We are committed to:
This Business privacy notice explains how and why PartnerRe Ltd, its subsidiaries and affiliates (“PartnerRe”, “we” or “us“) collect and use personal data when we provide our services as a reinsurance business. A full list of all PartnerRe entities is available at https://partnerre.com/offices/.
In this privacy notice:
you or your, refers to
There are other terms in bold with specific meanings. Those meanings can be found in the Glossary here.
PartnerRe Ltd. is a leading global reinsurer that helps insurance companies reduce their earnings volatility, strengthen their capital and grow their businesses through reinsurance solutions. Risks are underwritten on a worldwide basis through the PartnerRe‘s three segments: P&C, Specialty, and Life and Health.
Reinsurance is insurance that is purchased by an insurance company. In the classic case, reinsurance allows insurance companies to remain solvent after major claims events, such as major disasters like hurricanes and wildfires. The company that purchases the reinsurance policy is called a “ceding company” or “cedent” or “cedant” under most arrangements. The company issuing the reinsurance policy is referred simply as the “reinsurer“.When a reinsurer purchases insurance from a further reinsurer, this is called retrocession and the further reinsurer is referred to as the retrocessionaire.
In order to obtain reinsurance or retrocession, information, including your personal data, needs to be shared between different insurance market participants.
PartnerRe is committed to safeguarding that information.
This privacy notice is designed to provide compliance with the EU General Data Protection Regulation.
Where relevant applicable local regulations require stricter standards than those described in this privacy notice, we will ensure compliance with those stricter standards.
If applicable law provides for a lower level of protection of personal data than that established by this privacy notice, then this privacy notice shall prevail.
The type of personal data we may collect and process may include any of the below (where permitted by law):
|Types of Personal Data||Details|
|Name, address (including proof of address), other contact details (e.g. email addresses and telephone numbers), gender, marital status, date and place of birth, age, nationality, height and weight, leisure activities and interests|
|Your family health or morbidity history, number of children and name, age and gender of children, your dwelling type|
|Identification details ►||Identification numbers issued by government bodies or agencies, including your social security number (or local equivalent), passport number, tax identification number and driving license number|
|Employment and experience information ►||Your employment history, employer, job role, salary, employment benefit options, educational background and any professional licenses and qualifications|
|Financial information ►||Bank account or payment card details, income, investment/savings or other financial information including household income, home valuation and household demographics|
|Information about you which we need to collect in order to assess the risk to be insured and provide a quote. This may include data relating to your health, criminal convictions, or other special categories of personal data. For certain types of policy, this could also include telematics data.|
|Information about the quotes you receive and policies you take out|
|Credit and anti-fraud data ►||Credit history, credit score, sanctions and criminal offences, and information received from various anti-fraud databases relating to you|
|Previous and current claims ►||Information about previous and current claims, (including other unrelated insurances),which may include data relating to your health, criminal convictions (but only where it is lawful to collect this data), or other special categories of personal data and in some cases, surveillance reports|
|Special categories of personal data ►||Certain categories of personal data which have additional protection under the GDPR. The categories are health (such as your and your family medical history, genetic test results and information, prescription history, death certificate and reports on medical diagnoses, tests and treatment), criminal convictions (but only where it is lawful to collect this data), racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric (fingerprint and voiceprint), or data concerning sex life or sexual orientation|
We might collect your personal data from various sources, including:
Which of the above sources apply will depend on your particular circumstances.
With the exception of a Business Partner’s employee, we do not normally collect personal data from you directly. There might be instances where certain tools allow for data supplied by you directly to the insurer to be automatically provided to us. We may also collect personal data if you voluntarily supply it to us, for example by sending us an email.
We may use your personal data:
We are committed to processing your personal data fairly and lawfully and only to the extent necessary to achieve the purposes listed above.
