Privacy & Data Protection Policy

Howden Insurance Brokers LLC Privacy Notice (“Privacy Notice”)

In compliance with the provisions of the United Arab Emirates “UAE” Federal Decree Law No. 45 of 2021 regarding the Protection of Personal Data (hereinafter the “PDPL”), Howden Insurance Brokers LLC (“Howden”, “We”, “Us” and “Our”), acting as the Data Controller, are committed to protecting your privacy. Here We explain how and why We process your personal data, the third parties with Whom we may share your personal data, what your rights are in the event We hold your personal data, and how you can enforce these rights with Us.

In this policy “Howden”, “We”, “Us” and “Our” means Howden Insurance Brokers LLC, a company incorporated under the laws of Dubai, UAE, holding commercial license number 560120 and its subsidiaries and associated companies.

Howden is a “Data Controller” which means we are responsible for determining the purposes for which and the manner in which any personal data is or is to be processed. "Personal data" meansany information that Howden processes that relates to identifiable or identified individuals.

1.     What information do we collect?

We collect your personal data and use it in different ways depending on your relationship with Us, for example if you are a policyholder, insured, related party or claimant, and how you have interacted with Us, this can include information we receive from other third parties. Depending on your relationship with Us, We may hold the following types of personal data about you:

  • Identity and contact data: for example, identity document, your name, date of birth, postal address, telephone number and e-mail address. 
  • Claims data: for example, data relating to claims made via Us, or your previous claims experience. 
  • Payment and account data: for example, your bank account details or brokerage fees. 
  • Location data: for example, your postal or IP address, the location of any insured property, and in the event of a claim, where the incident occurred. 
  • Correspondence data: for example, copies of letters and e-mails We send you or you send to Us, and notes or call recordings of any telephone conversations. 
  • Internet data: for example, information collected by cookies and other online technologies such as Google Analytics, as you use our website or contact Us by online methods. 
  • Information We obtain from other sources: for example from credit agencies, anti-fraud and other financial crime prevention agencies and other data providers. This can include demographic data and interest-based data. 
  • Complaint data: for example, what the complaint was, how We investigated it and how we resolved it.

2.     What PURPOSES do we use your personal data for and what is our LEGAL BASIS?

We are required to establish a legal basis to use your personal data. We use your information for the following lawful reasons:

  • To enter into or perform a contract: for example to provide you with an insurance quotation, to start, change or cancel an insurance policy, to administer the policy, to manage any claims which arise, to answer any queries you may have, action your requests or perform any debt recovery;
  • To comply with a legal obligation: for example the rules set by Our regulators, to fulfil your data rights under data privacy laws, handle complaints about data privacy or Our financial products and services, and to comply with other legal and regulatory requirements such as preventing money laundering and other financial crimes;
  • With your consent: for example if you consent to Us contacting you for marketing purposes.
  • To protect your  interests : in extreme or unusual circumstances, We may need to use your information to protect your life or the lives of others. 

3.    How and where is your information shared?

  • Where applicable, We may share your personal data with the following recipients when We have a valid reason to do so:
  • Other Howden Group companies;
  • Service providers who help us manage our IT and back office systems, or who provide platforms to Us that we then use or make available to you;
  • Marketing fulfilment & customer satisfaction service providers, acting on our behalf in facilitating online events, providing marketing communications and capturing feedback on our products and services.
  • Any third party where disclosure is required to comply with a contractual, legal or regulatory requirement;
  • We may disclose aggregate statistics about site visitors and customers in order to describe services to prospective partners, advertisers and other reputable third parties and for other lawful purposes, but these statistics will include no personally identifying information.

4.     Sharing personal data within the Howden Group

As stated above, and depending on Our relationship with you and the services you may receive from Us, We may share your personal data with other companies within the Howden Group. This will generally be for the following purposes:

  • To receive administrative support from those companies, such as information technology, finance, legal, human resources, compliance or other central services;
  • For promotional purposes.

We will only share the minimum amount of personal data required to achieve these purposes, ensuring that we have a lawful basis to share personal data and that any processing undertaken on our behalf (even by another Howden Group company) is governed by a suitable data sharing agreement.

5.     International data transfers

Under certain circumstances, for example to help prevent/detect crime, to manage our contract with you or where required by law or regulation, We may need to transfer your personal data to parties based outside of the UAE. Where We do this, We will ensure that your information is protected in accordance with the applicable data protection requirements applicable in the country.

If the data protection laws of the country that the recipient of your data is based in, are not recognised as providing sufficient protection by the UAE, We will ensure that we have an appropriate basis to transfer the personal data outside the UAE and/or the recipient enters into a formal and enforceable legal agreement that reflects the standards required.

You can ask Us for more information about the safeguards We use when sending your personal data overseas by contacting Us on the details shown in the “our contact details” section of this Privacy Notice.

