Looking at the EU data privacy regulation
Officially titled the General Data Protection Regulation (GDPR), this regulation was enacted a couple of years ago and is enforceable as of May 25, 2018. The crux of this regulation is that it affords EU residents greater control over their own privacy and data, especially when it comes to how companies collect and use it.
There are two important things, among others, that this regulation does:
- It allows people the right to request to see, edit, and delete their private data collected by companies.
- It enforces stricter data storage and collection measures that companies shall follow.
While data privacy laws are not new – the GDPR is actually an update of an existing data privacy law – and although almost every country has their own privacy regulations, the GDPR is different in that it applies to any citizen or resident of the EU, even if they do not currently live in the Union.
For example, if a company in Dubai works with EU expats living here and has collected data on them, this company is now required to be compliant with GDPR regulations, even if this company does not have a presence in the EU.
The GDPR is a big deal, and has resulted in many companies updating their privacy policies over the past few weeks and months. As an insurance broker based in Dubai offering international medical insurance plans, which are popular with expats, we do have clients who are from the EU.
As such, we are required to meet the requirements set out by the GDPR and show our compliance. To be honest, we have actually been compliant in the way we collect and store data for a number of years now but have not actually shown this.
What is covered by the new policy?
- Our stance on data collection, processing, and protection
- What data we collect
- Who collects the data
- How data is collected
- Consent and data
- Why we collect data
- How we use the data collected
- When we share data
- How you can view, edit, or delete your data
- How we utilize cookies
Together, these sections present a fair amount of information to read through and digest. We can summarize what is said in these sections down to the following points. First, Pacific Prime Dubai will only collect data for two reasons:
- It is contractually necessary – If you utilize our services as a broker, we are required by an insurer to pass along certain specific data when we apply for a plan. This data is used by the insurer to carryout underwriting and determine the price of the plan along with what they will cover. We will only collect and pass on data that is needed, nothing more.
- It is for marketing purposes – In some cases we will collect data for marketing purposes.
The data collected by Pacific Prime is never sold to a third party and only provided to other third parties (e.g., insurers) if it is contractually necessary. If you have already provided data to us in the past (e.g., you already have a plan with us) and want to secure another, we will only pass along the data that is required for that specific plan, and nothing more. We do not ask for data that is not necessary.
For those who have already provided us with your private data, you have a number of rights available to you. Most importantly, you have the right to request to view your data that we have stored, to modify this data, and to delete it.
It is important to note that if you do request that we delete your personal data while you are in the process of applying for cover through us, we might not be able to fulfill your order or there may be delays in the application.
Is Pacific Prime Dubai compliant?
We have made every effort possible to ensure that we are compliant with not only the regulations set out by the GDPR but also those closer to home here in Dubai. This also includes adopting updated data security measures that aim to ensure your personal data is stored in a secure manner.
I am not from the EU, does this apply to me?
This means that you have the same rights as those who fall under the GDPR. For example, you can request to view, modify, and for us to delete your personal data.
Am I required to provide additional data?
If you are currently a client of Pacific Prime Dubai, there is no further data you need to provide at this time. If you do want to purchase different insurance plans and the insurer requires data that has not already been provided, you will be requested to provide it.
If you are not a client, the data you are asked to provide will only be what is contractually necessary and it is always your choice as to whether you provide it or not. If you choose not to provide contractually necessary data however, we might not be able to help you find and secure insurance coverage.
When she's not typing away on her keyboard, she's reading poetry, fueling her insatiable wanderlust, getting her coffee fix, and perpetually browsing animal Instagram accounts.
Latest posts by Jessica (see all)
- 5 tips for finding the best private health insurance for women in Dubai - 15th April 2019
- AI in healthcare: What’s coming and how it could transform the industry - 4th April 2019
- Dubai’s mandatory health insurance scheme expected to cover mental health - 28th March 2019