דלג לתוכן

Privacy and Information Security Policy

 

The Migdal Group includes, for the purposes of this policy, the Migdal Insurance Co. Ltd. an
Migdal Makefet Pension and Provident Funds Ltd. (hereinafter "Migdal Group" or "the Group"). This document sets out how Migdal Group uses your personal information and how you can exercise your rights. When you enter the website, you consent to the said use of the information collected.
It should be noted that there are instances in which you are not legally obligated to provide the information, but if you do not, you will be prevented from receiving service or you will compromise our ability to provide you with service, because the information is necessary for that service. Conversely, there are instances in which you are legally obligated to furnish the information, such as instances in which the insurance and financial services laws require that the information be provided.

Collecting Information
The Migdal Group collects different types of information. The following types of information are collected, among others (depending on the need and type of product or plan in question):
• Essential contact details to establish communication with you.
• Contact information (including telephone number, physical address and email address), full name, ID card number, driver's license number, various dates (including date of birth), and details about your workplace, gender, and personal status.
• Details about your education, occupational background and professional training.
• Financial information, bank account details, means of payment details, information about income, and information about assets.
• Medical information.
• Passwords and other information collected to identify you for the purposes of information security.
• Videos and recordings of phone calls or calls via the Internet (including video calls).
• Information received by the Migdal Group from third parties, including information from databases owned by the State and information available to the Migdal Group by law.
• The Migdal Group may also receive information from third parties if you choose to sign up to a specific service that incurs transfer of continuous information to the Group.
• Information about the end-user device used to browse the website or app, or that you used in order to contact the Migdal Group.
• Information about your actions on the website or in the app, including the pages you visited, the duration of the visit, plus information about your actions on other sites in which the Migdal Group displays marketing publications.
• Information that you give the Migdal Group in your queries in the various communication channels (including the website, the app, sales and service centers, plus information that you give agents, employers, consultants and marketers).
Note that in the event of information given on third parties (for example: if you are an agent or a consultant - information about customers; if you are a customer - information about a family member; if you are an employer - information about an employee), you are responsible for obtaining their consent to this effect and to that stated in this document.
How the Information is Used

The Migdal Group uses information primarily to provide the services offered by it, but the Group will also use the information in order to:
• Contact you and others about the Group's products and services.
• Send you information that the Group is required to send you by virtue of the law that applies to it.
• Handle your inquiries pertaining to your rights and to the products or services that you purchased.
• Comply with the provisions of the law that apply to the Group, including judicial orders or demands from the authorities (Israeli or foreign), comply with provisions by virtue of procedures and audits applicable to the Group, and implement the Group's policy.
• Improve the service, and analyze and enhance the user experience in the Group's various channels.
• Conduct statistical analyses and processing, research and surveys, including the use of advanced data analysis tools along with big data analysis and computer learning.
• Protect the legitimate interests and rights of the Group and third parties.
• Prevent fraud.
• Publish and market the Group's products and services, or the products and services of third parties marketed in collaboration with the Group, by the Group, or anyone on its behalf, including personalized advertising using various means, including electronic mail, SMS messages, fax, and recorded messages. You can remove yourself from the mailing (including direct mail) by contacting the Customer Service Center at 03-9201010, or by email ___________ or via your personal zone on the website in the "Update Details" tab, or as stated in the mailing itself. Note that even after your request to be removed as aforesaid, the Group may continue to send you mail that the law requires it to, or allows it to send you even without your consent.

