Skip to Main Content

RGA Workforce and Recruitment Privacy Notice: European Union

 

We are committed to protecting personal information that we receive about our employees, agency staff, consultants and applicants applying to us for a job.

We are committed to maintaining transparent practices and explaining how we collect, process, and share that information. Protecting your privacy is very important to us.

This privacy notice explains how and why RGA International Reinsurance Company dac and its subsidiaries and affiliates (“RGA”, "we" or "us") collect personal information in relation to our employees, agency staff, consultants and job applicants ("you"), and how we use it.  A full list of all RGA entities is available at http://www.rgare.com/global-directory.

RGA is a global reinsurance company focusing primarily on life- and health-related reinsurance solutions. Our core products and services include life reinsurance, living benefits reinsurance, group reinsurance, health reinsurance, financial solutions, facultative underwriting and product development.

The headquarters of Reinsurance Group of America, Inc. are located in St. Louis, Missouri, United States of America.

RGA has a range of offices in EMEA region. For example, RGA International Reinsurance Company dac located in Ireland is RGA’s representative in the European Economic Area (‘EEA’); RGA Reinsurance Company Middle East Limited the United Arab Emirates is RGA’s representative in the Middle East and RGA Reinsurance Company of South Africa Limited in the South Africa is RGA’s representative in Africa. A full list of all EMEA RGA entities is available at https://www.rgare.com/global-directory/emea.  

RGA entity which employs you is the controller responsible for the personal information we collect and process. Other RGA entities may also be controllers in respect of your personal information, depending on their involvement in recruitment and employment related matters.

This privacy notice is designed to provide compliance with relevant laws in EMEA region where RGA has offices.  

RGA handle personal information in accordance with multiple local privacy laws at the place where the personal information is collected and processed. If applicable laws provide for a lower level of protection of personal information than that established by this privacy notice, then this privacy notice shall prevail.

Personal information means information, or a combination of pieces of information, that could reasonably allow an individual to be identified.

If you are applying for a position with RGA, depending on recruitment policies in a specific RGA office, we may collect your personal information in the following ways (to the extent permissible under local law):

  • from your application and CV, which you provide directly to us;
  • from your application and CV, which a recruiter provides to us on your behalf;
  • by interviewing and communicating with you and conducting assessments to test your suitability for a role;
  • by performing background checks with employment screening agencies or publicly available registers (as permitted by law). For example, RGA may check your name against lists developed by various governments for the prevention of money laundering and terrorism;
  • from publicly available professional profiles on websites or social media (e.g. LinkedIn);
  • from former employers or other referees, including RGA employees.

If you are an employee of RGA, we may collect your personal information in the following ways (to the extent permissible under local law):

  • directly from you, when you first joined the company and throughout your employment;
  • from our communications with you throughout your employment;
  • from managers, other employees, clients or service providers that provide feedback about you throughout your employment;
  • by performing ad hoc background checks with employment screening agencies or publicly available registers, such as lists developed by various governments for the prevention of money laundering and terrorism (as permitted by law);
  • from professional or regulatory bodies;
  • through the use of CCTV and time management systems on our premises; and
  • by monitoring use of our IT systems and applications.

The type of personal information we collect and process about you will depend upon specific circumstances relating to your recruitment and employment with us and local laws relevant to a specific RGA office you are engaged with.

If you are applying for a position with RGA, we may collect the following categories of personal information about you:

  • Personal details: name, gender, date of birth;
  • Contact details: phone number, email address, postal address, mobile number;
  • Educational and professional background information: educational and professional history, qualifications, certifications, skills, licenses, professional memberships;
  • Right to work information: your citizenship, work and residence permits, visas;
  • Information about your current employment: job title, responsibilities, compensation history;
  • Personality or psychometric tests information.

If you are an employee of RGA, we may collect the following categories of personal information about you:

  • Personal details: name, gender, date of birth, employee number;
  • Contact details: phone number, email address, postal address, mobile number;
  • Photographs or your images;
  • Identification documents: a copy of your passport, identity card or driving license;
  • Information about your family: marital status, dependents;
  • Emergency contacts: next of kin, their names, relationship with you and contact details;
  • Employment information: your job role, employment contract, start and leave dates, salary (including your level and grade), working pattern;
  • Pay related information: your bank account details, payroll information, tax information, retirement and/or pension information, details of any leave, expenses claimed;
  • Benefits related information: available benefits, payments claimed;
  • Personality test information;
  • Performance and training information: performance at work, promotions, training history, development needs;
  • Investigations related information: grievance and dignity at work matters, disciplinary records, warnings or penalties issued, whistleblowing concerns;
  • Monitoring related information: information derived from monitoring IT acceptable use standards, including employee user ID, IT systems access logs, CCTV records, time management system records;
  • Information about your personal and family life (only if you voluntarily share it with your colleagues).

Some of the personal information we ask you to provide is mandatory, which means that you must provide this to us in order for us to continue recruiting or employing you and/or to fulfill our legal obligations. Where it is mandatory for you to provide certain information, we will make this clear to you when we ask for the information.

