Data Privacy Policy

Preamble

Noor Takaful Insurance Limited, established in April 2016 and licensed by the National Insurance Commission (NAICOM), is Nigeria's first full-fledged composite Takaful operator with 100% indigenous Nigerian ownership. As a pioneer in the Takaful insurance sector, Noor Takaful offers both General and Family Takaful products tailored to meet the diverse needs of Nigerians. In less than a decade of operations, Noor Takaful has grown into the Noor Group, with its wholly-owned subsidiary, Noor Health Limited, further expanding its footprint in the insurance and health sectors and continues to experience growth.

At Noor Takaful Insurance Limited ("Noor"), a proud member of the Noor Group, safeguarding your privacy is our utmost priority. This Data Privacy Policy outlines the principles and practices governing the collection, use, and disclosure of personal data by Noor and its subsidiaries, in strict compliance with applicable data protection laws. Personal Data refers to any information that identifies an individual, whether directly or indirectly. This includes offline and online data such as names, addresses, phone numbers, government issued Ids, usernames, passwords, digital footprints, photographs, passports, financial details, assets and liabilities, insurance records, savings and investments, health information, and high-risk data related to products and services purchased from us (collectively referred to as “Personal Data”). Such data may be obtained from third parties or collected through our website(s), mobile app and other digital platforms or means.

This policy reflects our commitment to handling your data responsibly—ensuring it is gathered, stored, and processed fairly, transparently, and with full respect for individual rights. References to "we" or "us" in this Privacy Policy encompass Noor and its subsidiaries. As laws evolve and technologies advance, we may periodically update this Privacy Policy to align with regulatory changes or new developments in privacy standards. We encourage you to visit Noor Takaful’s website regularly for the latest version of this policy or the Privacy Policy section of our app—Raha by Noor.

Article 1: Our Privacy Principles

At Noor, we are committed to protecting your Personal Data by adhering to the following principles:
  • Fair and Transparent Processing: Your Personal Data is processed lawfully, fairly, and in a transparent manner.
  • Limitation: We collect your Personal Data for specific, legitimate purposes and ensure it is not processed in ways incompatible with those purposes.
  • Data Use:We only process Personal Data that is adequate, relevant, and limited to what is necessary and essential minimum for the stated purposes.
  • Regulation: As a regulated entity, we are required by the laws of the Federal Republic of Nigeria to provide data to our regulators which include but not limited to: NAICOM, Financial Reporting Council of Nigeria (FRCN), Federal Inland revenue Service (FIRS) etc.
  • Accuracy: We strive to keep your Personal Data accurate as received from you and up-to-date where you update the data you have with us and we have been notified of such update.
  • Retention Period: Your Personal Data is retained only for as long as necessary to fulfill its intended purpose except otherwise required by law.
  • Security: We implement appropriate measures to safeguard your Personal Data against unauthorized access, loss, or misuse.
  • Respect for Rights: Your Personal Data is processed in accordance with your rights under applicable data protection laws.
  • Controlled Transfers: When transferring your Personal Data to a third party within or outside Nigeria, where the need arises, we take appropriate steps to ensure its protection. This includes contractual safeguards with third parties. However, Noor will not be held liable for breaches or negligence by third parties handling your data.
  • No Data Sale: We do not sell your Personal Data and prohibit our service providers from doing so.

Article 2: How We Collect Your Personal Data

We collect your Personal Data through various channels, including:
  • Direct interactions such as completing registration forms (both online and/or hardcopy) claim submissions, surveys, polls, live chats, or chatbot interactions.
  • When you purchase our products or services.
  • Through cookies on our website and mobile applications:
    • Session Cookies: Temporary cookies that enhance navigation and user experience during a single session.
    • Persistent Cookies: Long-term cookies that customize your experience until deleted or expired.
Note: Our cookies do not store sensitive information or access material on your device.
We may also collect data indirectly from sources such as:
  • Employers funding policies where you are a beneficiary.
  • Publicly available platforms like social media.
  • Third-party partners such as contractors, medical professionals, web aggregators or consultants.

Article 3: What Personal Data Do We Collect?

The type of Personal Data we collect depends on our relationship with you and the nature of the services we provide. If other individuals are named on your policy, we may also collect their information as relevant to your insurance. Noor, as the data controller, may collect the following categories of Personal Data:

General Personal Data
  • Contact Details: Name, email address, home/office address, telephone number, and details of other persons included on your policy (for example, their relationship to you as the policyholder).
  • Identification Information: Date of birth, national identity number, bank verification number (BVN), passport details, driving license information, or other valid identification documents.
  • Financial Information: Bank account details and other financial data.
  • Details of beneficiaries: Date of birth, national identity number, bank verification number (BVN), passport details, driving license information, or other valid identification documents and any other relevant information.
  • Insurance-Related Information: Details about your vehicle, property, previous policies or claims, recent damage reports, travel plans (including destinations, activities, and dates), and any other information relevant to your insurance policy.
  • Claims Information: Data related to claims you file or your involvement in incidents giving rise to claims.
  • Business Information: Details about the nature of your business and commercial assets (if necessary to provide insurance coverage).
  • Cookies and Online Activity: Information obtained through cookies when you use our website or mobile applications.

