Our Policies and Standards
Our commitment to data protection and privacy is stated in the Swiss Re Code of Conduct: "We handle personal data with the greatest care and use it only for legitimate and specified business purposes". Furthermore, our global data protection compliance framework – including policies, standards, information security measures, appointed Data Protection Officers, training and awareness programmes and business-relevant procedures – sets forth the following key principles:
- We respect the privacy rights of Swiss Re's employees, customers, clients, business partners and other individuals whose personal data we have and use.
- We protect personal data by implementing appropriate technical and organisational measures in our data processing operations.
- We obtain personal data fairly and only use it for legitimate business purposes.
- We hold ourselves accountable for demonstrating compliance with applicable legal and regulatory requirements and understanding of our roles and responsibilities.
These principles, stated in our Data Protection Policy, are applicable to all of Swiss Re's entities worldwide and are derived from internationally recognized privacy principles.
In addition, whenever there are local laws or particular business units where the type of data processing calls for more elaborate guidance or heightened scrutiny, we establish governing standards and adopt tailored safeguards appropriate for the situation in question. Finally, we recognise that today's digital reality is one where data circulates globally, and risks may present themselves in unprecedented ways. Consequently, we take care to understand relevant laws and regulations and assess the risks that arise as personal data is processed in our global operations.