At Compre we take our data protection obligations very seriously and the security around that data is very important to us. As we carry on our business, the Compre Group entities in Bermuda and the US, comprising of Compre Group Holdings Limited and its subsidiaries gather and use certain information about individuals as data controllers. Information can be from a range of sources and relate to claimants, policyholders, beneficiaries, reinsureds, third party service providers, suppliers, business contacts, potential business partners and targets, and other people with whom we have a business relationship. In the following, we would like to inform you about the processing of your personal data by Compre Group`s Bermuda and US entities including how we collect and use your personal data, who we share your personal data with, as well your rights in this regard.
The processing of your Personal Data is regulated under different legislation in different locations. Depending on your jurisdiction, some or all of these provisions may apply to you. If you have any questions about what applies in your jurisdiction, please feel free to contact us using the contact details provided below.
At Compre we may collect and use your personal data in our normal course of business for the following purposes:
For Policy administration and Claims processing:
For Business Generation and M&A related activities:
For employment purposes:
For Anti Money Laundering Purposes, Sanctions and Fraud Prevention:
For IT related matters including the management of our website:
The categories of information we collect are:
You may directly provide Compre with the data we collect or we may collect data and process data when you:
Compre may also receive your data indirectly from a number of sources including other insurance and reinsurance companies, legal advisors, brokers, appointed representatives and other business partners.
Where you provide us with personal information of a third party, you should inform them that you are doing so, where possible.
We collect and use Personal Information in accordance with applicable data protection laws and regulations. Depending upon the purpose, our lawful basis will be one of the following:
Within Compre we will make sure to use reasonable measures to protect the personal data. This will include a combination of physical and electronic security measures designed to reduce the risk of accidental destruction or loss, or the unauthorised disclosure or access to such information appropriate to the nature of the information concerned. Measures we take include placing confidentiality requirements on our staff members and Service Providers; destroying or permanently anonymising personal information if it is no longer needed for the purposes for which it was collected. As the security of information depends in part on the security of the computer you use to communicate with us and the security you use to protect User IDs and passwords please take appropriate measures to protect this information.
For the purposes set above, we will sometimes share your personal data with Compre group companies and third parties including:
We may share in aggregate, statistical form, non-personal information regarding the visitors to our website, traffic patterns, and website usage with our affiliates or advertisers. Cookies track devices as they navigate our website. Please see our cookie policy for further information (https://compre- group.com/cookies-policy/).
In cases where we would need to transfer personal data to other countries (for example to other intra-group companies situated in the UK and the EU) we will ensure that we take the necessary steps to protect your privacy rights and ensure that adequate safeguards are in place.
To do this we ensure that transfers of personal data within the Compre Group are covered by an intra- group agreement which contractually obliges each member to ensure that personal information receives an adequate and consistent level of protection.
If you want to contact us for more information about the safeguards we have put in place to ensure the adequate protection of your personal information, please contact us using the information provided at the end of this Privacy Statement.
In line with our Data Protection Policy we will retain your data for no longer than necessary to fulfil the purpose for which it was collected. To support us in managing how long we hold your data and our record management, we maintain a Data Retention Policy which includes clear guidelines on data retention and deletion.
Depending on the applicable law, you may have the following rights
For security purposes, when exercising one of these rights, we may ask you for additional information to confirm your identity before disclosing the personal information requested to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
You can exercise your rights by contacting us using the contact information displayed below. Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or inform you if we require further information in order to fulfil your request.
We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.
Where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any personal information is disclosed.
Compre will not use your personal data for marketing purposes.
Compre will not use your personal data for the purposes of automated decision making or profiling.
Pallas Reinsurance Company Limited is our representative entity in Bermuda. The address is: 4th Floor, Victoria Place, 31 Victoria Street, Hamilton, HM10, Bermuda.
Compre Services (USA) LLC is our representative entity in the US. The address is: 250 Commercial Street, Suite 2016, Manchester, NH 03101, USA.
This Privacy Statement is updated from time to time to take account of changes in our business activities, legal requirements and to make sure it’s as transparent as possible. Please regularly check these pages for the latest version of this Privacy Statement.
If you have any questions about this Privacy Statement you can contact our Group Data Protection Officer on:
Damian Everest
Chief Compliance Officer
Compre Services (UK) Ltd – Malta Branch
Trident Park, Notabile Gardens
No. 7 Level 3
Mdina Road, Zone 2
Central Business District
Birkirkara, CBD2010
Malta
Email: damian.everest@compre-group.com
Telephone: +356 21441355