Skip to main content

Our cookie policy

Close

We use cookies to give you the best possible experience of our website. If you continue, we'll assume you're happy for your web browser to receive all cookies from our website. See our cookie policy for more information on cookies and how to manage them.


  •  
  • The AXA UK Group includes insurance companies, insurance brokers, health and wellbeing companies as well as an online health shop. We are all committed to ensuring your privacy and personal information is protected. The document that referred you to this notice (for example, your insurance policy) shall set out details of the AXA company that is processing your personal information; it is the data controller of your personal information and is responsible for complying with data protection laws. For the purposes of this Privacy Policy, references to "we" or "us" shall refer to that AXA company.

    This Privacy Policy should be brought to the attention of any party who is included in your Policy, where they have given you consent to act on their behalf.

    By providing your personal information or the personal information of someone included in your policy, you acknowledge that we may use it only in the ways set out in this Privacy Policy. We may provide you with further notices highlighting certain uses we wish to make of your personal information.

    From time to time we may need to make changes to this privacy policy, for example, as the result of government regulation, new technologies, or other developments in data protection laws or privacy generally. You should check the AXA website periodically to view the most up to date privacy policy.

    To find out more about what we do with your data and how it is managed, please take a moment to view the short video below.

     


    When we collect and use your personal information, we ensure we look after it properly and use it in accordance with our privacy principles set out below, keep it safe and will never sell it.

    1. Personal information you provide is processed fairly, lawfully and in a transparent manner
    2. Personal information you provide is collected for a specific purpose and is not processed in a way which is incompatible with the purpose which AXA collected it
    3. Your personal information is adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed
    4. Your personal information is kept accurate and, where necessary kept up to date
    5. Your personal information is kept no longer than is necessary for the purposes for which the personal information is processed
    6. We will take appropriate steps to keep your personal information secure
    7. Your personal information is processed in accordance with your rights
    8. We will only transfer your personal information to another country or an international organisation outside the European Economic Area where we have taken the required steps to ensure that your personal information is protected. Such steps may include placing the party we are transferring information to under contractual obligations to protect it to adequate standards
    9. AXA UK and AXA Group companies do not sell your personal information and we also do not permit the selling of customer data by any companies who provide a service to us

     

    Whilst there are a number of ways in which we collect your personal information, the two main ways we might collect personal information about you are from things you tell us yourself, and from things we ask other people or organisations to share with us. Things you tell us could include conversations we have on the phone, what you’ve written on an application form or if you post something on one of our forums. We might also collect information about you from other people and organisations, such as medical professionals and credit agencies, or by checking databases, such as the electoral register. Please see below for a list of ways we collect your personal information:

    We collect personal information directly from you:

    • via enquiry, registration and claim forms; 
    • via feedback forms and forums;
    • when you purchase any of our products or services;
    • when you fill out a survey, or vote in a poll on our website;
    • through quotes and application forms;
    • via cookies. You can find out more about this in our cookies policy;
    • via our telephone calls with you, which may be recorded;
    • when you provide your details to us either online or offline; 

    We also collect your personal information from a number of different sources including:

    • directly from an individual who has a policy with us under which you are insured, for example you are a named driver on your partner’s motor insurance policy; 
    • from credit reference agencies who will supply us with information, including information from the Electoral Register and credit information. Please note that the agencies may record details of the search whether or not your application proceeds;
    • from social media where fraud is suspected; and
    • via third parties including:
      • your family members where you may be incapacitated or unable to provide information relevant to your policy;
      • medical professionals and hospitals;
      • aggregators;
      • third parties who assist us in checking that we are permitted to make claims payments; and
      • third parties such as companies who provide consumer classification for marketing purposes e.g. market segmentation data
       

    We might collect personal information, such as your contact details, information about your bank or credit cards. The information we collect depends on which product or service you’re interested in for example if you are interested in obtaining car or travel insurance, we’ll collect information about the car you drive or where you’re planning to travel to and for medical insurance, we may ask you about you or your families' medical history. Please note, in certain circumstances we may request and/or receive "sensitive" personal information about you. For example, we may need access to health records for the purposes of providing you with a policy or processing claims, or details of any court or HMRC judgments for the purposes of preventing, detecting and investigating fraud. Please see below for a more detailed list of personal information we collect.

    The information that we collect will depend on our relationship with you. Where other people are named on your policy, we may ask you to provide the information below in relation to those people too, if this is relevant to your insurance.


