Web privacy notice

Redion appreciates your visit to this website and your interest in our services and products. We care about your privacy and we want you to feel comfortable visiting our site.

This privacy notice applies to individuals located in Malaysia and covers personal data obtained by Redion through your use of the Redion website.

If you are not located in Malaysia, please refer to our general public privacy policy.

This privacy notice explains how and what type of personal data may be collected, processed and used during and, following your visit to the Redion website, why it is collected, with whom it is shared and your rights in this regard.

This privacy notice may be updated from time to time and we invite you to read it carefully.

Who is the data user (data controller)?

Europ Assistance Services (Malaysia) Sdn Bhd, with registered office at Office Suite 01-13, 13th Floor, Menara Symphony, No.5, Jalan Prof. Khoo Kay Kim, Seksyen 13, 46200 Petaling Jaya, Malaysia, is responsible for the processing of personal data collected via this Website. For individuals located in Malaysia, Redion acts as a “data user” (similar to a data controller) for the purposes of the Malaysia Personal Data Protection Act 2010 (Act 709) (“PDPA”).

Under the PDPA, a “data user” is the person who processes, or has control over or authorises the processing of, any personal data in respect of commercial transactions, and who is responsible for ensuring that such personal data is handled in accordance with the PDPA.

What is the purpose of this privacy notice?

Redion has developed this privacy notice to describe how and what type of data may be collected from you as users of the Redion website and the purposes for which Redion may process your personal data.

For more details about how Redion processes personal data, we invite you to consult our general public privacy policy.

What privacy principles do we follow?

For individuals located in Malaysia, when processing your personal data Redion applies the Personal Data Protection Principles set out under the Malaysia Personal Data Protection Act 2010 (Act 709) (“PDPA”). In particular, we ensure that your personal data is:

Processed in accordance with the PDPA for a lawful purpose directly related to our activities and only where necessary, and generally with your consent (General Principle)
Collected and processed with appropriate notice so you are informed of, among other things, what personal data is collected, the purposes of collection and use, and the choices available to you (Notice and Choice Principle)
Disclosed only for the purposes that were notified to you and, where required, with your consent, unless an exception applies under the PDPA (Disclosure Principle)
Protected by appropriate security measures to prevent loss, misuse, modification, unauthorised or accidental access or disclosure, alteration or destruction (Security Principle)
Kept only for as long as is necessary for the fulfilment of the purposes for which it was collected and processed, and then securely deleted or anonymised where appropriate (Retention Principle)

Accurate, complete, not misleading and kept up to date as necessary for the purposes for which it is processed (Data Integrity Principle)

Made available to you to access and request correction of your personal data in accordance with the PDPA (Access Principle)

What personal data we may collect?

Depending on the interaction you may have with us, we may collect during your visit the following personal data:

Identity
Contact details
Professional life data
IP addresses
Any relevant data you provide to us

Providing your personal data is generally voluntary. However, certain personal data may be required for us to respond to your request, process an application (e.g. recruitment or business partner onboarding), or comply with legal/regulatory obligations. If you choose not to provide required personal data, we may be unable to provide the relevant service or process your request.

Please also check the specific processing activities (hiring, financial crime…) below.

Why do we collect your personal data?

As a user of Redion website, you are informed that Redion may process your personal data for the following purposes:

Processing your application in relation to the career opportunities published on our website.
Gathering statistics regarding your visit to our website;
Processing your application to join us as a business partner
Responding to your requests for information about our products or services;
Responding to questions or investigating data breach or whistleblowing reports you submitted to us;
Managing risk and anti-money laundering purposes
Preventing, detecting and/or investigating irregularities and fraud
Managing the activity of Redion
Promoting Redion`s products and services (you may opt out of direct marketing at any time by contacting us via the form indicated below).

