Privacy and Cookies Notice

Close Menu

1. Backgound 

We are committed to protecting and respecting your privacy in accordance with the current Data Protection Legislation (“Legislation”). This notice sets out the basis on which we will process any personal data that we collect from you, or that you provide to us.  For the purposes of the Legislation, the Data Controller in relation to any personal data you supply to us is AmTrust at Lloyd's. 

2. Information We May Collect or Recieve About You

We collect and process personal data that you provide directly to us by filling in forms, via our website, over the phone or via mobile phone apps, or that we receive via third parties (for example – public records, insurance brokers, agents, claims investigators, claims handlers and business partners). This includes the following categories of data:

  • General identification and contact information: Name; address; e-mail and telephone number; personal identification number or similar identity number; gender; marital status; relationship with the policyholder, insured or claimant; and membership (information that we receive from you or a third party).
  • Information enabling us to provide products and services: Location and identification number or similar information to identify insured property (for example unique identity number  such as the phone IMEI-number, address or vehicle registration number); information regarding loans or credits if the insurance concerns payment protection; information about travel arrangements to the extent the insurance concern travel insurance; age and categories of individuals you wish to insure; information about your current employment; membership; previous claims history; other insurances you subscribed for; and date and cause/background of/to a claim made (Information that we receive from you or a third party).
  • Financial information and account details: Payment card number; bank account number and account details; credit history and credit score; assets; income; and other financial information (Information that we receive from you or a third party).
  • Sensitive information: We may process the following sensitive information about you; (a) data concerning health such as current or former physical or mental or medical condition and medical history; (b) union membership (for example if you apply for an insurance that has been procured by or offered through a union); (c) criminal conviction information.
  • Information which is necessary to discover, prevent or investigate fraud or investigations towards financial sanctions lists: We may process personal data to enable us to discover, prevent or investigate fraud or fulfil our duty to check all transactions against financial sanctions lists before issuing insurance or processing payments under the insurance
  • Telephone recordings: Recordings of telephone calls to our representatives and call centres.
  • Marketing preferences: You may let us know your marketing preferences, and take part in sales promotions.

We may collect and process personal data that you provide directly to us by filling in forms, via our website, over the phone or via mobile phone apps, or that we receive via third parties such as brokers and agents.

2.1 Specific information concerning “Sensitive” Personal Data

Where required by us, for the specific purposes of underwriting and fraud detection, or as part of the claims handling process, we may ask you for sensitive information, such as information relating to health or criminal convictions. The provision of such data is conditional for us to be able to provide insurance or manage a claim and, whilst you may, in some cases, be able to withdraw your consent for us to process such data, this may result in us not being able to continue cover, or to process any claims. Processing of sensitive data may be done also after you have withdrawn you consent, but only to the extent that we have the right to process the data for establishment, exercising or defence of legal claims. Sensitive data will only be used for the specific purposes set out in this policy, and will be treated securely and in line with this policy.  

3. How We Use Your Information 

All data that you supply or we receive from third parties are normally necessary for entering into a contract with us and for us to be able to carry out our obligations towards you under the insurance contract. We also need to process the data for other purposes described below:

 

Purpose of processing

Legal basis for processing

General identification and contact information

Calculate insurance premium, offering and accepting insurance cover, offering renewal, informing of changes in the insurance, handling of complaints

Fulfil our contractual obligations towards you or, at your request, take necessary steps prior to entering into a contract with you; or  AmTrust legitimate interests of improving its products, development of its systems and to offer you relevant insurance products.

Validate/confirm your identity

Fulfil our contractual obligations towards you; or  Comply with applicable laws.

Marketing  activities

Consent.

Issuing newsletters

AmTrust legitimate interests of improving its products and services, and keeping you informed of industry changes     

Answer your questions through the web, e-mail, mail or phone

Fulfil our contractual obligations towards you.

Prevent, discover, investigate criminal offences (including fraud)

Comply with applicable laws.