Transfer of Information to Third Parties
The Migdal Group may transfer personal information to third parties. Transfer of the said data shall be in accordance with the law, in accordance with your permissions and in accordance with this document, depending on the individual circumstances of each case. The Group may also transfer information to third parties located abroad, including countries in which the level of protection of personal data is inferior to that stipulated by Israeli law.
In this framework, the Group may transfer information to third parties such as:
• An insurance agent and/or an agent with a pension license that you chose to engage.
• Employers.
• Pension fund administrators.
• Reinsurers.
• The Group's suppliers and subcontractors, in a variety of fields, including information systems, cloud computing, printshops, mailing services, surveyors, consultants, physicians, investigators, lawyers, accountants, translators, customer service centers, communications providers and providers of other services.
• Business partners, such as advertising agencies and providers of marketing related services.
• Authorities, courts or other bodies to whom the Group may be required to transfer information by law.
• Subsidiaries and/or related companies of Migdal Insurance and Financial Holdings Ltd.
• Other body, in the framework of the sale of the Group's business (all or some), including negotiations for the said sale, or in the framework of restructuring, merger or other transaction pertaining to the transfer of, or change in, the Group's business. In the transfer of information of the aforementioned type, the recipient of the information will be subject to the rules that apply to the Group in respect of the processing of the personal information.
The Right to Review and Correct Information
You have the right to request to review the personal information stored about you (as defined in the law) and to correct it in certain instances.
If you are a customer of the Group, you can review the information, and in some instances request that it be corrected or erased:
• Via the Update Details page in your personal zone on the website. To access this page, you will receive a secret code via your mobile phone or via your electronic mail address currently stored in the Group's systems.
• By contacting the Customer Service Center at the following link https://www.migdal.co.il/support/claims/centers/.
If you are a private individual that is an agent or consultant of the Group, you will be able to request to review the information, and in some instances request that it be corrected or erased, via the email address sochnim@migdal.co.il or by calling the telephone number 076-8867979.
If you are a private individual that is a supplier/provider or business partner of the Group, you will be able to request to review the information, and in some instances request that it be corrected or erased, by calling the telephone number 076-8865395.
For requests to review and to make corrections, we will ask you to provide certain identifying details.
The aforesaid notwithstanding, we wish to notify you that, according to the provisions of the law, the Group is required to store some of the information about you, and it may be required to store that information even if you asked to erase it.
Cookies and Other Means of Automatic Data Collection
During your visit to the Group's website and use of its app (even if you do not personally identify yourself as a customer of the Migdal Group), information about you will be collected by various means, including web beacons, pixel files and cookies. The said information includes information about the end-user device you browsed from, IP address, how long you spent on the site or on a specific page, location, etc. A cookie is a piece of information that is sent from the website and/or from the app to the visitor/ user's computer (or other end-user device, such as a tablet or phone) and stored on the visitor/user's end-user device. Cookies are used, among others, to track repeat visits to the website and to the app for statistics purposes, including analysis of how the website and app are used, and for the Group's marketing campaign metrics. In addition to that, the data collected by these tools will be used to display ads and the Group's product and service offerings, including personalized ads during your visit to the website and/or to other websites. The Group also uses cookies to cross reference information collected about you on the website's general pages (that are not in your personal zone on the website) with other information collected about you during your use of the Group's services, in order to identify you as a customer of the Migdal Group as well as for other purposes, as specified in this privacy policy.
In this context, note that the Migdal Group also uses the collection technologies of third-parties such as Facebook, Google and Taboola, as well as Google and Facebook's statistics and personalized ads services. Third-parties, such as Facebook, Google and Taboola, may also use means of collection such as cookies in order to collect information from the Group's website or app and from other places on the Internet for metrics purposes and for the purposes of their personalized ads, in accordance with their privacy policy or other documents that may apply to you, for example: because you opened an account with them. You can find more information about cookies and how third parties use data collected via them in the privacy policy of
Google (privacy-policy/?utm_source=google),
Google Analytics (www.google.com/policies/privacy/partners/)
Facebook (https://www.facebook.com/policy.php)
Taboola - (https://www.taboola.com/policies/cookie-policy)
as well as find information on how to opt out of them:
https://tools.google.com/dlpage/gaoptout,
http://www.aboutads.info/choices,
http://www.youronlinechoices.eu/
https://www.taboola.com/policies/privacy-policy#user-choices-and-opting-out
You will be able to cancel data collection by means of cookies by changing your web browser settings or by changing the operating system settings of the end-user device in your possession. On smartphones, you can restrict use of the device ID for advertising purposes. Note that restricting cookies may impact your user experience on the Group's website or in the app.