    Where AXA Insurance UK Plc is the data controller of your personal information we may collect the following about you:

    • Personal information
      • contact details such as name, email address, postal address and telephone number
      • details of any other persons included on the policy where they are named on your policy and the relationship to you as policyholder
      • identification information such as your date of birth, national insurance number, passport and driving licence
      • financial information such as bank details, credit card details and information obtained as a result of our credit checks
      • information relevant to your insurance policy such as details about your vehicle, property, previous policies or claims, recent damage, information about your travel plans, destination, planned activities and dates of travel
      • information relevant to your claim or your involvement in the matter giving rise to a claim
      • information about the nature of your business and commercial assets
      • information obtained through our use of cookies. You can find out more about this in our cookies policy 
      • details of bankruptcies and other financial sanctions such as HMRC investigations
      • your marketing preferences
       
    • Sensitive personal information
      • details of your current or former physical or mental health
      • details concerning sexual life or sexual orientation, for example marital status
      • details regarding criminal offences, including alleged offences, criminal proceedings, outcomes and sentences (previous criminal convictions, bankruptcies and other financial sanctions such as County Court Judgements)
       

    Where AXA PPP healthcare is the data controller of your personal information, we may collect the following information about you:

    • Personal information
      • contact details such as name, email address, postal address and telephone number
      • details of any other persons included on the policy where they are named on your policy and the relationship to you as policyholder
      • lifestyle and social circumstances, for example; your interests, such as whether you play a sport, your housing status and number of dependents
      • identification information such as your date of birth, national insurance number, passport and driving licence
      • financial information such as bank details, credit card details and information obtained as a result of our credit checks
      • information obtained through our use of cookies. You can find out more about this in our cookies policy
      • information relevant to your claim or your involvement in the matter giving rise to a claim
      • details of bankruptcies and other financial sanctions such as HMRC investigations
      • your marketing preferences
       
    • Sensitive personal information
      • details of your current or former physical or mental health
      • details concerning sexual life or sexual orientation, for example marital status
      • details regarding criminal offences, including alleged offences, criminal proceedings, outcomes and sentences (previous criminal convictions, bankruptcies and other financial sanctions such as County Court Judgements)
       

    We mainly use your personal information to provide you with an insurance policy or benefits and to provide you with the right services based on your situation. So, if you have a problem, we make sure the right network of providers and specialists are in place and we can also update you quickly on the progress and cost of your claim and keep you safe from fraud. However, there are a number of other reasons why we use your personal information; Please see below for a more detailed list of how we use your personal information.

    We may process your personal information for a number of different purposes and these are set out in more detail in the below sub-sections for AXA Insurance and AXA PPP healthcare where applicable. Under data protection laws we need a reason to use and process your personal information and this is called a legal ground. We have set out below the main reasons why we process your personal information and the applicable circumstances when we will do so. When the personal information we process about you is classed as sensitive personal information (now known as ‘Special Categories’) (such as details about your health, sexual orientation or criminal offences) we must have an additional legal ground for such processing, or where appropriate, we apply a specific exemption for Insurance purposes

    • Processing is necessary in order for us to provide your insurance policy and services, such as assessing your application and setting you up as a policyholder, administering and managing your insurance policy, providing all related services, providing a quote, handling and paying claims and communicating with you. In these circumstances, if you do not provide such information, we will be unable to offer you a policy or process your claim.
    • Where we have a legal or regulatory obligation to use such personal information, for example, when our regulators, the Prudential Regulatory Authority, (PRA), the Financial Conduct Authority (FCA) and our data protection regulator, the Information Commissioner's Office (ICO) wish us to maintain certain records of any dealings with you.
    • Where we need to use your personal information to establish, exercise or defend our legal rights, for example when we are faced with any legal claims or where we want to pursue any legal claims ourselves.
    • Where we need to use your personal information for reasons of substantial public interest, such as investigating fraudulent claims and carrying out fraud, credit and anti-money laundering checks.
    • Where we have a specific legal exemption to process sensitive personal data for insurance purposes. This exemption applies where we need to process your information as an essential part of the insurance cover, for example health data.
    • Where you have provided your consent to our use of your personal information. We will usually only ask for your consent in relation to processing your sensitive personal information (such as health data) or when providing marketing information to you (including information about other products and services). This will be made clear when you provide your personal information. If we ask for your consent we will explain why it is necessary. Without your consent in some circumstances, we may not be able to provide you with cover under the policy or handle claims or you may not be able to benefit from some of our services. Where you provide sensitive personal information about a third party (such as a named driver) we will ask you to confirm that the third party has provided his or her consent for you to act of their behalf. 
    • Where we have appropriate legitimate business need to use your personal information such as maintaining our business records, developing and improving our products and services, all whilst ensuring that such business need does not interfere with your rights and freedoms and does not cause you any harm.
    • Where we need to use your sensitive personal information such as health data because it is necessary for your vital interests, this being a life or death matter.

    You will find details of the legal grounds we rely on for each use of your personal information below.


