Privacy Policy (IFSC Branch)

Effective date: 02 February 2026

1. Who we are

This policy explains how Berkley Insurance Company, IFSC Branch (“we”, “us”, “our”) handles personal data in India under the Information Technology Act, 2000 and the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011 (“SPDI Rules”) in connection with policy placement and administration, claims and related activities.

2. What personal data we collect and from whom

We collect a limited set of personal data that is appropriate and relevant to our (re)insurance activities from individuals, cedants, via brokers or other intermediaries, from parties involved in a claim (e.g., claimants, witnesses, experts), from public sources or from our service providers acting on our behalf. This may include:

• Identification and contact details.
• Policy and risk information.
• Finance/billing information.
• Claims information (including statements, reports, images and, where necessary, health information).
• IT usage data (e.g., logs to protect our systems).

3. Purposes for which we collect, use and disclose personal data

We collect and use personal data only for lawful purposes connected with our functions and activities as a (re)insurer, including:

• Underwriting, placement and policy administration (including endorsements and renewals).
• Claims management (notification, investigation, defence, negotiation, settlement, recovery/subrogation and fraud prevention).
• Reinsurance placement and administration.
• Handling enquiries and communications.
• Performing due diligence, sanctions and AML/CFT screening and other legal, regulatory and audit obligations.
• IT, security and business operations (including vendor hosting and support, cybersecurity safeguards and incident response).

4. Consent

Where required, we obtain an individual’s consent before collecting, using or disclosing their sensitive personal data for a stated purpose. Individuals may refuse to provide information or withdraw consent; if so, we may be unable to assess a proposal, offer terms, incept/maintain cover, or assess/settle a claim.

5. Third parties to whom we may disclose or transfer personal data

For purposes appropriate to our business, we may disclose personal data to:

• Policyholders, insureds and beneficiaries, and their brokers or other intermediaries, involved in placement and administration.
• Reinsurers, retrocessionaires and reinsurance brokers.
• Loss adjusters, third‑party administrators, forensic and other experts, medical or technical professionals, investigators (subject to lawful and fair means of collection and “adequate but not excessive” data handling).
• Panel lawyers, counsel, courts/tribunals.
• Regulators and public authorities (including law enforcement) where required or permitted by law.
• Service providers (data processors) providing IT hosting, cloud, cybersecurity, communications, document management or other operational support, under contracts that protect personal data.

6. Overseas transfers

We may transfer personal data to another entity in India or overseas where the recipient ensures the same level of data protection as under the SPDI Rules and where the transfer is necessary for the performance of a lawful contract or where the individual has consented.

7. Data protection, retention and accuracy

We implement reasonable security practices and procedures and maintain a documented information security programme with managerial, technical, operational and physical controls (e.g., IS/ISO/IEC 27001 or equivalent). We take reasonable steps to ensure data is accurate and complete for the purposes for which it is used or disclosed and retain personal data only for as long as necessary for those purposes or as required by law, after which we securely delete or anonymise it.

8. Access, correction and grievance redressal

Individuals have the right to request access to personal data we hold about them and to request correction of any inaccurate data. We will address discrepancies and grievances on a timely basis through our designated Grievance Officer (India), who will respond within one month.

9. Use of automated tools/AI (if any)

If we use automated tools (e.g., document classification or fraud analytics), we apply accountability, human oversight, data minimisation and appropriate safeguards.

10. How to contact our Data Protection Officer

Data Protection Officer, Berkley Insurance Company (IFSC Branch)
Address: Office No. SI-G-A001, Shilp Incubation Centre, Plot 11T 3 and 11T 5, Block – 11, GIFT SEZ, GIFT City, Dist. Gandhinagar – 382355
Email: [email protected]
Tel: +919930833426

11. Updates to this policy

We may update this policy from time to time and will make the latest version available on our website.

European Union General Data Protection Regulation (GDPR)

European Union customers can access our Privacy Notice under GDPR by clicking this link.