Information about data protection information for cedants, business partners, service providers and interested parties
We would like to explain how your personal information will be processed and inform you of your rights as a data subject under the Protection of Personal Information Act No.4 of 2013. The exact type of personal information that will be processed, and how it will be processed, depends mainly on your type of business or service, therefore not all the following information will be applicable to you. The information that will be processed is not limited to an identifying number, location information, physical address, telephone numbers online identifier or other particular assignment to the persons.
1 Who is responsible for processing your personal information?
Munich Reinsurance of Africa Company Limited (MRoA)
110 Oxford Road
Tel : +27 (011) 242-2000
Email : Legal.Compliance_MRoA@munichre.com
If you have any questions about this information, kindly contact our Information Officer on Legal.Compliance_MRoA@munichre.com.
2 What data and sources do we use?
We process the personal information that you provide us in the course of our business relationship. We will also process, to the extent necessary, any personal information that we legitimately either obtain from public sources (e.g. company publications, media reports, internet). The respective personal information mainly includes your business contact information, your position and our business correspondence with you.
3 For what purpose, and on what legal basis, will your information be processed?
We process your personal information, in compliance with the Protection of Personal Information Act No. 4 of 2013 (POPI Act) and the Electronic Communications Transaction Act No. 36 of 2005, and any other applicable laws.
a. To fulfil (pre-) contractual duties (Section 11(1)(b) of the POPI Act)
The processing of your personal information will be performed in the context of the business relationship we have with you and the legal agreement that governs this relationship.
We will process your personal information (primarily your business contact information) to contact you and to communicate with you and your company.
b. Based on your consent (Section 11(1)(a) and Section 11(11)(3)(a) of the POPI Act)
Where you have consented to our processing of your personal information for specific purpose in (a) above, that constitutes the legal basis. You may withdraw your consent at any time. Withdrawing consent applies only for the future and does not affect the validity of the information processed until the withdrawal.
c. Based on legal obligation (Section 11(1)(c) of the POPI Act)
We will also process your information to fulfil our legal duties, e.g. based on regulatory provisions, or to compare your information against sanctions lists to comply with counter-terrorism laws such as the Financial Intelligence Centre Act No. 38 of 2001.
4 Who receives your information? What categories of recipient we might disclose your information to?
Only those staff within Munich Reinsurance Company Africa Limited and where applicable entities of the Munich Re (Group) who need your data for the aforementioned purposes will have access to it.
5 How long do we store your information?
As a rule, we anonymise or delete your personal information as soon as it is no longer necessary for the aforementioned purpose, unless statutory documentation and retention rules (e.g. Companies Act 71 of 2008, Tax Administration Act 28 of 2011 and MRoA Policies) require us to keep it for longer. We will store your personal information for longer than that only in exceptional cases.
6 How do we transmit personal information to countries outside South African borders?
If we need to transfer personal information outside the South African borders, we will do so only if the relevant party to the contract has confirmed that the respective country’s level of data protection is similar/equivalent to the Protection of Personal Information Act 2013, or if data protection is otherwise sufficiently guaranteed (for example, through binding, in-house data protection provisions, or MRoA’s standard contractual clauses).
MRoA will host your personal information on global IT platforms and transfer personal information across country borders for legitimate business purposes.
7 What data protection rights do you have?
In addition to your right to object, you have a right to access your information, a right to rectify or erase your information under certain conditions, as well as a right to restrict your information being processed. Upon request, we will make the information that you provided available in a structured, accessible and machine-readable format. Please contact the aforementioned address to exercise these rights.
Right to object:
If we process your information for the purposes of protecting legitimate interests, you may object to this processing on grounds relating to your particular situation at any time. We will then stop the processing, unless we have compelling legitimate interests to do so which override your grounds. Even after giving your consent, you are entitled to withdraw it for the future without consequences.
8 Would you like to query on how your personal information is being handled by MRoA?
You may contact the aforementioned Information Officer on:-
110 Oxford Road, Rosebank, Johannesburg, 2198
Tell: +27 (011) 242- 2000
Email : Legal.Compliance_MRoA@munichre.com
9 Are you obliged to provide your personal information?
We need your personal information to fulfil our business relationship. We need your personal data, for example to send you the requested information, the newsletter you subscribed to, or invitations to events. Without this data, MRoA cannot carry out the services you request.