PIPA Privacy Notice

1. Purpose This Privacy Notice describes how The Shipowners Insurance and Guaranty Company Ltd. (the "Company," "we," "our," or "us") may use personal information of visitors to our website. The Company is responsible for any personal information that is used by us in relation to website visitors.

This Privacy Notice is intended to provide you with clear and easily accessible information about our practices and policies with respect to personal information and complies with the requirements of the Personal Information Protection Act 2016 ("PIPA").

The principles outlined herein apply to visitors to our website. Additional privacy notices govern our relationships with employees, directors, and contractors.

2. Definitions

  • "Personal information" means any information about an identified or identifiable natural person.
  • "Use" or "using", in relation to Personal information, means carrying out any operation on Personal information, including, but not limited to: collecting, holding, organizing, altering, transferring, disclosing, combining, blocking, erasing or destroying it.
  • "Sensitive Personal information" means any Personal information relating to an individual's place of origin, race, colour, national or ethnic origin, sex, sexual orientation, sexual life, marital status, physical or mental disability, physical or mental health, family status, religious beliefs, political opinions, trade union membership, biometric information or genetic information.
  • "Consent" – The voluntary, clear indication of an individual's agreement to the use of their personal information.

3. Your Personal information that we use The Company may directly and indirectly use the following types of Personal information:

General Personal information

  • Identity information (e.g., name, email address, phone number, and mailing address)
  • Technical data (e.g., IP addresses, browser type, operating system, and interactions with our website)
  • Communication records (e.g., inquiries, forms submitted, and correspondence)
  • Marketing preferences (e.g., newsletter sign-ups and preferences regarding promotional material)

Sensitive Personal information: We do not typically collect sensitive personal information from website visitors unless required by law or voluntarily submitted by you.

4. How we use your Personal information We will only use your Personal information for the purposes for which we collected it, which include, without limitation, the following:

  • To manage your relationship with us
  • To respond to inquiries submitted via our website
  • To provide information about our services, events, or updates
  • To carry out website analytics and monitor performance
  • To improve website functionality and user experience
  • To comply with regulatory obligations and legal requirements
  • To ensure the security of our website and protect against unauthorized access
  • To send marketing materials (subject to your consent)

We may share your Personal information with third parties necessary for the conduct of our business, to comply with legal obligations, fulfill contractual requirements, or where explicit consent has been obtained, which include the organizations or persons set out below:

  • IT service providers and website administrators
  • Auditors, legal advisors, and consultants
  • Marketing platforms (subject to your consent)
  • Regulatory authorities, if required by law

You have the right to withdraw your consent to marketing communications at any time by contacting our Privacy Officer.

5. Purposes SIGCo collects personal information through its website in order to facilitate communication, improve services, and fulfill its obligations. We only use personal information if it is lawful to do so, specifically where:

  • It is necessary to fulfill a request or provide information.
  • It is required to comply with legal obligations or a court order.
  • It is necessary for our legitimate business interests, such as ensuring website security, enhancing functionality, and managing relationships with users.
  • You have provided explicit consent.

If you choose not to provide necessary personal information, this may limit our ability to engage with you or fulfill your requests.

6. Retention of Personal information We retain your personal information only as long as necessary to fulfill the purposes outlined in this Privacy Notice or as required by applicable laws. Typically:

  • Website analytics and technical data are retained for two years
  • Contact and communication records are retained for up to seven years, depending on the nature of the inquiry or engagement

7. Keeping your Personal information safe We take information security and confidentiality seriously. We implement appropriate controls and procedures which are designed to maintain the security of our information systems and processes and prevent (i) loss, (ii) unauthorized access, destruction, use, modification or disclosure, or (iii) any other misuse of the Personal information we collect and use.

International Data Transfers Where your Personal information is transferred to an affiliate or third party located outside of Bermuda (including where we use certain IT systems that are hosted abroad), we will take steps to ensure that your Personal information is adequately protected and transferred in accordance with any applicable data transfer requirements. In particular, we will use reasonable efforts to ensure that such affiliates and third parties are subject to their own data protection laws and regulations which are equivalent to PIPA and/or GDPR or are otherwise bound by the terms of this Personal information Privacy Notice, a similar policy, or equivalent contractual obligations.

