Skip to main content
QBE Insurance, Middle East

Protection policy and privacy notice

QBE Middle East is part of QBE European Operations, which is part of a wider group of companies, the QBE Insurance Group, one of the world’s leading international insurers and reinsurers. As a business (re) insurance specialist, we offer a range of insurance products from the standard suite of property and casualty to the specialist financial lines, marine and energy. All are tailored to the individual needs of our client base.

To enable us to provide insurance services, including providing a quote and then insurance, and dealing with any claims or complaints that might arise, we need to collect and process data. This makes us a ‘data controller’ for any personal information that you provide to us which makes us responsible for complying with data protection laws.

If you have any issues with our processing of your Personal Data via this Website or wish to discuss the information, we hold about you please contact us using the details provided in the ‘Contacting Us’ section of this Notice.

This privacy notice (together with our website terms and conditions and any other documents referred to on it) sets out the basis on which any Personal Data we collect from you, or that you provide to us, will be processed. Please read the following carefully to understand how we will treat your Personal Data.

We process Personal Data to be able to provide our customers with the best possible service/product. We always ensure we have a legitimate purpose and appropriate legal basis to hold Personal Data. We strive to maintain the highest possible data protection standards and to handle all data with the upmost care and we will only use your data in a safe and ethical way.

Any Personal Data provided to or gathered through https://qbe.ae/contact-us/ ("Website") is controlled by QBE Insurance, Middle East (DIFC Branch) is regulated by the Dubai Financial Services Authority ("QBE", "we", "us" or "our").

The following definitions under the DIFC Data Protection Law No. 5 of 2020 (“DIFC DPL”) shall apply to this Policy:

Personal Data” means any information referring to an identified or Identifiable Natural Person.

Identified Natural Person” means a natural living person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one (1) or more factors specific to his biological, physical, biometric, physiological, mental, genetic, economic, cultural or social identity (and "Identified Natural Person" is interpreted accordingly).

Special Categories of Personal Data” is Personal Data that reveals or concerns (directly or indirectly) racial or ethnic origin, communal origin, political affiliations, or opinions, religious or philosophical beliefs, criminal record, trade-union membership and health or sex life and includes genetic data and biometric data where it is used for the purpose of uniquely identifying a natural person.

The types of Personal Data that we collect, and our uses of that Personal Data depend on your relationship with us. For example, we will collect different Personal Data depending on whether you are a policyholder, a beneficiary or a third party covered by an insurance policy we provide, a website user, a claimant, a witness, an intermediary, an expert or another third party.

We may collect and process the following data that you provide directly to us when you purchase a policy; when we provide you with a quote; when you use one of the QBE Group's websites; when you contact us with a complaint; when you contact us by email, telephone or other written or oral means, including our online chat service through our e-commerce platform; when you fill in forms on our Website (such as information you provide when requesting information about our products and service or when you raise a complaint) and when you request information about our products and services or subscribe to a newsletter or newsletter.

  1. Your name, address, date of birth, gender, and company name.
  2. Contact information, including previous contact information, such as your telephone numbers and email addresses.
  3. Information relevant to the incident that you have witnessed.
  4. Information relevant to your insurance policy. This will depend on the nature of the policy but could include details relating to your property or business activities.
  5. Financial information such as your bank details, payment details and information obtained as a result of our credit checks such as bankruptcy orders, insolvency proceedings, individual voluntary arrangements, or county court judgments.
  6. Information about your relationship to the policyholder where you are the beneficiary and/or not the subscriber.
  7. Information relating to your identity such as your passport number, vehicle registration number or driving license number.
  8. Information about your job such as your job title, employment history and employment records (including information on your salary, benefits, and earnings), education history and professional accreditations.
  9. Information which we obtain as part of checking sanctions lists.
  10. Additional information which is relevant to the insurance application such as previous insurance policies you had, or your employer has held, or under which you are a beneficiary, your credit rating and claims you or your employer has made, or which have been made for your benefit. This will also include any information specific to the type of policy application.
  11. Information relevant to your claim or your involvement in the matter giving rise to a claim.
  12. If a third party (such as your employer) is applying for a professional liability policy which covers you, we may collect and use Personal Data which relates to previous disciplinary issues.
  13. Information which we have gathered from publicly available sources such as internet search engines like Google, Government department websites and social media sites, including Facebook, YouTube, and LinkedIn. We will ensure that any such data is used for a justifiable purpose and is, where possible, accurate and up to date.
  14. Information you provided in your correspondences with us (if you contact us).
  15. Information you leave in our surveys (if you complete our surveys that we use for research purposes).
  16. Details of your visits to our website including, but not limited to, the number of visitors to the Website, where visitors have come to the Website from and the pages they visited (however, in most cases this data is collected and used in an anonymous and aggregated form).
  17. Information obtained through our use of cookies. More information can be found in the Cookies Policy.
  18. CCTV images whose purpose is security.
  19. Images and reports obtained from investigation and investigation companies.

