Privacy Notice

Last updated May 11, 2018
ThisPrivacy Noticeexplains how Coface and its subsidiaries and affiliates (“Coface”), which are established in the European Union, collect, use and disclose personal data online and offline inconnection with the services Coface provides to our corporate clients (“Services”). Coface refers as “you” in this Notice regarding the individuals whose Personal Data (as defined below) Coface processes, such as individuals who work for or are otherwise engaged by, or interact with, our clients, their affiliates or other third parties in connection with the Services.
“Personal Data” is any information that relates directly to an identified - or identifiable - living individual. It includes also different pieces of information, which collected together can lead to the identification of a particular person, as well as de-identified, encrypted or pseudonymised personal data if they can still be used to re-identify a person.
Personal Data includes notably:
  • a name and surname;
  • a date of birth;
  • a home address;
  • an email address (such as;
  • a telephone or fax number;
  • account details and related contact information;
  • an identification number (for example ID card, passport, social security);
  • location data;
  • an Internet Protocol (IP) address;
  • a cookie ID;
  • photographic or video images;
  • telephonic or electronic recordings.
    In the course of providing certain Services, Coface may also receive from you, or third parties, information including:
  • names of beneficial owner(s); and
  • employment related information (executive positions held, shareholdings, and CVs); and
  • information about regulatory and other investigations or litigation to which you are or have been subject.
    “SensitivePersonal Data” is personal data revealing:
  • racial or ethnic origin;
  • political opinions, or trade union membership;
  • religious or philosophical beliefs;
  • genetic and biometric data when processed for the purpose of identifying an individual;
  • health data;
  • the sexual orientation of the person;
  • criminal convictions or offences.
    Coface may receive sensitive Personal Data, on the basis of European Union or State law, from third party service providers and others in support of due diligence activities that Coface undertakes to satisfy various legal and regulatory requirements to which Coface is subject, in a manner which shall be proportionate to the aim pursued.
    Coface needs to collect and process Personal Data in order to provide the requested Services, or because Coface is legally required to do so. If Coface does not receive the information that Coface requests, Coface may not be able to provide the requested Services.
    Coface and our agents and service providers collect Personal Data in a variety of ways, including:
  • Through the Services: Coface may collect Personal Data through providing the Services.
  • Other than through the Services: Coface may collect Personal Data about you other thanthrough the Services, such as when you meet Coface ahead of transactions, request pitches or proposals from Coface, or participate in a transaction or contractual arrangement, are referred to in a working party list provided by you or third parties, or in information obtained from deal-related data rooms.
  • From Other Sources: Coface may receive Personal Data from other sources, such as publicdatabases or information services providers.
    Coface maintains reasonable physical, technical, electronic, procedural and organizational safeguards and security measures to protect personal data against accidental, unlawful, or unauthorized destruction, loss, alteration, disclosure, or access, whether it is processed by Coface in the European Union or elsewhere.
    The access to your personal data is authorized only to required employees for legitimate and specific business purposes. The protection of personal data is an integral part of Coface Code of Conduct as well as specific internal procedures. Our employees are subject to disciplinary action if they fail to follow such requirements.
    The security and confidentiality of Personal Data is a core concern for Coface. If you have reason to believe that your interaction with Coface is no longer secure, please immediately notify Coface in accordance with the“Contacting Coface”section below.
    Coface and our service providers may use Personal Data for our legitimate businessinterests, including the following:
  • to validate authorized signatories when concluding agreements and transactions;
  • to contact nominated individuals in connection with existing transactions and contractual agreements;
  • to respond to enquiries and fulfill requests from our clients and/or relevant third parties who require information as a necessary part of the provision of the Services, and to administer account(s) and manage our relationships;
  • to inform our clients about products or services which Coface believes may be of interest, including marketing proposals or offers;
  • to verify an individual’s identity and/or location (or the identity or location of our client’s representative or agent) in order to allow access to client accounts, or conduct online transactions;
  • to protect the security of accounts and Personal Data;
  • for information and relationship management purposes, and business purposes, including data analysis, audits, developing and improving products and services, identifying usage trends and determining the effectiveness of promotional campaigns, and enhancing, improving or modifying our Services;
  • for risk management, compliance with our legal and regulatory obligations and for fraud detection, prevention and investigation, including “know your customer”, anti-money laundering, conflict and other necessary onboarding and ongoing client checks, due diligence and verification requirements, credit checks, credit risk analysis, compliance with sanctions procedures or rules, and tax reporting;
  • to comply with laws and regulations (including any legal or regulatory guidance, codes or opinions), and to comply with other legal process and law enforcement requirements (including any internal policy based on or reflecting legal or regulatory guidance, codes or opinions);
  • to provide, and perform our obligations with respect to, the Services or otherwise in connection with fulfilling instructions; and
  • to send administrative information to clients, such as changes to our terms, conditions and policies.
    Please note that Personal Data, that Coface collects in order to meet our legal and regulatory obligations related to the prevention of money laundering and terrorist financing, is processed only for those purposes, unless otherwise permitted or agreed.
