Sukoon Insurance PJSC (hereinafter referred to as “Sukoon”) respects your privacy and is committed to protecting it.
We collect, use, maintain, protect, process, transfer, and disclose your Personal Data in accordance with United Arab Emirates (“UAE”) data protection regulations such as, but not limited to, Federal Decree Law No. 45 of 2021 regarding the Protection of Personal Data (“UAE Federal Data Protection Law”), applicable Central Bank regulations, together with any other applicable laws as is applicable to Sukoon within UAE (collectively referred to as “UAE Data Protection Laws”) as required for the performance of the Services, evaluating/underwriting/issuing/administering/processing your quotation, proposal form, insurance policy, reinsurance, claim administration, providing requested Services , accessing any of our websites or mobile applications, or otherwise to enable you to provide information to or communicate with us.
[Wherever you interact with Oman Insurance Management Services Limited and/or Oman Insurance Workplace Savings Solution, then the UAE Data Protection Laws will refer to data protection laws as issued by DIFC, and such references shall be read and interpreted accordingly. Oman Insurance Management Services Limited and Oman Insurance Workplace Savings Solution are registered and regulated by DFSA. Wherever you interact with Sukoon Insurance – Oman Branch, our branch office in Oman and regulated by Capital Market Authority in Oman – then the UAE Data Protection Laws will stand amended to Omani personal data protection law and its executive regulations as issued by Royal Decree in Oman, and any and all references to UAE, UAE Data Protection Law will stand deleted and replaced with Sultanate of Oman, Oman Data Protection Law, and such references shall be read and interpreted accordingly].
Who We Are
Sukoon Insurance PJSC (“Sukoon”) is an insurance company licensed by UAE Central Bank and we provide insurance and reinsurance related services (“Services”) to you.
When we use terms such as “we”, “us” and “our” in this Privacy Notice, we, as the context may apply, means and refers to Sukoon and/or Oman Insurance Management Services Limited and/or Oman Insurance Workplace Savings Solution and/or Sukoon Insurance – Oman Branch and/or Synergize Services FZ-LLC and/or Equator Insurance Agency LLC and/or ASCANA Takaful (“Sukoon Takaful”) , depending upon which entity you are dealing with. Sukoon includes the relevant subsidiary with whom you may be dealing with. "we", "us", "our" or any of their derivatives also refer to the successors, subsidiaries, affiliates, and any novatee, assignee, transferee or purchaser of that entity’s rights and/or obligations hereunder. The words "you", “your” or any of their derivatives refer to the person using our Services, holding or ever held an insurance or reinsurance policy with us, having any investment or real estate relationship with us, accessing our website or mobile applications (“app” or “apps”), or otherwise providing information to or communicating with us and shall include, as the context may require, successors and assigns (as the case may be).
What Does “Personal Data”, “Processing” And Other Key Terms Mean?
Personal Data means any data relating to an identified natural person, or one who can be identified directly or indirectly by way of linking data, using identifiers such as name, voice, picture, identification number, online identifier, geographic location, or one or more special features that express the physical, psychological, economic, cultural or social identity of such person. It also includes Sensitive Personal Data and biometric data.
Sensitive Personal Data means any data that directly or indirectly reveals a natural person's family, racial origin, political or philosophical opinions, religious beliefs, criminal records, biometric data, or any data related to the health of such person, such as his/her physical, psychological, mental, genetic or sexual condition, including information related to health care services provided thereto that reveals his/her health status.
Processing means any operation or set of operations which is performed on Personal Data using any electronic means, including processing and other means. This process includes collection, storage, recording, organization, adaptation, alteration, circulation, modification, retrieval, exchange, sharing, use, or classification or disclosure of Personal Data by transmission, dissemination or distribution, or otherwise making it available, or aligning, combining, restricting, blocking, erasing or destroying Personal Data or creating models therefor.
Services means any and all services as performed by Sukoon to further its commercial business purposes. This includes but is not limited to evaluating, underwriting, issuing, administering, processing your quotation, proposal form, insurance policy, reinsurance, insurance or reinsurance claim, administrative services, investment services, leasing services, any other services as permitted to be undertaken by Sukoon.