Our ability to collect and process your special category personal information will depend on local laws relevant to a specific RGA office and circumstances relating to your recruitment and employment with us.

If you are applying for a position with RGA, we may collect the following special category personal information:

  • Criminal records: confirmation whether you have committed any criminal offence and security measures that were applied.

If you are an employee of RGA, we may collect the following special category personal information:

  • Criminal records: confirmation whether you have committed any criminal offence and security measures that were applied;
  • Health information: sick leave forms, details of reasonable adjustments at the office;
  • Accident records (only if you have an accident at work);
  • Information relating to your diversity (only if you voluntarily share it with your colleagues).

If you are applying for a position with RGA , we use your personal information to:

  • facilitate the recruitment process and to match your details to job opportunities;
  • check whether you have previously applied for a job with us
  • communicate with you in relation to your application;
  • assess your professional experience, skills and abilities for a specific role;
  • provide you with an adequate offer;
  • keep you informed of job opportunities which we think may be of interest.

Under certain circumstances we may also use your special category personal information to take precautionary measures and ascertain that you were not involved in criminal activities and are able to carry out specific responsibilities at RGA.

If you are an employee of RGA, we use your personal information to:

  • carry out the contract we have with you and manage our human resources processes;
  • administer immigration and mobility needs;
  • compensate you for your work, administer our payroll and your leave entitlements;
  • provide you with applicable pension entitlements and benefits;
  • assess your performance, identify development needs, conduct pay and grading reviews, administer promotions and provide training;
  • plan succession;
  • deal with any disputes or reported misconduct and comply with legal obligations to which we are subject and cooperate with regulators and law enforcement bodies;
  • conduct investigations and resolve employee disciplinary or grievance issues;
  • deal with your enquiries and requests;
  • facilitate your interaction with others, maintain interesting and collaborative working environment;
  • provide you with the access to our premises, equipment and systems;
  • maintain the security of our premises, systems, facilities and data.

We may also process your special category personal information for the following purposes:

  • to take precautionary measures and ascertain that you were not involved in criminal activities and are able to carry out specific responsibilities at RGA;
  • to comply with our health and safety obligations, including administration of sick pay, monitoring and managing of sickness absence and adapting the workplace or our facilities for your needs;
  • to foster diversity in the workplace, for example, to make special arrangements to accommodate religious beliefs or to promote diversity in the workplace.

We may use technology (including technology provided by third party service providers) to process your personal information in a manner that constitutes "profiling" (to the extent permissible under local laws). This involves the use of software that is able to evaluate your personal aspects and predict risks or outcomes. The main examples of when we conduct profiling are:

  • when we use personality or psychometric tests, particularly in the recruitment process. These tests analyse your responses to highlight potential strengths and weaknesses and your possible match for certain types of roles, but we do not use these tests to automatically select or eliminate candidates; and
  • for workforce management. We may use software to ensure our workforce is managed and utilised efficiently, to predict risks in staff retention, and to ensure that employees are being compensated fairly.

Although we may use profiling to assist our decision-making, we do not make solely automated decisions about individuals. So we do not make decisions about hiring, compensation, dismissal, promotion or other matters which may significantly impact an individual, without assessing all the circumstances.

We are committed to processing your personal information fairly and lawfully and only to the extent necessary to achieve the purposes listed above.

We must have a legal basis to process your personal information. In most cases, our ability to obtain and process your personal information is based on one of the following:

  • to take necessary steps prior to entering into a contract with you;
  • to fulfil our contractual obligations to you in connection with your contract with us;
  • to comply with our legal obligations, for example obtaining proof of your right to work status or carrying out background checks;
  • to comply with our legal obligations to you, for example health and safety obligations that we must comply with as your employer, applicable laws in the reinsurance sector or other applicable employment laws;
  • to meet our legitimate interests, for example, to conduct the recruitment process efficiently and fairly, to manage our employees effectively, to develop, train and provide feedback on our employees, to monitor compliance with internal policies and to protect the company (and other employees) against theft, cybersecurity threats or other crimes. When we process personal information to meet our legitimate interests, we put in place robust safeguards to ensure that your privacy is protected and to ensure that our legitimate interests are not overridden by your interests or fundamental rights and freedoms. If you wish to obtain further information concerning the balancing test that we carry out, please contact us at the details contained in the "Contact us" section below; and
  • to protect your or another person's vital interests, for example by providing your health information to a doctor in a medical emergency.

On occasion, we may obtain your explicit consent to collect and use certain types of personal information, for example when we are required to do so by law or if candidates ask us to pass their details to a third party for recruitment purposes. If we ask for your consent to process your personal information, you may withdraw your consent at any time by contacting us at the details contained in the "Contact us" section below.

For more information about how these legal bases apply to the processing of your personal information, please seek for more detail at the following link: https://www.rgare.com/careers/legal-bases-and-purposes-hr-english/

You have certain rights regarding your personal information, subject to local laws and circumstances relating to the processing of your personal data.

