For visitors, travel, student and other international travel medical insurance.
Visit insubuy.com or call +1 (866) INSUBUY or +1 (972) 985-4400
India
OCI Card
Fields marked as * are required.
Be mindful of CKGS handling of our very private data
Through the application process, CKGS collects a ton of personally identifiable information (PII) that, if stolen and falls in the wrong hands, will wreak havoc in our lives. The PII includes date of birth, name, address, passport number, next of kin, our IP address, domain name of ISP, etc.
And we agree to this by way of using their website. Automatic agreement...
So just out of curiosity, I started digging around their security practices and privacy policy.
I found the privacy policy on its web site at https://www.in.ckgs.us/static/privacy-policy.shtml. There are multiple privacy policies. I only checked the one applicable for CKGS US site.
The good news is the CKGS appears to know and comply with GDPR. If you don't know what GDPR is, it is a law enacted by European Union to burden companies with specific responsibilities regarding handling of personal data they collect about EU citizens.
According to the CKGS's privacy policy, our personal data can be used by Embassy, CKGS, CKGS's Group IT Team, CKGS's external software team, courier services, and other recipients. They don't say who these other recipients are. For its US based web sites, the data can be stored in US or India.
The bad news, CKGS privacy disclosure says it is not liable for our personal information being stolen from its custody. You cannot sue them if your personal data is stolen due to their negligence.
"However, sometimes third parties may unlawfully intercept or access transmissions or private communications and other users may abuse or misuse a user's / users' personal information that they may collect from the website for which CKGS shall not be liable.
Therefore, although CKGS works very hard to protect Applicant’s privacy, it cannot guarantee that personal information or private communications will always remain private and secure. "
How about that!
In case of a breach, will they follow the same GDPR mandated protocol of breach notification to a non-European person? Who the heck knows? Those of us who live outside of the EU will probably never get to know that my data has been stolen. That is unless some newspaper releases that information.
So what can one do? Is there any hope to protect one's personal information?
The policy says that we have the right to opt out. I don't know what that means though. I am going to find out by emailing them.
With that kind of treasure trove of personal data, CKGS website is a ripe target for hackers. I have no idea how good they are at safeguarding the data. More importantly, if hackers get in, they will not be held liable.
So who protects our data?
Got any ideas? Please reply to this thread.
Ciao...
And we agree to this by way of using their website. Automatic agreement...
So just out of curiosity, I started digging around their security practices and privacy policy.
I found the privacy policy on its web site at https://www.in.ckgs.us/static/privacy-policy.shtml. There are multiple privacy policies. I only checked the one applicable for CKGS US site.
The good news is the CKGS appears to know and comply with GDPR. If you don't know what GDPR is, it is a law enacted by European Union to burden companies with specific responsibilities regarding handling of personal data they collect about EU citizens.
According to the CKGS's privacy policy, our personal data can be used by Embassy, CKGS, CKGS's Group IT Team, CKGS's external software team, courier services, and other recipients. They don't say who these other recipients are. For its US based web sites, the data can be stored in US or India.
The bad news, CKGS privacy disclosure says it is not liable for our personal information being stolen from its custody. You cannot sue them if your personal data is stolen due to their negligence.
"However, sometimes third parties may unlawfully intercept or access transmissions or private communications and other users may abuse or misuse a user's / users' personal information that they may collect from the website for which CKGS shall not be liable.
Therefore, although CKGS works very hard to protect Applicant’s privacy, it cannot guarantee that personal information or private communications will always remain private and secure. "
How about that!
In case of a breach, will they follow the same GDPR mandated protocol of breach notification to a non-European person? Who the heck knows? Those of us who live outside of the EU will probably never get to know that my data has been stolen. That is unless some newspaper releases that information.
So what can one do? Is there any hope to protect one's personal information?
The policy says that we have the right to opt out. I don't know what that means though. I am going to find out by emailing them.
With that kind of treasure trove of personal data, CKGS website is a ripe target for hackers. I have no idea how good they are at safeguarding the data. More importantly, if hackers get in, they will not be held liable.
So who protects our data?
Got any ideas? Please reply to this thread.
Ciao...
All Replies (2)
Disclaimer: Please note that the experiences presented are submitted by visitors to our website. Individuals’ experiences may vary, and you should interpret each individual’s experience at your own risk. Do not make a decision solely based on an experience posted here. We do not endorse any individuals’ experiences, and we are not liable or responsible for consequences stemming from your use of the information presented within any individual’s experience.
