Saudi Arabia
العربية
Contact Us
My Services

Privacy Policy

Introduction
This Privacy Notice applies to all our Customers, Visitors, users, and others (hereinafter referred to as “You” or the “User”) who Access or use our Website or Mobile Application. The applicability of this Privacy Notice shall not be Restricted only to Personal Data collected from our Website or Mobile Application, but also includes any such data collected offline or through other data Collection channels. This Privacy Notice intends to inform you about the following:

a) Data Collection Methods

a) How We Use Your Personal Data

b) How We Store Your Personal Data

c) Lawful Basis for Processing

d) How We Protect Your Personal Data

e) How We Share, Transfer and Publicly Disclose Your Personal Data

f) Your Rights Relating to Personal Data

g) Protection of Personal Data of Person who fully or partially lacks legal capacity

h) How We Use Cookies and Other Technologies

i) How to Contact Us

j) Formulation, Effectiveness, and Update of this Policy and Others

1. Data Collection Methods

a) We may collect Personal Data in paper, electronic, or other formats.

b) When you visit our website or apps, we may collect information about your browser, device (IP address, OS, and browser version), and browsing actions using cookies. You can disable cookies in your settings.

c) Technical information that doesn’t identify an individual isn’t treated as Personal Data, but if it can, we will protect it.

d) We obtain most Personal Data directly from you or through services used. Other sources include:

    • Our companies
    • Parent/guardian
    • Authorized third parties
    • Employer
    • Healthcare providers
    • Medical regulators
    • Credit and fraud agencies
    • Debt collectors
    • Business buyers
    • Consultants
    • Public bodies
    • Public data
    • Suppliers processing data for us

e) We may verify your information with your employer or other sources. If required, we obtain your consent before collecting your data, including explicit consent where necessary by law.

2. Use of Personal Data

a) We will collect your information using the methods outlined in the “Data Collection Methods” section of this Policy.

b) When you visit our Website or applications as a Visitor, we may use your information to:

    • Respond to your queries.
    • Provide requested information, products, or services with your consent.
    • Fulfill contracts or agreements with you.
    • Enable interaction on our Website or applications.
    • Notify you of changes.
    • Ensure proper display on your device.
    • Maintain secure operation and prevent misuse.
    • Meet compliance obligations.
    • Conduct non-personal statistical analysis.

c) If you are a prospect, customer, or connected person, we may use your information to:

    • Provide products or services and verify identities.
    • Comply with laws or authority requirements.
    • Fulfill CHUBB Arabia’s compliance obligations.
    • Enforce or defend CHUBB Arabia’s rights.
    • Meet operational needs such as analysis, archiving, and audits.
    • Market products with authorization or conduct surveys.
    • Utilize administrative and other external services.

3. Legal Basis for Collecting and Processing Personal Data

We will process your Personal Data only with a lawful basis, such as consent, contract performance, legal obligations, vital interests, public interest tasks, or legitimate interests of us or third parties.

4. What Personal Data We Collect, Process, and Use

We may collect and process the following categories of personal data, depending on your relationship with us and the services you request:

  • Identity Information: Full name, gender, nationality, IQAMA/National ID, passport details, job title, and contact details (e.g., phone number, email address).
  • Financial Information: Bank account details, transaction history, account balance, credit status, investment records, and loan information.
  • Contact Information: Residential address, postal address, and historical addresses.
  • Biometric Information: Fingerprint data, facial recognition, voice recordings, and signature samples.
  • Credit Information: Credit scores, income levels, assets, credit bureau reports, and details on any financial obligations.
  • Sensitive Data: Medical reports, health status (where required for specific services), and data related to any legal guardianship.

5.  Storage and Destruction of Personal Data

Personal and sensitive data collected through the Website, mobile apps, and official channels are stored on our servers in Saudi Arabia for more than 10 years, protected by security measures. After this period, we will destroy, delete, or de-identify the data, or securely store it separately if deletion isn’t possible. Exceptions apply for data required by law, regulations, agreements, or for record checks by you, customers, or authorities.

The requirements do not apply to the information that needs to be retained according to applicable laws and regulations, regulatory, archival, accounting, auditing, or reporting requirements, a special agreement between you or Relevant Customers and us, or for record check or inquiry from you, Relevant Customers, regulators, or other authorities.

