Privacy Notice
COFACE PRIVACY NOTICE
Last updated 4 October 2020
This Privacy Notice explains how Coface Emirates Services Limited and Coface Credit Insurance GCC Limited, including other Coface Group entities ("Coface Entities") and affiliates (collectively referred to as “Coface”) collect, process, use and disclose your personal data in connection with the services Coface provides to our corporate clients (“Services”) or with regards your use of this website.
This Privacy Notice applies to Personal Data (as defined below) which is collected and/or used by Coface in its capacity as a 'Controller' as that term is defined in the EU General Data Protection Regulation, DIFC Data Protection Law and other similar laws.
Throughout this Privacy Notice, reference to “you” and "your" shall mean the individuals whose Personal Data Coface processes, such as the individuals who work for or are otherwise engaged by, or interact with, our clients, their affiliates or other third parties in connection with the Services.
PERSONAL DATA
“Personal Data” means any information that relates directly or indirectly to an identified or identifiable natural living person. It includes different pieces of information which, when collected together, can lead to the identification of a particular person. This may include encrypted or pseudonymised information if it can still be used to identify a person.
Personal data may include reference to an identifier such as a name, an identification number, location data, an online identifier or to one (1) or more factors specific to your biological, physical, biometric, physiological, mental, genetic, economic, cultural or social identity.
Personal Data includes:
COLLECTION OF PERSONAL DATA
Coface will collect and process your Personal Data in order to provide the requested Services, or because Coface is legally required to do so. If Coface does not receive the information / Personal Data that Coface requests, Coface may not be able to provide the Services.
Coface, our agents and service providers collect your Personal Data in a variety of ways, including:
Coface maintains physical, technical, electronic, procedural and organizational safeguards and security measures to protect your Personal Data against accidental, unlawful, or unauthorized destruction, loss, alteration, disclosure, or access, whether it is processed by Coface in the Dubai International Financial Centre ("DIFC") or elsewhere.
Access to your Personal Data is authorized only to those employees who may need to access for legitimate and specific business purposes as set out below in the 'Use of your Personal Data' section. The protection of Personal Data is an integral part of the Coface Code of Conduct, as well as other specific internal procedures. Our employees are subject to disciplinary action if they fail to follow such requirements.
The security and confidentiality of Personal Data is a core concern for Coface. If you have reason to believe that your interaction with Coface is no longer secure, please immediately notify Coface in accordance with the “Contacting Coface” section below
USE OF PERSONAL DATA
Coface and our service providers may use your Personal Data to comply with applicable law, and/or for our legitimate business interests, which may include any of the following:
RETENTION PERIOD
Coface will retain Personal Data for as long as required or permitted in light of the purpose(s) for which it was obtained. The criteria used to determine our retention periods include: (i) the length of time Coface have an ongoing relationship with our client and provide the Services; (ii) whether there is a legal obligation to which Coface is subject; and (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
DISCLOSURE OF PERSONAL DATA
Personal Data may be disclosed to third parties in connection with the Services Coface is providing. The recipients of any such information will depend on the Services that are being provided. Subject to any restrictions around confidentiality Coface has expressly agreed with our client or other transaction parties, such disclosures may include disclosures:
Coface may also use and disclose Personal Data as Coface believes to be necessary or appropriate:
This Privacy Notice does not address, and Coface is not responsible for, the privacy information or other practices of any third parties, including any third party operating any website or service to which the Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by Coface or by our affiliates.
EXERCISING YOUR RIGHTS
Direct Marketing
You may opt-out from our use and disclosure of your Personal Data for marketing purposes:
Accessing, changing, suppressing or deleting your Personal Data
You have the right to request access to, correct, update, suppress, restrict or delete the Personal Data that you have previously provided to Coface, or if you would like to request to receive an electronic copy of your Personal Data for purposes of transmitting it to another company, you may contact Coface. Information about how to contact a Coface Entity for this purpose is set out in the section headed “Contacting Coface” below. Coface will respond to your request consistent with applicable law.
In your request, please make it clear what Personal Data you would like to have changed, whether you would like to have the Personal Data suppressed from our database or otherwise let Coface know what limitations you would like us to put on our use of your Personal Data. For your protection, Coface may need to verify your identity before implementing your request. Coface will try to comply with your request as soon as reasonably practicable.
Please note that Coface may need to retain certain information for record-keeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion. We may also be obliged to retain your Personal Data due to our legal requirements.
JURISDICTION AND CROSS-BORDER TRANSFER
Coface is a global organization and may transfer your Personal Data collected (including via its websites) across geographical borders to other Coface Entities, personnel, or third parties located throughout the world. In addition, your Personal Data may be stored and processed in any country where Coface has facilities or in which Coface engages service providers, including the United States and Europe. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Data.
