Who We Are
SCOR SE is a Societas Europaea headquartered in Paris, France. Our headquarters are located at:
5 Avenue Kleber
75795 Paris Cedex 16
Tel: +33 (0)1 58 44 70 00
SCOR engages in business on its own behalf and through a variety of subsidiaries (collectively referred to as “SCOR” or “We” in this Notice unless specifically stated otherwise). Information about the SCOR can be found on SCOR’s website, www.scor.com and SCOR’s subsidiaries that process Personal Data are listed by country in Appendix 1 to this Notice.
What We Do
SCOR is primarily a “Reinsurer”. In most cases, our clients are insurance companies, which are also known as “Insurers”. Insurers provide insurance coverage to individuals, firms and companies, who are often called “Insureds”. SCOR also acts as an Insurer in certain limited circumstances.
Typically, Insurers and Insureds enter into contracts called “Policies”. Insurance Policies can protect the Insured against a wide variety of losses, including loss of life, loss or damage to property, loss associated with health issues or problems and loss due to negligence or other action by the Insured.
A Reinsurer provides insurance coverage to Insurers in much the same way that Insurers provide insurance coverage to Insureds. Reinsurers and Insurers enter into contracts that are often called Reinsurance Agreements or Treaties. These Reinsurance Agreements or Treaties provide coverage to the Insurers against losses, usually related to one or more underlying Policies between the Insurer and its Insured(s). Reinsurers receive premiums from Insurers and pay claims to them.
Reinsurers such as SCOR may also have their own Reinsurers (usually called Retrocessionaires) who provide insurance coverage to the Reinsurer. In this manner, reinsurance serves to spread the risk of loss across two or more companies, which helps to ensure that funds will be available to pay claims, particularly when a significant loss-making event occurs.
SCOR operates around the globe and thus data are accessed and exchanged amongst SCOR subsidiaries (see Appendix 1) and with third parties in the normal course of doing business. The Retrocessionnaires who may receive personal data from SCOR and that are located outside the European Union are located in the countries listed in Appendix 2. SCOR is committed to comply with data protection principles in the processing of Personal Data concerning its clients, underlying insureds, employees, business partners and others and to respect their fundamental rights and privacy in accordance with any applicable laws.
SCOR’s Data Protection Officer
SCOR has appointed a Data Protection Officer who is bound by secrecy and confidentiality concerning the performance of his position. SCOR’s Data Protection Officer is:
5 Avenue Kleber
75795 Paris Cedex 16
Questions or inquiries concerning SCOR’s processing of Personal Data should be directed to SCOR’s Data Protection Officer.
Why We Process Personal Data
When an Insurer issues an insurance Policy to an Insured, the Insurer needs to know certain information about the Insured. It typically collects this information from the Insured during the process of underwriting the Policy. This information is necessary to evaluate the risk presented by the Insured.
When SCOR, as a Reinsurer, enters into a Reinsurance Agreement or Treaty with an Insurer to provide reinsurance coverage, that coverage is usually linked to a Policy, or group of Policies, that the Insurer has written with its own Insured(s). Like an Insurer, the Reinsurer needs to know certain information about the Insured(s). For this reason, the Insurer transmits some data about the underlying Policy(ies) and the associated Insured(s) to the Reinsurer. Some of this data is Personal Data.
In a similar manner, SCOR may also pass some Personal Data on to its own Retrocessionaires.
In relation to the Insurer-Reinsurer relationship or the Reinsurer-Retrocessionaire relationship, SCOR will engage in a variety of exchanges of information including but not limited to letters, emails, contractual reporting and other similar activities that necessarily may include Personal Data relating to Insured or business-related Personal Data related to employees of the Insurers, Reinsurers and Retrocessionaires.
In addition, SCOR has employees, contractors, interns and other similar types of workers. In the course of its professional relationship with its workers, SCOR will come into possession of Personal Data concerning those workers. SCOR also receives information from prospective workers such as curriculum vitae (CV), resumes, letters of interest and other similar documentation and therefore SCOR also possesses Personal Data about such prospective workers.
Legal Basis for Processing of Personal Data
As described above, SCOR processes personal data pursuant to its legitimate business interest as a data controller and a party to contracts of reinsurance with Insurers. This interest is the fulfilment of its contractual obligations to the Insurer who, in turn, has its own contractual obligations to the Insured. SCOR’s processing of this Personal Data is therefore in the interest of both the Insurer and of the underlying Insured.
In addition, SCOR as a reinsurer regulated under French law within the European Union, is required by law to process certain Personal Data for the purpose of establishing reserves and capital requirements, paying claims in a timely manner and otherwise complying with all applicable laws and regulation relating to its business as a reinsurer.
The Personal Data We Process
The Personal Data provided by Insurers to SCOR may include:
- identifying information such as name, address, occupation and date of birth;
- information concerning health status and other medical information;
- information concerning the death, injury or loss to a person that may be covered by a Policy;
- information concerning certain personal characteristics or habits, such has whether a person smokes cigarettes or engages in hobbies or activities that present special insurance risks such as hang gliding or parachuting;
- other information as may be necessary to evaluate any aspect of premiums, claims or coverages under a Policy.
This data is provided to SCOR pursuant to contracts between SCOR and the Insurers. In a similar manner, SCOR may provide the same type of Personal Data to its own Reinsurers, again pursuant to contractual agreements between SCOR and its reinsurers. Where those Reinsurers are located outside of the European Union, SCOR has entered into appropriate data transfer agreements. In addition, SCOR also maintains a Data Transfer Agreement covering transfers of Personal Data amongst SCOR subsidiaries. You may request, through our Data Protection Officer, that we inform you as to whether your Personal Data in our possession has been sent to one or more of our own Reinsurers and, if so, the identity(ies) of such Reinsurer(s). You may also request that our Data Protection Officer provide you with a copy of the Data Transfer Agreement(s) applicable to your Personal Data.