Sensitive Personal Data
In some cases, we may collect sensitive data such as:
  • Details of your current or past physical or mental health.
  • Information concerning marital status (where relevant for policy requirements).
  • And any other relevant information relevant to your insurance.

Privacy of Children
We respect the privacy of children and do not knowingly collect their Personal Data unless required for registering them as beneficiaries under a policy. We do not market to children or allow individuals under 18 to subscribe for our products or services.

Article 4: How We Use Your Personal Data

Under applicable data protection laws, we require a legitimate reason to use and process your Personal Data. Below are the primary purposes for which we process your Personal Data and the circumstances under which we do so:

  • Provision of Services:We process your Personal Data to provide insurance policies and related services. This includes assessing your application, setting you up as an insurance policyholder or health insurance policyholder, administering your policy, providing quotes, handling claims, and maintaining communication with you. Without this information, we may be unable to offer you a policy or process your claims.
  • Legal and Regulatory Compliance:We may be obligated to use your Personal Data for compliance with legal or regulatory requirements. This includes maintaining records as mandated by regulators such as the National Insurance Commission (NAICOM) and the Nigeria Data Protection Commission (NDPC).
  • Compliance with Laws:We process your data to adhere to local or foreign laws, regulations, and directives. This includes fulfilling obligations under agreements with authorities, regulators, or enforcement agencies.
  • Legal Rights Protection:We may use your Personal Data to establish, exercise, or defend our legal rights in cases of legal claims.
  • Public Interest:Your Personal Data may be processed for substantial public interest reasons, such as investigating fraudulent claims and conducting fraud prevention checks.
  • Communication:We use your data to communicate with you regarding complaints or other issues that may arise.
  • Sensitive Personal Data Exemption: In certain circumstances, we have a legal exemption that allows us to process sensitive Personal Data (health information) when it is essential for some insurance coverage.
  • Consent:We will seek your consent to process your Personal Data when necessary, particularly for sensitive data or marketing communications. If consent is required, we will clarify its necessity at the time of data collection. Without your consent in specific situations, we may not be able to provide coverage or handle claims effectively.
  • Vital Interests:We may process Sensitive Personal Data when necessary for your vital interests, particularly in life-or-death situations.

Article 5: Who Do We Share Your Personal Data With?

We may share your Personal Data with three categories of organizations:

  1. Within the Noor Group: Your personal information may be shared among companies within the Noor Group for purposes such as business administration, efficiency, accuracy, and fraud prevention.
  2. Third Parties Outside the Group: If we share your data outside the Noor Group, it will be done strictly in accordance with the purposes outlined in this Privacy Policy. All shared information will remain confidential and used solely for the specified reasons.
  3. Regulators: Our regulators include NAICOM, FRCN, FIRS, Nigerian Financial Intelligence Unit (NFIU) etc.

We may disclose your Personal Data to the following third parties for the purposes outlined in this Privacy Policy, these include:


Third Parties Associated with You

  • Relatives or Guardians: In cases where you are incapacitated or unable to act, we may share your data with your relatives or guardians.
  • Alternative Contacts: If you have designated an alternative contact (a relative, next of kin), they will have access to all or some aspects of your policy, including claims and cancellations, and make changes on your behalf.

Professional Service Providers

  • IT suppliers, actuaries, auditors, lawyers, marketing agencies, research specialists, document management providers, and tax advisers.

Claims and Emergency

  • Loss adjusters, emergency assistance companies, healthcare practitioners, and overseas assistance companies.

Service Providers and Partners

  • Garages or Panel Beaters: Our recommended service providers or those designated by you for vehicle repairs.
  • Insurance Partners: Brokers, reinsurers, other insurers, or companies acting as insurance distributors and other companies in the insurance chain.
  • Policy Administrators: Third parties assisting in the administration of policies, such as other insurers involved in claims processing.
  • Fraud Detection Agencies: Organizations maintaining fraud detection registers.
  • Law Enforcement Agencies: The police and other agencies for crime prevention or detection purposes.
  • Nigerian Insurance Industry Database: For regulatory compliance and industry reporting.

Other Relevant Third Parties

  • Financial organizations and advisers.
  • Customer satisfaction survey providers.
  • Other insurers for claim contributions when multiple policies cover the same loss or liability.
  • Selected third parties during the sale, transfer, or disposal of our products.

Conditions for Sharing Data

We ensure that any third party receiving your Personal Data agrees to maintain its confidentiality and uses it solely for the specified purposes. Disclosures may also occur under the following circumstances:

  • When required by law or regulatory bodies (court orders or statutory obligations).
  • To prevent or detect criminal activities.
  • When exemptions under data protection legislation permit such disclosures.