    Why we need your personal information Personal information we may process for the purpose adjacent shall include, but shall not be limited, to the types of information set out below Legal Grounds for Processing

    To review your insurance application and provide you with a quote.

    Your contact details, your age and the age of other person(s) included on the policy (family members, business partners, employees).

    Information about your possessions such as your vehicle, your driving history; any information about your property, past claims, recent damage; information about your business premises (or vehicle). 

    Information about your travel plans, destination, planned activities, dates of travel. 

    Information about the nature of your business and commercial assets. 

    Sensitive personal information including any penalties you may have for driving offences.

    Legal ground: such use is necessary in order to provide your insurance policy. 

     

    Legal ground for sensitive personal information: Where appropriate we apply an exemption for Insurance purposes.

    To administer, provide and service your insurance policy, assess eligibility for and handling and paying claims.

    Your contact details, your age and the age of other person(s) included on the policy (family members, business partners, employees).

    Information about your possessions such as your vehicle, your driving history; any information about your property, past claims, recent damage; information about your business premises (or vehicle)

    Information about your travel plans, destination, planned activities, dates of travel. 

    Information about the nature of your business and commercial assets. 

    Sensitive personal information including any penalties you may have for driving offences.

    Legal grounds: such use is necessary in order to provide your insurance policy and we have a legitimate business need to use your personal information to administer your insurance policy and handle any claims 

     

    Legal grounds for sensitive personal information: Where appropriate we apply an exemption for Insurance purposes or you have provided your consent. Please note that, in some cases, if you do not provide your consent, we may not be able to pay claims.

    To communicate with you and resolve any complaints you may have.

    Your contact details and any information relevant to your policy.

    Legal grounds: such use is necessary in order to provide your insurance policy and we have a legitimate business need to resolve any complaints. 

    Legal grounds for sensitive personal information: such use is necessary for the purposes of establishing, exercising or defending our legal rights where you have provided your consent or where appropriate we have applied an exemption for Insurance purposes.

    To evaluate your application and ability to pay for your policy by instalments. More information on how we use your information to do this is available under Detail Section 1 below.

    Your contact details and bank account details

    Legal ground: such use is necessary in order to provide your insurance policy

    To prevent, detect and investigate fraud. More information on how we use your information to do this is available under. Detail Section 2 below. Technology may include voice analytics.

    Your contact details, your age and the age of other person(s) included on the policy (family members, business partners, employees). 

    Information about your possessions such as your vehicle, your driving history; any information about your property, past claims, recent damage; information about your business premises (or vehicle). 

    Information about your travel plans, destination, planned activities, dates of travel. 

    Information about the nature of your business and commercial assets. 

    Information available in the public domain or on social media. 

    Sensitive personal information including any penalties you may have for driving offences.

    Legal grounds: such use is necessary in order to provide your insurance policy and we have a legitimate business need to prevent fraud. 

     

    Legal ground for sensitive personal information: we need to use your personal information for reasons of substantial public interest to prevent and detect fraud.

    For the purposes of debt recovery (where you have not paid for your insurance policy).

    Information about you, your name, address, email address, contact details and bank account details

    Legal ground: we have a legitimate business need to recover any debt.

    For our own management information purposes including; managing our business operations such as maintaining accounting records, analysis of financial results, internal audit requirements, receiving professional advice (e.g. tax or legal advice). We also undertake measures to secure our system and to ensure the effective operation of our systems. More information on how we use your information to do this is available under Detail Section 3 below.

    Your contact details, your age and the age of other person(s) included on the policy (family members, business partners, employees). 

    Information about your possessions such as your vehicle, your driving history; any information about your property, past claims, recent damage; information about your business premises (or vehicle) 

    Information about your travel plans, destination, planned activities, dates of travel. 

    Information about the nature of your business and commercial assets. 

    Sensitive personal information including any penalties you may have for driving offences.

    Legal grounds: we have a legitimate business need to use your personal information to understand our business and monitor performance and maintain appropriate records, to protect the security of our systems 

    Legal ground for sensitive personal information: Where appropriate we apply an exemption for Insurance purposes.

    For analytical purposes and to improve our products and services. More information on how we use your information to do this is available under Detail Section 4 below.

    Your contact details, your age and the age of other person(s) included on the policy (family members, business partners, employees). 

    Information about your possessions such as your vehicle, your driving history; any information about your property, past claims, recent damage; information about your business premises (or vehicle) 

    Information about your travel plans, destination, planned activities, dates of travel. 

    Information about the nature of your business and commercial assets. 

    Sensitive personal information including any penalties you may have for driving offences.

    Legal ground: we have a legitimate business need to use your personal information for services improvement 

    Legal ground for sensitive personal information: Where appropriate we apply an exemption for Insurance purposes.

