 2000
  • Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011
  • The Digital Personal Data Protection Act, 2023 (DPDP Act)
  • Applicable IRDAI Regulations, including the IRDAI (Protection of Policyholders’ Interests) Regulations, 2017

3. Information We Collect

We may collect the following categories of information to facilitate our services and comply with legal requirements:

a. Personal Information

  • Name, date of birth, gender, and nationality
  • Contact details (email address, phone number, residential or business address)
  • Identification documents (Aadhaar, PAN, passport, driving licence)
  • Policy number, insurance details, and nominee information
  • Financial details (bank account number, credit/debit card, UPI, payment history)
  • Health or medical information (for health/life insurance products)
  • Employment and income details (where applicable)

b. Automatically Collected Information

  • IP address, browser type, operating system, and device identifiers
  • Location information and usage data
  • Cookies, web beacons, and similar tracking technologies

c. Communication and User-Generated Data

  • Queries, complaints, feedback, or communications sent to us
  • Uploaded documents and claim submissions
  • Call logs, chat transcripts, and correspondence records

4. Purpose of Data Processing

Your data is processed for the following legitimate purposes:

  • To provide insurance advisory services.
  • To verify identity and assess eligibility.
  • To issue, service, and renew insurance policies.
  • To process claims, refunds, and payments.
  • To comply with legal and regulatory requirements under IRDAI and other applicable laws.
  • To prevent fraud, misuse, or unauthorized access.
  • To conduct data analytic, audits, and service improvements.
  • To communicate important updates, offers, and reminders.
  • To respond to your queries or grievances.

5. Legal Basis for Processing

We process personal data on the following lawful grounds:

  • Consent: You have provided explicit consent to process your information.
  • Contractual necessity: Processing is required to perform an insurance contract or take pre-contractual steps.
  • Legal obligation: To comply with IRDAI or statutory mandates.
  • Legitimate interests: For fraud prevention, analytics, and business improvement, provided these do not override your fundamental rights.

6. Disclosure of Information

We do not sell, rent, or trade your personal data. However, we may disclose it to:

  • Insurance companies, reinsurers, and TPAs for policy administration or claims processing.
  • Service providers such as IT support, payment gateways, data storage, and communication partners.
  • Regulatory authorities, such as the IRDAI, income tax authorities, or law enforcement, as required by law.
  • Affiliates or group companies for legitimate business operations.
  • Successors or transferees in the event of a merger, acquisition, or reorganization.

All third parties are bound by contractual confidentiality and must adhere to data protection standards equivalent to ours.

7. Data Retention and Storage

We retain personal data only for as long as necessary to fulfil the purposes stated in this Policy or as required by:

  • IRDAI record-keeping norms, or
  • Applicable laws and contractual obligations.

When data is no longer required, it will be securely deleted, anonymized, or archived.

Data may be stored on servers located within India or in jurisdictions that provide adequate data protection safeguards.

8. Cookies and Tracking Technologies

We use cookies and similar tools to enhance your browsing experience and understand user behaviour. These include:

  • Essential and functional cookies
  • Performance and analytics cookies
  • Advertising cookies

You can manage cookie preferences through your browser settings, but disabling cookies may affect website functionality.

9. Data Security

We employ comprehensive physical, technical, and organizational security measures, including:

  • SSL encryption and secure data transmission
  • Role-based access control
  • Firewalls and intrusion detection systems
  • Regular vulnerability testing and security audits

While we take all reasonable precautions, no system is completely immune to security risks.

10. Your Rights

In accordance with the DPDP Act, 2023 and other applicable laws, you may exercise the following rights:

  • Right to access your personal data
  • Right to correction and erasure of inaccurate data
  • Right to withdraw consent at any time
  • Right to grievance redressal
  • Right to nominate another individual to exercise your rights in case of incapacity

Requests to exercise these rights may be made by contacting the Grievance Officer at the details below.

11. Children’s Privacy

Our services are intended for adults aged 18 years and above. We do not knowingly collect data from minors. If such data is collected inadvertently, it will be promptly deleted.

12. Third-Party Links

Our Platform may include links to third-party websites or services. We are not responsible for their content or data protection practices and encourage users to review their privacy policies before sharing information.

13. International Data Transfers

If you access our services from outside India, your data may be transferred to and processed in India or other jurisdictions. Such transfers are performed in compliance with applicable legal standards for data protection.

14. Updates to This Policy

We may revise this Privacy Policy periodically to reflect changes in our practices or legal requirements. The updated version will be posted on our website with the revised “Last Updated” date.

15. Contact Us

If you have questions or concerns about this Privacy Policy or our data-handling practices, please contact:

Data Protection / Grievance Officer

Name: Ramesh Mudbakhe
Designation: Principal Officer
Address: HBR Insurance Brokers Private Limited, 7th floor, Shop no 79, Business Bay JITO, Shri Hari Narayan Kute Marg, Mumbai Naka, Nashik, Maharashtra 422002
Email: info@hbrbrokers.com
Phone: 9403890333 / 8530517555

Compliance Note

This Privacy Policy is prepared in compliance with:

  • The Information Technology Act, 2000
  • The Digital Personal Data Protection Act, 2023 (DPDP Act)
  • The IRDAI (Protection of Policyholders’ Interests) Regulations, 2017