For Oman Insurance Workplace Savings Solution and Oman Insurance Workplace Savings Solution and for Sukoon Insurance– Oman Branch, the above key terms will additionally have the meanings as defined within the data protection laws within DIFC, DIFC, and Sultanate of Oman respectively.
Do You Have to Provide Your Personal Data to Us?
Insurance services almost completely relies on Personal Data and it is critical for us to receive and continue to receive your accurate, up-to- date Personal Data to enable us to provide you appropriate Services. We are unable to provide you with our products or Services or to process your proposals without having Personal Data about you. We remind you that withholding or concealment or misrepresentation of your data including Personal Data may lead to your insurance/reinsurance policy (if any issued) to be considered cancelled or void from inception and/or your insurance/reinsurance claim being denied. We will, wherever feasible, clearly inform you whether the requested Personal Data is mandatory or optional to be provided.
Sukoon operates various social media channels, social media accounts to inform, assist and engage with customers. Sukoon monitors and records comments and posts made on these channels about Sukoon in order to improve its products and Services. Please note that you must not ever post or communicate any of your Personal Data on any social media platforms including Sukoon operated channels. Sukoon will not be responsible if you post any of your Personal Data on any social media channel/forums/pages/accounts.
What Personal Data Do We Collect?
This will primarily depend on the products or Services you apply for and/or receive from us.
The Personal Data that we collect or may collect include (without limitation):
• Personal contact data (including title, name, telephone number, mobile number, email contact details, address, residential address and correspondence address);
• Signatures, specimen signature(s);
• Occupation, education and income levels;
• Identification details, passport number, Emirates ID details, date of birth, age, place of birth, nationality, residency details, citizenship details, and other identity related details;
• Your government identification number and identification documents including, for instance, document type, number, country of issue and expiration date;
• Financial, insurance, banking information (e.g. information on net assets, income, expenses, credit history, bank account and banking transactions, securities trading account);
• Details of your marital status, spouse’s name and account information, dependents, beneficiaries, beneficial owners, representatives, indemnifiers, tax status, sources of income and funds, assets and liabilities, whether you are a politically exposed person and/or other compliance-related details;
• Details of shareholdings, prominent functions, directorships and/or employment including, for instance, your occupation, salary, employer and length of service;
• Details of your current or past insurance policies, insurance claims, reinsurance policy, reinsurance claims, and any related data and/or information;
• Details of your medical history and current and ongoing health status;
• Details of your products and services including, for instance, application information, insurance policy details, reinsurance details, currency, account history, standing orders, direct debits, payment transactions, insurance policies held – their details, details of additional signatories, beneficiary details, banking details, information relating to complaints and/or fraud reports, and details associated with policy cancellations/amendments and so on;
• Images and voice recordings of your communications with us;
• Value-added tax, corporate tax details;
• Insurance details, reinsurance details;
• Information about your risk profile, investments, investment objectives, knowledge and experience and/or business interests and assets;
• Personal opinions made known to us (e.g. your feedback or responses to any surveys);
• Browsing history, patterns or other unique information;
• Your internet protocol address and information associated with such address;
• Criminal record checks;
• Records of how you have contacted us and, if you get in touch with us online, details such as your mobile phone location data, IP address and MAC address;
• Security identifiers (including, for instance, mother’s maiden name);
• Any other Personal Data reasonably required in order for us to provide the Services; and/or
• Any other Personal Data permitted by or required to comply with any UAE Data Protection Laws and our internal control and compliance policies.
Where Do We Collect Personal Data From?
This will depend on the products or Services you apply for and obtain from us. Most of the data that we collect is provided or filled in by you as part of your proposal form/ claim form and/or provided to us by your broker/insurance intermediary, reinsurance intermediaries and/or your service providers, motor garages, medical providers, pharmacies, hospitals, clinics, and/or claim adjuster, loss adjusters etc. Your Personal Data will mainly be obtained pursuant to a statutory or contractual requirement or a requirement necessary to enter into and to perform the Services and/or any contracts.
