This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.
We are confidently,
Confidential
Keeping our clients data
secure is our priority
Privacy Notice
Who we are
Botsogo Health Plan (Botsogo) will maintain the confidentiality of your personal data and comply with the Data Protection Act of 2024 (DPA) when processing your personal data.
This notice applies to Botswana entities within the Momentum Group Limited, its subsidiaries, operating divisions, business units, licensed entities, management-controlled entities and activities.
Botsogo provides, among others, the following products and services:
- Health Benefits
- Medical Schemes
The purpose of the notice
The purpose of this notice is to inform Botsogo clients about the type and use of personal data the company collects, the ways in which it is collected, the sharing, protection, and storage thereof.
What is personal information?
The term ‘personal data’, as used in this notice, applies to data that may be used to identify an individual.
DPA defines personal data as “Information relating to an identified or identifiable individual, which individual can be identified directly or indirectly, in particular by reference to an identification number, or to one or more factors specific to the individual’s physical, physiological, mental, economic, cultural or social identity”.
Examples of personal data include, but are not limited to, contact information, financial information, information relating to race, gender, sexual orientation, age, physical or mental health, well-being, disability, religion, conscience, belief, culture, language, and birth of the person.
What type of personal data does Botsogo collect?
After obtaining consent, the personal data collected or held by Botsogo may be used, stored, transferred, or disclosed or shared for the following purposes:
How does Botsogo collect personal data?
The company collects information either directly from you, the data subject, the employer or through financial services intermediaries. In certain instances, Botsogo may appoint third parties to collect information on its behalf. The source from which personal data was obtained, if not directly from the data subject, will be disclosed.
Use of personal data
The company collects information either directly from you, the data subject, the employer or through financial services intermediaries. In certain instances, Botsogo may appoint third parties to collect information on its behalf. The source from which personal data was obtained, if not directly from the data subject, will be disclosed.
- Providing quotations, for underwriting and processing insurance applications
- Processing insurance claims
- Providing on-going administration services for the duration of the contract
- Fulfilling a transaction on request of a data subject
- Complying with applicable laws and regulations
- If permission is given, Botsogo may use your personal or other information to tell you about products, services and special offers from the company or other subsidiaries of Momentum Group.
Note: A full list can be obtained in the Public Privacy Policy
Sharing of personal data
Botsogo will only share your personal data with third parties if you have consented to such disclosure. If consent has been obtained, the company may share your personal data with persons or organisations within and outside of the Momentum Group. If necessary, we will ask the party to whom we transfer your personal information to agree to our privacy principles, associated policies, and practices.
Where Botsogo discloses personal data to intermediaries, other financial institutions, insurers or any other third parties, the third parties will be obliged to use that personal data only for the reasons and purposes it was disclosed for. Botsogo may be obliged to disclose your personal data to the extent that it is required to do so by law, in connection with any legal proceedings or prospective legal proceedings, or for the purposes of protecting the interest of clients, for example fraud prevention or to give effect to an agreement.
Securing personal data
Botsogo will take all reasonable technical and organisational precautions to prevent the loss, misuse, or alteration of your personal data. The company will store all the personal data in secured environments, for example on secured servers in a protected data centre.
How you can review and correct your personal data
You can request to review your personal data contained in Botsogo’s records at any time to correct or update the information. If the purpose for which your personal data was requested initially does not exist anymore, for example, you no longer have a contract with it, you may request information held by the company to be removed. However, Botsogo can decline your request to delete the information from its records if other legislation requires the continued retention thereof or if it has been de-identified.
Your Rights
We will take note of your rights under applicable privacy and data protection laws, especially your right to object, on reasonable grounds, to certain types of processing.
Updating of this processing notice
Botsogo may update this notice periodically and an updated version may be requested, for example through a postal request or through an email notification addressed to the contact details provided below.
Managing Data Privacy at Metropolitan Board Level and Reporting Frequency
The Metropolitan Board Audit and Actuarial Committee (BAAC) is a sub- committee of the Board that is accountable to address and manage the risk of data privacy and cyber security. The BAAC follows the board cycle and convenes on a quarterly basis. The Metropolitan Botswana Chief Risk Officer provides guidance and input regarding appropriate Risk Management.
Employee Training on Cyber Security and Data Privacy
Employee Training on Cyber Security and Data Privacy forms part of ongoing compliance training. Cyber Security training is currently further required as a basic compliance training that all employees must complete. As part of the DPA management programme, there is a specific focus on training, awareness as well as communication that will cover data privacy, data security and more detailed cyber security training as mandatory compliance training to all staff. The DPA management programme is actively managed at Momentum Group level with participation of all business entities and subsidiaries of the Momentum Group.
Centralised Cyber Security and Data Security Functions and Coordination
To deal with Cyber Security and Data Privacy, two separate centralised functions exist within MomentumGroup. The IT Security environment includes managing cyber security as a capability and the Data Management environment deals with the aspects of data privacy and extended data security and privacy which is enabled through IT security.
Privacy Policy
Our Privacy Policy governs the manner in which Botsogo treats your personal data, collected electronically when you use our website, to apply online for certain products and services, contact us electronically or register for one of the services we offer on the website.
If you have any questions about this notice or Botsogo’s treatment of your personal data, please address an email to
dataprivacy@metropolitan.co.bw
dataprivacy@metropolitan.co.bw