We must have a legal basis to process your personal data. In most cases, our ability to obtain and process your personal data is based on one of the following legal bases:
|For processing personal data|
|Compliance with a legal obligation ►||Processing is necessary for compliance with our legal obligation, such as due diligence and reporting obligations, and responding to requests from our regulators.|
|For our legitimate business interests ►||Processing is necessary to meet our legitimate interests and the legitimate interests of our clients for example to provide our services to clients, to improve our services, to ensure we price our products appropriately, to manage risk, to manage our business efficiently, to perform audits, and to maintain accurate records.|
|For processing special categories of personal data|
|Your explicit consent ►||Where consent is legally required to process special categories of your personal data, your insurance provider (or the organization that collected your personal data) will obtain consent from you.|
You are free to withdraw your consent at any time without affecting the lawfulness of processing based on consent before its withdrawal by contacting the organization that collected your personal data. Withdrawal of this consent may however prevent us from continuing to provide the services to the insurance market participant and thus indirectly to you.
|For legal claims ►||Processing is necessary for the establishment, exercise or defense of legal claims or whenever courts are acting in their judicial capacity.|
|Local law authorization ►||Processing is otherwise authorized by local law.|
|For statistics ►||Processing is necessary for compiling (re)insurance specific statistics, analytics and actuarial calculation (for example for the development of new products, tariffs)|
We may share your personal data with third parties under the following circumstances:
We may need to transfer your personal data to recipients located in countries outside the European Economic Area (EEA). These countries’ data protection laws may not offer the same level of protection for personal data as offered in the EEA.
Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections as EEA data protection laws. In such cases, EU data protection laws allow PartnerRe to freely transfer your personal data to such countries.
If we transfer your personal data to other countries outside the EEA, we will establish legal grounds justifying such transfer, such as model contractual clauses, Binding Corporate Rules, individuals’ consent, or other legal grounds permitted by applicable legal requirements.
For more information on the appropriate safeguards in place, please contact us at the details contained in the “Contact us” section below.
We will keep your personal data only for so long as is necessary and for the purpose for which it was originally collected and any other permissible, related purpose. Beyond that, we retain personal information for a period of time that reasonably allows us to investigate, commence or defend legal claims brought by or against us or our clients, comply with our regulatory obligations and conduct analysis.
We securely destroy personal data when its retention period has expired. We may retain aggregated or anonymised data (which is not treated as personal information under this privacy notice) for longer.
We implement technical and organisational measures to ensure a level of security appropriate to the risk to the personal data we process. These measures are aimed at ensuring the on-going integrity and confidentiality of personal data. We evaluate these measures on a regular basis to ensure the security of the processing.
We might collect your Personal Data and compile the information received about you to analyze and predict aspects concerning your personal characteristics (such as but not limited to risk, behavior, preferences) as an insurance buyer, claimant or beneficiary of an insurance cover. We may automatically process your Personal Data using software.
Automated decision making
We currently do not take any automated decisions that will affect your ability to obtain or claim for insurance cover with our client. Nevertheless, your Personal Data may be used to derive profiles as described above. These profiles may become the basis of automated decision making.
If you have any questions in relation to the use of your personal data, or would like to exercise any of the following rights, you should first contact the data protection contact of the relevant participant (as specified under IDENTITIES OF DATA CONTROLLERS SECTION). Under certain conditions, you may have the right to ask us to:
In certain circumstances, we may need to restrict the above rights in order to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege).
If you are not satisfied with our use of your personal data or our response to any request by you to exercise any of your rights in YOUR RIGHTS SECTION, or if you think that we have breached the GDPR, then you have the right to complain to your local supervisory authority (i.e. the supervisory in the jurisdiction where you live or work) or the supervisory authority of the jurisdiction where you believe an infringement of data protection laws has occurred. Each supervisory authority may have a difference process for lodging complaints so we encourage you to contact the relevant supervisory authority first to check this.
