1. Introduction
At GIG Egypt, we are committed to protecting the privacy andsecurity of our customers, employees, and partners’ data, in accordance withthe standards set by the Financial Regulatory Authority (FRA) in Egypt.This policy outlines how we collect, process, store, protect, and sharepersonal data, ensuring compliance with applicable laws and regulations, suchas Egypt's Personal Data Protection Law No. 151 of 2020, ISO 27001,and GDPR.
2. Collection ofPersonal Data
We collect personal data lawfully and transparently. The types of data wemay collect include:
· Identification Information: Full name, national ID, passport,date of birth.
· Contact Information: Address, email, phone number.
· Financial Information: Payment details, bank accountinformation, insurance claims.
· Health Data: Medical records, examinations, healthinsurance claims (where required).
· Technical Data: IP address, device type, browsing data,cookies.
· User Data from Digital Platforms: Account details on our digitalplatforms.
Sources of Data Collection:
· Paper and electronic forms used in insuranceapplications.
· Phone calls and email communications.
· Our digital platforms (website, applications).
· Third-party sources such as government entitiesand banks when necessary.
3. Use of Personal Data
Personal data is used for the following purposes:
· Issuing and managing insurance policies and providing the requiredinsurance services.
· Processing claims and verifying data to ensure compliance withinsurance regulations.
· Risk analysis and underwriting to provide appropriate insurancecoverage.
· Service improvement through statistical analysis and marketresearch.
· Customer communication regarding insurance updates or newoffers.
· Fraud prevention and cybersecurity through fraud detection systems andcontinuous transaction assessment.
· Compliance with legal and regulatoryrequirementsimposed by the Financial Regulatory Authority and Egypt’s Personal DataProtection Law No. 151 of 2020.
4. Data ProtectionMeasures
Any We applystringent security measures to protect data from unauthorized access, loss, oralteration. These measures include:
· Data encryptionduring transmission and storage using advanced security standards.
· Access controlmechanisms to ensure that only authorized personnel can access data.
· Intrusion detectionsystems and firewalls to monitor and secure networks.
· Regular securityassessments and penetration testing to identify and addressvulnerabilities.
· Backup policies toensure data recovery in case of technical or security failures.
5. Sharing of PersonalData
We do not share your personal data with thirdparties except in the following cases:
· Legal compliance or responding to court orders from relevantauthorities.
· Collaboration with insurance and reinsurancepartners to providecomprehensive insurance services.
· Working with accredited service providers who adhere to privacy and dataprotection policies.
· Emergency situations that require sharing data toprotect customer interests or fulfil regulatory requirements.
· Compliance with reporting obligations under thePersonal Data Protection Law No. 151 of 2020.
6. Customer Rights
We ensure full rights regarding your personal data, including:
· Right to Access: Youcan request a copy of your stored personal data within 30 days.
· Right to Rectification:You can request updates to inaccurate or incomplete personal data.
· Right to Erasure:You can request the deletion of your data unless there is a legal reason toretain it.
· Right to RestrictProcessing: You can limit the use of your data in certain cases.
· Right to DataPortability: You can request to transfer your data to another serviceprovider.
· Right to Object: Youhave the right to object to data processing for marketing or other purposes.
How to Submit Requests: Requests related to these rights can besubmitted via e-amil
The official email: mail@gig.com.eg
7. Data RetentionPeriod
We retain your personal data only as long asnecessary to achieve the purposes for which it was collected or as required bylaw. Data retention follows these guidelines:
· Insurance policies andclaims: Retained for 5 years unless there is a tax audit.
· Financial records:Retained for 5 years unless there is a tax audit.
· Health data:Retained as per legal requirements for medical insurance.
After the retention period, data is securely deleted or anonymized.
8. Data BreachNotification
In compliance with Personal Data Protection Law No. 151 of 2020, we arerequired to:
· Report any data breachesto the Personal Data Protection Center within 72 hours.
· Notify affectedindividuals in case of a high-risk breach that may impact their rights.
· Take immediatecorrective actions to mitigate any potential risks.
9. Policy Distributionvia Website
Updates to this policy will be published on our website. Customers canalso request an electronic copy of the policy at any time via the officialcompany email.
10. Policy Amendments
We may update this policy periodically to comply with legal andtechnological changes. Any amendments will be published on our website andcommunicated to customers via email.
11. Contact Us
If you have any inquiries regarding thispolicy, you can contact us via:
- Email: mail@gig.com.eg
- Phone: 19792
GIG Egypt is committed to the highestsecurity and privacy standards to ensure the protection and confidentiality ofyour data.