Comply with applicable laws and regulatory obligations.

Comply with applicable laws.

Information enabling us to provide products and services

Calculate insurance premium, offering and accepting insurance cover, offering renewal and informing of changes in the insurance

Fulfil our contractual obligations towards you or, at your request, take necessary steps prior to entering into a contract with you; or  AmTrust legitimate interests of improving its products, development of its systems and to offer you relevant insurance products

Perform claims handling.

Fulfil our contractual obligations towards you.

Financial information and account details

Calculate insurance premium, offering and accepting insurance cover and offering renewal

Fulfil our contractual obligations towards you.

Perform claims handling.

Fulfil our contractual obligations towards you.

Sensitive information

Calculate insurance premium, offering and accepting insurance cover, offering renewal and informing of changes in the insurance.

Claims handling

Consent; and/or

Necessary for an insurance purpose and in the substantial public interest (UK only). 

Information which is necessary to discover, prevent or investigate fraud or investigations towards financial sanctions lists

Discover, prevent or investigate fraud or investigations towards financial sanctions lists.

Comply with applicable laws

Telephone recordings

Document agreement, quality improvement, educational purposes and security (for example, with respect to recorded or monitored phone calls to our contact numbers) and managing complaints.

 

Fulfil our contractual obligations towards you or, at your request, take necessary steps prior to entering into a contract with you; or  AmTrust legitimate interests of improving its products, development of its systems and to offer you relevant insurance products.

Marketing preferences

Marketing activities (including information about other products and services which is offered by us or our business partners) in accordance with your preferences.

Consent.

 

 4. Disclosure of Your Personal Data

To enable us to provide you with insurance, to manage claims and to support our general business activities and regulatory obligations, we disclose your data to; (a) companies within the AmTrust Group; (b) external parties or our businesses partners who are involved in offering products and services to you; (c) our service providers; and (d) governmental or other public authorities. These categories include:

  • Companies within AmTrust Group - You will find a list of the companies included in the AmTrust Group at www.amtrustinternational.com.
  • Distribution partners – Insurance intermediary and tied agents, brokers, affinity/business partners and other distributors, reinsurers, administrators, financial institutions and other business partners.
  • Our service providers - External service providers, such as business and credit scoring companies, medical professionals, accountants, actuaries; call centre service providers; auditors, experts, lawyers and other outside professional advisors; IT systems, support and hosting service providers; printing, advertising, marketing and market research and analysis service providers; banks and financial institutions; third-party claim administrators; claim investigators and adjusters; and outsourced service providers that assist us in carrying out business activities. 
  • Governmental or other public authorities – AmTrust may share personal data with governmental or other public authorities (including, but not limited to supervisory authorities, courts, law enforcement, tax authorities and criminal investigations agencies and to authorities we are obligated to provide information to).

AmTrust may also disclose your personal information:

  • In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
  • If any AmTrust company or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  • In order to enforce or apply our terms of use set out in the terms of use or terms and conditions page and other agreements; or to protect the rights, property or safety of AmTrust, our customers or others.

5. International Transfers of Data

For the purposes stated above, and where applicable, we may transfer your personal data to destinations outside the European Economic Area (“EEA”). Where we transfer your personal data outside of the EEA, we will ensure that it is treated securely, and in accordance with this privacy notice and the Legislation. We only transfer data to countries deemed as having adequate protection by the European Commission or, where there is no adequacy decision, we use the European Commission approved ‘Standard Contractual Clauses’ with such parties to protect the data. A copy of the ‘Standard Contractual Clauses’ can be obtained by writing to The Data Protection Officer at the address detailed in Section 11.     