In addition to the information you provide to us, we may collect information from: the policyholder (when you are a beneficiary or named in an insurance policy); third parties involved in the insurance application process (including our business partners and representatives, brokers or other insurers); other companies in the QBE Group; and if applicable, companies checking the creditworthiness of individuals or companies.

Whilst we do not actively collect Special Category of Personal Data, there may be some circumstances where you disclose some Special Category of Personal Data when answering our questions such as:

  1. Details about your physical and/or mental health which are relevant to the insurance application.
  2. Details about your physical and/or mental health which are relevant to your claim. This may include medical reports or underlying medical data such as X-rays or blood tests.
  3. Health data if you visit our office including information pertinent to your visit, for example wheelchair use, and information required in connection with pandemics and/or health and safety controls.
  4. Details about your criminal convictions and any related information. This will include information relating to any unspent convictions, pending prosecutions, fixed penalty notices or other relevant elements such as arrests or unspent cautions.
  5. Details of your race or ethnicity, including your nationality where we collect your driving license for the purposes of providing a quote for motor insurance cover.
  6. Genetic data
  7. Biometric data
  8. Data concerning your sexual orientation, such as in a claim for occupational health services

We may collect and process your data that you provide to us directly when:

  1. you apply for new policy or renew an existing one.
  2. we provide you with a quote.
  3. you make a claim on your policy or via the administration of a claim, or we are notified of an incident relevant to your policy.
  4. you use QBE website.
  5. you contact us to make a complaint.
  6. you contact us by email, telephone and through other written and verbal communications.
  7. you request information about our products and services or subscribe to a newsletter or bulletin.
  8. you enter into a competition or promotion which we sponsor.
  9. you report a problem with the website.
  10. you complete our surveys that we use for research purposes, although you do not have to respond to them.
  11. You use our IT systems.

Apart from obtaining your Personal Data directly from you, we may also collect your Personal Data from:

  1. the named policyholder where you are a beneficiary or named under an insurance policy.
  2. Third parties involved in the insurance application process.
  3. Third parties involved in the incident you witnessed (such as our business partners and representatives, intermediaries, sub-brokers, other insurers, claimants, defendants, witnesses, or other individuals who provide us with information in relation to an incident).
  4. Third parties who provide a service in relation to your insurance policy or claim such as loss adjusters, claims handlers, lawyers, experts (including medical experts), healthcare and rehabilitation providers and other service providers.
  5. Third party administrators and suppliers we appoint to help us carry out our everyday business activities including IT suppliers, actuaries, auditors, lawyers, document management providers, outsourced business process management providers, our subcontractors and tax advisers.
  6. Third parties who hold a policy with us.
  7. The person you are visiting in advance of your visit to our office.
  8. Publicly available sources such as internet search engines like Google, Government Department websites and social media sites, including Facebook, YouTube, and LinkedIn.
  9. fraud prevention and detection agencies and databases.
  10. sanctions lists such as those published by United Nations, European Union, UK Treasury, the U.S. Office of Foreign Assets Control (OFAC), the Arab League, the Terrorist Financing Targeting Centre (TFTC), and the Gulf Cooperation Council (GCC).
  11. emergency assistance and medical services providers.
  12. other companies within the QBE Group.
  13. invoices, contracts, policies, correspondence, and business cards.
  14. insurance industry and sanctions screening tools such as Refinitiv (Thompson Reuters)
  15. our regulators, the Dubai Financial Services Authority.
  16. the police, where they have provided us with information, government agencies and other law enforcement agencies.

Below is a non-exhaustive list of reasons for processing your personal data and the relevant legal grounds.

