Munich Re logo Not if, but how

Information on the Processing of your Applicant Data

    mrwebsites.corporate.textToSpeech.trackImageAlt

    properties.trackTitle

    properties.trackSubtitle

    0:00
    0:00

    Transparency regarding how data is processed is a key element of data protection. Our responsibility to ensure that your data is protected in line with the valid data protection regulations is one we take very seriously. This information on data protection is designed to provide you with information on how your personal data is processed by Munich Re PCC Limited and on your rights under applicable data protection law.

    1. Scope of application

    This information on data protection is aimed at applicants.

    2. Who is responsible for processing your data?

    Munich Re PCC Limited
    Level 4, Whitehall Mansions
    Ta´ Xbiex Seafront
    Ta´ Xbiex, XBX 1026
    Malta

    (hereinafter referred to as “Munich Re PCC” or “we”)

    You can contact our Data Protection Officer at the postal address mentioned above, with the addition "To the Data Protection Officer" or under www.munichre.com/en/general/contact/form-data-protection.html marking “Munich Re PCC Limited / Ta´ Xbiex” in the field “Company”.

    3. What categories of data do we use?

    The categories of personal data that we process include, in particular, your master data (first name(s) and surname), contact details (e.g. address, telephone number(s) and email address), job-related information (e.g. work permit) and data relating to the entire application process (in particular covering letter, CV, certificates/letters of reference, questionnaires/interviews, information on your qualifications and previous employment). We do not require any special categories of personal data (such as health data, religious affiliation, degree of disability) to process your application. We only use this data if you have disclosed it voluntarily in the course of the application process and your consent or a statutory authorisation justifies its use. If you are invited to an interview, we also record your data as part of video surveillance at certain buildings, such as at the entrance to our office buildings or access control vestibules. You can find more information in the data protection information on video surveillance, which you will find on our website.

    4. For what purposes, and on what legal grounds, will your data be processed?

    We will process your personal data in line with the provisions set out in the EU General Data Protection Regulation (GDPR) and all other relevant laws.

    The primary purpose of data processing is to conduct and complete the application process and to assess your suitability for the position in question. Your applicant data has to be processed so that we can decide whether to conclude an employment contract with you or not. The primary basis for this is Article 6(1b) GDPR. In some areas, we may rely on separate consent granted by you in accordance with Art. 6(1a), 7 GDPR and Section 26(2) BDSG (e.g. regarding the use of your application documents for other vacancies in the Munich Re Group). If you grant your consent, you have the right to revoke it for the future at any time.

    The Munich Re Group is a global organisation that also operates using what are known as matrix structures. In matrix structures, in addition to a legal/line manager (“legal view”), there is also a functional manager (“management view”), who may be located at another Group company in a different country. If, for example, a position is advertised for the Munich site in such cases, your future line manager in Munich will receive your application documents. However, your functional manager, who may be based in the US, for example, will also have access to your data, as they are the functional manager of the future employee. This disclosure of your data is based on legitimate group interests (Art. 6(1f) GDPR).

    Any processing of special types of personal data is based on the permissions in Art. 9 para. 2), unless we have obtained your express consent (Art. 9 para. 2 a) of the GDPR).

    We will also process your data to fulfil our legal duties as a potential employer, e.g. based on supervisory provisions, or to compare your data against sanctions lists to comply with counter-terrorism rules (e.g. Council Regulation (EC) No. 2580/2001). This is done in each case on the basis of Art. 6(1c) and (1f) GDPR.

    In addition, we may use your data for statistical purposes (e.g. studies of candidate behaviour). Any statistics are collected purely for internal purposes and the findings are not individualised, but rather always remain anonymous.

    Should we wish to process your personal data for a purpose not listed above, we will inform you of this in advance pursuant to applicable law.

    No automated decision-making is used.

    5. Where does your data come from?

    As a rule, we will collect your data directly from you during the hiring process. In addition, we may receive data from third parties (e.g. personnel agencies), to whom you have made your data available for disclosure.