Processing your personal data for hiring purpose

If you apply to our career opportunities, Redion will process your personal data (Identity, contact details, CV) to assess your job application and will share it with relevant managers, HR and recruitment teams. For individuals located in Malaysia, this processing is carried out for purposes directly related to our recruitment activities and is necessary to evaluate your application and, where applicable, to take steps at your request prior to entering into an employment contract. Where consent is required under applicable law, we will obtain your consent. To this end, your personal data will be kept for 7 years after our last contact, or as and when necessary. You will find more information on our Career website.

Processing your personal data as business partners

The data you share with Redion (Identity, contact details, professional life data) will be used to evaluate your application to join us as a partner and will be shared with the relevant business lines of Redion. For individuals located in Malaysia, this processing is carried out for purposes directly related to our business operations and is necessary to review your request and, where applicable, to take steps prior to entering into a partnership agreement with your company. Where consent is required under applicable law, we will obtain your consent.

Processing your personal data to manage your requests for information

provide being shared with Redion communication team and its communication supplier via email at complianceasia@europ-assistance.my. To this end, your personal data will be kept for 7 years or as and when necessary.

Processing your personal data for fighting against financial crime

As part of our legal obligations to prevent money laundering, comply with sanctions requirements, and mitigate counter-terrorism financing risks, Redion may use and analyze individuals’ personal data to establish profiles and assess risks of money laundering, sanctions breaches, and terrorism financing. These activities are carried out in accordance with local applicable laws and regulatory requirements.

Processing your personal data for fighting against fraud and irregularities purposes

When filing a claim, individuals’ personal data (including, where applicable, sensitive personal data) may also be used to prevent, detect and/or investigate potential fraudulent or abusive behaviors and/or prevent irregularities (e.g. fraudulent exaggeration of claims, fake claims, checking identity).

Our fraud prevention activities are carried out for purposes directly related to our business operations, to protect our customers and the insured community, and where applicable to comply with legal and regulatory obligations. In the event of proven fraud, Redion may initiate criminal proceedings and implement relevant measures to protect its interests and the interests of its customers. Where the processing involves sensitive personal data and consent is required under the PDPA, we will obtain your explicit consent or rely on another applicable condition/exemption under the PDPA. For this purpose, personal data may be shared, only when strictly necessary, with specialized third-party providers (such as fraud detection service providers, investigative agencies, and other relevant partners) bound by confidentiality and data protection obligations.

How long we keep your personal data?

Your personal data collected through this website will be kept for the time determined on the basis of the following criteria:

legal obligation of retention; and
the period necessary to fulfil the purposes for which the data was collected and processed, and where applicable for the establishment, exercise or defence of legal claims, handling disputes, audits, or investigations.

With whom we may share your data?

Redion may share your data in relation to the management of its activity and website exclusively with the relevant:

Companies of the Redion group and Generali group
Business partners if your request or complaint concern their services
Third parties which have been assigned with the task to perform some activities related to the management and investigation of the requests and notification we receive from this website (including legal counsels and consultants, providing counselling or investigation services)
Authorities, regulators or governmental bodies in cases required by law, local regulations or in compliance with regulatory obligations
Third parties IT service providers

Where will your personal data be processed (including transfers outside Malaysia)?

Your personal data may be processed in Malaysia and/or in other countries where Redion group, and/or our service providers operate.

If we transfer personal data from Malaysia to a place outside Malaysia, we will do so in accordance with the PDPA (including section 129) and any applicable guidance issued by the Personal Data Protection Commissioner, and only where a permitted condition applies. This may include, for example, where: (i) the transfer is to a place specified or recognised under the PDPA as providing an adequate level of protection; or (ii) you have given your explicit consent to the transfer after being informed of the purpose and the class of recipients; or (iii) the transfer is necessary for the performance of a contract with you (or for your benefit), or another condition/exemption under the PDPA applies. Where appropriate, we implement safeguards (such as contractual protections) to protect your personal data.

How we protect your personal data?