6. Protection of Personal Data

  • We prioritize information security and are committed to protecting your personal data from unauthorized or accidental access, processing, or damage. We implement appropriate measures to secure your data and will take legal responsibility if your rights are harmed due to our fault.
  • We enforce a strict security system to prevent unauthorized access to your data, including access controls, confidentiality agreements, security policies, and staff training.
  • We will not disclose your personal data to third parties unless required by law or with your consent. External service providers are bound by confidentiality and must adhere to KSA PDPL security standards.

7. Data Sharing or Exchanging Personal Data

a) Entrusted Processing and Sharing

We may share or disclose your Personal Data for the purposes outlined in the CHUBB Arabia Privacy Notice, ensuring proper protective measures are in place. Recipients may include:

    • CHUBB Arabia members.
    • Contractors, service providers, or business partners.
    • Regulators, authorities, or designated individuals.
    • Reinsurers for reinsurance purposes.

With your consent, we will notify you about data sharing, including recipient details and processing purposes.

All third parties are required to adhere to PDPL and use the data solely for its intended purpose.

    • Additional Recipients:
      • Affiliates: To manage business risks and ensure accurate information.
      • Authorized Business Partners: Such as brokers and insurers.
      • Shared Ownership or Liability: For relevant products or services.
      • Parents/Guardians or Authorized Parties: On your behalf for communication.
      • Healthcare Providers: Authorized to access your health records.
      • Government and Law Enforcement: For legal compliance or requests.

b) Transfers

We will not transfer your Personal Data without consent if it involves sensitive or credit data, or decisions made solely by automated processing. Cross-border transfers may occur with your consent.

c) Public Disclosure

We will not disclose your Personal Data to the Public unless we have your separate Consent.

8. Exercising the Rights of the Personal Data Subject

CHUBB Arabia is committed to providing high-quality services to all users while ensuring their rights, as outlined by the Personal Data Protection Law and related regulations. These rights include:

a) Right to Information: You have the right to know how and why your data is collected and used.

b) Right to Access: You can access your data held by CHUBB Arabia and request a copy or transfer it to another party.

c) Right to Correction: You can request that your data be corrected, completed, or updated.

d) Right to Deletion: You can request that your data be deleted.

e) Right to Request a Copy: You can request a copy of the data being processed.

f) Right to Withdraw Consent: You can withdraw your consent for data collection and processing, unless legal or judicial requirements dictate otherwise.

You may submit a request to exercise your rights by contacting the following email: DPO@chubb.com.sa

Data Subject Rights are not absolute, CHUBB shall have the sole discretion to accept or reject any requests made under DSR, while adhering to the Laws of KSA.

9. Protection of Personal Data of a Person that Fully or Partially Lacks Legal Capacity

We prioritize protecting the Personal Data of individuals lacking full legal capacity. We only collect such data with their Legal Guardian’s consent when necessary for providing services. If we collect this data via our Website or mobile app, it is solely to respond to specific requests, without using the data for other purposes. Personal Data will not be processed without notifying the Legal Guardian, except when:

    • Required by law, regulation, or for security reasons.
    • Collected to respond to a specific request without further contact or use.

We will use or disclose such data only as permitted by law, regulation, or with the Legal Guardian’s consent.

10. Use of Cookies and Other Technologies

Cookies are small data files stored on your device that enable our Website or applications to recognize your device, remember your usage, and enhance features. They help tailor content to your interests and, with your consent, provide promotional materials. We can access the information stored in cookies.

11. Contact Us

Data Privacy Office
Email: DPO@chubb.com.sa
Office Address: Khobar Business Gate, King Faisal Bin Abdulaziz Street,
PO Box 2685, Al Khobar 31952, Kingdom of Saudi Arabia.

12. Privacy Policy Updates

This Privacy Notice may be updated periodically. Please review it regularly for the latest version. Continued use of our services or provision of Personal Data after changes indicates your acceptance. Last updated on September 30, 2024.

Disclaimer: Customer Responsibility for Updated Information

It is the responsibility of the customer to ensure that the Personal Data provided to Chubb Arabia is accurate and up to date. If there are any changes to your personal details, including contact information, address, or any other relevant information, you must promptly inform us by [providing the designated communication method, e.g., updating your profile on our website, contacting our customer service team, etc.]. Failure to do so may impact our ability to provide you with services or respond to your inquiries effectively.

Close
Search

Hit enter to search or ESC to close