Personal Data has/or will also be obtained from the following sources, where applicable, or such other sources which we may see fit from time to time:
• As applicable, publicly available or publicly accessible information;
• Such other written, electronic or verbal communications or documents delivered to us prior to and during the course of our contractual or pre-contractual dealings with you;
• Screening service providers, screening credit check providers;
• Banks, brokers, insurance agents, insurance intermediaries;
• Hospitals, clinics, pharmacies, service providers, medical TPAs (third-party administrators), medical providers;
• Other insurance companies, reinsurers, insurance intermediaries;
• Your employer, your staff, recovery agents, other insurers, other financial or insurance-related entities;
• Claim adjusters, loss adjusters;
• Legal advisors, professional advisors, consultants;
• Fraud prevention agencies, credit reference agencies, landlord, lenders, publicly available directories and information (e.g. telephone directory, social media, internet, news articles), debt recovery and/or tracing agents, other organizations to assist in prevention and detection of crime, police and law enforcement agencies;
• Regulators, regulatory portals;
• From other members of our group if you have earlier provided your Personal Data to them;
• Credit Reference Agencies; and/or
• Courts or different legal and regulatory registers as maintained with respective Government and Regulatory entities.
What Do We Use Your Personal Data For? What Purposes Does Processing Serve, and What is Its Lawful Basis?
We undertake the Processing of your Personal Data as required to comply with applicable UAE Data Protection Laws that we are subject to. We also process your Personal Data for the purpose of legitimate interests pursued by us or a third party to whom your Personal Data is made available. We Process your Personal Data on lawful, legitimate basis as permitted under Applicable Laws, which primarily will relate to providing you or in relation to or arising from the Services and/or to perform relevant contracts with or related to or arising from you.
For some processing more than one legal ground may be relevant. We also Process your Personal Data for our business purposes.
We Process your Personal Data for the following purposes ("Purposes"):
• To provide a quotation and/or contract of insurance;
• To identify individuals that contact us;
• To set up a policyholder, life insured or a member of a corporate savings plan or group insurance policy;
• To arrange and maintain business relationships with service providers and representatives;
• To administer and renew policies;
• To communicate with policyholders or their appointed representatives in respect of insurance services;
• To make and receive payments;
• To assess, process and settle claims;
• For fraud prevention and detection purposes;
• To comply with tax reporting obligations such as Common Reporting Standards (CRS)/Foreign Account Tax Compliance Act (FATCA);
• To provide the Services to you, including underwriting, administering, Processing any insurance policy, claim, reinsurance;
• To automate decision making processes including profiling, underwriting, issuance of policy, claim processing, (such automated decision-making process including profiling may produce legal consequences or otherwise seriously impacts you);
• To carry out any transactions on your behalf contemplated by the Services;
• To assess and process applications, instructions or requests from you;
• To communicate with you, including providing you with updates, or changes to our Services;
• To verify your identity for the purposes of providing Services to you;
• To conduct due diligence checks, screenings or credit checks as may be required by any applicable laws or our internal policies and procedures;
• For the specific purpose for which it was volunteered or provided to us;
• To detect and prevent fraud and other unauthorised or illegal activities and protect us or any third parties against negligence, fraud, theft and other illegal activities;
• To understand your needs and preferences;
• To improve the content, appearance and utility of the Services;
• To manage and develop infrastructure and business operations;
• To carry out our obligations and enforce our rights arising from any agreements entered into between you and us, including for billing and collection and the processing of payments;
• To comply with our internal policies and procedures;
• To respond to queries or feedback;
• To address or investigate any complaints, claims or disputes;
• To conduct surveys and obtain feedback on our services;
• To comply with any applicable laws or any request from any relevant governmental or regulatory authority;
• For financial reporting, regulatory reporting, management reporting, risk management, audit and record keeping purposes;
• To create anonymised reports, analytical reports, statistical research, market surveys;
• To seek professional advice, including legal advice;
• To provide you with marketing materials in connection with the Services we may provide;
• To fulfil any purpose related to the above purposes or any other purpose in connection with the provision of our Services;
• Conducting market research and surveys with the aim of improving our products and Services;
• For development of new products, improvement of products, creating business intelligence, database creations;
• Marketing and promotion, conducted with or without the support of third parties engaged by us;
• Remaining competitive as well as developing and improving our products and services;
• Preventing, detecting, investigating and prosecuting crimes (including but not limited to money laundering, terrorism, fraud and other financial crimes) in any jurisdiction, identity verification, government sanctions screening and due diligence checks;