    Complying with our legal or regulatory obligations

    Details about you, other related parties, your product or service, depending on the nature of the obligation

    Legal ground: such use is necessary for us to comply with our legal or regulatory obligations

    Providing improved quality, training and security (for example, with respect to recorded or monitored phone calls to our contact numbers); technology may include voice analytics

    Details about you and other related parties, your product or service having been discussed with you or your representative during a telephone conversation with us.

    Legal ground: we have a legitimate business need to provide secure and quality services

    Legal ground for sensitive personal information: Where appropriate we apply an exemption for Insurance purposes.

    Providing marketing information to you (including information about other products) in accordance with preferences you have expressed

    Your name, contact details, marketing preference

    Legal ground: you have provided your consent


    Why we need your personal information Personal information we may process for the purpose adjacent shall include, but shall not be limited, to the types of information set out below Legal Grounds for Processing

    To review your insurance application and provide you with a quote.

    Your contact details, your age and the age of other person(s) included on the policy (family members, business partners, employees). 

    Information about your travel plans, destination, planned activities, dates of travel. 

    Sensitive personal information about your health or family members' health.

    Legal ground: such use is necessary in order to provide your insurance policy

    Legal ground for sensitive personal information: Where appropriate we apply an exemption for Insurance purposes or you have provided your consent. Please note that, in some cases, if you do not provide your consent, we may not be able to provide your insurance policy

    To administer, provide and service your insurance policy, to verify your no claims discount entitlement, assess eligibility for and handling and paying claims. More information on how we use your information to do this is available under Detail Section 5 below.

    Your contact details, your age and the age of other person(s) included on the policy (family members, business partners, employees). 

    Information about your travel plans, destination, planned activities, dates of travel. 

    Sensitive personal information about your health or family members' health.

    Legal grounds: such use is necessary in order to provide your insurance policy and we have a legitimate business need to use your personal information to administer your insurance policy and handle any claims

    Legal grounds for sensitive personal information: Where appropriate we apply an exemption for Insurance purposes or you have provided your consent (please note that if you do not provide your consent, in some cases, we may not be able to administer your policy or pay claims) and/or it is in your vital interests.

    To communicate with you and resolve any complaints you may have

    Your contact details and any information relevant to your policy.

    Legal grounds: such use is necessary in order to provide your insurance policy and we have a legitimate business need to resolve any complaints. 

    Legal grounds for sensitive personal information: such use is necessary for the purposes of establishing, exercising or defending our legal rights and/or you have provided your consent.

    To evaluate your application to ability to pay for your policy by instalments. More information on how we use your information to do this is available under Detail Section 1 below.

    Your contact details and bank account details

    Legal ground: such use is necessary in order to provide your insurance policy

    To prevent, detect and investigate fraud. More information on how we use your information to do this is available under Detail Section 6 below. 

    Technology may include voice analytics.

    Information about you, your name, address, email address and contact details, your age and the age of other person(s) included on the policy (family members, business partners, employees). 

    Information about your travel plans, destination, planned activities, dates of travel. 

    Sensitive personal information about your health or family members' health

    Legal grounds: such use is necessary in order to provide your insurance policy and we have a legitimate business need to prevent fraud 

    Legal ground for sensitive personal information: we need to use your personal information for reasons of substantial public interest to prevent and detect fraud.

    For the purposes of debt recovery (where you have not paid for your insurance policy).

    Information about you, your name, address, email address, contact details and bank account details

    Legal ground: we have a legitimate business need to recover any debt. 

    Legal grounds for sensitive personal information: such use is necessary for the purposes of establishing, exercising or defending our legal rights.

    For our own management information purposes including; managing our business operations such as maintaining accounting records, analysis of financial results, internal audit requirements, receiving professional advice (e.g. tax or legal advice). We also undertake measures to secure our system and to ensure the effective operation of our systems. More information on how we use your information to do this is available under Detail Section 3 below.

    Information about you, your name, address, email address and contact details, your age and the age of other person(s) included on the policy (family members, business partners, employees). 

    Sensitive personal information about your health or family members' health.

    Legal ground: we have a legitimate business need to use your personal information to understand our business and monitor performance and maintain appropriate records, to protect the security of our systems 

    Legal ground for sensitive personal information: Where appropriate we apply an exemption for Insurance purposes or you have provided your consent.

    For analytical purposes and to improve our products and services. More information on how we use your information to do this is available under Detail Section 4 below.

    Information about you, your name, address, email address and contact details, your age and the age of other person(s) included on the policy (family members, business partners, employees). 

    Information about your travel plans, destination, planned activities, dates of travel. 

    Sensitive personal information about your health or family members' health.

