Humboldt Re Limited (the “Company”), which provides insurance services in Guernsey, is committed to protecting your privacy. This commitment reflects the value we place on earning and keeping the trust of our customers, business partners and others who share their personal information with us.
We are required under Guernsey data protection legislation (and to the extent that data subjects about whom we hold personal information are within the EU, the EU data protection regime introduced by the General Data Protection Regulation (Regulation 2016/679)) to notify you of the information contained in this privacy notice (this “Notice”).
This Notice explains the Company’s information processing practices. It applies to any personal information you provide to us and any personal information about you that we collect from other sources. If you are a director, employee or consultant of an entity that provides us with personal data on individuals connected to you for any reason in relation to your involvement with us, this will affect those individuals and you should transmit this document to such individuals or otherwise advise them of its content.
This Notice is a statement of your rights regarding your personal information. This is not a contractual document and it does not create any rights or obligations.
This Notice does not apply to your interaction with any third party that might be connected to the Company, either directly or indirectly (for example any website that may be linked to any website that this Notice is published on) and you should refer to their specific privacy notice.
The Company is responsible for your personal information and is a data controller for the purposes of data protection laws. Throughout this Notice the Company is also referred to as ‘we’, ‘us’ or ‘our’. Where the context permits, such terms also include our appointed insurance administrator (Aon Insurance Managers (Guernsey) Limited (“Aon”) as our data processor.
Where we act as a data processor for a third party (namely the data controller) the third party is responsible for how personal information is processed and will have its own privacy notice.
We will collect personal information when:
When we interact with you for one of the activities listed above, we ask that you provide accurate and necessary information that enables us to start the task. When you provide personal information to us, we will use it for the purposes stated at the point of collection or for purposes that are otherwise obvious from the context of collection, for example when:
We rely on the availability of accurate personal information in order to operate our business. You should therefore periodically consider the personal information that we hold about you and promptly notify us of any changes.
The information we collect about you and/or individuals connected to you may include but is not limited to the following:
We will not collect any sensitive personal information unless this is required. Sensitive personal information includes information relating to:
Where you provide us with sensitive personal information, we will request that you understand and give your explicit consent that we may use and if required disclose this information to third parties for the purposes agreed.
If you provide personal information about other individuals connected to you such as employees or dependents you must obtain their consent prior to your disclosure to us.
We may ask you for some or all of the following types of information when you register for events, request services, manage accounts, access various content and features or directly visit our websites. This includes, but is not limited to:
In some instances we will automatically collect certain types of information when you visit our websites and through e-mails that we may exchange. Automated technologies may include the use of web server logs to collect IP addresses, ‘cookies’ and web beacons.
You may be able to engage with us through social media websites or through features such as plug-ins or applications on our websites that integrate with social media sites. You may also choose to link your account with us to third party social media sites. When you link to your account or engage with us on or through third party social media sites, plug-ins, or applications, you may allow us to have ongoing access to certain information from your social media account (for example, name, e-mail address, photo, gender, birthday, the posts or the 'likes' you make).
If you access our websites on your mobile telephone or mobile device, we may also collect your unique device identifier and mobile device IP address, as well as information about your device's operating system, mobile carrier and your location information. We may also ask you to consent to providing your mobile phone number (for example, so that we can send you push notifications).
We process personal information which our clients provide to us in order to perform our services. The purposes for which your personal information is processed will be determined by the scope and specification of our client engagement and by applicable laws, regulatory guidance and professional standards.
We process personal information about our clients and the individual representatives of our corporate clients in order to:
We may process personal information about our clients and the individual representatives of our corporate clients in order to:
We are an innovative business which relies on developing sophisticated products and services by drawing on our experience from prior engagements. We are not concerned with analysis of identifiable individuals and we take steps to ensure that your rights and the legitimacy of our activities are ensured through the use of aggregated or otherwise anonymised information.
We process personal information which our third party service providers provide to us in order to perform our obligations to such persons. The purposes for which your personal information is processed will be determined by the scope and specification of your engagement and by applicable laws, regulatory guidance and professional standards.