Purpose for processing Legal grounds for using your Personal Data Legal grounds for using your Special Categories of Personal Data
Identify you as a policyholder, including anti-fraud, credit, sanctions, and anti-money laundering checks.
  • Necessary to formalise your insurance contract.
  • We have a legal or regulatory obligation to do so.
  • We have a justified purpose (evaluate the insurance application).
  • You have given us your consent
  • We have a justifiable public interest (such as the prevention of money laundering).
  • Necessary to establish, exercise or defend rights protected by law.
  • You have given us your explicit consent.
Evaluate your insurance application and provide you with a quote.
  • Necessary to formalise your insurance contract.
  • We have a legal or regulatory obligation to do so.
  • We have a justified purpose (evaluate the insurance application and provide you with a quote).
  • You have given us your consent.
  • You have given us your explicit consent
Communicate with you and resolve any complaints you may have.
  • Necessary to formalise or execute your insurance contract.
  • We have a justified purpose (to send you communications, register and handle complaints and ensure that future complaints are handled appropriately).
  • You have given us your consent.
  • We need to use your personal data to establish, exercise or defend rights protected by law.
  • You have given us your explicit consent
Improve quality, training, and safety (for example, in relation to recorded or monitored phone calls we receive).
  • Our interests are legitimate (to develop and improve the products and services we offer).
  • You have given us your explicit consent
  • You have given us your explicit consent.
Compliance with our legal or regulatory obligations.
  • We have a legal or regulatory obligation to do so.
  • You have given us your consent.
  • You have given us your explicit consent.
  • We need to use your personal data to establish, exercise or defend rights protected by law.
Management of our business operations such as maintaining accounting records, analysing financial results, internal audit requirements, and receiving professional advice (e.g., tax or legal advice).
  • We have a legal or regulatory obligation to do so.
  • We have a justified purpose (to effectively manage our business operations).
  • You have given us your consent.
  • You have given us your explicit consent.
  • We need to use your personal data to establish, exercise or defend rights protected by law.
Monitor requests, review, evaluate, adapt, and improve our products and services, and similar products and services offered by the QBE Group.
  • We have a justified purpose (to develop and improve the products and services offered by QBE and the QBE Group).
  • You have given us your consent.
  • You have given us your explicit consent.
Investigate or detect unauthorised use of our systems, secure our system, and ensure the effective operation of our systems.
  • We have a justified purpose (to guarantee the integrity and security of our systems).
  • You have given us your consent
  • You have given us your explicit consent.
  • We need to use your personal data to establish, exercise or defend rights protected by law.
Transfer or sell part of our business or reorganise our corporate structure.
  • We have a justified purpose (to manage our commercial portfolio and reorganise our company).
  • We have a legal or regulatory obligation to do so.
  • You have given us your consent.
  • You have given us your explicit consent .
Administer and manage the insurance policy.
  • Necessary to formalise or execute your insurance contract.
  • We have a legal or regulatory obligation to do so.
  • We have a justified purpose (to properly manage the insurance policy).
  • You have given us your consent.
  • You have given us your explicit consent .
Process and pay insurance claims.
  • Necessary to formalise or execute your insurance contract.
  • We have a legal or regulatory obligation to do so.
  • We have a justified purpose (evaluate and pay the claim and process claims).
  • You have given us your consent.
  • You have given us your explicit consent.
  • We need to use your personal data to establish, exercise or defend rights protected by law.
Prevent, detect, investigate, prosecute cases of fraud and check penalties. This could include sharing your personal data with third parties such as law enforcement, other insurance and financial service providers and insurance industry databases.
  • Necessary to formalise or execute your insurance contract.
  • We have a legal or regulatory obligation to do so.
  • We have a justified purpose (to prevent, detect and prosecute fraud and other economic crimes).
  • You have given us your consent.
  • We have a justifiable public interest (such as the prevention of money laundering).
  • We need to use your personal data to establish, exercise or defend rights protected by law.
  • You have given us your explicit consent.
Track and recover debts.
  • We have a justified purpose (to track and recover debts owed to us).
  • You have given us your consent.
  • We need to use your personal data to establish, exercise or defend rights protected by law.
To have a claim declared under our own insurance.
  • Our interests are legitimate (to ensure we have adequate insurance in place).
  • You have given us your explicit consent.
  • You have given us your explicit consent.
  • We need to use your information for the purpose of establishing, exercising or defending legal claims.
To respond to you and follow up on your inquiries.
  • Our interests are legitimate (to respond to your enquiries).
  • Not applicable
To provide you with marketing information (including information about other products and services and to conduct customer surveys) in accordance with the preferences you have stated.
  • Our interests are legitimate (to send you selected communications about other products and services we offer)
  • You have given us your consent
  • Consent

