UK and EU Privacy Notice UK

Business Lines

back
- Protection We are global experts in managing and evaluating mortality, critical illness, disability, medical and associated risks.
  - Europe
  - Asia
  - Australia
  - North America
- Savings & Retirement We provide longevity and funded reinsurance solutions that seek to reduce risk exposures, improve capital efficiency and increase new business volumes.
About us

back
- About us We are a global reinsurance company providing protection and savings and retirement products. Our client base stretches across the world from the UK and Europe to North America, Asia and Australia.
Insights
Careers

back
- Overview Join us and take your career to the next level.
  - Early careers
  - Current vacancies
- Working here Learn more about what it's like to work here.
  - Diversity & Inclusion
  - Health and wellbeing
Sustainability

back
- Overview As a business we recognise the need to play our part in addressing the global challenges of climate change and social inequality as well as ensuring corporate transparency and accountability.
  - Environmental stewardship
- Philanthropy Philanthropy is a key component of our approach to Sustainability, from driving positive impact through our social engagement to supporting initiatives that provide for a more sustainable environment.
  - Charity partners
contact us

Pacific Life Re UK and EU Privacy Notice

WHO WE ARE

We are Pacific Life Re International Limited (RIBM-Core), its UK Branch (RIBM-UKB) and Pacific Life Re Services Limited (PLRS), RIBM-Core is a Bermuda based entity and RIBM-UKB and PLRS are UK based entities, all within the Pacific Life Group. RIBM and PLRS are data controllers and are registered with the Information Commissioner’s Office.

References to “we”, “our” and “us” in this Privacy Notice include RIBM-Core, RIBM-UKB and PLRS.

WHAT WE DO

RIBM-Core and RIBM-UKB provide reinsurance to the insurance companies who have issued the policies under which you are covered. Reinsurance is insurance for insurers. It allows the insurers to reduce their potential losses by insuring some or all of the risk related to the underlying policies with its policyholders. Reinsurers also insure some or all of the risks they take on from insurers. These arrangements are known as retrocession and the companies providing insurance to reinsurers are called retrocessionaires. These arrangements spread risks across a number of companies which helps to ensure that claims can be paid, particularly when major events occur that trigger significant losses or claims.

We reinsure life policies, critical illness and income protection policies and provide longevity and funded reinsurance solutions.

PLRS provides support services to and employs the staff who carry out the business of RIBM-UKB.

PLRS also provides support services to RIBM-Core and other entities in the Pacific Life Group.

WHAT DATA WE PROCESS

Data we process may include:

Your basic personal details such as name, address and date of birth
Data that allows us to underwrite individuals seeking cover, including occupation, medical history, lifestyle characteristics and hobbies or activities that may affect the risk and any other insurance policies or insurance-related services they have applied for or received
Data that allows us to manage and administer our reinsurance arrangement with your insurer such as calculating reinsurance balances due and monitoring trends in the business being reinsured,
Data that allows us to assess claims including, the cause and circumstances of the claim, your medical history, your financial history and any other insurance claims you have made.

Some of the personal data we process falls into the special categories of data which attract higher standards of protection. The special categories of data we may process are:

data concerning health;
data concerning a person’s sex life,
data revealing racial or ethnic origin;
data revealing religious or philosophical beliefs;
genetic data; and
data concerning a person’s sexual orientation;

and only where they are relevant and necessary to achieve the purpose for which we process data. Apart from data concerning your health, the other items of special category data are only likely to be processed incidentally. We process this data under a provision of the Data Protection Act 2018 which allows special categories of data to be processed where it is necessary for an insurance purpose.

WHY DO WE NEED IT?

There are several legal bases for processing data. We rely on 3 of these:

1. The processing is necessary for the performance of a contract to which the individual is a party.

Once the insurer has reinsured the underlying policies with us, the performance of the policies and the performance of the reinsurance arrangement become linked. We need to have access to certain personal data of the individuals insured to manage and administer the reinsurance arrangements in place. Similarly, the insurer’s obligations under the underlying policies are connected to the reinsurance arrangement. For example, the insurer may need our approval to pay high value claims. This means that our processing of personal data is necessary for the insurer to perform the underlying policy.

2. The processing is necessary for the legitimate business purposes pursued by us or a third party.

There are compelling reasons for insurers to reinsure their business. Reinsurers provide financial backing and expertise which enables insurers to develop innovative and cost-effective products for their customers. Reinsurers need data to conduct the research and statistical analysis necessary to provide that expertise, insight, innovation and accurate pricing. The processing of personal data is therefore necessary for the legitimate business purposes pursued by us and the insurers who reinsure their business with us.

3. The processing is necessary for compliance with a legal obligation to which we are subject.

We are subject to legal and regulatory requirements relating to our business as a reinsurer and may need to process personal data for those purposes.

HOW DO WE COLLECT IT?

We receive personal data about individuals insured under policies from the insurers whose business we reinsure. We do not collect data from individuals directly.

We may generate new personal data, for example, when seeking opinions from our company medical officers on claims we assess.

WHAT DO WE USE IT FOR?