6. Your Rights

You have the right to:

a) Refuse/change marketing preferences – You may at any time ask us not to process your data for marketing purposes or change your preferences for marketing. 

b) Request copy of personal data we hold about you – You may request to request access to the personal data that we store about you. 

c) Erasure of personal data – Under certain circumstances, such as when you have revoked you previously given consent and there is no other legal ground available for us to process your personal data, you may request to have your personal data erased. In some cases, we may have the right to retain certain personal data despite your request of erasure. 

d) Correction - You have the right to request correction of or erasure of inadequate, incomplete or incorrect personal data.

e) Restriction and object to future processing - You are under certain circumstances entitled to restrict the processing of your personal data to only comprise storage of the personal data, e.g. during the time when we assesses whether you are entitled to have personal data erased in accordance with (c) above. If the processing of your personal data is based on a balancing of interests and you deem that your integrity interest overrides our legitimate interest to process your personal data, you may also, on grounds related to your particular situation, object to the processing by contacting Controller on the contact details stated below, in which case AmTrust must have a compelling reason in order to continue to process the personal data for the relevant purpose.

f) Data portability - When personal data is processed electronically, and on the basis of your consent or on the basis that the processing is necessary in order to perform under a contract with you, and provided that the personal data have been provided or generated by you, you are entitled to receive a copy of your personal data in a common machine-readable format. 

g) Not be subject to fully automated decision-making, including profiling - If a decision in made, using automated means, which has legal effects or significantly affects you, you have the right to object to the processing in certain circumstances. This right does not apply if the decision-making is necessary in order to perform under a contract with you, if the decision-making is permitted under applicable law or if you have provided your explicit consent.

h) Complain to the supervisory authority – You are welcome to contact us with any enquiries and complaints that you may have regarding the processing of your personal data. You also have the right to lodge complaints pertaining to the processing of your personal data to the local Data Protection Authority.

To exercise any of your rights listed above, please write to The Data Protection Officer at the address detailed in Section 11.

7. Cookies

Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For example, we are interested in the number of visitors and the pages they visit; which pages are most and least popular. By applying what we learn about site visitor habits, we can adapt the content to try and make it more easily accessible, relevant and interesting to site visitors. In some cases, cookies are used to remember information about your visit to our site between visits. We may need to do this to improve your use of the web site, such as remembering any feature preferences. By continuing to browse the site, you are agreeing to our use of cookies.

A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer. Cookies contain information that is transferred to your computer's hard drive.

We use the following cookies:

  • Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
  • Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.

The cookies we use do NOT hold any personally identifiable data about you, such as:

  • Names
  • Phone Numbers
  • Email Addresses
  • Mailing Addresses
  • Bank Account Numbers
  • Credit Card Information

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our site.  Please refer to your browser's 'help' facility on how to configure accepting cookies. For more information on cookies and deletion of cookies please visit: www.allaboutcookies.org/manage-cookies.

8. Marketing 

Where you have provided consent, we may share personal data that you provide to us within the AmTrust Group of Companies and with other companies that we establish commercial links with. They and we may contact you (by mail, e-mail, telephone, text, or other agreed means) in order to tell you about products, services or offers that we believe will be of interest to you, or to provide you with commercial updates. If you do not wish us to continue marketing to you, please let us know.    

9. Retention 

Your data will not be retained for longer than is necessary, and will be managed in accordance with our data retention policy. In most cases the retention period will be for a period of ten (10) years following the expiry of the insurance contract, or our business relationship with you, unless we are required to retain the data for a longer period due to business, legal or regulatory requirements. In any case, where data is retained we will endeavour to delete or to anonymise any personal elements, in order to maintain your privacy and security.                           

10. Changes to Our Privacy Policy

We may revise the privacy policy at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we make.

11. Questions in Relation to Our Privacy Policy or Use of Your Data    

If you have any questions concerning our privacy policy or our use of your personal data, including exercising your rights detailed in Section 6, you can contact the Data Protection Officer.

The Data Protection Officer, AmTrust International, Exchequer Court, 33 St. Mary Axe, London, EC3A 8AA

or email at: EUDataProtection@amtrustgroup.com