    6. Who receives your data?

    We handle your data confidentially at all times. Within Munich Re PCC, your data will be given only those staff and departments (such as the unit directly concerned) who need your personal data for the recruitment decision and in order to execute their contractual and statutory duties. 

    Where we are unable to offer you any vacant job position, but your profile gives us reason to believe that your application could possibly be of interest for future job openings within our group of companies, we will pass your application details on to other Group companies, provided you have given us your explicit consent to do so.

    Our IT systems and the online applications platform are administered by Münchener Rückversicherungs-Gesellschaft Aktiengesellschaft in München, Koeniginstrasse 107, 80802 Munich, Germany (Munich Re), which in turn uses other service providers for operating the systems/platform. You will therefore be directed to a Munich Re page when submitting your application data. When applying for a Munich Re PCC position, your application data will only be used for that particular position and be shared within the respective department(s) at Munich Re PCC which are concerned with your application unless you explicitly consent otherwise. It may however be possible that certain authorised employees at Munich Re or at third party service providers may also gain access to your personal data by operating/administering the application platform and by managing the application process. The categories of service providers can be found here.

    Where required or permitted by law, authorities, courts or professional advisors may also gain access to your personal data.

    7. Will your data be transferred to a third country?

    As a general principle, we process your personal data in Malta or in countries that are European Union (EU) or European Economic Area (EEA) member states. If we need to transfer personal data to service providers or subcontractors outside the EEA, we will do so only if the European Commission has confirmed that the country’s level of data protection is sufficient, or if data protection is otherwise sufficiently guaranteed (for example, through Binding Corporate Rules, or the European Commission’s Standard Contractual Clauses). You can write to the above-mentioned address to obtain detailed information and to learn more about the level of data protection at our service providers in non-EEA countries.

    8. How long will your data be stored for?

    We generally erase your personal data, including your profile in our applicant portal, six months after completion of the application process, unless you have actively consented to us storing your data for a longer period (e.g. including it in our applicant tool so that we can offer you another position in the future). Other erasure periods may apply, e.g. if you consented that we forward your application also to group companies outside Europe and the EEA. If other erasure periods apply, these will be taken into account in our international application process and in the applicant management tool. The erasure referred to above does not apply if statutory provisions prevent erasure, if continued storage of your data is necessary for evidence purposes, or you have consented to a longer period.

    9. Are you obliged to provide your data?

    In your application, you must provide the personal data that is necessary for us to complete the application process and assess your suitability. Without this data, we will not be able to complete the application process and make a decision on whether to enter into an employment contract with you.

    10. What measures do we take to protect your data?

    We take state-of-the-art technical and organisational security measures to protect data against accidental or intentional manipulation, loss, destruction, and access by unauthorised parties.

    11. What data protection rights can you assert as a data subject?

    You can request information about the personal data we have stored under your name, from the address above. In addition, under certain circumstances, you may request that your data be rectified or erased. Furthermore, you may have a right to restrict the processing of your data and a right to disclosure of the data you have made available in a structured, common and machine-readable format. If you have given your consent, you have the right to revoke it at any time with effect for the future; if you were not informed of any other way to do so when you gave your consent, you can send your revocation to the above address.
    Right to object:

    If we process your data for the purposes of safeguarding legitimate interests, you may object to this processing on grounds relating to your particular situation. If you object, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for processing that override your interests, rights and freedoms, or if processing serves the assertion, exercise or defence of legal claims.

    Please contact us at the address above to exercise these rights. 

    12. Who can you contact if you wish to make a complaint?

    If you believe that we have breached applicable data protection law when processing your personal data, you can contact the aforementioned Data Protection Officer or the data protection authorities to make a complaint. The public authority responsible for Munich Re PCC is:

    Information and Data Protection Commissioner
    Floor 2, Airways House
    Triq Il-Kbira,
    Tas-Sliema SLM 1549,
    Malta

    13. Changes to this information on data protection

    We have to amend our data protection information from time to time to make ongoing improvements to our processes and to reflect technological advances. When you visit our website, please read the current version of our information on data protection (current version: May 2026).