Coface will take appropriate steps to ensure that any cross border transfers of your Personal Data are made in accordance with applicable law and are carefully managed to protect your privacy rights and interests, and transfers are limited to countries which are recognized as providing an adequate level of legal protection or where Coface can be satisfied that alternative arrangements are in place to protect your privacy rights.
Some jurisdictions are recognized by the DIFC Data Protection Commissioner ("Commissioner") as providing an adequate level of protection according to DIFC standards (further information is available here: https://www.difc.ae/business/operating/data-protection/). For transfers from the DIFC to countries not considered adequate by the Commissioner, Coface has put in place adequate measures, such as standard contractual clauses adopted by the Commissioner to protect your Personal Data. Transfers may also be made pursuant to contracts in your interest or at your request.
UPDATES TO THIS PRIVACY NOTICE
Coface may change this Privacy Notice from time to time. The “Last updated” legend at the top of this Privacy Notice indicates when this Privacy Notice was last revised. Any changes will become effective when Coface posts the revised Privacy Notice.
CONTACTING COFACE
The Coface Entity who provides the Services in connection with which your Personal Data has been provided is the company responsible for collection, use and disclosure of your Personal Data under this Privacy Notice, and is the Controller of your Personal Data.
If you do not know which Coface Entity is responsible for the Services or you have any questions about this Privacy Notice, please contact the Coface Data Protection Officer at Coface Credit Insurance GCC Limited Office 701, Emirates Financial Towers (South), PO Box 506598, Dubai, United Arab Emirates, Phone: +971 (0)43099100 and/or Email dpoUAE@coface.com.
To help Coface to manage your query, please include your full name and the name of the Coface Entity you understand is processing your personal data and/or any reference number that was made available by a Coface Entity to you.
You may also contact Coface through your client relationship manager with any questions about this Privacy Notice.
You may also lodge a complaint with the Commissioner or a supervisory authority in the country in which you are based if you have any concerns about our processing of your Personal Data.
Top Last updated 4 October 2020
This Privacy Notice explains how Coface Emirates Services Limited and Coface Credit Insurance GCC Limited, including other Coface Group entities ("Coface Entities") and affiliates (collectively referred to as “Coface”) collect, process, use and disclose your personal data in connection with the services Coface provides to our corporate clients (“Services”) or with regards your use of this website.
This Privacy Notice applies to Personal Data (as defined below) which is collected and/or used by Coface in its capacity as a 'Controller' as that term is defined in the EU General Data Protection Regulation, DIFC Data Protection Law and other similar laws.
Throughout this Privacy Notice, reference to “you” and "your" shall mean the individuals whose Personal Data Coface processes, such as the individuals who work for or are otherwise engaged by, or interact with, our clients, their affiliates or other third parties in connection with the Services.
PERSONAL DATA
“Personal Data” means any information that relates directly or indirectly to an identified or identifiable natural living person. It includes different pieces of information which, when collected together, can lead to the identification of a particular person. This may include encrypted or pseudonymised information if it can still be used to identify a person.
Personal data may include reference to an identifier such as a name, an identification number, location data, an online identifier or to one (1) or more factors specific to your biological, physical, biometric, physiological, mental, genetic, economic, cultural or social identity.
Personal Data includes:
- a name and surname;
- date of birth;
- a home address;
- an email address (such as name.surname@company.com);
- a telephone or fax number;
- account details and related contact information;
- an identification number (for example ID card, passport, social security);
- location data;
- an Internet Protocol (IP) address;
- a cookie ID;
- photographic or video images;
- telephonic or electronic recordings.
- names of beneficial owner(s); and
- employment related information (executive positions held, shareholdings, and CVs); and
- information about regulatory and other investigations or litigation to which you are or have been subject.
- racial, ethnic or communal origin;
- political affiliations or opinions;
- religious or philosophical beliefs;
- criminal records;
- trade-union membership;
- health or sex life; or
- genetic data and biometric data.
COLLECTION OF PERSONAL DATA
Coface will collect and process your Personal Data in order to provide the requested Services, or because Coface is legally required to do so. If Coface does not receive the information / Personal Data that Coface requests, Coface may not be able to provide the Services.
Coface, our agents and service providers collect your Personal Data in a variety of ways, including:
- Coface may collect Personal Data through providing the Services.
- Other than through the Services, Coface may collect Personal Data about you other, such as when you meet Coface ahead of transactions, request pitches or proposals from Coface, or participate in a transaction or contractual arrangement, are referred to in a working party list provided by you or third parties, or in information obtained from deal-related data rooms.
