We, Tokyo Branch of General Reinsurance AG (“Company”) shall comply with the “Act on the Protection of Personal Information” (APPI), other relevant laws, ordinance, guidelines, and the policy of Gen Re Group. The Company strives to ensure that personal information obtained from the clients is properly handled, and implement appropriate measures for the secure management of personal information. The Company will also continuously work reviewing and improving measures for the secure management of personal information, and conducting education and training for its employees so as to ensure that personal information is handled properly. This privacy policy shall apply to personal information subject to the APPI. The Company is a branch of General Reinsurance AG established in Germany.

1. Acquisition of Personal Information

The Company collects personal information including sensitive personal information through data provided by our clients including insurance companies at reinsurance transactions in a lawful and proper manner to the extent necessary for the conduct of business. Here, also information from business cards provided by our clients including insurance companies is regarded and handled as personal information.

2. Purposes of Use of Personal Information

The Company uses personal information to the extent necessary for the purposes of use described below. In cases of modifying a purpose described below, the Company will officially announce the details of the modification on its website and or will notify the clients on an individual basis.

1. Reinsurance contract underwriting examinations; the execution, maintenance and management of reinsurance contracts
2. Payment of reinsurance claims
3. Execution, maintenance and management of retrocession treaties
4. Responding to requests for cooperation from government agencies, etc. for the purpose of sound operation of the insurance regime
5. Providing various kinds of information and invitation to seminars for our clients including insurance companies
6. Questionnaire surveys of our clients including insurance companies, etc.
7. Recruitment and personnel management of our employees
8. Other matters incidental to (1) to (7).

3. Maintaining Accuracy

The Company strives to keep personal information accurate and up to date.

4. Security Control of Personal Data

For the prevention of leakage, loss, or damage, and for other security controls of the personal data, the Company shall take necessary and proper measures including establishing relevant regulations, conducting training for employees, and controlling access to the information system handling personal data and shall examine from time to time whether these measures are being carried out appropriately.

5. Entrustment of the Handling of Personal Data

Within the scope necessary for achievement of the purposes of use, the Company may entrust a third party with the handling of personal data. In these cases, the Company applies criteria for selection of institutions to which the handling is to be entrusted, checks in advance the personal information management systems of the institutions, and carries out necessary supervision of the institutions, including monitoring of the institutions’ business execution after entrustment of handling of personal data.

6. Joint Use of Personal Data

Currently, the Company does not jointly use from the clients collected personal data.

7. Provision of Personal Data to a Third Party

Unless otherwise any applicable law permits, the Company shall not, except in the following cases, provide personal data to a third party without obtaining the prior consent of the person:

1. In cases in which the provision of personal data is based on laws and regulations;
2. In cases in which there is a need to protect the life, wellbeing, or property of an individual, and it is difficult to obtain the consent of the person;
3. In cases in which there is a special need to improve public wellbeing or promote healthy child development, and it is difficult to obtain the consent of the person;
4. In cases in which there is a need to cooperate with a national government organ, local government, or person entrusted thereby with performing the functions prescribed by laws and regulations, and obtaining the consent of the person is likely to interfere with the performance of those functions; or
5. In cases in which the third parties (including our Affiliates) fall under the cases stipulated in Clauses 5 or 6.

8. Transfer outside of Japan

The Company may transfer/retain personal data outside of Japan pursuant to Clause 7 above. In this case, to the extent an applicable law requires, the Company executes an appropriate data transfer agreement or policy with a transferee.

General Reinsurance Life Australia Ltd., an affiliate of General Reinsurance AG, is entrusted with the handling of from the clients collected personal data for achievement of purpose (1) of Clause 2 above. The location of General Reinsurance Life Australia Ltd. is Commonwealth of Australia. For information on the legal system by the Personal Information Protection Commission, please refer to the following web site: https://www.ppc.go.jp/enforcement/infoprovision/laws/offshore_report_australia/

9. Notification, Disclosure, Correction, Delete or Cessation of Use of Personal Data

The Company responds appropriately based on the prescribed procedures in accordance with law, when receiving requests by the persons themselves for notification, disclosure, correction, addition, deletion or cessation of use of personal data.

In addition, if the personal data requested for disclosure, correction, addition, deletion, suspension of use, etc. is obtained from the original insurance company, we will take appropriate measures after consultation with the original insurance company if necessary.

When contacting us for requests, please provide copies of either of the following for identification confirmation.

1. For persons themselves:
   • e.g. driver’s license, passport, resident card
2. For representatives:
   • Power of Attorney
   • Documents to identify the representative

10. Contact Us

Please do not hesitate to contact any of the contacts below should you have any questions regarding the personal information handling.

General Reinsurance AG Tokyo Branch
Compliance
PMO HANZOMON 10F, 2‑1 Kojimachi, Chiyoda‑ku, Tokyo 102‑0083 JAPAN
Tel: +81 3 3511 5438 (Compliance)

11. Modifications to Privacy Policy

The Company may make modifications to this Privacy Policy. In such case where modifications are made, the details will be posted on the Company website.

Last updated: July 2023