Data Privacy Notice

MS Amlin plc Data Privacy Notice

MS Amlin plc values its customers and is committed to protecting and respecting your privacy. This Data Privacy Notice explains how we process and protect any personal data we collect or receive about you. This Data Privacy Notice applies to personal data provided by customers, brokers, coverholders, claimants, third party agents (TPAs) and complainants. Where you provide us with personal data about other individuals, you must provide this notice to them. Please read this Data Privacy Notice carefully to understand our practices regarding personal data.

We seek to comply with principles of "data minimisation". This means we try to ensure that we avoid collecting or processing data other than the types and volume of personal data required to achieve the purposes set out in this Data Privacy Notice.

Who we are 

Your personal data has either been, or will be collected by, or transferred to, MS Amlin plc. We can be contacted via post at the below address. We aim to respond to all correspondence within one calendar month.

The Data Protection Officer
MS Amlin plc
The Leadenhall Building
122 Leadenhall Street
London
EC3V 4AG

Email: DataProtectionOfficer@msamlin.com

Our Data Protection Officer will handle any questions you may have on the use of your personal data and your rights as a data subject. This is covered in further detail under Your Data Subject Rights.

Types of personal data we hold

We capture and process a variety of different types of personal data depending on the nature of the services involved. This includes but is not limited to:

Type of Personal Data

Example

Individual details

Name, address (including proof of address), other contact details (e.g. email and telephone numbers), gender, marital status, data and place of birth, nationality, employer, job title and employment history, and family details, including their relationship to you

Official identification details

Identification numbers issued by government bodies or agencies, including your national insurance number, passport number, tax identification number and driving licence number

Financial information

Bank account or payment card details, income or other financial information

Risk details

Information about you which we need to collect in order to assess the risk to be insured and provide a quote. This may include data relating to the health, criminal convictions, or other special categories of personal data of the people to be covered. For certain types of policies, this could also include telematics data (telematics data is data relating to where and how you or those covered drive and captures information relating to speed, acceleration, braking and other similar data)

Policy information

Information about the quotes you receive and policies you take out

Credit and anti-fraud data

Credit history, credit score, sanctions and criminal offences, and information received from various anti-fraud databases relating to you

Previous and current claims

Information about previous and current claims, (including other unrelated insurances), which may including data relating to your health, criminal convictions, or other special categories of personal data and in some cases surveillance reports

Sometimes we may need to process special categories of personal data. These are certain types of personal data which require additional privacy protection. The special categories are:

  • Racial or ethnic origin;
  • Political opinions;
  • Religious or philosophical beliefs;
  • Trade union membership;
  • Genetic or biometric data;
  • Health data;
  • Sex life or sexual orientation.

Personal data and special category data may be required to allow us to provide a quote, underwrite your policy, consider your claim or provide other insurance and ancillary services.

Why we use your personal data

We collect your personal data to help us with advising on, arranging, underwriting or administering an insurance contract or administering a claim under an insurance contract. Specifically:

a.      Advising on, arranging and underwriting your policy, including:

  • Performing credit or money laundering checks
  • Understanding your insurance requirements to offer you a product that matches your needs and circumstances
  • Gaining a reasonable understanding of the nature of the risk to be covered by the policy
  • Providing competitive and appropriate pricing
  • Contacting you to renew your policy for another year

b.      Administering your policy, including:

  • Managing any changes to your policy
  • Providing and improving client services as appropriate
  • Maintaining contact with you, for issues relating to your policy and general customer contact

c.       Administering your claims, including:

  • Registering your claims
  • Assessing your claims, including any liaison with third parties potentially involved in your claims, e.g. communications regarding car repairs or health information
  • Running due diligence checks e.g. money laundering
  • The investigation of fraudulent claims
  • The defence of or prosecution of valid and legal claims

d.      Further reasons, including:

  • Any sale or transfer of our policies to another company due to restructuring
  • To allow us to perform the essential practice and process of underwriting
  • Analysing our clients and the products they select
  • To ensure we comply with any legal or regulatory obligations
  • The testing of our systems and processes where imitation data is unavailable. Testing which uses personal data will only by carried out in limited circumstances and only when appropriate safeguards and controls have been put in place

Our legal bases for processing your personal data

We process personal data where necessary in order to: 

  • Engage with you when you or someone acting on your behalf asks us for a quote and are considering entering into a contract;
  • Satisfy our obligations under a contract with a client or customer;
  • Comply with a legal obligation;
  • Process data as may be required in the public interest, such as detecting and preventing fraud;
  • Pursue our legitimate interests in providing clients and customers with insurance services.

We may need to process your special category data when we:

  • Advise, arrange, underwrite or administer an insurance policy or administer a claim under an insurance policy; 
  • Protect, investigate, and defend legal claims;
  • Process data for reasons of substantial public interest.

