Privacy Notice

Your privacy and the protection of your personal information and data are important to us. Here at Al-Nisr Al-Arabi Insurance Company (the "Company"), we assure you that the personal data you provide to us is treated as private and confidential, with the highest levels of security, and processed in accordance with the Personal Data Protection Law in Jordan, Law No. 24 of 2023, referred to hereinafter as the "Law". As well as in compliance with the regulations issued by the Central Bank of Jordan regarding data processing by entities under its supervision, hereinafter referred to as the "Regulatory Requirements for Personal Data Protection".

This privacy notice, hereinafter referred to as the "Notice", aims to provide you with information on how we use your personal data, the steps we take to ensure its confidentiality and security, what personal data we collect, process, and what your rights are regarding the privacy of your data and how you can exercise them.

How We Collect Your Data

The Company collects your data through one of the following methods:

Directly: We obtain personal data directly from you through the Company's authorized direct sales channels, so you can access a service from the Company or engage with the Company, including but not limited to: filing a complaint, entering into an employment relationship, or for other purposes based on the required or agreed-upon services.
Indirectly: We may obtain personal data about you indirectly from multiple sources, including; website usage tracking files "Cookies", device profiling files, social media, public sources, business partners, and recruitment services, in order to better serve you or to fulfill a legal obligation such as a request for clarifications from the court, or for other legitimate interests according to relevant laws.

How We Use Your Data

We collect your personal data for various reasons related to our services, products, or interactions with you, including but not limited to:

To provide and manage your account and our relationship with you.
To provide you with information and other details about insurance documents or your relationship with us.
To handle inquiries and complaints.
To deliver our services to you.
To conduct evaluation, testing, and analysis for statistical purposes or other market research purposes.
To assess, develop, and improve the services we provide to you and other clients.
To protect our business interests and develop our business strategies.
To communicate with you, by mail, phone, text messages, email, and other digital means.
To collect any due installments.
To comply with regulatory requirements and reporting obligations related to financial crime prevention.
To assess any applications submitted.
To monitor, record, and analyze any communications between you and us.
To share your data with the Central Bank, Ministry of Industry and Trade, Securities Commission, Securities Depository Center, Tax Department, or any relevant government or official entities.
To share your data with our partners, service providers, and external auditors.
To recruitment and auditing agencies regarding prospective job applicants.
To research, marketing, and sales agencies for clients.
For litigation purposes, legal consultations, notifications, or transaction documentation.

Legal Basis for Processing Your Personal Data

As necessary to comply with a legal requirement from a regulatory or judicial authority:

We process your personal data to comply with laws and regulations applicable to us, including anti-money laundering laws and regulations, compliance monitoring instructions, and anti-fraud regulations.

For example, collecting “Know Your Customer” (KYC) data — including income details, work address, and residential address — is required under anti-money laundering regulations applicable to the Company.

- Contractual obligation: We process your Personal Data when it is necessary to enter into a contract with you, to perform an existing contract, or to take steps at your request prior to entering into a contract. For example, when you apply for an insurance policy, we need to process your Personal Data to assess your application, determine policy terms, and issue the insurance coverage.

- Legitimate interests: We process your Personal Data as necessary to fulfil a legitimate interest such as Processing Personal Data as necessary to protect against cyber risks, enhance the company’s products and services, and profiling activities intended to ensure more customized and personalized products and services. In line with Central Bank of Jordan Regulation on Personal Data Protection, where the company uses the legitimate interest as a basis of Processing, the company ensures the legitimate interest perceived does not affect individuals’ rights and interests and does not override them.

- Consent: Where none of the above basis apply, we shall process your Personal Data based on your consent. You can submit a request to withdraw such consent – please refer to section below (What are your rights and how you can exercise them).

What Personal Data We Collect and Process

Personal details, such as name, date of birth, email address, nationality, marital status, gender, and contact information.

