MIGA Products and Services Privacy Notice
This privacy notice provides information regarding the processing of personal data by the Multilateral Investment Guarantee Agency (“MIGA”, “our”, “us” or “we”) in the course of providing MIGA products and services. It describes how MIGA, handles or otherwise processes (“processes”) personal data relating to individuals who are either (i) themselves the direct or indirect beneficiaries of such MIGA products and services, or (ii) individual representatives of, or otherwise associated with, businesses and other organizations currently or potentially benefiting from or participating in MIGA products and services (for example, employees, officers, shareholders, directors, beneficial owners, guarantors or key vendors or partners of such businesses or organizations) ("you”, “your” or “Covered Individuals”).
Policy and Purpose
Such processing is necessary to enable MIGA to carry out its mission, mandate and purpose as an international organization established by its member countries. In certain cases, processing personal data is also necessary for the execution or performance of a contract or for compliance with a binding obligation.
Why Do We Process Your Personal Data in Providing MIGA Products and Services?
MIGA processes your personal data as reasonably necessary to conduct and manage its products and services activities. In particular, this includes processing personal data for any of the following purposes:
- conducting due diligence and transaction monitoring in accordance with our applicable policies and procedures;
- understanding and monitoring the Development Impact of our guarantee activities;
- managing our information technology and ensuring the security of our systems;
- investigating and responding to complaints, and establishing, complying with, exercising and defending MIGA's legal rights and obligations, which may arise from our guarantee activities;
- training our staff and maintaining and improving the quality of our internal processes and arrangements;
- coordinating with other World Bank Group Institutions in connection with our products and services activities;
- conducting credit and other risk assessment and control activities, including for the prevention and detection of corruption and fraud; or
- maintaining appropriate accounting and other records.
What Personal Data Do We Process in Providing MIGA Products and Services?
We may collect and process the following personal data about Covered Individuals:
- identification and contact data;
- information about Covered Individuals’ involvement in, and/or the development impact on Covered Individuals of, our products and services;
- relevant financial information of Covered Individuals benefiting directly or indirectly from MIGA products and services; and
- relevant background information used for anti-corruption and anti-fraud assessments in accordance with our applicable policies and procedures.
Where Do We Obtain Your Personal Data?
We may obtain your personal data directly from you (or from a business or an organization that employs you or with which you are associated), from relevant service providers, or from partners or other organizations involved in our relevant transactions or engagement. Relevant personal data may also be collected through publicly available sources (such as newspapers), relevant business contacts, specialized databases operated by the private sector, or specialized external service providers, particularly for anti-corruption and anti-fraud assessments.
To Whom is Your Personal Data Disclosed?
We may disclose personal data about you to:
- the legal entity (if any) with which you are associated, and intermediaries, partners or other organizations involved in our relevant transactions or engagements in the ordinary course of conducting our products and services activities or monitoring the development impact of such activities;
- the other World Bank Group Institutions in the ordinary course of conducting our products and services activities or monitoring the development impact of such activities;
- our legal and other advisors, subject to applicable conditions of confidentiality and security;
- service providers, subject to applicable conditions of confidentiality and security; and
- relevant legal, regulatory or administrative authorities, as we believe to be appropriate in the following circumstances: (i) to execute and enforce the terms of relevant transaction documents; (ii) to protect and defend our rights and property; (iii) to protect the interests of MIGA or others; and (iv) to permit us to pursue available remedies or limit the damages that we may sustain.
How Long Do We Keep Your Personal Data?
We keep personal data for as long as necessary for the purposes described in this privacy notice, in accordance with our appliable records retention and disposition schedules.
How to Request Information on Your Personal Data Processed by MIGA
You may submit such a request using the webform available here.
Contact the MIGA Data Privacy Office
All other questions related to MIGA’s data privacy framework can be directed to MIGA’s Data Privacy Office at email@example.com.
Changes to This Privacy Statement
This privacy statement was last updated on the date listed above. If we change it, we will post the new version to this website.