We use your data to:

Provide reinsurance cover. This may be for a group of policies or for specific individuals and includes underwriting, pricing, estimating future claims and claims assessment.
Perform reinsurance arrangements. New and existing reinsurance arrangements must be implemented, administered and managed.
Procure retrocession cover. We may seek retrocession cover for all or part of the business we reinsure. Our retrocessionaires may need data to assess the risk they are being asked to cover.
Establish, exercise or defend our legal rights in connection with reinsurance or retrocession agreements. This applies when we are faced with any legal claims or where we want to pursue any legal claims ourselves.
Detect and prevent fraud and financial crime.
Screen certain personal data we receive about individuals against lists published by governments and international organisations relating to sanctions, embargoes and politically exposed persons.
Manage our business. This includes financial reporting, compliance with legal and regulatory requirements, and research and statistical analysis to support and improve our reinsurance services and those of our affiliates. This ensures that our processes, procedures and systems are as efficient as possible and enhance the service we provide.

Wherever possible and proportionate, we anonymise or pseudonymise data to carry out these purposes. Pseudonymisation is a recognised data minimisation technique that enables our employees and agents to use data about individuals without being able to personally identity the individuals concerned.

We do not use personal data in any automated decision-making process.

HOW DO WE SECURE IT?

We have in place physical, electronic, and procedural safeguards to protect personal data that we hold against unauthorised disclosure or unlawful processing. Safeguards include; only holding personal data on secure servers, the use of encryption, firewalls and access controls and the separation of duties within our organisation. When processing personal data, we seek to use only anonymised or pseudonymised data where knowledge of the individual’s identity is not necessary.

HOW LONG DO WE RETAIN IT?

We retain personal data for as long as is necessary to carry out the purpose for which we collected it and any other permissible purposes. We have a retention policy in place which governs retention and destruction of data and is designed to ensure that personal data is kept only for so long as we may be required to keep it in order to manage our business and for a reasonable period thereafter. We will keep personal data relating to individuals for a reasonable period beyond the date when we no longer reinsure the risk or are potentially liable to pay claims, whichever is later.

When we delete personal data in connection with a policy, it may persist on backup or archive media for legal, tax or business continuity purposes.

WHO DO WE SHARE IT WITH?

We will only share your data where it is lawful and necessary to enable us to provide reinsurance services.

We may disclose personal data to:

Third-party service providers. We share data with third parties to allow us to provide the reinsurance services, for example, our company medical officers who provide expert medical opinion to help us to assess claims. These third parties are authorised to use personal data only as necessary to provide these services.
Other companies within the Pacific Life Group. We may disclose personal data to our affiliated companies to enable us to provide reinsurance services and for IT services such as the hosting of applications and systems that are used to process reinsurance data.
Comply with legal obligations or proceedings. We may need to disclose personal data when we respond to court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims or to meet our legal and regulatory obligations.
Retrocessionaires. In some cases, we share personal data with retrocessionaires who provide us with retrocession services. These companies will process personal data in accordance with the terms of their own privacy policies.

INTERNATIONAL TRANSFERS

We may transfer personal data to third parties and affiliates located in countries that are outside the UK and European Economic Area (EEA) for the purposes described in this Privacy Notice.

We ensure that any transfer we make outside the UK or the EEA is protected by one of the transfer mechanisms required by UK and European Data Protection law. These include:

The inclusion of standard data protection clauses in our agreements with the third parties which are pre-approved by the European Commission and/or the Information Commissioner’s Office.
The country to which the data is being transferred having been deemed to have adequate data privacy laws by the UK Government and/or the European Commission.

WHAT ARE MY RIGHTS?

Right of access: You have the right to know if we are processing your personal data and to receive a copy of that personal data. We will always try to provide your data in the format you request and we will not normally make any charge.

Right of rectification: If any of the data we hold abut you is inaccurate or out of date, you can ask us to correct or update it.

Right to be forgotten: You can ask us to delete any data that we are no longer legally entitled to retain.

Right to object to or restrict processing: You can ask us to stop processing your personal data but only if we are processing it on the basis of “legitimate interest” and if we cannot demonstrate that our reasons for processing override your rights. You can also restrict our processing activities under certain circumstances. Please note that if you exercise these rights, it may prevent us from continuing to provide reinsurance cover.

Right to complain:

You can complain the Information Commissioner’s Office if you are dissatisfied with our handling of your data or if you believe we have breached our data protection obligations.

To exercise any of these rights, please contact us using the information in the “WHO CAN I CONTACT” section below.

WHO CAN I CONTACT?

Pacific Life Re International Limited, UK Branch

Pacific Life Re Services, both at:

Tower Bridge House,

St Katharine’s Way,

London, UK

E1W 1BA

Data Protection Officer

Email: dpo@pacificlifere.com

Information Commissioner’s Office

ICO Complaints

ICO Helpline: 0303 123 1113

CHANGES TO THIS PRIVACY NOTICE

We will keep this Privacy Notice under regular review and reserve the right to change it from time to time. It was last updated on 3 December 2025