Current residential address and permanent residence address, along with proof of address documents.
Identity data, including documents and details of identity cards and passport details.
Employment details, including employer, job status, job title, full name, email address, address, personal phone number, and work phone number.
Financial data: income and source of income.
Tax status data such as tax identification number, FATCA regulatory compliance forms for foreign accounts, to comply with FATCA requirements by using accounts opened in foreign financial institutions outside the United States.
Details of insurance and financial transactions conducted by you or any associated persons, including dates, amounts, currencies, payment details, and beneficiaries.
Audiovisual recordings, including CCTV captured images.
Digital identifiers (IP address, email).
Website usage tracking files "Cookies" (please refer to our cookie notice).
Data required to comply with anti-money laundering (AML) and counter-terrorism financing (CTF) requirements and other regulatory obligations, and data needed by the company to fulfill regulatory reporting obligations such as reporting suspicious activities to relevant authorities.
Information about other individuals, such as witnesses, family members, emergency contacts, and guardians, including their signatures, addresses, and relationship to you.
Information about legal disputes and complaints related to you.
Information about agreements and contracts entered into with our company, invoices, and commissions.

For How Long Do We Retain Your Personal Data?

We retain your personal data to provide our services, stay in touch with you, and comply with laws, regulations, and professional obligations applicable to us. This includes regulatory requirements for record retention applicable to the insurance sector, for example, customer identification personal data such as your ID, personal and work details, need to be retained for 5 years. Sometimes we may need to keep your information for longer. The reasons for this include:

• where we need the information to meet regulatory or legal requirements
• to help detect or prevent fraud and financial crime
• to answer requests from regulators

We will securely dispose of your personal data when we no longer need it for the above justifications, Please refer to Compliance and Legislations Enforcement Department at privacy.office@al-nisr.com for further details on our records retention practices.

Processing Sensitive Personal Data

Personal Data Protection Regulatory Requirements define Sensitive Personal Data as any data or that directly or indirectly indicates the individual’s origin, race, political opinions, religious beliefs, financial status, health, physical or mental condition, genetic data, biometric data, or criminal record. Biometric data refers to unique characteristics, either physical (like fingerprints, DNA, iris patterns) or behavioral (like voice patterns), that are processed by specific technologies to uniquely identify or verify an individual. Al Nisr ensures there is a lawful basis for Processing of Sensitive Personal Data. For example:

Health Data: The Company collects and processes your health data as part of underwriting procedures for insurance applications — such as health and life insurance — and only after obtaining your prior explicit consent.
Financial Status data: This includes sharing such data with reinsurers and the health insurance management company (NatHealth).
Health data is also processed as part of the insurance claims review and verification process prior to disbursing benefits to eligible claimants.

The Company collects and processes financial status information of individual clients as part of due diligence procedures, as well as for representatives of corporate clients (e.g., authorized signatories and general managers), and in line with Know Your Customer (KYC) obligations.

The Company also collects additional financial information, such as bank account numbers and IBANs, for clients or premium payers, to process premium payments.

Additionally, the Company collects financial information of personal guarantors for corporate clients as part of credit evaluation procedures. This data is provided directly by the guarantors.

Marketing

Al Nisr may send you marketing messages about our products and services. You have the right to opt-in or out of receiving marketing messages by us at any time. You can also object to your personal data being used for marketing purposes at any time by emailing Privacy.Office@al-nisr.com

How Do We Protect Your Personal Data?

We will take reasonable technical and organizational measures to prevent the loss, misuse, or alteration of your personal data. We aim to ensure that access to your personal data is restricted only to those authorized to do so and committed to maintaining its confidentiality.

If you use online services provided by the company, you remain responsible for maintaining the confidentiality of your username and password.

Who Has The Right To Access Your Personal Data And To Whom Is It Disclosed?

WWe maintain the confidentiality of your personal data. To provide our services to you to the best of our ability, we may share your personal data with other parties through binding contractual agreements to protect and process your data only under our strict instructions and in accordance with applicable laws and regulations.

We may share data related to you and your transactions with us, to the extent permitted by law, with:

The Arab Bank Head Office for legitimate purposes and in compliance with the law, such as centralized compliance requirements with the Head Office.
External auditors.
Regulatory bodies, government entities, and official entities, including those specialized in combating financial crimes and tax authorities.
Third-party service providers, including cloud service providers.
Agents acting on behalf of the company.
Postal services.
Law firms, lawyers, or legal advisors.
Other parties with whom you have consented to share your data.

