Privacy Policy
Alwafa Takaful Insurance Limited ("We", "Us", or "Our") is dedicated to protecting the privacy of personal data belonging to employees, customers, stakeholders, and other parties who engage with us during our business operations.
This Policy outlines the specifics of how and why we collect, utilize, disclose, and safeguard Personal Data.
By providing us with your Personal Data details or by clicking on the "accept" button, you agree to this Privacy Policy and grant us permission to store, process, and use your Personal Data within the legal limits.
We may update this Privacy Policy periodically. Should there be any changes, we will inform you by updating the date at the top of this policy and, in certain instances, we may give you additional notice (such as adding a statement to our website's homepages or sending you an email notification).
We urge you to review the Privacy Policy regularly when you interact with us to remain informed about our information practices and how you can safeguard your privacy.
Personal Data includes everything that can identify an individual, such as names, addresses, phone numbers, passport IDs, usernames, passwords, digital footprints, photographs, financial data, and details regarding assets, liabilities, insurance, savings, and investments.
We collect personal information through various means, including:
- Proposals, inquiries, registrations, claims, and feedback forms;
- Applications for employment or other types of submissions to the company;
- Purchases of any of our products or services;
- Participation in our surveys;
- Telephone calls, emails, and our website;
- Online sales channels, such as the online motor and online marine portals, our official website, and social media platforms like Facebook, Twitter, and Instagram.
We collect and process information for the following purposes:
- To provide details about our products and services.
- To ensure adherence to pertinent legal and regulatory obligations.
- To manage security risks and prevent criminal activities, including fraud and money laundering.
- To develop a database of employees, customers, and other stakeholders.
- To communicate with and furnish necessary information to customers and other stakeholders when required.
Personal Data is utilized solely with the consent of the Data Subject or as mandated by law. This data is employed to fulfill our compliance responsibilities to pertinent stakeholders. Additionally, it serves to offer our customers top-tier products and services. The Personal Data is also instrumental in detecting and thwarting financial crimes like fraud, money laundering, and terrorism financing. We may record your interactions with us, including phone calls, in-person meetings, letters, emails, and other forms of communication. These recordings are used to verify your instructions and enhance our product and service offerings.
We process your Personal Data only when there is a legal basis for doing so. The legal basis depends on the reasons we have collected and need to use your Personal Data. The legal grounds for processing include:
Consent: This applies when you have given your consent to process your Personal Data for one or more specific purposes.
Performance of a Contract: This applies when processing is necessary to carry out a contract with you or to take steps at your request before entering into a contract.
Protection of Vital Interests: This is when processing is necessary to protect your vital interests.
Compliance with Legal Obligation: This is when we have a legal obligation that requires the use of your Personal Data to fulfill that obligation.
Public Interest: This applies when processing is necessary to perform a task carried out in the public interest.
Legitimate Interests: This is when processing is deemed necessary for our legitimate interests, your legitimate interests, or the legitimate interests of a third party, which may include commercial, individual, or societal benefits.
We place utmost importance on the security of your Personal Data in our possession. To protect your information, we implement physical, electronic, and procedural safeguards against unauthorized access and use, as well as against accidental or unlawful alteration, destruction, and other unauthorized processing activities.
Employees are prohibited from using Personal Data for private or commercial purposes, from disclosing it to unauthorized individuals, or from making it available in any unauthorized manner.
We expect our suppliers and contractors to comply with the same security standards that we uphold. We take all reasonably necessary measures to ensure that Personal Data is secure, no matter where it is transferred.
In the normal course of our business, we may transfer your Personal Data to third parties. Rest assured that such transfers will be conducted in accordance with applicable regulations, laws, and international best practices.
Additionally, we may disclose your Personal Data to third parties in order to fulfill regulatory reporting requirements or to comply with our legal obligations.
We utilize a POST web service to gather information, which we then store in session variables. Subsequently, we encrypt all collected personal data using the BCrypt encryption algorithm before saving it to the database.
Your Personal Data will be retained in our systems only for the duration necessary to serve the purpose of its collection or to adhere to legal, regulatory, or internal policy obligations.
To safeguard the confidentiality, integrity, and availability of our IT assets, we have implemented the following security measures:
- Firewall – to filter network traffic and serve as an identity authorization mechanism.
- Virtual Private Network – to ensure secure remote access to essential business applications.
- Network Segregation.
- System Access Control.
- Biometric Access Control for the Data Centre.
- CCTV surveillance.
- Password protocols.
- Multifactor Authentication.
- Sophos Endpoint Security.
- Information Security Awareness Programs.
Website may use cookies to personalize and facilitate maximum navigation of the User by this site. The User may configure his / her browser to notify and reject the installation of the cookies sent by us.