    Coface will retain Personal Data for as long as required or permitted in light of the purpose(s) for which it was obtained. The criteria used to determine our retention periods include: (i) the length of time Coface have an ongoing relationship with our client and provide the Services; (ii) whether there is a legal obligation to which Coface are subject; and (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
    Personal Data may be disclosed to third parties in connection with the Services Coface is providing. The recipients of any such information will depend on the Services that are being provided. Subject to any restrictions around confidentiality Coface has expressly agreed with our client or other transaction parties, such disclosures may include disclosures:
  • to affiliates and subsidiaries of Coface for the purposes described in this Privacy Notice (“affiliates”);
  • to payment, banking and communication infrastructure providers including financial institutions or intermediaries with which Coface may have dealings including banks, insurers, reinsurers, insurance brokers and other service providers assisting on transactions;
  • to our third party service providers who provide services such as website hosting, data analysis, payment processing, information technology and related infrastructure provision, customer service, email delivery, auditing and other services;
  • to third party experts and advisers (including external legal counsel, auditors and tax advisers);
  • to third party storage providers (including archive service providers and document repositories);
  • to third party operators of private or common carrier communication or transmission facilities, time sharing suppliers and mail or courier services;
  • to counterparties, vendors and beneficiaries, and other entities connected with our client (including underlying clients, obligors, investors and/or other principals connected); and
  • to other persons as agreed with our client or as required or expressly permitted by applicable law.
Disclosures of Personal Data which Coface makes to our third party service providers, as described in this section, will be made subject to conditions of confidentiality and security as Coface may consider appropriate to the specific circumstances of each such disclosure.
Coface may also use and disclose Personal Data as Coface believes to be necessary or appropriate:
  1. to comply with applicable law including treaties or agreements with or between foreign or domestic governments (including in relation to tax reporting laws), which may include laws outside the country you are located in, to respond to requests from public and government authorities, which may include authorities outside your country, to cooperate with law enforcement, governmental, regulatory or other similar agencies or authorities including tax authorities to which Coface or our affiliates are subject or submit, in each case of any country worldwide, or for other legal reasons, who may transfer the Personal Data to equivalent agencies or authorities in other countries;
  2. to regulators or approved reporting mechanisms which may be outside your country;
  3. to courts, litigation counterparties and others, pursuant to subpoena or other court order or process or otherwise as reasonably necessary, including in the context of litigation, arbitration and similar proceedings to enforce our terms and conditions, and as reasonably necessary to prepare for or conduct any litigation, arbitration and/or similar proceedings; and
  4. to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others.
In addition, Coface may use, disclose or transfer Personal Data to a third party:
  1. in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings); and/or
  2. to third parties, as requested by clients or their representatives.
This Privacy Notice does not address, and Coface are not responsible for, the privacy information or other practices of any third parties, including any third party operating any website or service to which the Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by Coface or by our affiliates.
The use and disclosure of your Personal Data
You may opt-out from our use and disclosure of your Personal Data for marketing purposes:
  • Receiving electronic communications from Coface: If you no longer want to receive marketing-related emails from Coface on a going-forward basis, you may opt-out by contacting your client relationship manager or by emailing to the address mentioned in the section headed “Contacting Coface” below.
  • Our sharing of your Personal Information with affiliates for their direct marketing purposes: If you would prefer that Coface not share your Personal Data on a going-forward basiswith our affiliates for their direct marketing purposes, you may opt-out of this sharing by emailing by emailing to the address mentioned in the section headed “Contacting Coface” below.
Coface will try to comply with your request(s) as soon as reasonably practicable. Please note that if you opt-out of receiving marketing-related emails from Coface, Coface may still send you important administrative and Service or transaction-related messages, which you cannot opt of.
Accessing, changing or suppressing your Personal Data
If you would like to request to review, correct, update, suppress, restrict or delete Personal Data that you have previously provided to Coface, or if you would like to request to receive an electronic copy of your Personal Data for purposes of transmitting it to another company (to the extent this right to data portability is provided to you by applicable law), you may contact Coface. Information about how to contact a Coface Entity for this purpose is set out in the section headed “Contacting Coface” below. Coface will respond to your request consistent with applicable law.
In your request, please make clear what Personal Data you would like to have changed, whether you would like to have the Personal Data suppressed from our database or otherwise let Coface know what limitations you would like to put on our use of the Personal Data. For your protection, Coface may only implement requests with respect to the Personal Data associated with the particular email address that you use to send Coface your request, and Coface may need to verify your identity before implementing your request. Coface will try to comply with your request as soon as reasonably practicable.
Please note that Coface may need to retain certain information for recordkeeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion. There may also be residual information that will remain within our databases and other records, which will not be removed.
Personal Data may be stored and processed in any country where Coface have facilities or in which Coface engage service providers, including the United States. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access Personal Data.
If you are located in the European Economic Area (EEA): Some non-EEA countries are recognized by the European Commission as providing an adequate level of data protection according to EEA standards (the full list of these countries is available here For transfers from the EEA to countries not considered adequate by the European Commission, Coface has put in place adequate measures, such as standard contractual clauses adopted by the European Commission to protect Personal Data. Transfers may also be made pursuant to contracts in your interest or at your request.
Individuals may also:
  • contact Coface through their client relationship manager with any questions about this Privacy Notice.
  • file a complaint with a supervisory authority in the EEA competent for their relevant country or region.
Coface may change this Privacy Notice from time to time. The “Last updated” legend at the top of this Privacy Notice indicates when this Privacy Notice was last revised. Any changes will become effective when Coface posts the revised Privacy Notice. Use of the Services following these changes (or your continued provision of Personal Data to Coface) signifies acceptance of the revised Privacy Notice.
The Coface Entity who provides the Services in connection with which your Personal Data has been provided is the company responsible for collection, use and disclosure of your Personal Data under this Privacy Notice.
If you do not know which Coface Entity is responsible for those Services or you have any questions about this Privacy Notice, please contact Data Protection Officer at Coface Credit Insurance GCC Limited Office 701, Emirates Financial Towers (South), PO Box 506598, Dubai, United Arab Emirates.
To help Coface to manage your query, please include your full name and the name of the Coface Entity you understand is processing your personal data and/or any reference number that was made available by a Coface Entity to you.