    Legal ground: we have a legitimate business need to use your personal information for services improvement 

    Legal ground for sensitive personal information: Where appropriate we apply an exemption for Insurance purposes or you have provided your consent.

    Complying with our legal or regulatory obligations

    Details about you, other related parties, your product, service or benefit, depending on the nature of the obligation

    Legal ground: such use is necessary for us to comply with our legal or regulatory obligations

    Providing improved quality, training and security (for example, with respect to recorded or monitored phone calls to our contact numbers); technology may include voice analytics

    Details about you and other related parties, your product or service having been discussed with you or your representative during a telephone conversation with us.

    Legal ground: such use is necessary for us to comply with our legal or regulatory obligations 

    Legal ground for sensitive personal information: Where appropriate we apply an exemption for Insurance purposes or you have provided your consent; or we are responding to a call and acting in the vital interests of a person

    Providing marketing information to you (including information about other products and services and undertaking customer surveys) in accordance with preferences you have expressed

    Your name, contact details, marketing preference

    Legal ground: we have your consent

    We may use scoring methods to assess your application, to verify your identity and determine finance charges. Searches and other information which is provided to us and/or the credit reference agencies about you and those with whom you are linked financially, may be used by us if you, or other members of your household, apply for other facilities including insurance applications and claims. This personal information may also be used for debt tracing and the prevention of money laundering as well as the management of your account.

    When you take out a car insurance policy, AXA Insurance will add your policy details to the Motor Insurance Database ("MID"), run by the Motor Insurers' Information Centre ("MIIC"). MID data may be used by the Driver and Vehicle Licensing Agency ("DVLA") and the Driver and Vehicle Licensing Northern Ireland for the purpose of electronic vehicle licensing and by the police for the purposes of establishing whether a driver's use of a vehicle is likely to be covered by a motor insurance policy and for preventing and detecting crime. If you are involved in an accident, whether in the UK or abroad, other UK insurers, the Motor Insurers' Bureau and MIIC may search the MID to obtain relevant policy information.

    Persons pursuing a claim in respect of a road traffic accident (including citizens of other EU countries) may be entitled to access relevant information held about you on the MID. You can find out more about this from us, or from the Motor Insurance Bureau.

    To help keep premiums low we do participate in a number of industry initiatives to prevent and detect fraud. To help prevent crime we may at any time: approach the DVLA to check all or any relevant driving licence details of anyone named on the policy; share information about you with other organisations and public bodies including the police; share information about you and any other named persons on the policy within the AXA Group and with other insurers; pass the details you have supplied to recognised centralised insurance industry applications, policy and claims checking systems (for example, the Motor Insurance Anti-Fraud and Theft Register, Claims and Underwriting Exchange (CUE), CIFAS, No Claims Discount (NCD) database and all DVLA databases) where those details will be checked and updated; load your details and any information or documents you provide us to the Insurance Fraud Register (please note that this may affect future applications for insurance products) and verify with fraud prevention agencies and databases including publicly available data (for example on County Court Judgements, bankruptcy information and electoral roll data) any details you have provided us with. If false or inaccurate information is provided and if fraud is suspected, details will be passed to fraud prevention agencies to prevent fraud and money laundering and we will periodically search records held by fraud prevention and credit reference agencies to: help make decisions about credit services for you and your financial associates; help make decisions on insurance policies and claims for you and your financial associates; trace people who owe money, recover debt, prevent fraud and to manage your insurance policies; check your identity to prevent money laundering; carry out credit searches, electoral roll searches and further fraud searches. For more information about the agencies with which we share your data, including further details explaining how the information held by fraud prevention agencies may be used, please email us at fraud@axa.co.uk.

    We use your personal information to help us understand our business and monitor our performance, for example, to help determine how much insurance premiums should be.

    If you are a member of a group scheme, we may provide reports to your employer, or a parent company on the performance of the scheme and on the health of the workforce. The information we provide is anonymised which means you cannot be identified from the information.

    We also look to see where there might be trends in geographical areas to ensure we are prepared in the event of adverse weather conditions, or where there is a high or even low tendency to claim to ensure we offer the best price or even a different type of service.

    We may use your personal information for research and statistical analysis including general research into health-related areas and research about the products and services we provide. Where possible, we will anonymise such information. However, sometimes we may need to use your health information to do this and where we do, we will obtain your consent beforehand.

    By analysing the information you provide we can tailor and improve our products to better suit our customer's needs. To have an accurate understanding of all AXA products you hold, we bring your personal data together across the AXA UK Group of companies. Please note we will only ever market to you if you provide your explicit consent.

    We use your personal information for the ongoing management of any claims you have, and paying your medical bills. We will sometimes need to clarify information with your doctor or hospital, such as what treatment you have received if a bill is unclear.