- Coface may receive Personal Data from other sources, such as public databases or information services providers.
Coface maintains physical, technical, electronic, procedural and organizational safeguards and security measures to protect your Personal Data against accidental, unlawful, or unauthorized destruction, loss, alteration, disclosure, or access, whether it is processed by Coface in the Dubai International Financial Centre ("DIFC") or elsewhere.
Access to your Personal Data is authorized only to those employees who may need to access for legitimate and specific business purposes as set out below in the 'Use of your Personal Data' section. The protection of Personal Data is an integral part of the Coface Code of Conduct, as well as other specific internal procedures. Our employees are subject to disciplinary action if they fail to follow such requirements.
The security and confidentiality of Personal Data is a core concern for Coface. If you have reason to believe that your interaction with Coface is no longer secure, please immediately notify Coface in accordance with the “Contacting Coface” section below
USE OF PERSONAL DATA
Coface and our service providers may use your Personal Data to comply with applicable law, and/or for our legitimate business interests, which may include any of the following:
- to validate authorized signatories when concluding agreements and transactions;
- to contact nominated individuals in connection with existing transactions and contractual agreements;
- to respond to enquiries and fulfill requests from our corporate clients and/or relevant third parties who require information as a necessary part of the provision of Services, and to administer account(s) and manage our relationships;
- to inform our corporate clients about products or services which Coface believes may be of interest, including marketing proposals or offers;
- to verify an individual’s identity and/or location (or the identity or location of our client’s representative or agent) in order to allow access to client accounts, or conduct online transactions;
- to protect the security of accounts;
- for information and relationship management purposes, and business purposes, including data analysis, audits, developing and improving products and services, identifying usage trends and determining the effectiveness of promotional campaigns, and enhancing, improving or modifying our Services;
- for risk management, compliance with our legal and regulatory obligations and for fraud detection, prevention and investigation, including “know your customer”, anti-money laundering, conflict and other necessary onboarding and ongoing client checks, due diligence and verification requirements, credit checks, credit risk analysis, compliance with sanctions procedures or rules, and tax reporting;
- to comply with laws and regulations (including any legal or regulatory guidance, codes or opinions), and to comply with other legal process and law enforcement requirements (including any internal policy based on or reflecting legal or regulatory guidance, codes or opinions);
- to provide and perform our obligations with respect to the Services or otherwise in connection with fulfilling instructions; and
- to send administrative information to clients, such as changes to our terms, conditions and policies.
RETENTION PERIOD
Coface will retain Personal Data for as long as required or permitted in light of the purpose(s) for which it was obtained. The criteria used to determine our retention periods include: (i) the length of time Coface have an ongoing relationship with our client and provide the Services; (ii) whether there is a legal obligation to which Coface is subject; and (iii) whether retention is advisable in light of our legal position (such as in regard to applicable statutes of limitations, litigation or regulatory investigations).
DISCLOSURE OF PERSONAL DATA
Personal Data may be disclosed to third parties in connection with the Services Coface is providing. The recipients of any such information will depend on the Services that are being provided. Subject to any restrictions around confidentiality Coface has expressly agreed with our client or other transaction parties, such disclosures may include disclosures:
- to affiliates and subsidiaries of Coface for the purposes described in this Privacy Notice (“affiliates”);
- to payment, banking and communication infrastructure providers including financial institutions or intermediaries with which Coface may have dealings including banks, insurers, reinsurers, insurance brokers and other service providers assisting on transactions;
- to our third party service providers who provide services such as website hosting, data analysis, payment processing, information technology and related infrastructure provision, customer service, email delivery, auditing and other services;
- to third party experts and advisers (including but not limited to external legal counsel, auditors and tax advisers);
- to third party storage providers (including archive service providers and document repositories);
- to third party operators of private or common carrier communication or transmission facilities, time sharing suppliers and mail or courier services;
- to counterparties, vendors and beneficiaries, and other entities connected with our client (including underlying clients, obligors, investors and/or other principals connected); and
- to other persons as agreed with our client or as required or expressly permitted by applicable law.
Coface may also use and disclose Personal Data as Coface believes to be necessary or appropriate:
- to comply with applicable law including treaties or agreements with or between foreign or domestic governments (including in relation to tax reporting laws), which may include laws outside the country you are located in, to respond to requests from public and government authorities, which may include authorities outside your country, to cooperate with law enforcement, governmental, regulatory or other similar agencies or authorities including tax authorities to which Coface or our affiliates are subject or submit, in each case of any country worldwide, or for other legal reasons, who may transfer the Personal Data to equivalent agencies or authorities in other countries;
- to regulators or approved reporting mechanisms which may be outside your country;
- to courts, litigation counterparties and others, pursuant to a subpoena or other court order or process or otherwise as reasonably necessary, including in the context of litigation, arbitration and similar proceedings to enforce our terms and conditions, and as reasonably necessary to prepare for or conduct any litigation, arbitration and/or similar proceedings; and
- to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others.