Redion has implemented appropriate technical and organizational security measures to protect your personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, and against all other unlawful forms of processing.

What are your rights when you provide your personal data to us?

For individuals located in Malaysia, subject to applicable laws and any exceptions, you may exercise the following rights in respect of your personal data:

Right to access – You may request access to personal data we hold about you.
Right to correct – You may request correction of personal data that is inaccurate, incomplete, misleading, or not up to date.
Withdrawal of consent – Where we rely on your consent, you may withdraw it at any time by contacting us. Please note that withdrawing consent may mean we can no longer provide certain services or respond to your request.
Right to prevent processing likely to cause damage or distress – You may request that we stop or not begin processing where it is likely to cause substantial damage or substantial distress, subject to the conditions and exceptions under the PDPA.
Right to prevent processing for direct marketing – You may request that we stop or not begin processing your personal data for direct marketing purposes.
Other rights under the PDPA – You may have additional rights under the PDPA depending on the circumstances and applicable exceptions.
How to exercise your rights – To make a request, please contact us using the details set out below. We may need to verify your identity before responding. Please note that these rights are subject to the PDPA and applicable conditions and exceptions, and we may refuse a request where permitted by law.

In order to exercise your rights to Redion, you may contact the Data Protection Officer at

complianceasia@europ-assistance.my.

How to report a potential data breach?

A data breach is a security incident leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of personal data (e.g. unauthorized disclosure of customers’ or employees’ personal data). If you become aware of a potential data breach, please contact our Data Privacy Officer using the contact details at complianceasia@europ-assistance.my.

How can you lodge a complaint?

If you have a complaint about how we handle your personal data, we encourage you to contact our Data Protection Officer first so that we can address your concerns. You may also lodge a complaint with the Malaysia Personal Data Protection Commission (PDPC) if you are dissatisfied with our response.

Cookies

Cookies are small text files stored on your device when you visit a website. They are used to ensure the website functions properly, to remember certain user preferences, and, where applicable, to help analyse how the website is used.

Cookies may be placed directly by Redion (first‑party cookies) or by service providers acting on our behalf (third‑party cookies). On this website, cookies are used solely for technical and audience measurement purposes, as detailed below.

Strictly Necessary Cookies

Strictly necessary cookies are essential for the operation of the website. They enable core functionalities such as language selection and basic technical configuration.
These cookies are automatically set and cannot be disabled, as the website would not function correctly without them. They do not store information allowing the direct identification of users.

Cookie name	Cookie provider	Type	Purpose
pll_language	www.Redion.com	First‑party	Stores the user’s language preference
stg_last_interaction	www.Redion.com	First‑party	Technical cookie used by Piwik PRO Tag Manager to manage interactions
stg_returning_visitor	www.Redion.com	First‑party	Determines whether a visitor is new or returning for technical and configuration purposes

Analytics Cookies (subject to your consent)

Analytics cookies are used to collect aggregated information about how visitors interact with the website, such as pages visited, time spent on the site or traffic sources.
These insights help us understand website usage and improve its performance and content.

Analytics cookies are only placed if you explicitly consent via the cookie banner. If you refuse these cookies, no audience measurement data will be collected.

Cookie name	Cookie provider	Type	Purpose
_pk_id.*	www.Redion.com	First‑party	Stores a unique visitor ID used for audience measurement
_pk_ses.*	www.Redion.com	First‑party	Used to temporarily store session data for analytics purposes
stg_traffic_source_*	www.Redion.com	First‑party	Identifies the source of website traffic for analytics reporting

Managing your cookie choices

You can manage your preferences for analytics cookies at any time using the cookie banner displayed on the website.

In addition, most web browsers allow you to control cookies through their settings, including deleting existing cookies or blocking new ones. Please note that restricting certain cookies may impact your browsing experience.

Further information on how we process personal data is available in this Web Privacy Notice.

Privacy notice update: May 2026