Privacy policy

Last updated: 9 June 2026. Operator: Pangaea Capital trading as Company Insurance SG.

This Policy sets out how Company Insurance SG collects, uses, discloses and protects personal data in compliance with Singapore's Personal Data Protection Act 2012 (PDPA) and the PDPC Advisory Guidelines.

1. What we collect

  • Quote-request data — business name, UEN, contact name, email, phone, sector, headcount (broken down where relevant by manual / non-manual / foreign worker), annual turnover band, the cover types you are interested in, current insurer (if any), prior claims (if any).
  • Email enquiry data — whatever you send to us.
  • Server log data — IP address, user agent, referrer, page paths, timestamps.
  • Cookie data — analytics and conversion measurement cookies. No advertising cookies are set without prior consent.

2. How we use it

  • To fulfil your quote request by transferring it to our broker partner Anapi Pte Ltd (see section 3).
  • To respond to email enquiries and editorial correction requests.
  • To improve the Site through aggregated analytics on page paths and form drop-off.

3. Who we share with

3.1 Broker partner — Anapi Pte Ltd

When you submit a quote request, your contact and risk-profile data is transferred to Anapi Pte Ltd (trading as Anapi), a Singapore insurance broker licensed by the Monetary Authority of Singapore under the Insurance Act 1966. Anapi uses the data to:

  • Contact you (by phone and email) to scope your insurance requirement in more detail.
  • Approach carriers on its panel to obtain quotes on your behalf.
  • Maintain records as required by MAS regulations governing insurance intermediaries.

Your consent to this transfer is sought at the point of form submission. The transfer is the central purpose of the Site — without it, we cannot deliver the quote service. You may withdraw consent at any time (see section 5), but doing so will end any active quote engagement.

3.2 Other recipients

  • Service providers strictly necessary to operate the Site — hosting (Netlify), email delivery, analytics. These providers process data only on our instructions and only to the extent necessary to perform the service.
  • Authorities where required by Singapore law or court order.

We do not sell personal data, share with advertisers, or transfer data outside the purposes set out above.

4. Where data is stored

Site infrastructure is hosted by Netlify with data primarily processed in the Asia-Pacific region. Anapi handles the data it receives under its own MAS-regulated processes; you can request Anapi's privacy notice directly from Anapi.

5. Your PDPA rights

Under the PDPA you have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Withdraw consent to further use or disclosure (subject to reasonable notice).
  • Be informed about the use and disclosure of your personal data.

To exercise any of these rights, email our Data Protection Officer at dpo@companyinsurance.com.sg. We will respond within 30 days. Where a request involves data already transferred to Anapi, we will coordinate with Anapi to action the request consistently with both organisations' obligations.

6. Retention

Quote-request data is retained while a broker engagement is active and for seven years after closure to satisfy MAS record-keeping guidelines applicable to insurance intermediaries. Server logs are retained for 90 days. Email correspondence is retained for two years.

7. Security

We protect personal data with reasonable administrative, physical and technical safeguards including TLS in transit, access controls on form submissions, and least- privilege access on operational data stores. No system is impenetrable; if a notifiable data breach occurs, we will notify affected individuals and the PDPC consistently with the PDPA Mandatory Data Breach Notification provisions.

8. Cookies

We use a small number of strictly-functional and analytics cookies. We do not use advertising or third-party tracking cookies without prior consent. You can refuse non-essential cookies via your browser settings; refusing analytics cookies will not affect your ability to use the Site.

9. Children

The Site is intended for businesses and their authorised representatives. We do not knowingly collect personal data from individuals under 18.

10. Changes

We may update this Policy from time to time. The current version is the one in force when you access the Site, indicated by the “Last updated” date at the top.

11. Contact

Data Protection Officer, Company Insurance SG — dpo@companyinsurance.com.sg.