Please refer to Compliance and Legislations Enforcement Department at privacy.office@al-nisr.com for further details and contact details of such third parties as well as their respective Privacy Notices (where applicable).

Transfer of Data outside the Hashemite Kingdom of Jordan

In accordance with the law, we may transfer your personal data to external institutions outside the Hashemite Kingdom of Jordan when we have a legitimate reason related to our business to engage these parties. Each of these entities must protect personal data in accordance with our contractual obligations with them and in accordance with applicable laws and regulations.

What Are Your Rights and How Can You Exercise Them?

You may exercise the following rights concerning your Personal Data:

Right to access your Personal Data within the custody of the Company.
Right to be notified of processing.
Right to withdraw prior consent you have provided for the Processing of your Personal Data.
Right to rectify, modify, or update your Personal Data.
Right to limit processing for a specified purpose.
Right to erase your Personal Data or to restrict the Processing of your Personal Data.
Right to object to Processing and Profiling if they are not necessary to achieve or outweigh the purposes for which the Personal Data was collected, or if they are discriminatory, unfair, or violate the law.
Right to personal data portability in some circumstances, where you have provided personal information to us, you can ask us to transmit that personal information (in a structured, commonly used, and machine-readable format) directly to another company if technically feasible.
Right to be notified of inaccurate disclosure and breaches on your Personal Data. Note that in the event of a serious breach of your Personal Data security and safety that could cause significant harm to you, the Company shall notify you within (24) hours from the discovery of the breach and provide you with necessary measures to avoid any consequences resulting from the breach. This is in compliance with the Law.

To submit a request to exercise any of these rights, please send an email to privacy.office@al-nisr.com

Please note the company shall act promptly on received requests while noting per Personal Data Protection Regulatory Requirements, replies are to be provided within (15) Business days from the date of receipt. Please note that our fulfillment to your requests may be subject to limitations, in certain circumstances, in accordance with the Law. For example, a request to erase your Personal Data in the custody of the company may not apply where we are required to retain this data under regulatory requirements on data retention.

Contact Information
Al-Nisr Arab Insurance Company
Jordan, Shmeisani, Issam Al-Ajlouni Street, P.O. Box: 9194, Postal Code: 11191, Amman, Jordan

For More Information
If you have any questions regarding this notice or would like to know more about our security practices, please contact us at: privacy.office@al-nisr.com

Complaints
If you have any complaints on personal data processing conducted by the company, please share your concerns with privacy.office@al-nisr.com. Please note the company shall act promptly on received requests while noting per Personal Data Protection Regulatory Requirements, replies are to be provided within (10) days from the date of receipt.

You also have the right to share your concerns to the Personal Data Protection Council established per the Law. Click the link to view the Personal Data Protection Council contact details: https://www.modee.gov.jo/EN/Pages/Contact_Us_pdp_En

Amendments to the Notice
We reserve the right to update this notice to reflect changes in our practices in accordance with the law, regulations, and applicable instructions. Any updates will become effective immediately upon the publication of the updated notice on our website.

Key Definitions
Processing: Any operation or set of operations performed in any way or means for the purpose of collecting, recording, copying, storing, organizing, modifying, using, transmitting, distributing, disclosing, linking to other data, making available, or otherwise making available, or otherwise processing, or concealing, encoding, erasing, restricting, or deleting, modifying, describing, or disclosing, by any means.

Personal Data Any information related to an identified individual or an individual who can be identified, whether it pertains to their private, professional, or public life — such as an ID number, address, phone number, email, or any other data that can be used to identify the person.

Sensitive Personal Data: any data or information that directly or indirectly indicates the individual’s origin, race, political opinions, religious beliefs, financial status, health, physical or mental condition, genetic data, biometric data, or criminal record.

Revision History

Privacy Notice Posted : July ,2024
Privacy Notice Updated : June,2025
Privacy Notice Updated : Dec,2025