• To comply with applicable legal and regulatory requirements such as anti-money laundering, financial sanctions, tax or regulatory reporting. This includes complying with requests to provide data including personal information to our regulators, which may be on an adhoc or regular and daily basis, such as with UAE Central Bank, Department of Health, Dubai Health Authority, relevant Roads and Transport Authority(ies), Federal Tax Authority, or any other Government regulator as required to satisfy the regulatory requirements. Such data sharing could be in respect of individual insurance policies, group insurance policies and corporate savings plans issued by us in the UAE and may include personal information of relevant parties of the above policies and plans (such as policy owners, claimants, lives insured and beneficiaries - and employees of such policy owners, claimants and beneficiaries as the case may be). This data sharing may include requests for historic as well as current data;
• Complying with applicable local or foreign law, regulation, policy, voluntary codes, directive, judgement or court order, as well as any request by any authority, regulator or enforcement agency or body;
• Establishing, exercising or defending legal rights in connection with legal proceedings (including any prospective legal proceedings) and seeking professional or legal advice in relation to such legal proceedings; and
• Any other purposes that are appropriate or authorized by any applicable laws.
We may contact you by postage, mail, e-mail, SMS/text, telephone and other electronic means for direct marketing purposes to provide information on products and services that we believe will be of interest, to the extent permitted by applicable law, unless you object to receiving such information. If you do not want to receive such communications from us please use the unsubscribe or opt-out facilities provided within the relevant marketing material. Your option not to receive promotional and marketing material shall not preclude us from corresponding with you, by email or otherwise, regarding your existing relationship with us (e.g., your policy status and activity or our responses to questions or inquiries you pose to us).
Wherever you have provided us your consent or authorization to Process your Personal Data, the Processing of Personal Data will be lawful based on your consent. Wherever the Processing is based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of Processing based on consent before its withdrawal, unless where such withdrawal of consent is not permitted under Applicable Laws. All best efforts will be made to effect Your withdrawal of consent within 30 days of receiving your request to withdraw. The request for withdrawal has to be provided by contacting us (refer to contact details section).
To Whom Do We Disclose and Share Your Personal Data With?
We may from time to time disclose to and share your Personal Data with directors, officers, employees, representatives, agents or delegates or any third parties, whether located in UAE, or otherwise, to carry out the Purposes. This includes, disclosing and sharing your Personal Data with the following:
• Our parent company, subsidiaries and affiliates;
• Any of our directors, officers, employees, representatives, agents or delegates;
• Any of our shareholders or related corporations, and any of their successors or assigns, and their directors, officers, employees, representatives, agents or delegates;
• Our professional advisers, trustees, consultants and auditors;
• Survey and research organisations;
• Any sub-contractors which any of our service providers, agents, suppliers, delegates or contractors may appoint from time to time to provide them with services in connection with the Services that we offer to you, and their directors, officers, employees, representatives, agents or delegates;
• Anyone who takes over or may take over all or part of our rights or obligations under any agreement we have with you or anyone any agreement we have with you (or any part thereof) is transferred to or may be transferred to;
• Any service providers, agents, contractors, delegates, suppliers or third parties which we may appoint from time to time to provide us with services in connection with the Services, and their directors, officers, employees, representatives, agents or delegates;
• With other insurance and/or reinsurance companies, claim administrators, third party claim administrators, medical providers, pharmacies, clinics, hospitals, IT service providers, insurance intermediaries, banks, brokers, agents, consultants, surveyors, loss adjustors, loss assessors , IT service providers, actuaries, payment processors, aggregators, emergency support/assistance providers, additional administrative and/or support service providers, and other like entities or persons , whether inside or outside UAE, to the extent necessary as may be required to provide Services to you;
• Real estate brokers, agents, developers if required in managing any property which you may have leased or bought from us or sold to us;
• Bankers, fund managers, fund administrators, mutual funds, distributors, fund or scheme operators;
• Debt recovery agents, auditors, investment companies, credit rating agencies, trustees, beneficiaries, trade associations, insurance associations, tax authorities;
• IT service providers, licensors of various software’s that we use or provide, back up and server hosting providers, communication providers, software and maintenance providers, document storage providers, suppliers;
• Any person who we believe in good faith to be your legal advisers or other professionals or your appointed representatives;
• Pursuant to a request by any relevant governmental or regulatory authority (regardless of the reason for such request and whether such request is exercised under a court order or otherwise);
• Parties which assist us in carrying out the purposes as permitted or required;
• Any person to whom we are, in our belief in good faith, under an obligation to make disclosure as required by any applicable laws;
• Any relevant governmental or regulatory authority, in so far as we need to do so to keep to any applicable laws, or which we in good faith believe that we should keep to.