If we wish to use your personal information for a purpose which is not compatible with the purpose for which it was collected we will request your consent. In all cases, we balance our legal use of your personal information with your interests, rights, and freedoms in accordance with applicable laws and regulations to make sure that your personal information is not subject to unnecessary risk. There might be instances where we are required by law or regulation to share your information without your prior consent and without notifying you.
We do not make decisions about you based on automated processing of your personal data.
The Company relies on the following legal grounds to collect and use your personal information:
In limited circumstances, we will use your consent as the basis for processing your personal information (for example, where we are required to obtain your prior consent in order to send you marketing communications).
The Company does not generally deal with personal information relating to minors and we will only collect such information about children with the prior written consent of their parents or guardian.
How long we retain your personal information depends on the purpose for which it was obtained and the nature of the personal information. We will keep your personal information for no more than the time required to fulfil the purposes described in this Notice unless a longer retention period is required or permitted by law. We have implemented appropriate measures to ensure that your personal information is securely destroyed in a timely and consistent manner when no longer required.
In specific circumstances we may store your personal information for longer periods of time so that we have an accurate record of your dealings with us in the event of any complaints or challenges, or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.
We may share your personal information with other connected entities, brands, divisions and subsidiaries to serve you, including for the activities listed above.
We do not rent, sell or otherwise disclose personal information to unaffiliated third parties for their own marketing use. We do not share your personal information with third parties except in the circumstances described below.
We will disclose personal information to our appointed insurance administrator, Aon, which is a data processor of the Company’s data. Please note that Aon may, separately, also act as data controller of your personal information.
We disclose personal information to business partners who provide certain specialised services to us, or who co-operate with us on projects. These business partners operate as separate data controllers and are responsible for their own compliance with data protection laws. You should refer to their privacy notices for more information about their practices. Examples of business partners to which we way may disclose personal information include:
We may disclose your personal information to service providers we have retained (as data processors) to perform services on our behalf. These service providers are contractually restricted from using or disclosing the information except as necessary to perform services on our behalf or to comply with legal requirements. These activities could include any of the processing activities that we carry out as described in the above section, ‘How do we use your personal information?’. Examples of authorised service providers to which way may disclose personal information include:
These third parties are appointed under the terms of appropriate delegation or contractual arrangements and are required to safeguard appropriately your personal information. Their activities are limited to the purposes for which your personal information was provided.
We may disclose personal information:
Do we transfer your personal information across geographies?
We may transfer certain personal information across geographical borders to our other offices, authorised service providers or to business partners in other countries working on our behalf in accordance with applicable law. Our affiliates and third parties may be based locally or they may be based overseas in jurisdictions which may not have been determined by the European Commission to have an adequate level of data protection.
When we transfer to such jurisdictions we use a variety of legal mechanisms to help ensure that your rights and protections travel with your personal information:
Examples of countries outside the EU that we may transfer personal information to include (but are not limited to) the United States of America, the United Kingdom (from March 2019) and India.
If you would like further information about whether your information will be disclosed to overseas recipients, please contact us as noted below. You also have a right to contact us for more information about the safeguards we have put in place (including a copy of relevant contractual commitments, which may be redacted for reasons of commercial confidentiality) to ensure the adequate protection of your personal information when this is transferred.
The security of your personal information is important to us and we have implemented physical, technical and administrative security standards to protect personal information from loss, misuse, alteration or destruction. We protect your personal information against unauthorised access, use or disclosure, using security technologies and procedures, such as encryption and limited access. Only authorised individuals may access your personal information and they receive training about the importance of protecting personal information.
Our service providers and agents are contractually bound to maintain the confidentiality of personal information and may not use the information for any unauthorised purpose.
We shall notify you of any personal data breach affecting you that is likely to result in a high risk to your rights and freedoms.
We offer certain choices about how we communicate with our data subjects and what personal information we obtain about them and share with others. When you provide us with personal details, if we intend to use those details for marketing purposes, we will provide you with the option of whether you wish to receive promotional e-mail, SMS messages, telephone calls and postal mail from us. At any time, you may opt out from receiving interest-based advertising from us by contacting us as noted below.