We will keep your Personal Data confidential, and we will only share it where necessary for the purposes set out above with the following parties:

  1. Our policyholders and other third parties such as claimants, where relevant.
  2. Service providers who provide a service to QBE, for example, IT suppliers, actuaries, auditors, lawyers, marketing agencies, document management providers, management consultancies, outsourced business process management providers, our subcontractors and tax advisers.
  3. Third parties who undertake analysis for the purposes of product improvement.
  4. Selected third parties in connection with any sale, transfer, or disposal of our business.
  5. Other QBE Group companies for our general administration purposes, marketing purposes in accordance with the preferences you have expressed.
  6. Fraud detection agencies and other third parties that maintain and manage fraud detection records for the prevention and detection of fraud.
  7. Our insurance partners such as Intermediaries, sub-brokers, coverholders, other (re)insurers or other companies who act as (re)insurance distributors.
  8. Third parties who assist in the administration of your insurance application or the handling of claims. These include loss adjusters, claims handlers, surveyors, risk managers, valuers, accountants, auditors, banks, lawyers, and other experts including medical experts.
  9. Other insurers (e.g., where another insurer is also involved in a claim that you are making).
  10. Other insurers who provide our own insurance (reinsurers) and companies who arrange such reinsurance.
  11. Third parties who provide sanctions checking services.
  12. Health providers (e.g., a hospital which is responsible for any treatment you receive through the policy or a rehabilitation provider).
  13. Our regulators including the Dubai Financial Services Authority
  14. The police, other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime.
  15. Debt collection agencies.
  16. Government departments, such as disclosing information on any hospitals that you have attended.
  17. Policyholders, for the purposes of claims review meetings and discussing claims experiences.

This Policy does not cover links to third party websites accessed from this Website.

Where we transfer Personal Data to service providers or other members of our group, we will only allow your Personal Data to be used for the purposes set out above and we will ensure that it is transferred securely and protected from unauthorized access.

We have a package of technical, organizational, and contractual measures in place to protect your Personal Data which have been adopted to comply with the latest data protection requirements. The measures cover various aspects of data security including the following:

  1. Encryption, data masking and activity logging as appropriate.
  2. Putting in place access controls and maintaining access logs, including data loss prevention.
  3. Having minimum password requirements and requiring regular changes to passwords
  4. Having physical access controls to our offices.
  5. Implementing procedures for security incident management and back-up and recovery and having in place disaster recovery and business continuity plans.
  6. Use of firewalls and up-to-date virus scanning software and email filtering services.
  7. Vulnerability scanning to assess systems, networks, and applications for known security weaknesses.
  8. Penetration testing to evaluate the security of systems and applications.
  9. Third party security reviews and contractual measures to ensure that QBE suppliers have appropriate security controls to safeguard QBE data and services.
  10. Development and Change processes to ensure that technology changes are authorised, appropriate, and tested to reduce the likelihood to introducing vulnerabilities into the QBE environment.
  11. Regular security and privacy/data protection training for all our employees.

Our security measures are kept under periodic review and are regularly updated to reflect developments in technology and security and changes to our business. However, please be aware that there are inherent security risks in transmitting data, such as e-mails or via the Internet, because it is impossible to safeguard completely against unauthorized access by third parties.

Any one or more of the following shall constitute a lawful basis for Processing Personal Data:

  1. Data Subject has given consent, which complies with Article 12, to the Processing of that Personal Data for specific purposes.
  2. Processing is necessary for the performance of a contract to which a Data Subject is a party, or in order to take steps at the request of a Data Subject prior to entering into such contract.
  3. Processing is necessary for compliance with Applicable Law that a Controller is subject to.
  4. Processing is necessary in order to protect the vital interests of a Data Subject or of another natural person.
  5. Processing is necessary for:
    1. performance of a task carried out by a DIFC Body in the interests of the DIFC.
    2. exercise of a DIFC Body s powers and functions; or DATA PROTECTION LAW:
    3. the exercise of powers or functions vested by a DIFC Body in a Third Party to whom Personal Data is disclosed by the DIFC Body; or
  6. Processing is necessary for the purpose of legitimate interests pursued by a Controller or a Third Party to whom the Personal Data has been made available, subject to Article 13, except where such interests are overridden by the interests or rights of a Data Subject.