6.    Retaining personal data

We retain personal data to meet a number of legal and regulatory requirements, as well as our own legitimate business interests.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data,  the potential risk of harm from unauthorised use or disclosure of your personal data the purposes for which we process your personal data and whether we can achieve such purposes through other means, and the applicable legal requirements. 

7.     Security

We place great importance on the security of all personally identifiable information associated with our customers.  We have security measures in place to protect against the loss, misuse and alteration of customer data under Our control.  For example, Our security and privacy policies are periodically reviewed and enhanced as necessary and only authorised personnel have access to user information.  While we cannot ensure or guarantee that loss, misuse, or alteration of data will not occur, we use our best, reasonably required efforts to prevent this.

8.    Your data rights

Data protection law gives you rights relating to your personal data. This section gives you an overview of these rights, how they relate to the information you give Us, the circumstances under which a right may not be absolute, and how you can send us a request to enforce one of these rights. Subject to any overriding legal obligations, requirements and/or exemptions, We will endeavour to get back to you as soon as possible. In the event your request is particularly complex, we will notify you and keep you updated:

Right to access

You have a right to request a copy of the personal data that we hold on you, along with meaningful information on how it is used and who we share it with. This right always applies, but there are some instances where We may not be able to provide you with some or all of the information We hold. Where this is the case, We will explain to you the reason and when We can respond to your request, unless the relevant laws or regulations prevent us from doing so.

 

Right to request data portability

You have the right to receive your personal data which was provided to Us for processing, in a structured and machine-readable format. You may also have the right to request transmission of such personal data to another controller, where technically feasible.

Right to rectification

You have a right to ask Us to correct inaccurate or incomplete personal data that We hold about you. We will either confirm to you that this has been done, or if there is a valid reason that this cannot be done, We will let you know the reason. 

Right to erasure

You can request that We delete your personal data in certain circumstances, for example if We no longer need the personal data for the purpose(s) for which We collected it. We will either confirm to you that this has been done, or if we are unable to delete it due to a compelling overriding reasons or retention is required by any legal or regularly obligations, we will let you know the reason for continuing to hold personal data and the period We are required to hold such personal data. 

Right to restrict processing

You can ask Us to restrict the processing of your personal data in certain circumstances. If you do so, We will either confirm to you that this has been done, or if We are unable to do so, We will inform you the reason.

Right to object to automated decision-making

You have the right to object to decisions made about you, using your personal data and undertaken by purely automated means, including profiling.  If you do so, We will arrange for someone to assess the automated decision and confirm the outcome of this assessment to you. 

Right to object to certain processing, including direct marketing

You can object to certain processing, including to receive direct marketing from Us. You can object to receiving direct marketing from Us by simply clicking on the unsubscribe link in any email you receive from Us or alternatively getting in touch with Us though the contact details mentioned hereunder.

Right to withdraw your consent

You have the right to withdraw your consent at any time to the use of your personal data for a particular purpose (where we have asked you for consent to use your information for that particular purpose).

Right to lodge a complaint

If you find that you have reasons to file a complaint against Howden for our data processing activities, you may contact the UAE Data Office.

If you would like to exercise any of the above rights, you can contact Us in writing – please refer to “Contact us” at section 11 to obtain the relevant contact information.

9.     Use of cookies


Cookies are pieces of information that a website transfers to your hard drive to store and sometimes track information about you. Most web browsers automatically accepts cookies, but if you prefer, you can change your browser to prevent that. However, you may not be able to take full advantage of a website if you do so.  Cookies are specific to the server that created them and cannot be accessed by other servers, which means they cannot be used to track your movements around the web.  Although they do identify a user’s computer, cookies do not personally identify users and passwords and credit card information are not stored in cookies.
We may use cookies from time to time to:

•    Estimate our audience size and patterns;
•    Track preferences and to improve and update our website.

For more details on cookies read our cookie policy


10.    Changes to this Privacy Notice


If we change Our Privacy Notice in any way, We will post these changes on this page. You are responsible for periodically visiting the Howden website and this Privacy Notice to check for any changes.


11.    Contact Us


Please e-mail Us for any questions, concerns or comments you have about this Privacy Notice to: [email protected] or write to us at:


Howden Insurance Brokers LLC
P.O. Box: 49195 
Suite 109, Latifa Towers
Dubai, United Arab Emirates
Tel: 971 (4) 304 5111 

Website: www.howdenuae.com

Email: [email protected]


Howden Insurance Brokers LLC is licensed as an Insurance Broker by the Central Bank of the UAE holding insurance brokerage license number 560120 and is part of the Howden Group Holdings Limited,  registered in England & Wales under company registration number 2937398 with registered address: One Creechurch Place, London EC3A 5AF.