Our Processing of Personal Data
SCOR’s processing of Personal Data is for one or more of the following purposes:
- Provision of Reinsurance Coverage – We process Personal Data for the purpose of identifying, evaluating, underwriting, reserving and making claims payments relating to specific underlying Insureds. SCOR does not conduct automated decision-making activities within the European Union. While SCOR does not engage in profiling as part of its business, one might consider underwriting to be a form of profiling. In this regard, underwriting means that SCOR may review Personal Data concerning a person – such as age, height, weight, occupation, gender, medical history, hobbies or recreational activities, personal habits affecting health such as smoking cigarettes – in order to make a determination as to the risk of mortality (risk of dying) or morbidity (risk of sickness or health problems). The results of this underwriting may be passed on to the Insurer who in turn may utilize the information in deciding whether to issue life or health insurance and at what price.
- Obtaining Reinsurance Coverage – As described above, we may purchase our own reinsurance coverage from other Reinsurers. In this regard we would provide information to our Reinsurers that is similar to the information provided to us from Insurers, as described above.
- Financial Calculations – We are required to evaluate our business and perform a variety of calculations based on these evaluations. These include establishing reserves for the payment of present or future claims and establishing the capital needed to operate our business.
- Statistical Analysis and Studies – Both in conjunction with the required financial calculations described above as well as our own understanding of our business needs, we may conduct studies of the loss experience of our business in the past. These studies help us make projections into the future by helping us understand
- Communication and Marketing – SCOR may send professional letters, emails or other correspondence and communication to the employees of its business clients, prospective clients, brokers, or other individuals with whom it does business or who may be involved in one or more business transactions with SCOR. Similarly, SCOR may send newsletters, notices and similar information to individuals in the reinsurance and insurance industry.
- Storage – With the exception of certain personal data originating from outside the European Union, SCOR stores all personal data in France.
- Retention – SCOR retains personal data pursuant to a data storage and retention schedule that is designed to keep personal data for so long as we may be required to keep it in order to manage our reinsurance business and for a reasonable period thereafter. In some instances, SCOR may be required to keep personal data for a specified period of time, but in the absence of a specific legal requirement SCOR will keep personal data relating to underlying insureds for 30 (thirty) years beyond the date when SCOR no longer reinsured the risk or paid the claim, whichever is later.
- Screening and Review – SCOR regularly screens certain aspects of Personal Data, such as names, dates of birth, addresses and countries of residence against lists provided by governments relating to sanctions, embargoes, money laundering, politically exposed persons and other similar subjects. We may also undertake a review and evaluation of transactions or proposed transactions to determine whether there is or may be money laundering activity. This process helps us ensure that we do not engage in any business transactions, or enable any business transactions, with regard to any sanctions individuals or legal entities.
- Human Resources – SCOR collects and processes Personal Data in order to establish an application for a specific job advertisement or as an unsolicited application, in particular, for the following purposes: Checking and assessing suitability for the position to be filled, performance and behavioural evaluation to the extent allowed by law if necessary for registration and authentication for application via our website, if necessary for drawing up the employment contract.
Your Right to Access and Correct Your Personal Data
You have the right to know if SCOR has any of your Personal Data. In the event you wish to see a copy of the Personal Data we have concerning you, please contact our Data Protection Officer. We will investigate your request promptly.
If after reviewing your Personal Data in our possession, you determine that there is an error(s), you may request the error(s) be corrected. If you make such a request, we will investigate and, if appropriate, correct any errors promptly.
Your Right to Object to Processing of Your Personal Data and/or Restrict Processing
If you desire to object to SCOR’s processing of your Personal Data or you desire to have SCOR restrict its processing of your personal data, you may lodge an objection and/or request for restriction of processing with our Data Protection Officer. If you make such a request, we will investigate and, if appropriate, cease processing of your Personal Data or, if applicable, restrict processing of your Personal Data, promptly. However, under applicable law and our contractual obligations your objection and/or request for restriction does not automatically mean that we are required to stop processing your Personal Data, or that we delete it or restrict our processing of it.
Your Right to have SCOR Erase Your Personal Data and Withdrawal of Your Consent to Process
If you desire to request that SCOR erase your Personal Data or you have or wish to withdraw your consent to process your Personal Data, you may make your request to our Data Protection Officer. If you make such a request, we will investigate and, if appropriate, erase your Personal Data and/or cease to process your Personal Data promptly. However, under applicable law and our contractual obligations your request does not automatically mean that we are required to stop processing your Personal Data, or that we delete it.
Your Right to Have SCOR Assist You in Moving Your Personal Data
Although we consider it to be very unlikely given the nature of our business, if you desire to request that SCOR assist you with moving your Personal Data to another Reinsurer or Insurer, you may make your request to our Data Protection Officer. If you make such a request, we will investigate and, if appropriate, provide such assistance promptly. However, under applicable law and our contractual obligations your request does not automatically mean that we are required to stop processing your Personal Data, or that we delete it.
Your Right to Complain
Although we always make every effort to address concerns of which we are made aware, you have the right to lodge a complaint with a supervisory authority concerning SCOR’s processing of your Personal Data.
Changes to this Privacy Notice
We keep our privacy notice under regular review. This privacy notice was last updated on May 25, 2018.