Personal Data Privacy Policy: CXA Group - Asia’s first Employee Benefits, Flex & Wellness Marketplace

Personal Data Privacy Policy


As a part of ConnexionsAsia Pte. Limited's (Singapore registration no.: 201303355E) (CXA's) commitment to act with integrity and respect individual privacy, we protect the personal data of our stakeholders, including employees, customers, shareholders, partners, suppliers and other individuals who trust us with information.

A reference to CXA includes a reference to its affiliates and group companies. Personal data includes any information, which identifies or locates an individual, or is capable of doing so.

To be a trusted business partner, CXA continually strives to protect personal data in accordance with applicable laws and regulations and industry standards including the Singapore PDPA and US HIPAA. To that end, this policy guides how CXA collects, uses, stores, transfers and secures personal data.


CXA obtains personal data only for business-related purposes, which may include, but are not limited to, designing, developing, selling and deploying of health benefits and wellness products and providing related support and other services, providing employee benefits, acquiring information as legally required and providing consultancy or advisory services to operators and other customers for employee benefits and wellness.

We work to ensure that personal data is accurate, complete and reliable for its intended use. Individuals have the right to review, request updates to, withhold or limit transfer of personal data, as necessary and reasonable.

CXA protects personal data from loss, misuse, or unauthorized access, disclosure, alteration or destruction. We store personal data, regardless of its form, with security procedures appropriate to the sensitivity of the data. Records which may contain personal data are retained and destroyed by CXA in accordance with the company’s Record Retention Policy A separate privacy policy guides CXA treatment of information, correspondence and software exchanged through CXA websites. A copy of the CXA Privacy Policy is available at

Disclosure to Third Parties

CXA does not sell, rent or lease personal data, or disclose it to third parties unless there is a valid reason for doing so. In order to meet the needs of our stakeholders, we may share information with third-party business partners. When we do so, the companies are required to protect personal data. CXA will adhere to all applicable laws and require our third-party partners to do the same.

CXA may provide personal data without express written permission, if allowed under applicable laws, in circumstances that include, but are not limited to:

  1. Requests from governmental agencies, subpoenas, court orders or other legal requirements. In these circumstances, CXA will make every effort to limit the nature of the disclosure.
  2. Limited employment status data (including dates of employment and positions held) in the course of an employment-related inquiry.
  3. Emergency situations as necessary to ensure health and safety.

Do-Not-Call Registries

In your dealings with CXA, you may have provided consents for CXA to collect, keep and use your personal data and to contact you for providing health and wellness information and for claims, underwriting and related purposes. These consents apply even if your mobile or other contact numbers are listed with the Singapore Do-Not-Call registry (or any other similar registries or services), and will override the DNC or similar listings. Your consents apply to all your dealings with CXA, including through mobile apps, Internet portals and any other electronic systems or properties.

Contacting Us – Withdrawal of Consent, Access and Correction of your Personal Data

If you:

  1. have any questions or feedback relating to your Personal Data or our Privacy Policy;
  2. would like to withdraw your consent to any use of your Personal Data as set out in this Privacy Policy; or
  3. would like to obtain access and make corrections to your Personal Data records, please contact us as follows:

Call: 6659 8082
Write in: Data Protection Officer, CXA, 401 Commonwealth Drive, #05-03/05 Haw Par Technocentre, Singapore 149598

If your personal data has been provided to us by a third party (e.g. your employer or your doctor), you should contact that party to make such queries, complaints, and access and correction requests to CXA on your behalf.

If you withdraw your consent to any or all use of your Personal Data, depending on the nature of your request, CXA may not be in a position to continue to provide its products or services to you, or administer any contractual relationship in place. It may also result in the termination of any agreements with CXA, and your being in breach of your contractual obligations or undertakings, and CXA’s legal rights and remedies in such event are expressly reserved.


MANAGEMENT: Management is responsible for enforcing data privacy rules. The Corporate Privacy Officer, Information Technology and Human Resources Departments have additional responsibilities for helping to protect personal data.

EMPLOYEES: Employees are responsible for following data privacy laws and complying with this policy. Employees must report any violations of this policy to the Corporate Privacy Officer as soon as they are aware.

A copy of this policy is publicly available on


If your insurer is Income, you agree to its personal data collection statement here.