Security and Confidentiality
The Migdal Group protects the confidentiality of the data collected about customers, using advanced security technologies. Personal information security on the website and in the app is designed to ensure identification of the customer and encryption of the identifying data transferred during the process. Therefore, before you receive services that involve your personal information, we will ask you to specify your personal identification details as a precondition for receiving the service. Communication between the customer's web browser and the Migdal Group server is encrypted and secured using encryption methods commensurate with the standards practiced by websites that seek to prevent data being transferred being exposed to other web users.
The Migdal Group employs advanced secure environment technology, and accordingly, the Migdal Group server does not have direct access to the Internet, but instead, is isolated from it by several layers of protection. The Migdal Group stays abreast of software and hardware technology developments in order to provide customers with the best possible protection against intrusions and breaches. Any entity that penetrates the site or makes unauthorized use of it will bear full responsibility for its actions.
The Migdal Group recommends not accessing its sites via public networks or via networks whose security cannot be relied upon.

Registration and Passwords
So long as you have a username and password in order to use the website and/or the app, you undertake to keep them confidential, and to use them only for your identification and for your personal use of the website and/or app, and undertake not to transfer them to any third party whatsoever. The Group will not bear any responsibility whatsoever for any
damage as shall be caused by an unauthorized entity.

Precautions Against Online Fraud
The Migdal Group, like many other financial bodies worldwide, is a target for fraud attempts by hostile elements. These elements employ sophisticated methods to collect customer data by means of email messages containing a link to fake websites. This threat necessitates taking of precautions both by the Migdal Group and by its customers, agents, consultants, suppliers/providers, and third parties that work with it. Below is a set of rules and recommendations to help you maintain and protect your privacy:
• It is advisable to refrain from accessing your personal zone on the Migdal Group website from a public computer such as an Internet café, shared computers, etc.
• Do not disclose information, including username, password, or any other personal information in an SMS or WhatsApp or email message or in a phone call unless this has just been preceded by a communication with an official representative of the Group.
• Make sure that the sender's address is one that you recognize, and check that the address belongs to Migdal's set of online addresses, such as: https://www.migdal.co.il, and that the Migdal address is correctly spelled, without any minor errors, such as the adding or switching of a letter.
• Check the contents of the message. Is it written in Hebrew? Does it use proper language, without textual and/or spelling errors. Email written in poor language or in a different language to that which the Group usually corresponds with you should be deemed suspicious.
• It is advisable to type in the Migdal Group website URL (address) directly, or to check the URL in the link to the extent possible, and to make sure that you recognize it and that it is written correctly.
• A link received in an email can be checked by hovering with the mouse over it, which displays the destination URL. After you access the website, check that a lock symbol appears in the website URL (address) line and that the prefix of the encrypted protocol https: is displayed.
• Also pay attention to email, SMS and WhatsApp messages that you receive on your mobile phone containing a link to the Migdal Group websites, and obviously to suspicious email, SMS and WhatsApp messages you receive that claim to be from the Group.
• It is advisable to install software to protect your personal computer and mobile phone device and to ensure that the operating system and means of protection are kept up-to-date.
• Signs of untrustworthy messages include:
- Email messages expressly requesting that you send your login details by email.
- Messages in an urgent tone, urging the customer to provide/ update his/her details in the Migdal Group's records (by email or via the purported Migdal Group website), and threatening impairment of the service provided if the request is not complied with, as well as messages designed to instill trust and that call on you to change your password urgently or to feed in other sensitive information.
- Messages with spelling errors (these errors help messages bypass content filtering mechanisms generally found in big companies).
Whenever you go to a website and/or app via a link in an email message, make sure that you have indeed reached the Migdal Group website, because in the case of fraud, use is made of fake websites that look like an exact replica of the official insurance company's website.
When an email message looks suspicious, do not click on the link inside it. If your suspicions are aroused about any email message you receive from the Migdal Group, notify the support center immediately at the following telephone number: 03-9201010.
For more information on how to identify and watch out for online phishing fraud, see:
https://www.migdal.co.il/support/phishing

Security Cameras
Closed-circuit television cameras are installed at the Group's brick and mortar sites for security purposes. The information recorded by the cameras is stored for 30 days. The Group's Chief Security Officer Adi Shalev is in charge of this issue. In times of need, email the security desk at mokeds@migdal.co.il or call 074-7685049.p

General
The Migdal Group reserves the right to change and update this policy from time to time. Such updates will be published on the website and will be binding upon their publication.