Where your personal information is transferred to a jurisdiction outside Bermuda, we will ensure that appropriate safeguards are in place. This may include:

  • Verifying that the recipient's data protection standards are equivalent to those required under PIPA
  • Implement Standard Contractual Clauses (SCCs) or equivalent contractual obligations to protect your personal information

In the absence of such safeguards, we will seek your explicit consent before transferring your personal information internationally.

In the event of a data breach, we will notify affected individuals and relevant authorities as soon as practical and without undue delay, in accordance with applicable laws. Notifications will be sent via email and will include details of the breach, its potential impact, and any steps we are taking to mitigate the risk.

8. Your rights in relation to your Personal information You have certain rights with respect to your Personal information, and you may submit to us reasonable written requests to:

  • Access your Personal information that is in our custody or control
  • Correct an error or omission in any of your Personal information which is under our control
  • Cease, or not to begin, using your Personal information for the purposes of advertising, marketing or public relations or where the use of that Personal information is causing, or is likely to cause, substantial damage or substantial distress to the individual or another individual
  • Erase or destroy your Personal information where it is no longer relevant for the purposes of its use, except where retention is necessary to comply with legal obligations, resolve disputes, or enforce contractual rights

Where the Company is using your Personal information on the basis of your prior consent, you may request that it ceases to use (or otherwise process or store) such information. However, the Company may continue to use certain Personal information to the extent permitted by the other legal grounds as described above.

In certain circumstances, the Company may refuse to provide access to your Personal information. These include situations where:

  • Personal Information is protected by legal privilege
  • Disclosure of the Personal information would reveal confidential information of the organisation or of a third party that is of a commercial nature and it is not unreasonable to withhold that information
  • Personal Information is being used for a current disciplinary or criminal investigation or legal proceedings, and refusal does not prejudice the right of the individual to receive a fair hearing
  • Personal Information was used by a mediator or arbitrator, or was created in the conduct of a mediation or arbitration for which the mediator or arbitrator was appointed to act under an agreement or by a court
  • Disclosure of the Personal information would reveal the intentions of the organisation in relation to any negotiations with the individual to the extent that the provision of access would be likely to prejudice those negotiations

If we deny your request for access, we will provide you with an explanation of the reasons for the refusal, except where prohibited by law.

In certain circumstances, you may request a review by the Privacy Commissioner regarding our decision, action, or failure to act in relation to your Personal information. If you remain dissatisfied, you have the right to file a formal complaint with the Privacy Commissioner, who can be contacted at:

Bermuda Privacy Commissioner
Maxwell Roberts Building
4th Floor
1 Church Street
Hamilton, HM11
Bermuda

Email: [email protected]
Phone: +1 (441) 543-7748

The Privacy Commissioner will assess your complaint in accordance with the Personal Information Protection Act 2016.

9. Cookies and Tracking Technologies Our website uses cookies and similar technologies to improve functionality, personalize user experience, and analyze site traffic. Cookies are small data files stored on your device that allow us to recognize returning visitors and remember user preferences.

By continuing to use our website, you consent to the use of cookies as described in this Privacy Notice. If you prefer not to allow cookies on your device, you can:

  • Adjust your browser settings to block some or all cookies
  • Delete cookies that have already been set

Please note that disabling cookies may affect the functionality of certain features on our website.

For more information on how to manage cookies through your browser, please visit the Help or Settings section of your browser.

10. How to contact us For general inquiries about the Company or any of our Services, more information can be found at our website, https://www.sigcogroup.com/. Our offices are located at Ascot House, 28 Queen Street, Hamilton, Bermuda.

If you have any questions about this Privacy Notice or to request more details about your rights and how we collect, use and disclose your Personal information, please contact our Privacy Officer, Mark Haydon, at [email protected] or +1 441 298-0618. Any request must be in writing and provide sufficient detail to enable us to identify the Personal information to which the request relates.

11. Privacy Notice updates This Privacy Notice is subject to change in accordance with changes to applicable laws or our internal policies and procedures. The date below indicates when this Privacy Notice was last revised.

Any changes to this Privacy Notice will be effective upon publication of the revised Privacy Notice, and continued use of our Services following such changes indicates your acceptance of the revised Privacy Notice.

This Privacy Notice will be reviewed annually or as required by changes in applicable laws or company practices.

December 31, 2024