    Sometimes it will be necessary for our clinical teams to discuss your treatment with your doctor, without first getting your consent. Typically, this will happen if you have been unexpectedly admitted to hospital and we are unable to contact you or you are not able to give your consent.

    To help keep premiums and costs down we work with other insurers, healthcare providers including the NHS, anti-fraud bodies and law enforcement agencies to protect ourselves, the NHS and our policyholders from fraudulent behaviour and medical malpractice. This may mean disclosing personal information, including health information, to these bodies. In some cases, we provide your personal information to insurance fraud databases, such as that run by the Health Insurance Counter Fraud Group, which are accessible by some or all of these bodies. We are obliged to report suspicions of medical malpractice to the relevant regulatory body such as the General Medical Council.

    We also monitor the services you are being provided by healthcare providers for these purposes and to ensure accurate billing. In some cases, we are required by law to report crime and suspected crime and other matters to law enforcement and government agencies.

    We might share your personal information with two types of organisation – companies inside the AXA Group, and other third parties outside the Group. For further details of disclosures, please see below. We won’t share any of your personal information other than for the purposes described in this Privacy Policy. If we share anything outside the Group, it’ll be kept strictly confidential and will only be used for reasons that we’ve described.


    Disclosures within our group

    In order to provide our services your personal information is shared with other companies in the AXA Group. Your personal information might be shared for our general business administration, efficiency and accuracy purposes or for the prevention and detection of fraud.

    Disclosures to third parties

    We also disclose your information to the third parties listed below for the purposes described in this Privacy Policy. This might include:

    • Your relatives or, guardians (on your behalf where you are incapacitated or unable) or other people or organisations associated with you such as your insurance broker or your lawyer
    • Where you have named an alternative contact (such as a relative) to speak with us on your behalf. Once you have told us your alternative contact, this person will be able to discuss all aspects of your policy (including claims and cancellation) with us and make changes on your behalf.
    •  Your Road Relay Agent, such as the AA or Greenflag 
    • An AXA recommended garage or panel beater or your designated garage or panel beater 
    • Our insurance partners such as brokers, other insurers, reinsurers or other companies who act as insurance distributors 
    • Other third parties who assist in the administration of insurance policies such as another Insurance Company if there has been an accident which requires a claim to or from that Insurance Company 
    • We may share the personal information of any persons named on the policy with third parties to obtain information which may be used by AXA to inform its risk selection, pricing and underwriting decisions 
    • Fraud detection agencies and other third parties who operate and maintain fraud detection registers 
    • The police and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime
    • Motor Insurers' Information Centre and the DVLA 
    • Passing information to a third party for the purpose of validating your No Claims Discount (NCD) entitlement and this may be made available to other insurers 
    • Also to other companies or insurers for the purpose of validating your NCD entitlement 
    • Our third party services providers such as IT suppliers, actuaries, auditors, lawyers, marketing agencies, document management providers and tax advisers 
    • Other suppliers, providers of goods and services associated with this insurance and/or to enable us to deal with any claims you make 
    • Financial organisations and advisers 
    • Central Government 
    • The Financial Ombudsman Service and regulatory authorities such as the Financial Conduct Authority and the Information Commissioner’s Office
    • Overseas assistance companies 
    • Loss Adjusters
    • Car Hire Companies 
    • House Builders or other House Repairers 
    • Emergency Assistance Companies
    • Your healthcare practitioner 
    • Debt collection agencies
    • Credit reference agencies
    • Selected third parties in connection with the sale, transfer or disposal of our business

    We also disclose your information to the third parties listed below for the purposes described in this Privacy Policy. This might include:

    Disclosure of your personal information to a third party outside of the AXA Group will only be made where the third party has agreed to keep your information strictly confidential and shall only be used for the specific purpose for which we provide it to them.

    We may also disclose your personal information to other third parties where:

    • we are required or permitted to do so by law or by regulatory bodies such as where there is a court order, statutory obligation or Prudential Regulatory Authority / Financial Conduct Authority or Information Commissioners Office request; or 
    • we believe that such disclosure is necessary in order to assist in the prevention or detection of any criminal action (including fraud) or is otherwise in the overriding public interest.

    Some of the recipients set out above may be in countries outside of the EEA notably in (i) Switzerland, where AXA has a European Data Centre, and (ii) India, where some administration is undertaken. Where we make a transfer of your personal information outside of the EEA we will take the required steps to ensure that your personal information is protected. Such steps may include placing the party we are transferring personal information to under contractual obligations to protect it to adequate standards. Occasionally there may also be some circumstances where we are required to transfer your personal information outside of the EEA and we shall rely on the basis of processing it for being necessary for the performance of your contract; for example, where you have a travel insurance policy and we need to contact you when you are on holiday.