Your rights include the right to:

  • ask us to confirm whether your personal information is being processed, and access your personal information and details concerning its processing (right of access);
  • rectify any inaccurate information we hold about you (right to rectification);
  • erase your personal information (right to erasure);
  • restrict the processing of your personal information (right to restriction of processing);
  • ·object to our processing of your personal information (right to object);
  • withdraw your consent in relation to processing your personal information (where we rely on your consent as our legal basis for processing) (right to withdraw your consent);
  • receive your personal information in a usable electronic format and transmit it to a third party (right to data portability); and
  • lodge a complaint with your local data protection authority.

If you would like to discuss or exercise such rights, please contact the HR department or the Global Privacy & Security Office (GSPO) at dsr@rgare.com, or by using the contact details provided in section ‘Contact us’ below.

We encourage you to contact the HR department to update or correct your information if it changes or if the information we hold about you is inaccurate.

We are committed to working with you to obtain a fair resolution of any request, complaint or concern about privacy. If, however, you believe that we have not been able to assist with your request, complaint or concern, you have the right to make a complaint to your local supervisory authority (i.e. the supervisory in the jurisdiction where you live or work) or the supervisory authority of the jurisdiction where you believe an infringement of data protection laws has occurred. Contact details of supervisory authorities are available at the following link: https://www.rgare.com/privacy-policy/english/supervisory-authorities-contacts 

We implement technical and organisational measures to ensure a level of security appropriate to the risk to the personal information we process. These measures are aimed at ensuring the on-going availability, integrity and confidentiality of personal information. We evaluate these measures on a regular basis to ensure the security of the processing.

If you are applying for a job with us, we will retain your personal information until the position you are applying for has been filled, after which we will retain your personal information in accordance with our retention policy for a period of time that enables us to:

  • Check our records should you apply for another role with us
  • Comply with record retention requirements under the local law
  • Defend or bring any existing or potential legal claims
  • Deal with any queries or complaints you may have

We will delete your personal information when it is no longer required for these purposes. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the data.

If you are an employee, we will keep your personal information for as long as you remain employed with us. Once our relationship with you has come to an end, we will retain your personal information in accordance with our retention policy for a period of time that enables us to:

  • Provide you with any continuing benefits such as pension or insurance
  • Comply with record retention requirements under the local law
  • Defend or bring any existing or potential legal claims
  • Deal with any queries or complaints you may have
  • Conduct checks against departing employees that move to certain controlled functions, in accordance with regulations

We will delete your personal information when it is no longer required for these purposes. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the data.

Because we operate as a global business, your personal information may be transferred to, stored, and processed by RGA entities in other countries, which may include countries that are not regarded as ensuring an adequate level of protection for personal information under the European Union or your local law. Therefore, RGA has adopted Binding Corporate Rules (‘BCRs’) to enable us to make international transfers of your personal information within our group of companies in compliance with data protection laws of the European Union and other relevant countries. Summaries of our BCRs are available at https://www.rgare.com/about-rga/binding-corporate-rules/  

If we need to transfer your personal information to service providers or other parties located outside the EEA or other relevant countries, we will make sure that adequate safeguards are in place with those parties. We typically put in place contractual commitments in accordance with applicable legal requirements to ensure that your personal information is adequately protected. For more information on the appropriate safeguards in place, please contact us at the details contained in the "Contact us" section below.

If you have questions or concerns regarding the way in which your personal information has been used, please e-mail us at privacy@rgare.com, or call or write to us.

Our Ireland (representative in EEA) postal address is:

RGA International Reinsurance Company dac

3rd Floor, Block C
Central Park
Leopardstown, Dublin 18, D18X5T1

 

Our Ireland telephone number is:

+353 1.290.2900

Our United Kingdom postal address is:

RGA International Reinsurance Company dac, UK Branch Office

RGA UK Services Limited

5th Floor, 24 Chiswell Street

London, EC1Y 4TY

 

 

Our United Kingdom telephone number is:

+44 20 7710 6700

 

Our South Africa postal address is:

RGA Reinsurance Company of South Africa Limited

Cape Town Office

7th Floor, The Terraces, Black River Park

2 Fir Street, Observatory, 7925, Cape Town

 

Johannesburg Office

1st Floor, Sentinel House, Sunnyside Office Park

32 Princess of Wales Terrace, Parktown, 2193, Johannesburg

Our South Africa telephone number is:

 

+27 21.486.1700

 

 

+27 11.484.0577

 

For all other postal addresses and telephone numbers, please see https://www.rgare.com/global-directory/emea/

If you would like to exercise a data subject right, you may use our online contact form.

Our data protection officer: RGA’s Data Protection Officer for the EMEA region is Dean Scotson. Should you have any questions or concerns for our DPO regarding the way in which your personal information has been used, please contact him via email at dpo@rgare.com.

 

You may request a copy of this privacy notice from us using the contact details set out above. We may modify or update this privacy notice from time to time. If we make a significant change to this privacy notice, we will notify you and, where appropriate, give you sufficient advance notice so that you have the opportunity to exercise your rights (e.g. to object to the processing).


Last updated: July 2019.