We take reasonable steps to provide you with communications about your personal information. You can update your communication preferences in the following ways:
If you have created a profile or account on one of our websites, you can update your contact information after you log into your account.
If you request electronic communications, such as an e-newsletter, you will be able to unsubscribe at any time by following the instructions included in the communication or contacting us as noted below.
If you previously chose to receive push notifications on your mobile device from us but no longer wish to receive them, you can manage your preferences either through your device or the application settings. If you no longer wish to have any information collected by the mobile application, you may uninstall the application by using the uninstall process available on your mobile device.
Contact us by e-mail or postal address as noted below. Please include your current contact information, the information you are interested in accessing and your requested changes.
If we do not provide you with access, we will provide you with the reason for refusal and inform you of any exceptions relied upon.
Subject to certain exemptions (and in some cases dependent upon the processing activity we are undertaking), you have certain rights in relation to your personal information.
We may ask you for additional information to confirm your identity and for security purposes before disclosing any personal information requested by you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive.
You can exercise your rights by contacting us. Subject to legal and other permissible considerations, we will make every reasonable effort to honour your request promptly or to inform you if we require further information in order to fulfil your request.
We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way.
You have a right to access personal information we hold about you. If you have created a profile, you can access that information by visiting your account.
You have a right to request us to correct your personal information where it is inaccurate or out of date.
You have the right, in certain circumstances, to have your personal information erased. Your information can only be erased if:
You have the right to restrict the processing of your personal information, but only where:
You have the right to withdraw any consent previously given to the processing of your personal information where such consent is relied upon as the basis for such processing.
You have the right to information portability, which requires us to provide personal information to you or another controller in a commonly used, machine readable format.
You have the right to object to the processing of your personal information at any time. If you raise an objection, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.
You have the right to receive information regarding any entities to which we disclose your data. As noted above, you can ask to obtain a copy of, or reference to, the safeguards under which your personal information is transferred outside the EU.
You have the right to complain to the relevant data protection regulator about our processing of your personal information.
We have not appointed a data protection officer. If you have any questions, would like further information about our privacy and information handling practices, would like to discuss opt-outs or withdrawing consent, or would like to make a complaint about a breach of the law or of this Notice, please contact, in the first instance, the Data Protection Team at Aon.
Alternatively, you have the right to contact:
(a) the Office of the Data Protection Commissioner at:
The Office of the Data Protection Commissioner
St Martin’s House
St. Peter Port
(b) a supervisory authority in the EU member state of your usual residence or place of work or at the place of the alleged breach,
if you consider that the processing of your personal data carried out by us has breached the applicable data protection legislation.
We may update this Notice from time to time.
This Notice was last updated on 26 September, 2018.
This document was produced by Humboldt Re Limited with the greatest of care and to the best of its knowledge and belief. However, Humboldt Re Limited provides no guarantee with regard to its content and completeness and does not accept any liability for losses which might arise from making use of this information.
This document may contain forward-looking statements based on experience and expectations about certain types of investments and risks. This document may also contain information regarding hypothetical, back-tested or simulated results. Readers are cautioned not to place undue reliance on such statements and results.
Credit Suisse Insurance Linked Strategies Ltd (CS ILS) is registered in Switzerland and is licensed as an investment manager of collective investment schemes (funds) by the Swiss Financial Market Supervisory Authority. CS ILS and its employees are fully independent from Humboldt Re Limited, except for Niklaus Hilti, who is a member of the Board of Directors of Humboldt Re Limited. CSILS does not provide any investment advice to Humboldt Re Limited but rather presents reinsurance risk opportunities to Humboldt Re Limited, which then are independently assessed by Humboldt Re Limited and its own Underwriting Committee.
Humboldt Re Limited is registered in Guernsey under company number 60597. Registered Office Dorey Court, Admiral Park, St. Peter Port, Guernsey, GY1 4AT. Humboldt Re Limited is licensed and regulated by the Guernsey Financial Services Commission.
© 2019 Copyright Humboldt Re