In the case of disclosures, we shall disclose such Personal Data in accordance with the terms of the UAE Data Protections Laws. We shall exercise reasonable caution and diligence to determine the validity and proportionality of any request and where reasonably practicable obtain assurances from the recipient of the Personal Data in relation to the disclosures.
Do We Transfer Your Personal Data Outside the UAE?
We may transfer, store, process and/or deal with your Personal Data outside the UAE for one or more of the purposes including as permitted under UAE Data Protection Laws. We implement appropriate technical and organizational measures to ensure that any Processing of your Personal Data is undertaken securely and in compliance with the UAE Data Protection Laws. Some countries outside UAE may not have adequate protection for Personal Data under the laws that apply to us. We will, wherever necessary, ensure that suitable safeguards are in place before we transfer your Personal Data to outside UAE which do not have adequate protection as determined under UAE Data Protection Laws, for example by signing specific contractual clauses to maintain adequate protection with such entities. In doing so, we will comply with the UAE Data Protection Laws.
How Long Do We Retain Your Personal Data For?
Your Personal Data is retained as long as the purpose for which it was collected remains and until it is no longer necessary for any other business purposes or to comply with any applicable laws. We will also hold your Personal Data as long as is necessary to respond to any queries from you, to improve our Services, to respond to any legal claims by you, or to comply with any legal and/or regulatory requirements to which we are subject to. To determine the appropriate retention period for Personal Data, we may also consider the amount, nature and sensitivity of the Personal Data, the potential risk of harm from unauthorised use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve such purposes through other means, and the applicable requirements. Generally, we will keep your Personal Data (excluding health data) for at least 10 years from the end of our relationship with you/ expiry of your policy with us , as required to be retained under relevant UAE regulations. Any of your Health data will be kept for at least 25 years as required to be retained under current relevant UAE regulations. In case of any dispute or litigation your Personal Data will be retained for longer periods. At the expiry of such periods, your Personal Data may either be deleted or securely archived.
What Are Your Rights?
Under the UAE Federal Data Protection Law you have a number of key rights, such as the rights to:
• Obtain information;
• Request Personal Data Transfer;
• Correction or erasure of Personal Data;
• Restrict Processing;
• Stop Processing; and
• Processing and Automated Processing.
The above rights are subject to exceptions as permitted and stated under UAE Data Protection Laws.
Under certain laws (if applicable) you may also have the right to data portability.
What Should You Do If Your Personal Information Changes?
As the accuracy of your Personal Data depends largely on the information you or such third party provide to us, you should inform us in writing as soon as practicable if there are any errors in the Personal Data or if there have been any changes to the Personal Data. Any errors or incomplete Personal Data may prevent us providing Services to you or may lead us to provide partial or incorrect Services.
If you were introduced to us by a broker or other intermediary who is data controller in its own right, you should contact them separately.
