Introduction

The Privacy Notice explains how OAK Reinsurance (references to “Oak Reinsurance”, “Company”, “we,” “us,” or “our” means all of these entities, unless otherwise specified below) collects, uses, and protects your Personal Data. It also describes your privacy rights and how to exercise them.

Specifically, the Privacy Notice includes information about:

  • How to contact us;
  • What types of Personal Data we collect;
  • Where we obtain Personal Data;
  • How we use Personal Data;
  • How we disclose Personal Data to third parties;
  • How we protect Personal Data;
  • How long we store Personal Data; and
  • Your privacy rights in relation to our processing of Personal Data.

Please read this Privacy Notice carefully to understand how we will treat your Personal Data. The Privacy Notice may change from time to time, and you should review it periodically.

The Privacy Notice was last updated on 31 March 2025.

I. About OAK Reinsurance

For the purposes of applicable laws and regulations relating to data protection and privacy, OAK Reinsurance acts a controller with respect to your Personal Data. As a controller, we are a company that determines why and how your Personal Data is processed, and we are required under applicable law to provide notice of any processing undertaken.

II. How to Contact Us

You may contact us by writing to the below address:

OAK Re
8 Bishopsgate
Huckletree
London, EC2N 4BQ

You may want to contact us to:

  • Ask any questions you have in relation to the information contained in this Privacy Notice;
  • Request a printed copy of this Privacy Notice; or
  • Make a complaint.
IV. Definitions

For the purposes of this Privacy Notice, the following definitions will apply:

Personal Data” has the meaning given to it in applicable data protection legislation, and for the avoidance of doubt, means any information which directly or indirectly identifies or otherwise relates to an individual, which is in the possession or under the control of OAK Reinsurance (or our representatives and service providers). This includes pseudonymous data. It does not include anonymous data, which is not personal data, and therefore not subject to applicable data protection laws. Pseudonymous data refers to data that has undergone processing techniques to replace, remove, or transform information that identifies an individual. For example, replacing one or more identifiers which are easily attributed to individuals (such as names) with a pseudonym (such as a reference number).

Process” or “processing” means any operation that is carried out with respect to Personal Data, including but not limited to collecting, storing, using, disclosing, transferring, or deleting Personal Data.

V. What Types of Personal Data We Collect

OAK Reinsurance may collect and process the following Personal Data:

  • Personal Data relating to individuals, which may include:
    • Name
    • Contact details
    • Address
    • Date of birth
    • Gender
    • Passport or other national ID documents
    • Social Security number
    • Driver licence number
    • Bank details
VI. Where We Obtain Personal Data

Where you or the company with which you are affiliated or acting on behalf of have entered, or may enter, into an arrangement with OAK Reinsurance or an affiliate thereof, we may collect your Personal Data directly from you or your company to confirm your contact information and to gather up-to-date details. We may also collect your Personal Data when you interact with our website.

VII. How We Use Personal Data

OAK Reinsurance expects to process your Personal Data for the following purposes:

  • To review and update information about you, to ensure it is accurate and up-to-date;
  • To detect, prevent, and investigate fraud and other illegal activities;
  • To meet obligations imposed by law or regulation;
  • To respond to queries, complaints, general business communications, legal and regulatory requests;
  • To establish, exercise, or defend legal claims; and
  • To facilitate a proposed or actual business dealing.

 Lawful Basis for Processing.

We are required by law to have a “lawful basis” (i.e. a reason or justification) for processing your Personal Data. We rely on the following lawful bases to process your Personal Data:

  • Necessary for compliance with a legal/ regulatory obligation. From time to time, we may need to process Personal Data to comply with a legal or regulatory obligation.

We rely on this lawful basis when processing any data subject rights requests in accordance with applicable data protection laws and for activities relating to the verifying of your identity. We also rely on it to comply with our financial reporting obligations and compliance with subpoenas or similar court orders.

  • Legitimate interest. We may also process the Personal Data we collect for our legitimate business interests.

Where we process your Personal Data because it is necessary for our legitimate interests, you can object to this processing at any time using the contact details contained in this Privacy Notice.

VIII. Disclosure of Personal Data to Third Parties

OAK Reinsurance may share your Personal Data with the following categories of recipients:

  • Our corporate affiliates;
  • Third-party service providers, such as companies that support the offsite storage of back-ups, as well as other businesses with which we may have a relationship;
  • Brokers, other reinsurance companies, or other financial institutions;
  • Professional advisors, such as lawyers, accountants, auditors and/or consultants; or
  • Courts and government agencies, such as law enforcement authorities or regulators.

We also reserve the right to transfer any information we have about you in connection with any sale or transfer of all or a portion of our business or assets, including in the event of a reorganization, sale, merger, dissolution, or liquidation.

We disclose Personal Data in accordance with data protection principles and as necessary or appropriate in connection with our business activities, or to otherwise help us carry out the purposes described above.

IX. Transfers of Personal Data Abroad

How We Protect Personal Data

Our security policies, controls and procedures are regularly reviewed and updated so that we maintain good practices across our business to keep your information safe.

Your Personal Data is only accessible to our employees, other representatives who have a legitimate business need to know the information, or as otherwise described herein.

X. How Long We Store Personal Data

Our records retention policy and schedule are based on criteria including legal and regulatory requirements, contractual obligations, security risks, storage constraints, and business needs.

XI. Your Privacy Rights

In certain circumstances, you have the following rights under the applicable data protection and privacy laws and regulations:

  • The right to access Personal Data relating to you (known as Subject Access Requests);
  • The right to correct any mistakes in your Personal Data. This includes the right to ask us to complete information that you think is incomplete;
  • The right to require us to delete your Personal Data in certain circumstances;
  • The right to restrict our processing of your Personal Data in certain circumstances;
  • The right to object to us processing your Personal Data in certain circumstances; and
  • The right to have your Personal Data provided to another controller.

You are not required to pay any charge for exercising your rights apart from in limited circumstances which we will explain to you if relevant. To make a request, please contact us as described in Section III above.

XII. How to Complain

If you have a problem or concern relating to the ways we process your Personal Data or the contents of this Privacy Notice, please contact us in the first instance. We hope that we will be able to address the problem or concern to your satisfaction. However, you also have the right to make a complaint to your local supervisory authority.

Start Typing