The insurance lifecycle involves the sharing of your personal data between insurance market participants, some of which (like us) you will not have direct contact with. In addition, your personal data may not have been collected directly by an insurance market participant. You can find out the identity of the initial data controller of your personal data within the insurance market life-cycle in the following ways:
– Where you took out the insurance policy yourself: the insurer and, if purchased through an intermediary, the intermediary will be the initial data controller and their data protection contact can advise you on the identities of other insurance market participants that they have passed your personal data to.
– Where your employer or another organisation took out the policy for your benefit: you should contact your employer or the organisation that took out the policy who should provide you with details of the insurer or intermediary that they provided your personal data to and you should contact their data protection contact who can advise you on the identities of other insurance market participants that they have passed your personal data to.
– Where you are not a policyholder or an insured: you should contact the organisation that collected your personal data who should provide you with details of the relevant participant’s data protection contact.
Where your personal data is processed in connection with the services provided by PartnerRe under an engagement with an insurance market participant, the relevant PartnerRe entity that has entered into such engagement with the relevant insurance market participant shall be the controller in respect of the personal data.
If you have questions or concerns regarding the way in which your personal data has been used, please e-mail us at firstname.lastname@example.org or call or write to us.
Wellesley House South
90 Pitts Bay Road
Phone: +1 441 292 0888
3rd Floor, The Exchange
Phone: +353 1 637 9600
For all other postal addresses, please see https://partnerre.com/.
We may modify or update this privacy notice from time to time.
This privacy notice has been updated on June 25, 2018.
If we make changes to this privacy notice, we will update the date it was last changed and publish the revised privacy notice on our website.
Key insurance terms:
Beneficiary is an individual or a company that an insurance policy states may receive a payment under the insurance policy if an insured event occurs. A beneficiary does not have to be the insured/policyholder and there may be more than one beneficiary under an insurance policy.
Business partners: insurance market participants, lawyers, medical experts, accountants, auditors, loss adjusters, individual representative of corporate service providers, etc.
Claimant is either a beneficiary who is making a claim under an insurance policy or an individual or a company who is making a claim against a beneficiary where that claim is covered by the insurance policy.
Quotation is the process of providing a quote to a potential insured/policyholder for an insurance policy.
Insurance is the pooling and transfer of risk in order to provide financial protection against a possible eventuality. There are many types of insurance. The expression insurance may also mean reinsurance.
Insurance policy is a contract of insurance between the insurer and the insured/policyholder.
Insurance market participant(s) or participants: is an intermediary (broker), insurer, reinsurer, TPA, MGA, MGU, etc.
Insured/policyholder is the individual or company in whose name the insurance policy is issued. A potential insured/policyholder may approach an intermediary to purchase an insurance policy or they may approach an insurer directly or via a price comparison website.
Insurers: (sometimes also called insurance company or underwriters) provide insurance cover to insured/policyholders in return for premium. An insurer may also be a reinsurer.
Intermediaries (brokers) help policyholders and insurers arrange insurance cover. They may offer advice and handle claims. Many insurance and reinsurance policies are obtained through intermediaries.
MGA is a Managing General Agent and in insurance defined legally as an individual or business entity appointed by an insurer to solicit applications from agents for insurance contracts or to negotiate insurance contracts on behalf of an insurer and, if authorized to do so by an insurer, to effectuate and countersign insurance contracts.
MGU in insurance stands for Managing General Underwriter, which is used in life and health companies instead of managing general agent (MGA). The terms are used interchangeably, and there is little real distinction.
Personal Data is any information relating to an identified or identifiable natural person ‘data subject’; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
Premium is the amount of money to be paid by the insured/policyholder to the insurer in the insurance policy.
Reinsurers provide insurance cover to another insurer or reinsurer. That insurance is known as reinsurance.
TPA is a Third-Party Administrator, which is an organization that processes insurance claims or might administer other services such as underwriting, customer service, etc.
We, us or our refers to PartnerRe Ltd, its subsidiaries and affiliates.
You or your, refers to
Key data protection terms:
GDPR is the EU General Data Protection Regulation (Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC).