Privacy Statement
This is the Privacy Notice (the “Notice”) of Roanoke International Brokers (MENA) Limited (“RIBL MENA”, “us”, “we” or “our”). RIBL MENA is licensed by the Dubai Financial Services Authority to undertake insurance intermediation and insurance management from the Dubai International Financial Centre (“DIFC”). We are owned by Munich Re Specialty Group.
In order to arrange reinsurance cover and provide policy administration, and throughout the insurance lifecycle, RIBL MENA and other participants in the value chain are required to use and share personal data. We are committed to protecting your privacy and processing personal data in a fair, lawful and transparent manner.
This Notice sets out RIBL MENA’s use of personal data and the disclosures it makes to other insurance market participants and other third parties from its office in the DIFC and in compliance with the Data Protection law, DIFC Law No.5 of 2020 (the “DP Law”) as amended.
RIBL MENA is the data controller in respect of the personal data it receives in connection with the services provided under the relevant engagement with its clients.
The Data Controller for RIBL MENA is:
Roanoke International Brokers (MENA) Limited
Unit 206
Level 2, Currency Tower 2
Dubai 506518
United Arab Emirates
Tel: +971 569 960 464
Email: info@roanokebrokers.com – please state if your query relates to RIBL MENA
https://www.roanokebrokers.com/mena/
Our Data Protection Officer is located at our Head Office in London, details are below:
The Data Protection Officer for RIBL MENA Limited is:
The Data Protection Officer
Roanoke International Brokers (MENA) Limited
1 Fen Court
London
EC3M 5BN
Tel: +44 (0) 20 7886 3800
Email: p0060010183@munichre.com
Please contact the Data Protection Officer if you have questions concerning this Notice or your data subject rights. These include:
- Subject Access Request: To request access to your personal data and information around its processing.
- Data Portability: The transfer of your personal data to another Data Controller.
- Erasure: To have your personal data removed or deleted.
- Rectification: To have your personal data corrected if it is inaccurate.
- Restrict Processing: To restrict processing where your personal data is inaccurate or the processing is unlawful.
- To object to direct marketing (NOTE: we do not do direct marketing).
- To withdraw consent where we have used consent for processing personal data.
If you are unhappy with any response or have a complaint. You can raise this with:
By phone:
+971 4362 2222
By email:
commissioner@dp.difc.ae
By post:
DIFC Commissioner of Data Protection
The Gate, Level 14,
PO Box 74777
DIFC, Dubai, UAE.
Personal Data that We Process
We collect and process the following personal data:
- Individual details: name, address (and proof of address), other contact details (e.g. email and telephone details), gender, marital status, family details, date and place of birth, employer, job title and employment history, relationship to the policyholder, insured, beneficiary or claimant, images;
- Identification details: identification numbers issued by government bodies or agencies (e.g. depending on the country of residence, social security or national insurance number, passport number, ID number, tax identification number, driver’s licence number);
- Financial information: payment card number, bank account number and account details, income and other financial information;
- Insured risk: information about the underlying insured risk, which contains Personal Data and may include, only to the extent relevant to the risk being insured:
- Health data: current or former physical or mental medical conditions, health status, injury or disability information, medical procedures performed, relevant personal habits (e.g. smoking or consumption of alcohol), prescription information, medical history;
- Criminal records data: criminal convictions, including driving offences; and
- Special categories of Personal Data: racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning an individual’s sex life or sexual orientation;
- Policy information: information about the quotes individuals receive and the policies they obtain;
- Credit and anti-fraud data: credit history and credit score, information about fraud convictions, allegations of crimes and sanctions details received from various anti-fraud and sanctions databases, regulators or law enforcement agencies;
- Previous claims: information about previous claims, which may include health data, criminal records data and other Special Category Data;
- Current claims: information about current claims, which may include health data, criminal records data and special categorydata;
- Website and communication usage: details of your visits to our websites and information collected through cookies and other tracking technologies, including, but not limited to, your IP address and domain name, your browser version and operating system, traffic data, location data, web logs and other communication data, and the resources that you access.
Sources of Personal Data
We collect and receive personal data from various sources, including (depending on the service we are seeking to provide or are providing and the jurisdiction):
- The reinsured and other insurance market participants, such as reinsurers and other intermediaries.
- In the event of a claim, claims forms, third parties including the other party to the claim (claimant/defendant), witnesses, experts (including medical experts), loss adjusters, lawyers and claims handlers.
- Anti-fraud databases and other third party databases, including sanctions lists.
- Government agencies and court judgments.
- Business information and research tools.
- Third parties who introduce business to us.
How We Use and Disclose your Personal Data
In this section, we set out the purposes for which we use personal data as follows:
Quotation/Inception:
- Establishing a client relationship, including fraud, anti-money laundering and sanctions checks.
- Checking credit where we are taking any credit risk.
- Evaluating, underwriting and pricing the risks to be covered and matching to appropriate reinsurer, reinsurance policy and premium.
Policy Administration and Client Management:
- General client care, including communicating with clients and experience analysis.
- Collection or refunding of premiums and processing and facilitating other payments such as claim payments.
Claims:
- Collecting information in respect of reinsurance claims which are handled by third parties.
Renewals:
- Contacting you in order to arrange the renewal of the reinsurance policy.
List of Grounds that we Rely on for Processing
Any one or more of the following shall be a legal ground for processing personal data and special categories of personal data:
- Data subject has given consent (explicit consent for special category data), to the processing of the personal data for specific purposes.
- Processing is necessary for the performance of a contract to which a data subject is a party, or in order to take steps at the request of a data subject prior to entering into such contract.
- Processing is necessary for compliance with a legal obligation to which we are subject.
- Processing is necessary to protect the vital interests of a data subject or of another natural person.
- Processing is necessary for performance of a task carried out by a DIFC Body in the interests of the DIFC, or in the exercise of a DIFC Body’s powers and functions; or the powers of a third party to whom personal data is disclosed by the DIFC Body; or
- Processing is necessary for the purpose of legitimate interests pursued by us or a third party to whom the personal data has been made available except where such interests are overridden by the interests or rights of a data subject.
In addition, for special categories of personal data, there are additional grounds as follows:
- Processing is necessary in relation to legal claims.
- Processing is necessary for compliance with anti-money laundering or counter-terrorist financing obligations or the prevention, detection or prosecution of any crime
Who your data is shared with
The following are data controllers that we share your personal data with:
- Retrocessionaires and reinsurers – including Münchener Rückversicherungs-Gesellschaft Aktiengesellschaft in München;
- Government agencies and regulators;
- Legal advisers;
- Service providers.
The following are data processors that we disclose your personal data to:
- Third Parties providing services for banking, claims handling, insurance administration and IT services.
Please contact the Data Protection Officer (p0060010183@munichre.com) if you require further information on who your personal data is shared with.
Special Categories of Personal Data and Criminal Data
We use or disclose to third parties (such as intermediaries and reinsurers) special categories of personal data for the reasons set out above.
Before you provide us with special categories of personal data about a person other than yourself, you agree to notify such person of our use of their personal data and to obtain their consent to our use of their special categories of personal data (for example, by requiring the individual to sign a consent form).
Protection of your information
Your privacy is important to us and we follow strict security and organisational procedures in the processing, storage, destruction and disclosure of your information. This is to prevent unauthorised access or loss of your information.
Cookies
We may use the IP address information to monitor and analyse how our site is being used. Individuals are not identified and we do not use cookies for research. We will not disclose without your consent any personal data we collect about you when you visit our website to a third party outside the Munich Re Specialty Group.
If you submit any personal data to us through the contacts given on the website, we will only use this information without your prior consent to respond to your request, comments etc. We will also use your personal data for any subsequent communications that take place between us in this regard.
Third party websites, i.e. websites that are the responsibility of other organisations are not covered by our Cookie Notice.
Please refer to our Cookie Notice to understand what cookies we use and what information is captured.
Data Retention
Your personal data will only be kept for as long as it is necessary for the purpose it was collected for unless there is a legal obligation for us to keep the data for longer.
Transfer of Data
In order to provide our services, we transfer data outside of the DIFC to jurisdictions which have an adequate level of data protection.
You can find out the details about any party we have shared your personal data with by contacting the Data Protection Officer at the address provided at the top of this privacy notice.
Changes to this Roanoke International Brokers (MENA) Limited – Privacy Notice
If we make changes to this privacy notice that affects how we process your information, we will revise the notice and publish it on our website.