If your claim is processed in Belgium, MS Amlin plc may require your consent to use your special category personal data in order to process, administer and settle the claim. This is due to differing data protection law. You may withdraw your consent at any time, but in doing so, MS Amlin plc may be unable to complete the claim. You may withdraw your consent by emailing the Data Protection Officer at dataprotectionofficer@msamlin.com or writing to the Data Protection Officer.

Who we share personal data with

To allow us to meet our obligations and effectively provide our services to you, it may be necessary to pass your personal data onto external parties. These external parties may include:

  • Credit reference agencies
  • Anti-fraud databases
  • Banks
  • Claims handlers
  • Lawyers and Solicitors
  • Loss adjustors
  • External parties involved in the claim
  • Private investigators
  • The police and law enforcement
  • The Motor Insurers’ Bureau
  • External parties involved in the investigation, defence or prosecution of claims
  • Other insurers (under court order or to prevent and detect fraud)
  • The Prudential Regulatory Authority, the Financial Conduct Authority, the Information Commissioner’s Office and other regulators as required by law
  • Companies that are part of the MS Amlin plc group
  • Our suppliers and sub-contractors for the performance of any contract we have with them
  • Reinsurers

Your data will be shared securely, and only when absolutely necessary. It will never be sold on to external parties or organisations for marketing purposes.

International data transfers

As MS Amlin is a global insurer, we may transfer or share your data outside the European Economic Area for our operational procedures. It may also be processed by staff operating outside the EEA who are working for us or one of our suppliers. We will always take steps to ensure your data is treated and transferred securely with appropriate safeguards and controls in place.

Ongoing storage and use of your personal data

We will not keep personal data for longer than necessary for the purpose for which it is processed.  It will be retained in accordance with our Data Retention Standard. Laws or regulations may require us to keep records for specific periods of time. We may also need to keep records in order to administer the insurance relationship, to fulfil our contractual or statutory obligations or to resolve queries or disputes which may arise.

We will store your personal data based upon the following criteria:

  • Whether the personal data is actively required for the purposes stated in this Data Privacy Notice
  • Whether there is a legal or regulatory reason to continue to retain the personal data

Your data subject rights

Under Data Protection regulation you have the right to:

  • Obtain a copy of your personal data held by MS Amlin plc
  • Have any incorrect personal data updated
  • Request the erasure of any of your personal data
  • Restrict the use of your personal data
  • Object to the use of your personal data
  • Request the personal data you provided to MS Amlin plc to be moved to another organisation

If you wish to exercise any of these rights please write to the below address stating your request and contact details. In order for MS Amlin to respond to your requests effectively and efficiently, please provide any further information you feel is necessary.

The Data Protection Officer
MS Amlin plc
The Leadenhall Building
122 Leadenhall Street
London
EC3V 4AG

If you contact us regarding the exercise of these rights, we will seek to implement your wishes. In some cases (particularly where the request relates to the restriction of use of personal data or the objecting to the use of personal data) there may be reasons why we are not able to fully comply with your request, particularly where we are required to keep and use that data to comply with legal or regulatory requirements.

Complaints

MS Amlin plc is committed to providing high quality products and services. If you feel that we have not met your expectations, we'd like to know so we can put things right for you. You can submit a complaint through our website here or via post at the below address.

Complaints
MS Amlin plc
The Leadenhall Building
122 Leadenhall Street
London
EC3V 4AG

We would expect that any complaint can best be dealt with by contacting us in the first instance, and we will take complaints made to us seriously. However, if you wish to complain about our use of your personal data, and do not wish to contact us first, you also have the right to complain directly to the supervisory authority. Full details on this can be found on the following websites:

UK

https://ico.org.uk/

Ireland

https://dataprotection.ie/

France

https://www.cnil.fr/fr

Germany

https://www.bfdi.bund.de/

Belgium

https://www.privacycommission.be/

Netherlands

https://autoriteitpersoonsgegevens.nl/nl

 

Where we might collect your personal data from

We might collect your personal data from various sources including:

  • You;
  • Your family members, employer or representative;
  • Other insurance market participants such as, authorised agents, service providers, reinsurers, other insurers, legal advisers, loss adjusters and claims handlers;
  • Credit reference agencies;
  • Anti-fraud databases, sanctions lists, court judgements and other databases;
  • Government agencies such as DVLA and HMRC;
  • Open electoral register; or
  • In the event of a claim, third parties including any other party to the claim (such as a claimant/defendant), witnesses, experts (including medical experts), loss adjustors, lawyers and solicitors, and third party claims handlers.

Which of the above sources apply will depend on your particular circumstances.

Automated decision making

In some cases we use an automated decision making process to generate a quote to provide you with an insurance service; this process will only use the information which you have provided to us and will make an overall assessment of your application. This assessment will consider the level of risk involved and if applicable, generate a quote for the insurance service. The automated decision making process is regularly tested to ensure it remains fair, effective and unbiased. If you object to the use of automated decision making, please call us on the telephone number displayed on the quote generation page or contact the MS Amlin Data Protection Officer.