    Disclosures within our group

    In order to provide our services your personal information is shared with other companies in the AXA Group including, but not limited to AXA PPP healthcare Administration Services Limited and AXA PPP Administration Services Limited. Your personal information might be shared for our general business administration, efficiency and accuracy purposes.

    Disclosures to third parties

    We also disclose your information to the third parties listed below for the purposes described in this Privacy Policy. This might include:

    • Your relatives, guardians (on your behalf where you are incapacitated or unable) or other people or organisations connected to you such as your insurance broker, your patients (if you are a healthcare practitioner or your lawyer 
    • Your current, past or prospective employers
    • Your medical social and welfare advisers, or practitioners 
    • Our insurance partners such as brokers, other insurers, reinsurers or other companies who act as insurance distributors 
    • Our third-party services providers such as IT suppliers, actuaries, auditors, lawyers, marketing agencies, document management providers and tax advisers 
    • Our suppliers and providers of goods or services that we make available to you 
    • Financial organisations and advisers 
    • Central and local Government (for example if they are investigating fraud or because we need to contact them regarding international sanctions) 
    • The Financial Ombudsman Service and regulatory authorities such as the Financial Conduct Authority and the Information Commissioner’s Office 
    • Other insurance companies, NHS fraud teams, the General Medical Council, the police, National crime agency, other law enforcement agencies and organisations that maintain anti-fraud or other crime databases where reasonably necessary for the prevention or detection of crime 
    • Selected third parties in connection with the sale, transfer or disposal of our business

    Disclosure of your personal information to a third party outside of the AXA Group will only be made where the third party has agreed to keep your information strictly confidential and shall only be used for the specific purpose for which we provide it to them.

    We may also disclose your personal information to other third parties where:

    • we are required or permitted to do so by law or by regulatory bodies such as where there is a court order, statutory obligation or Prudential Regulatory Authority / Financial Conduct Authority or Information Commissioners Office request; or 
    • we believe that such disclosure is necessary in order to assist in the prevention or detection of any criminal action (including fraud) or is otherwise in the overriding public interest.

    Some of the recipients set out above may be in countries outside of the EEA notably in i) Switzerland, where AXA has a European Data Centre, and ii) India, where some administration is undertaken. Where we make a transfer of your personal information outside of the EEA we will take the required steps to ensure that your personal information is protected. Such steps may include placing the party we are transferring information to under contractual obligations to protect it to adequate standards. Occasionally there may also be some circumstances where we are required to transfer your personal information outside of the EEA and we shall rely on the basis of processing it for being ‘necessary for the performance of your contract; for example, where you have a travel insurance policy and we need to contact you when you are on holiday.

    In most cases, we only keep your information for as long as the regulations say we have to. This is usually between three and ten years after our relationship with you ends but it will vary depending on what data we hold, why we hold it and what we’re obliged to do by the regulator or the law.

    We will only keep your personal information for as long as reasonably necessary to fulfil the relevant purposes set out in this Privacy Policy and in order to comply with our legal and regulatory obligations. The time period we retain your personal information for will differ depending on the nature of the personal information and what we do with it. How long we keep personal information is primarily determined by our regulatory obligations. We typically keep quote information for 3 years, and policy and claims records for up to 10 years from the end of our relationship with you. In some cases, such as if there is a dispute or a legal action we may be required to keep personal information for longer. Long-term insurance products such as liability insurance is kept for an extended period and data held in relation to a healthcare trust is kept for 13 years.

    Before 25 May 2018: At any time, you can ask us to correct your details, to stop sending you any marketing messages or for a copy of your personal information. We’ll either do what you’ve asked, or explain why we can’t – usually because of a legal or regulatory issue.

    25 May 2018 onwards: You can ask us to do various things with your personal information. For example, at any time you can ask us for a copy of your personal information, ask us to correct mistakes, change the way we use your information, or even delete it. We’ll either do what you’ve asked, or explain why we can’t - usually because of a legal or regulatory issue.

    For further details about your rights please see below

    Note: the following is to be used prior to 25 May 2018

    You have a number of rights in relation to our use of your personal information including the right to:

    • ask us to correct your personal information if it is wrong
    • object to processing of your personal information in certain circumstances
    • object to direct marketing.

    You can make any of the request set out above at any time by using the contact details shown in your documentation. Please note in some cases we may not be able to comply with your request for reasons such as our own obligations to comply with other legal or regulatory requirements. However, we will always respond to any request you make and if we can’t comply with your request, we will tell you why.

    You have the right to:

    • obtain a copy of the personal information we hold about you and certain details regarding how we use it. Please note that there will be a £10 charge for this. You can make a request by contacting the appropriate Data Protection Officer (see Contact Details of the Data Protection Officer section)

    Note: the following is to be used from 25 May 2018 onwards

    You have the following rights in relation to our use of your personal information.