We use a variety of technologies on our website and mobile applications to collect information that helps us understand how our Services are used so we can refine our Services and simplify the user experience. A cookie is a small file of letters and numbers that is stored on your device when you visit a website or use an app. Cookies may expire at the end of a web session or app or persist in order to store your settings and preferences. A web beacon, also known as a pixel tag, is a tiny transparent image embedded in a website or an email to measure usage and activity. In some case, a web beacon triggers the placements of a persistent cookie on your computer.
The type of Cookies and other tracking technologies used on our online platforms can be categorized as follows:
• Strictly Necessary Cookies: As the name suggests, these are cookies that are required for the operation of our online platforms. They include, for example, cookies that enable you to log into secure areas of our online platforms, make purchases and avail our Services. Without these Cookies, you will not be able to access some parts of our online platforms. These Cookies do not typically contain any information that personally identifies a user.
Performance Cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our online platforms. This helps us to improve the way our online platforms works, for example, by ensuring that users are finding what they are looking for easily. These Cookies do not typically contain any information that personally identifies a user.
• Functionality Cookies: These are used to recognise you when you return to our online platforms. These Cookies enable us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region). These cookies may collect your personal information to the extent you have disclosed, and if you do not accept these Cookies, then it may restrict the content on our online platforms and affect the performance and functionality of our online platforms to you.
• Targeting and Third-Party Cookies: These Cookies record your visit to our online platforms, the pages you have visited and the links you have followed. We may engage with a number of third-party service providers who may also install Cookies on your device on our behalf when you access our online platforms to allow them to deliver you custom-made advertisement within their webpage. We will use this information to make our online platforms and the advertising displayed on it more relevant to your interests. When you browse our online platforms some of the third party Cookies may be installed on your device who provide its features on our online platforms, although you may have declined your consent to our Cookies. This is due to your acceptance to use their Cookies on their website. We may also share this information with third parties for this purpose.
You may set up your web browser to block cookies. You may also remove cookies stored from your computer or mobile device. However, if you do block cookies, you may not be able to use certain features and functions of our website.
We also use analytics programs such as Google Analytics for web analytics purposes to manage and improve our website, mobile apps and/or our Services. Accordingly, your Personal Data may be collected for reports such as impression reporting, demographic reporting, interest reporting and to assist with tailoring our online advertising to provide you with a better experience.
We and our third-party vendors and service providers, including Google, use first-party cookies (such as the Google Analytics cookie) or other first-party identifiers, and third-party cookies (such as Google advertising cookies) or other third-party identifiers together, to inform, analyse, optimise, and serve custom ads based on your interests, searches and prior usage patterns when visiting our website, mobile apps, and for other market research analysis purposes such as impression reporting and how your interactions with these ads are related to visits to our website, mobile apps, amongst others. As a consequence, third party vendors and service providers may show our ads on other websites or mobile apps. We neither support nor endorse the goals, causes or statements of these websites or mobile apps which display our ads.
Using the Google Ad Settings, you may control the ads you view, block specific advertisers, learn how ads are selected for you, and opt-out of Google Analytics for Display Advertising. To opt out from any collection or use of information by Google Analytics, please download and install the Google Analytics Opt-Out Browser Add-on or any other available means. By opting out, you will not be subject to online advertising or marketing analysis by Google Analytics and you will no longer receive ads tailored to your browsing patterns and usage preferences.
Do We Record or Monitor Any Communications?
To the extent permitted by law, we may record and monitor your communications with us to ensure compliance with our legal and regulatory obligations and our internal policies. This may include the recording of telephone conversations, meetings, any interactions, etc.
Our Contact Details
For any further details, complaints, to exercise any rights available to you under UAE Data Protection Laws, you may email us at DPO@sukoon.com or send a postal mail to the following address:
Data Protection Officer,
Sukoon Insurance PJSC (“Sukoon”)
P.O. Box 5209,
If you have any complaints in relation to your rights and which remains unanswered or not addressed to your satisfaction despite repeated reminders, then you may raise a complaint contact the UAE Data Office if you are dealing with non-DIFC based entities or with Commissioner of DIFC Data Protections Office if you are dealing with DIFC-based entities.