WHO WE ARE

The Pacific Life Re Division (“PL Re”, “we”, “us” and “our”) is comprised of several lines of business and operates through various legal entities (including Pacific Life Re Global Limited,  Pacific Life Re International Limited and Pacific Life Re (Australia) Pty Limited), including their respective branches and representative offices, in multiple locations, under the common control of Pacific Mutual Holding Company.

WHAT WE DO

PL Re reinsures life policies, critical illness and income protection policies and provides longevity and funded reinsurance solutions. 

WHAT DATA WE PROCESS

Data we process may include:

• Contact details such as name, title, addresses, telephone numbers and email addresses.
• Data which we may use to identify you such as job title and signature.
• CCTV footage if you visit us at our offices, and
• Other personal information incidental to our business relationship.

Where permitted in accordance with local law, we may also in some circumstances record telephone conversations with you.

WHY DO WE NEED IT?

There are several legal bases for processing data. We rely on 2 of these:

1.     The processing is necessary for the legitimate business purposes pursued by us or a third party:  It is in the legitimate business interest of us and the organisations we have business relationships with to maintain a record of business contacts to ensure the business relationship continues to flourish.   

2.     The processing is necessary for compliance with a legal obligation to which we are subject.

We are subject to legal and regulatory requirements relating to our business as a reinsurer and may need to process personal data for those purposes.

HOW DO WE COLLECT IT?

We collect personal data about business contacts directly from you or indirectly from your organisation through the tender or procurement process and during business meetings or networking events. We may also receive personal data as a result of our service providers sharing information about their advisers and service providers.

WHAT DO WE USE IT FOR?

We use your data to:

• Discuss, negotiate and conclude contracts.  
• Communicate with you in relation to, or to facilitate the provision of, services provided to or by us.
• Communicate with you to provide you with information about PL Re and events or research organised or produced by us that maybe of interest to you.
• Communicate with you to provide you with information about PL Re products or services that may be of interest to you. You can opt out of receiving such communications at any time.
• Check identification details of business contacts against databases of individuals who are subject to sanctions, classified as “politically exposed persons”, or have committed crimes and to follow up any matches
• Check identification details of business contacts to ensure that we comply with our anti-money laundering and counter terrorism obligations and to avoid fraud; and
• Meet our other compliance and regulatory duties, for example to retain certain records.

There may be overlap in the circumstances in which we use the same information about you. We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. We may process your personal information without your knowledge or consent, where this is required or permitted by law or regulation.

HOW DO WE SECURE IT?

We have in place physical, electronic, and procedural safeguards to protect personal data that we hold against unauthorised disclosure or unlawful processing. Safeguards include: only holding personal data on secure servers, the use of encryption, firewalls and access controls and the separation of duties within our organisation. When processing personal data, we seek to use only anonymised or pseudonymised data where knowledge of the individual’s identity is not necessary.

HOW LONG DO WE RETAIN IT?

We retain personal data for as long as is necessary to carry out the purpose for which we collected it and any other permissible purposes. We have a retention policy in place which governs retention and destruction of data and is designed to ensure that personal data is kept only for so long as we may be required to keep it in order to manage our business and for a reasonable period thereafter. We will keep personal data relating to individuals for a reasonable period beyond the date when we no longer have a business relationship with the individual or their organisation.

When we delete personal data, it may persist on backup or archive media for legal or business continuity purposes.   

WHERE DO WE STORE IT?

Our global client relationships are stored across several systems and platforms such as:

• Email and Calendar Systems
• Collaboration Tools
• Document, Contract and Matter Management Systems

We also use a client relationship management (CRM) system provided by a third-party vendor. This enables us to manage our global client relationships efficiently by storing all the relevant information about those relationships in one place. Your information may be accessed by our staff in any of our global operations.

WHO DO WE SHARE IT WITH?

We will only share your data where it is lawful and necessary to enable us to provide reinsurance services.

We may disclose personal data to:

• Other companies within the Pacific Life Group. We may disclose personal data to our affiliated companies to enable us to administer our business and for IT services such as the hosting of applications and systems that are used to process data.
• The third-party vendors providing our systems and platforms, including our CRM system.
• Other third parties, including other business contacts and our professional advisors. (Please note that third parties are subject to appropriate due diligence checks to ensure they meet security and data protection standards.
• Our preferred partners for relevant event invitations such as insurance industry conferences.
• Comply with legal obligations or proceedings. We may need to disclose personal data when we respond to court orders, or legal process, or to establish or exercise our legal rights or defend against legal claims or to meet our legal and regulatory obligations.

INTERNATIONAL TRANSFERS

We may transfer personal data to third parties and affiliates located in different countries from those in which we collected it for the purposes described in this Privacy Notice.

Our CRM system is hosted in the EU. Personal data stored on it is transferred to the EU. Personal Data stored on the CRM system may be accessed by our staff in any of the locations where we have any office or presence such as Bermuda, the UK, Singapore, Korea, Japan Australia, Canada or the United States.

We ensure that any transfer we make overseas is protected by a transfer mechanism required by the home law of the individual whose data we have collected. These may include:

• The inclusion of standard data protection clauses in our agreements with the third parties which are pre-approved by international privacy authorities or associations.
• Where there are no applicable standard clauses, the inclusion of custom data protection clauses. 
• The country to which the data is being transferred being assessed by us as providing a comparable level of protection to the home law of the individual whose data we have collected.

WHAT ARE MY RIGHTS?

Right of access: You have the right to know if we are processing your personal data and to receive a copy of that personal data. We will always try to provide your data in the format you request and we will not normally make any charge. 

Right to opt out of receiving communications: You may at any time inform us that you no longer wish to receive invitations to conferences and events, or any other communications not directly related to the business relationship between us and you or your organisation.  

Right of rectification: If any of the data we hold abut you is inaccurate or out of date, you can ask us to correct or update it.  

Right to be forgotten: You can ask us to delete any data that we are no longer legally entitled to retain.

Right to object to or restrict processing: You can ask us to stop processing your personal data but only if we are processing it on the basis of “legitimate interest” and if we cannot demonstrate that our reasons for processing override your rights. You can also restrict our processing activities under certain circumstances.

Right to withdraw consent: Where you have provided your consent to the collection, processing and transfer of your personal data for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact your usual relationship contact at PL Re. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

Right to complain: You can complain to your local privacy authority if you are dissatisfied with our handling of your data or if you believe we have breached our data protection obligations.  

To exercise any of the aforementioned rights, please contact us using the information in the “WHO CAN I CONTACT” section below.

WHO CAN I CONTACT?

Email: dpo@pacificlifere.com

CHANGES TO THIS PRIVACY NOTICE

We will keep this Privacy Notice under regular review and reserve the right to change it from time to time. It was last updated on 3 December 2025.