The Simah Group adopted a Privacy Policy as part of the business and operations of the group. Simah is committed to protecting the personal information of any individual or juristic person and will always ensure that personal information is processed fairly, lawfully, and correctly, and within the ambit of applicable legislation. As all people have the constitutional right to privacy, Simah will always maintain appropriate levels of security and privacy of such personal information about current, past, and prospective clients, and employees.

The main objective of this policy is to align Simah’ operations to comply with the legislative requirements of Protecting Personal Information (POPIA). This policy will ensure the necessary securities are in place with regards to the collection and processing of personal information as well as deal with the retention and destruction of the same information. It will also deal with data breaches and the complaints process.

This policy applies to all Individuals and Juristic Entities (prospective, previous & current) who had/has interactions or shared any Personal Information with Simah at any time.

Personal Information Definition

Personal Information

Personal information includes:

  • certain information that we collect automatically when you visit our website.
  • certain information we request relating to your risk portfolio to provide you with insurance services.
  • certain information for the purpose of premium collection.
  • certain information regarding a loss or claim; But excludes.
  • information that has been made anonymous so that it does not identify a specific person.
  • permanently de-identified information that does not relate or cannot be traced back to you specifically.
  • non-personal statistical information collected and compiled by us; and
  • information that you have provided voluntarily in an open, public environment or forum including any blog, chat room, community, classifieds, or discussion board (because the information has been disclosed in a public forum, it is no longer confidential and does not constitute personal information subject to protection under this policy).

Common examples

Common examples of the types of personal information which we may collect, and process include your:

  • identifying information – such as your name, date of birth, and identification number of any kind.
  • contact information – such as your phone numbers and email address.
  • address information – such as your physical and postal address; and
  • demographic information – such as your gender or marital status. Sensitive personal information

Depending on the services required, we may also collect sensitive personal information including your:

  • financial information – such as your bank account details and financial history.
  • sensitive demographic information – such as your race or ethnicity.


Acceptance required

By requesting Simah to render a service, you are deemed to have read, understood, accepted, and agreed to be bound by all the terms of this policy.

Legal capacity

No person under the age of 18 years old may request any services or access our website to provide any details to Simah.

Your Obligations

You may only send us your own Personal Information or the information of another data subject where you have their explicit and specific permission to do so.


Simah may change the terms of this policy at any time. Notice of any changes will be placed in a prominent place on the website or by sending you an email detailing the changes that was made and indicating the date that they were last updated. The changed terms will apply to you, and you will be deemed to have accepted those updated terms.

Collection & Processing of Personal Information


Simah will obtain your consent to collect and process Personal Information:

  • in accordance with applicable laws.
  • when you request a product or service from us.

The information obtained will have relevance to your risk and insurance portfolio and will be processed for the following reasons:

  • To analyse your risk portfolio to enable Simah to provide you with a more efficient insurance experience
  • To provide you with quotations on financial products and service
  • To verify your identity
  • To manage your insurance portfolio
  • To process insurance claims on your behalf
  • To market new products that may ensure better risk coverage
  • To ensure your details are always up to date
  • To comply with all legal and regulatory obligations


It will be required that Personal Information be processed by Simah to fulfil our obligations. Simah staff throughout the group, within the required security levels, will be responsible to securely process your Personal Information. Processing will include collecting, recording, storing, updating, and sharing with third parties. All precautionary measures have been implemented to ensure that Personal Information is kept save throughout this process.

Recording & Storing

Personal Information will be recorded and stored on Simah devices, insurers systems, voice recording systems, financial systems, secure servers as well as hard copy storage facilities that comply with POPIA security requirements.

Simah has full control over Personal Information when it is shared on any of our official communication platforms. Our official communication platforms are Simah email (, Simah Microsoft Teams and telephone lines as published on our website, our official website ( as well as portals which you will have login rights to. If any other external platforms are used to communicate with us, we can unfortunately not guarantee the safety of your Personal Information.

Sharing personal information

For Simah to fulfil our obligations to you, it will be required to share your personal information with a third party after obtaining your consent to do so. Simah may also request your consent to share your Personal Information with our affiliates to provide you with additional risk coverage options.

Third parties include but are not limited to:

  • Insurance and reinsurance companies
  • Industry bodies
  • Regulatory bodies
  • Loss adjusters and 3rd party service providers
  • Premium collection agencies
  • Insurance Administrators
  • Simah Affiliates

Updating Personal Information

We will try to keep the Personal Information we collect as accurate, complete, and up to date as is necessary for the purpose defined in this policy. From time to time, we may request you to update your Personal Information by contacting your broker. You can review or update any Personal Information that we hold at any time by emailing us at or phoning us. Please note that to better protect you and safeguard your Personal Information, we take steps to verify your identity before granting you access to your account or making any corrections to your Personal Information.

No Selling

Simah will never sell Personal Information. No Personal Information will be disclosed to anyone except as provided for in this Privacy Policy.

Marketing Consent

You will always have the option to indicate if you want to receive marketing and promotional material from Simah and/or its affiliates. If you choose to “Opt-Out” you will still receive communication from us regarding any administration requirements on your insurance portfolio as well as enhancements on current products and service. You will however not receive any updates on new products or services we offer, which might have a negative effect on your risk portfolio.

As we remain duty bound as your insurance broker and advisor to keep you abreast of relevant new insurance products and covers as these become available, we will ask your specific permission to enable us to keep you informed as appropriate. You do however retain the right to disallow us from contacting you in this regard which then will negatively affect our contractual duty towards you.

Change of Ownership

If at any stage Simah undergoes a change in ownership, or a merger with, acquisition by, or sale of assets to, another entity, we may assign our rights to the Personal Information we process to a successor, purchaser, or separate entity. We will disclose the transfer by notifying all for whom we hold Personal Information on. If you are concerned about your Personal Information migrating to a new owner, you may request us to delete your personal information, other than in respect of your contracts of insurance which will be invalidated without such information.


Simah has taken all necessary precautionary measures to ensure that any Personal Data collected and stored is done so in line with all data protection laws. All email communication is end-to-end encrypted to ensure that whenever communication occurs over email, that it is safely done. Internal servers as well as those hosted by 3rd party suppliers are all done in a secure environment with appropriate firewalls and other advanced security measures in place to prevent interference from outside intruders. Data classification ensures restricted access is given to sensitive information and only given for those employees who require it to fulfil their job responsibilities. Disaster recovery procedures have also been implemented where appropriate.

Transfer to Another Country

Simah will not transfer any personal information across a country border without your prior written consent. Personal information may be stored on servers located outside the country in which it was collected in a foreign country whose laws protecting personal information may not be as stringent as the laws in the country in which it was collected. You consent to us processing your personal information in a foreign country whose laws regarding processing of personal information may be less stringent.

Incident and Breach

You will be informed as soon as any breach or possible breach occurred in which your data might have been obtained by any third party unlawfully. Simah has a Breach Policy and procedure in place to ensure the damage in this event is managed with urgency to minimise the loss. If you are made aware of a breach, please notify us immediately at

Enquiries – Promotion of Access to Personal Information

If you have any questions or concerns arising from this Privacy Policy or the way in which we manage personal information, please contact us on


If at any stage you feel that Simah Risk Holdings has obtained or processed your information without the necessary consent or without due care, you can lodge a complaint to us at


This policy shall be reviewed annually or more frequently in the event of material amendments to the regulatory environment.