International Transfers

Some recipients or technical solutions may be located outside Nigeria. When transferring Personal Data to countries with lower data protection standards than Nigeria:

  1. We implement safeguards such as contractual obligations to ensure adequate protection of your data.
  2. In certain cases (for example, travel insurance), transfers are necessary to fulfill contractual obligations when you are outside Nigeria.

Article 6: Retention of Your Personal Data

We retain your Personal Data only as long as necessary to fulfill the purposes outlined in this Privacy Policy and comply with legal or regulatory obligations. The retention period depends on:

  • The purpose for which the data was collected.
  • Legal requirements for record keeping.
  • The need to establish, exercise, or defend legal rights.

Your Rights

You have several rights regarding how we use your Personal Data:

  1. Right to Access: Request a copy of the Personal Data we hold about you and details on how it is used. A reasonable fee may apply to cover administrative costs.
  2. Right to Rectification: Request corrections or updates if your data is inaccurate or incomplete.
  3. Right to Erasure: In certain circumstances (when data is no longer needed), you can request that we delete your Personal Data. However, legal obligations may limit this right.
  4. Right to Restriction of Processing: Ask us to stop processing your data under specific conditions (if you believe it is inaccurate).
  5. Right to Data Portability: Request that we transfer your data to another organization in a structured format.
  6. Right to Withdraw Consent: If we rely on your consent for processing (e.g., marketing), you can withdraw it at any time. Note that withdrawing consent might affect our ability to provide certain services.
  7. Extension of Time to Change or Access Your Data: You can request updates, corrections, deletions, or cessation of processing activities as permitted by law. We will respond within legally defined timelines and notify you if an extension is required.

When permitted by law, we may charge a reasonable fee for granting access requests. Where applicable timelines cannot be met due to complexity or legal constraints, we will communicate delays promptly.

Article 7: How We Protect Personal Data

We take appropriate measures to safeguard your Personal Data from unauthorised access, disclosure, alteration, or destruction. To ensure data accuracy and security, we have implemented the following safeguards:

  • Advanced Security Measures: We employ strict security protocols and cutting-edge technology to prevent fraud and unauthorised access.
  • Employee Training: Our staff undergo regular training on data protection and security, ensuring the confidentiality, integrity, and availability of the information we manage.

Article 8: Breach of Privacy

In the event of a security breach leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data, Noor Takaful shall:

  • Notify the Nigerian Data Protection Commission (NDPC) within 72 hours of becoming aware of the breach.
  • Inform affected Data Subjects within seven (7) days, providing details of the breach, potential risks to their rights and freedoms, and any steps being taken to address the situation.

Article 9: Marketing

We may share your information within Noor Group to inform you about products and services that may interest you or your family. You can withdraw this consent at any time by contacting us using the details provided in your documentation.

To opt out of marketing communications:

  • Click the unsubscribe link in our emails.
  • Contact us directly to update your preferences.

We will continue to send service-related (non-marketing) communications when necessary.


Personalised Marketing


We may send you information about relevant products and services via mail, email, telephone, or text messages. To enhance our marketing efforts, we may obtain additional insights about you from sources both within and outside Noor Group, such as consumer classification and market segmentation data.

From time to time, we may also run targeted social media and digital advertising campaigns based on general demographics and interests. Individual personal data is not used for these campaigns. If you prefer not to see such advertisements, you can adjust your social media settings and cookie preferences.

If you do not wish to receive promotional materials from us, you can opt out at any time by emailing compliance@noortakaful.ng

Please note: If you begin but do not complete a quote on our website, we may temporarily retain your information to follow up or better understand your needs.

About Noor Group

References to "Noor" in this policy apply to one or more of the following, which may offer products or services through our websites:

  1. Noor Takaful Insurance Limited – A limited liability company incorporated in Nigeria offering specialized General and Family takaful products with RC No: 1211828.
  2. Noor Health Limited – A limited liability health management organisation company incorporated in Nigeria with RC No: 1936586.

Contact Information

For more details on how we use your information or to exercise your rights, please contact:


The Chief Compliance Officer
Noor Takaful Insurance Limited,
Plot 170, Gbagada Expressway,
Gbagada, Lagos, Nigeria.


Customer Care Hotline: +234 809 872 1000

Email: compliance@noortakaful.ng


The Chief Compliance Officer
Noor Takaful Insurance Limited,
Plot 170, Gbagada Expressway,
Gbagada, Lagos, Nigeria.


General Enquiries

Tel: +234 809 944 4448
Email: help@noortakaful.ng


If you believe your data has been misused, you have the right to lodge a complaint with:
The Nigerian Data Protection Commission (NDPC)

Tel: +234 916 061 5551
Email: info@ndpc.gov.ng

Subscribe to our newsletter

Receive valuable insights and updates right in your inbox