This privacy notice sets out how we use any information we collect about our customers (including policyholders and policy beneficiaries, brokers, claimants, and other users of our (re)insurance services) and their personnel for the purpose of providing our insurance services to our customers and about people browsing our website].

ABOUT US

We are AEGIS Managing Agency Limited, a limited company registered in England and Wales under number 03413859 with registered office address at 33 Gracechurch Street, London EC3V 0BT (“AEGIS London”).

AEGIS London is part of a Group of companies of which AEGIS (Associated Electric & Gas Insurance Services Limited) is the ultimate parent company. AEGIS is a mutual insurance company registered in Bermuda.

AEGIS London acts as the Lloyd’s managing agent for AEGIS Syndicate 1225 and is registered with the Information Commissioner’s Office (“ICO”) under registration number Z5328746.

CONTACT US

If you have any questions about this privacy notice or your information, or to exercise any of your rights described in this notice, you can contact our Data Protection Officer at:

Data Protection Officer

AEGIS Managing Agency Limited

33 Gracechurch Street

London EC3V 0BT

By email: dpo@aegislondon.co.uk

By telephone: 020 7265 2100

THE INSURANCE MARKET AND PERSONAL INFORMATION

We provide services as an underwriter in the Lloyd’s insurance market across a range of insurance and reinsurance classes of business.

In order for the Lloyd’s insurance market to operate efficiently and effectively, information, including personal data, needs to be shared between different participants in the insurance market.

The London Insurance Market Core Uses Information Notice has been prepared to help explain how we and other participants in the Lloyd’s insurance market process personal data through the insurance lifecycle. The Insurance Market Notice can be found at https://www.londonmarketgroup.co.uk/gdpr 

INFORMATION WE MAY COLLECT

We may collect the following information about you in order to provide insurance services to you:

  • Personal information: name, address, date of birth and relationships with other individuals named in your policy or claim;
  • Contact details: current address and address history, phone number and email address;
  • Financial details: bank account details and financial information relating to your prospective or existing insurance policies;
  • Health information: Information relating to your health or any injury sustained by you, when relevant to your policy;
  • Offences, Convictions and Judgments: details of any criminal convictions or County Court judgments against you, or of any offences committed by you;
  • Identification and credit history: the results of any identification checks, credit history, anti-money laundering or sanctions checks carried out by us or on our behalf;
  • Insurance history: details of any previous insurance policies held or insurance claims made by you;
  • If you contact us, for example to make a complaint, we may keep a record of that correspondence.

When browsing our website, you are not required to provide any personal information. However, you may choose to provide us with personal data about yourself by corresponding with us by phone, email or through enquiry forms on our website.

We may also automatically collect, store and use technical information about your visits to our website and about your computer, tablet, mobile or other device through which you access our website (including the Internet protocol (IP) address).

FROM WHERE DO WE COLLECT YOUR INFORMATION

We may collect information about you from:

  • you or your family members
  • your employer or pension trustees
  • other insurance market participants, such as brokers, intermediaries and other insurance providers
  • publically available records such as the Electoral Register
  • credit reference agencies
  • Government agencies such as HMRC
  • Witnesses, experts, claims handlers or other people or companies involved in a claim

WHAT WE DO WITH YOUR INFORMATION

We use your information for:

  • preparing quotations for new insurance policies appropriate to your circumstances;
  • carrying out identification checks, credit history, anti-money laundering or sanctions checks in order to set you up as a new client or issue new insurance policies to you if you are an existing client;
  • providing your insurance policies;
  • collecting your premium payments;
  • communicating with you about your insurance policies, including sending policy documents to you;
  • handling any claims that you make, including defending and prosecuting legal claims, when necessary;  renewing or making changes to or cancelling existing insurance policies;
  • the prevention or detection of fraud; 
  • complying with our legal and regulatory obligations; 
  • managing our own risks, including risk modelling, pricing, and risk management; 
  • administering our website including troubleshooting, data analysis, testing, research, statistical and survey purposes;
  • as part of our efforts to keep our website safe and secure;
  • ensuring that content from our website is presented in the most effective manner for you and for your computer, mobile device or other item of hardware through which you access our website;
  • profiling: when calculating insurance premiums or other terms and conditions we may compare information based on your personal data against industry averages. This may contribute to such industry averages in the future.