Under applicable data protection law, you have certain rights relating to your personal data held by us. These rights are described below. These rights may not apply to all cases. You can exercise your rights by contacting us using the details provided in the ‘Contacting Us’ section of this notice.

Please note that while we take your rights very seriously, there may be certain circumstances where we are unable to comply with your request, such as if complying with such a request means not complying with our legal and regulatory obligations. In these cases, we will let you know why we are unable to comply with your request.

In certain situations, fulfilling your request may result in cancellation or suspension of your insurance policy. By way of example, if you ask us to erase your personal data, we will not have the information necessary to make payment of your claim. We will also provide you with information in this regard when you send us such a request.

11.1 Right to access your personal data
You have the right to obtain a copy of your personal data held by us, as well as certain information about how we use it. We will generally provide you with your personal data in writing unless you ask us otherwise. If you have made your request electronically (e.g., by e-mail), we will provide you with a copy of your personal data electronically, whenever possible.

11.2 Right to rectification
We always try to ensure that the data we hold about you is accurate and, where appropriate, up to date. If you consider that there may be any inaccuracy, discrepancy, or gap in your personal data, you can contact us and request the update or correction of your data.

11.3 Right to restriction of processing
In certain circumstances, you have the right to ask us to stop using your personal data, such as if you believe that your personal data held by us may be inaccurate or if you believe that we no longer need to use that personal data.

11.4 Right to withdraw your consent
Where we rely on your consent for the processing of your personal data, you have the right to withdraw that consent for future uses of your personal data. Please note that in some cases, as set out in the Section detailing what we will use your personal data for, we need your consent in order to provide you with an insurance policy. If you withdraw your consent, we may need to cancel your policy or we may not be able to pay your claim. We will provide you with advice in this regard at the time of withdrawal of your consent.

11.5 The right to erasure
This right is also known as the "right to be forgotten". By virtue of this right, in certain circumstances, you may request the deletion of your personal data. For example, in case we no longer need your personal data for the initial purpose for which it was obtained or if you have exercised your right to withdraw your consent. Although we will evaluate all requests, there are other factors that we will have to take into account. By way of example, we may not be able to delete your data because we have a legal or regulatory obligation to retain it.

11.6 The right to object to direct marketing
You have the right to object to your personal data being processed for direct marketing. You control the extent to which you want to receive marketing from us and have the right to request that we stop sending you marketing messages at any time. To do this, you can click on the "unsubscribe" button in all emails we send you or you can contact us using the details provided in the ‘Contacting Us’ section of this notice. Please note that, despite exercising this right because you no longer want to receive marketing messages, we may continue to send you communications regarding the services when necessary. Processing based on our justifiable purpose: Where we process your personal data on the basis of a justified purpose, you may object to that processing, unless our purpose outweighs any prejudice to your privacy rights.

11.7 Right to data portability
You have the right to receive Personal Data that you have provided to a Us in a structured, commonly used, and machine-readable format. In certain circumstances, you may ask us to transfer the personal data you have provided directly to a third party.

11.8 Rights relating to automated decision-making.
Where an automated decision produces a legal or other similarly significant effect with respect to you (for example, when your policy or claim is rejected), you have the right to ask us to reconsider a decision taken by automated means, or to make a new decision on a different basis (for example, by introducing some form of human involvement).

11.9 The right to make a complaint to the Commissioner of Data Protection.
You have the right to lodge a complaint with the regulator. If you believe that we have breached data protection laws by using your personal data. You can find more information at commissioner@dp.difc.ae or Tel: +971 (0) 4 362 2222.

11.10 The right to non- discrimination.
You have a right to not be discriminated by us by exercising any rights including:

  1. denying any goods or services;
  2. charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
  3. providing a less favourable level or quality of goods or services; or
  4. suggesting that the Data Subject will receive a less favourable price or rate for goods or services or a less favourable level or quality of goods or services.

The period for which we will hold your Personal Data for will vary and will be determined by the following criteria:

  1. The purpose for which we are using it. We are required to retain your Personal Data for as long as is necessary to satisfy or meet the purposes for which it was obtained including applicable legal or regulatory requirements; and
  2. Legal Obligations. Laws or regulations may set a minimum period for which we must retain your Personal Data.

The specific retention period for your Personal Data will depend on your relationship with us, the type of Personal Data we hold and the reasons we hold your Personal Data.

We have a process in place for managing your Personal Data using appropriate technical methods in the circumstances to delete or destroy your Personal Data when we no longer have a legal basis to retain it.