- in the event of any reorganization, merger, sale, joint venture, assignment, transfer or other disposition of all or any portion of our business, assets or stock (including in connection with any bankruptcy or similar proceedings); and/or
- to third parties, as requested by clients or their representatives.
This Privacy Notice does not address, and Coface is not responsible for, the privacy information or other practices of any third parties, including any third party operating any website or service to which the Services link. The inclusion of a link on the Services does not imply endorsement of the linked site or service by Coface or by our affiliates.
EXERCISING YOUR RIGHTS
Direct Marketing
You may opt-out from our use and disclosure of your Personal Data for marketing purposes:
- If you no longer want to receive marketing-related emails from Coface on a go-forward basis, you may opt-out by contacting your client relationship manager or by using the contact details below.
- If you would prefer that Coface does not share your Personal Data on a go-forward basis with our affiliates for their direct marketing purposes, you may opt-out by using the contact details below.
Accessing, changing, suppressing or deleting your Personal Data
You have the right to request access to, correct, update, suppress, restrict or delete the Personal Data that you have previously provided to Coface, or if you would like to request to receive an electronic copy of your Personal Data for purposes of transmitting it to another company, you may contact Coface. Information about how to contact a Coface Entity for this purpose is set out in the section headed “Contacting Coface” below. Coface will respond to your request consistent with applicable law.
In your request, please make it clear what Personal Data you would like to have changed, whether you would like to have the Personal Data suppressed from our database or otherwise let Coface know what limitations you would like us to put on our use of your Personal Data. For your protection, Coface may need to verify your identity before implementing your request. Coface will try to comply with your request as soon as reasonably practicable.
Please note that Coface may need to retain certain information for record-keeping purposes and/or to complete any transactions that you began prior to requesting a change or deletion. We may also be obliged to retain your Personal Data due to our legal requirements.
JURISDICTION AND CROSS-BORDER TRANSFER
Coface is a global organization and may transfer your Personal Data collected (including via its websites) across geographical borders to other Coface Entities, personnel, or third parties located throughout the world. In addition, your Personal Data may be stored and processed in any country where Coface has facilities or in which Coface engages service providers, including the United States and Europe. In certain circumstances, courts, law enforcement agencies, regulatory agencies or security authorities in those other countries may be entitled to access your Personal Data.
Coface will take appropriate steps to ensure that any cross border transfers of your Personal Data are made in accordance with applicable law and are carefully managed to protect your privacy rights and interests, and transfers are limited to countries which are recognized as providing an adequate level of legal protection or where Coface can be satisfied that alternative arrangements are in place to protect your privacy rights.
Some jurisdictions are recognized by the DIFC Data Protection Commissioner ("Commissioner") as providing an adequate level of protection according to DIFC standards (further information is available here: https://www.difc.ae/business/operating/data-protection/). For transfers from the DIFC to countries not considered adequate by the Commissioner, Coface has put in place adequate measures, such as standard contractual clauses adopted by the Commissioner to protect your Personal Data. Transfers may also be made pursuant to contracts in your interest or at your request.
UPDATES TO THIS PRIVACY NOTICE
Coface may change this Privacy Notice from time to time. The “Last updated” legend at the top of this Privacy Notice indicates when this Privacy Notice was last revised. Any changes will become effective when Coface posts the revised Privacy Notice.
CONTACTING COFACE
The Coface Entity who provides the Services in connection with which your Personal Data has been provided is the company responsible for collection, use and disclosure of your Personal Data under this Privacy Notice, and is the Controller of your Personal Data.
If you do not know which Coface Entity is responsible for the Services or you have any questions about this Privacy Notice, please contact the Coface Data Protection Officer at Coface Credit Insurance GCC Limited Office 701, Emirates Financial Towers (South), PO Box 506598, Dubai, United Arab Emirates, Phone: +971 (0)43099100 and/or Email dpoUAE@coface.com.
To help Coface to manage your query, please include your full name and the name of the Coface Entity you understand is processing your personal data and/or any reference number that was made available by a Coface Entity to you.
You may also contact Coface through your client relationship manager with any questions about this Privacy Notice.
You may also lodge a complaint with the Commissioner or a supervisory authority in the country in which you are based if you have any concerns about our processing of your Personal Data.