 

We use your information for one or more of the following reasons:

  •  when there is a contract in place between us and you or between us and a third party on your behalf, or between us and your employer, and the information is used in order to fulfil this contract and/or provide our services to you;
  • in order to take steps at your request or otherwise needed prior to entering into a contract with you;
  • when it is necessary for the performance of a task carried out in the public interest;
  • in order for us to comply with a legal obligation (for example, our record-keeping requirements and anti-money laundering checks);
  • when it is necessary for the purposes of our legitimate interests or the legitimate interests of a third party (for example, maintaining a website to provide information about our services);
  • if we have your consent to do so. You can withdraw your consent at any time, but without affecting the lawfulness of processing based on consent before its withdrawal. Where we require your consent it will be made clear at the time information is collected.

SENSITIVE PERSONAL DATA

We will only use your sensitive personal information if:

  • it is necessary for insurance purposes;
  • it is necessary for reasons of substantial public interest; and/or
  • it is necessary for the establishment, exercise or defence of a legal claim.

SHARING YOUR INFORMATION WITH THIRD PARTIES

We may share your personal data:

  • with any member of our corporate group, including affiliated entities, in order to provide your policy and process any claims;
  • with our agents, consultants and sub-contractors which assist us in providing our services, and which are subject to security and confidentiality obligations;
  • with regulators, auditors, and dispute resolution bodies (such as ombudsmen) when required to do so because of regulatory and/or legal obligations; and
  • national anti-fraud databases.

We may also disclose your personal information to third parties where there is a legitimate reason to do so including for the following reasons:

  • in the event that we sell or buy any business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets;
  • if all or substantially all of our assets are acquired by a third party, in which case personal information held by it about its customers will be one of the transferred assets;
  • if we are under a duty to disclose or share your personal information in order to comply with a legal or regulatory obligation.

INTERNATIONAL TRANSFERS

AEGIS London’s offices are in the UK but as part of an international organisation we have other offices of our Group outside the UK. Authorised personnel may access your information in any country in which we operate. Therefore, it may be necessary to transfer your details to members of our group located in countries that may not offer equivalent data protection or privacy laws to those in the UK or the EU.

Regardless of where your information is transferred, we shall ensure that your information is safe and shall take all steps reasonably necessary to put in place appropriate safeguards to ensure that your information is treated securely and in accordance with this policy and applicable law. Details regarding these safeguards can be obtained from our Data Protection Officer whose details are given above.

SECURITY OF YOUR INFORMATION

We use industry standard physical, electronic and procedural security measures to protect your information from the point of collection to the point of destruction. Hard copy information files are restricted to authorised individuals. We use, as appropriate, firewalls, access controls, policies and other procedures such as pseudonymisation and/or encryption to protect your information from unauthorised access.

HOW LONG WE KEEP YOUR INFORMATION

Personal information received by us will be retained for as long as necessary to fulfil the purposes described in this notice or for the maximum period of time as required by law, after which time it will be destroyed in a secure manner.

YOUR RIGHTS

Access to your information and updating your information:

You have the right to access information which we hold about you. If you so request, we shall provide you with a copy of your personal information which we are processing (“subject access request”).

You also have the right to receive your personal information in a structured and commonly used format so that it can be transferred to another data controller ("data portability").

We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.

Right to object:

You have the right to object at any time to our processing of your personal information for direct marketing purposes.

Where we process your information based on our legitimate interests:

You also have the right to object, on grounds relating to your particular situation, at any time to processing of your personal information which is based on our legitimate interests. Where you object on this ground, we shall no longer process your personal information unless we can demonstrate legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

Your other rights:

You also have the following rights under data protection laws to request that we rectify your personal information which is inaccurate or incomplete.

In certain circumstances, you have the right to:

  • request the erasure of your personal information erasure (“right to be forgotten”);
  • restrict the processing of your personal information to processing to which you have given your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of others.

Please note that the above rights are not absolute. We may be entitled to refuse requests, wholly or partly, where exceptions under applicable law apply.

EXERCISING YOUR RIGHTS

You can exercise any of your rights as described in this policy and under data protection laws by contacting the Data Protection Officer.

Save as provided under applicable data protection laws, there is no charge for the exercise of your legal rights. However, if your requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may either: (a) charge a reasonable fee (subject to any limits imposed by applicable law) taking into account the administrative costs of providing the information or taking the action requested; or (b) refuse to act on the request.

Where we have reasonable doubts concerning the identity of the person making the request, we may request additional information necessary to confirm your identity.

COMPLAINTS

We hope that our DPO can resolve any query or concern you may have about our use of your information.

You also have the right to complain to the Information Commissioner’s Office (https://ico.org.uk/) about our data processing activities in relation to your personal information if you think they infringe applicable data protection laws (ICO helpline on 0303 123 1113).

UPDATES TO THIS POLICY

We may review and, if appropriate, update this policy from time to time. We will place notice of any such amendments on our website. Please visit our website for the most recent version of this policy.

This policy was last reviewed and updated on 21 May 2018.