Sometimes we (or third parties acting on our behalf) may need to store or process your Personal Data in countries outside of the DIFC.

Where we need to transfer your Personal Data outside the DIFC, we will take steps to ensure that your Personal Data is protected.

We may transfer your Personal Data outside the DIFC in accordance with the appropriate safeguards stipulated under Article 27 of the DIFC DPL. To the extent that we transfer your information outside the DIFC, we will ensure that the transfer is lawful and that there are appropriate security measures in place, and that any transfer to third parties outside DIFC only takes place if: (a) that third party is situated in a country that has been confirmed by the DIFC Commissioner to provide adequate protection to Personal Data, (b) that third party has agreed (by way of written contract or by some other form of data transfer mechanism approved by the DIFC Commissioner, such as standard contractual clauses, binding corporate rules, or any other equivalent applicable arrangements and ensure the additional technical controls) to provide all protections to your Personal Data as required under the DIFC DPL or (c) we have your explicit consent to do so (such as where you have requested such a transfer).

We may use your Personal Data to provide you with information about products or services which may be of interest to you where you are an existing customer or business contact or where you have provided your consent for us to do so. We may do this by post, email, telephone, and social media.

Please note that, even if you do choose not to receive marketing messages, we may still send you service-related communications where necessary.

Profiling is any form of automated processing of Personal Data, to evaluate certain personal aspects of you. In particular to analyse or predict aspects concerning your performance at work, economic situation, health, personal preferences or interests, reliability, or behaviour, location, or movements.

We use profiling as part of:

  1. Assessing insurance applications.
  2. Assessing and administering claims.
  3. Preventing and detecting insurance fraud.
  4. Improving our business. We may also use profiling and data analysis to ensure data quality and accuracy and to help us improve our processes, our products and services and check the way our models, algorithms, and machine-learning tools work.

We keep our profiling process under regular review. You may, at any time, object to profiling to the extent that it relates to direct marketing as mentioned above, by contacting us by using the details set out in the Contacting Us section of this notice.

Automated decision making refers to a situation where a decision is taken using Personal Data that is processed solely by automatic means (i.e., using an algorithm or other computer software) rather than a decision that is made with any form of human involvement.

Automated decision making is widely used in the insurance industry to offer and administer insurance efficiently and accurately.

A Data Subject shall have the right to object to any decision based solely on automated Processing, including:

Profiling, which produces legal consequences concerning him or other seriously impactful consequences and to require such decision to be reviewed manually.
Article 38(1) of DIFC DPL shall not apply if the decision is:

  1. necessary for entering into, or performance of, a contract between a Data Subject and a Controller.
  2. authorised by Applicable Law to which the Controller is subject, and which also lays down suitable measures to safeguard the Data Subject's rights; or
  3. based on the Data Subject's explicit consent.

DIFC law concerning fraud, counterterrorism, money laundering, and tax-evasion monitoring and prevention which requires Processing of Personal Data that produces legal consequences concerning a Data Subject is regarded as falling within Article 38(2)(b) of DIFC DPL No. 5.



A data protection impact assessment will be conducted prior to undertaking any high-risk processing activities, such as automated decision making, unless an appropriate exemption applies.

You have the right to be informed of the significance of any outcomes (such as decisions made) as a result of automated decision-making.

We currently use automated decision in our SME Life Assurance business. We use Life Qube to help us assess the risk and calculate what premium we charge. We have certain pricing rules which are fed into the system. You have the right in certain circumstances not to be subject to a decision which is based solely on automated processing. Please see the ‘Data Subject Rights’ section of this Notice for further details of your rights in this respect.

QBE Insurance, Middle East
Level 4, Gate Village 4
Dubai International Financial Centre (DIFC)
PO Box 506840
Dubai
UAE

All general enquiries:
Tel + T: +971 4 508 1400
F: +971 4 379 8088
Email: enquiries@ae.qbe.com

If you would like further information about any of the matters in this notice or if have any other questions about how we collect, store or use your personal information, you may contact our data protection officer by emailing dpo@uk.qbe.com or writing to:

The Data Protection Officer
QBE European Operations
30 Fenchurch Street
London EC3M 3BD

From time to time, we may need to make changes to this notice, for example, as the result of changes to law, technologies, or other developments. We will provide you with the most up-to-date notice and you can check this page periodically to view it.

This notice was last updated in November 2023.