    The right to access your personal information

    You are entitled to a copy of the personal information we hold about you and certain details of how we use it. There will not usually be a charge for dealing with these requests. Your personal information will usually be provided to you in writing, unless otherwise requested, or where you have made the request by electronic means, in which case the information will be provided to you by electronic means where possible.

    The right to rectification

    We take reasonable steps to ensure that the personal information we hold about you is accurate and complete. However, if you do not believe this is the case, please contact us by using the details shown in your documentation and you can ask us to update or amend it.

    The right to erasure:

    In certain circumstances, you have the right to ask us to erase your personal information, for example where the personal information we collected is no longer necessary for the original purpose or where you withdraw your consent. However, this will need to be balanced against other factors, for example according to the type of personal information we hold about you and why we have collected it, there may be some legal and regulatory obligations which mean we cannot comply with your request.

    Right to restriction of processing:

    In certain circumstances, you are entitled to ask us to stop using your personal information, for example where you think that the personal information we hold about you may be inaccurate or where you think that we no longer need to process your personal information.

    Right to data portability:

    In certain circumstances, you have the right to ask that we transfer any personal information that you have provided to us to another third party of your choice. Once transferred, the other party will be responsible for looking after your personal information.

    Right to object to direct marketing:

    You can ask us to stop sending you marketing messages at any time. Please see the Marketing section for more information.

    Right not to be subject to automated-decision making:

    Some of our decisions are made automatically by inputting your personal information into a system or computer and the decision is calculated using certain automatic processes rather than our employees making those decisions. We make automated decisions in the following situations:

    Deciding your premium

    We use the personal information that you and others provide to us about you your family, property, where you live your policy claims history, and other non-personal information such as garage repair costs or hospital costs to determine your premium and eligibility. The price also depends on what options you have chosen to purchase. For example, if you live in London you will pay more than if you live in Lancashire because healthcare costs, on average, are higher in London than Lancashire. We also use information about how long you have been a customer, how many claims you have made and how much you pay in premiums to determine what terms you are offered at renewal.

    Fraud prevention

    AXA Insurance uses automated anti-fraud filters that check against lists of people known to have undertaken fraudulent transactions and will reject those applicants on the basis they are likely to defraud the company.

    Assessing your application

    We may use scoring methods to assess your application, to verify your identity and determine finance charges, for example;

    When you join AXA PPP healthcare you will either do so on a personal policy or under a group scheme. We may collect information directly from you, from/via your or your partner, your parent’s or employer. Depending on the type of scheme we may collect health information at the start, as well as personal information such as your date of birth and address. Depending on the type of scheme/policy AXA PPP may use the personal and sensitive information in order to assess the price and determine any exclusions we need to apply.

    Examples of information used by our systems to do this include: your age, your postcode your lifestyle (e.g. do you smoke cigarettes) and your medical history. If you do not consent to us processing sensitive information in this way, we may be unable to assess your application or offer you cover, alternatively we may only be able to offer you styles of policy that do not require us to have that information at the start. The automated decision making carried out by AXA PPP during the application is bespoke to us, and we do not share the results of this with third parties.

    AXA Insurance uses individual credit information about you provided to us by third parties in order to assess your suitability for insurance and the price we offer to you. The information used to assess your insurance risk includes: verification of your residence at address via bills and electoral roll, historic payment behaviour on financial products, prior insolvency and any prior county court judgements. If we are unable to validate your residence at the insured address or consider your historic payment behaviour with creditors to be significantly adverse we will decline to offer you a price for your insurance risk. The credit assessments carried out by AXA are bespoke to us and will not impact your ability to obtain insurance or other financial products elsewhere.

    You have a right not to be subject to automated decision-making in the circumstances described above and where automated decision-making used in the assessment of your application or fraud prevention, you can contact us to request that any declined decision is reconsidered. If you want to opt out of automatic decision-making, let us know, although in some circumstances it may mean we can’t offer you a quote or policy as some automated decisions are necessary to provide your insurance policy.

    The right to withdraw consent:

    For certain uses of your personal information, we will ask for your consent. Where we do this, you have the right to withdraw your consent to further use of your personal information. Please note in some cases we may not be able to process your insurance if you withdraw your consent.

    The right to lodge a complaint

    You have a right to complain to the ICO at any time if you object to the way in which we use your personal information. More information can be found on the Information Commissioner’s Office website: https://ico.org.uk/

    You can make any of the requests set out above using the contact details provided to you in your policy documentation. Please note that in some cases we may not be able to comply with your request for reasons such as our own obligations to comply with other legal or regulatory requirements. However, we will always respond to any request you make and if we can't comply with your request, we will tell you why.

    In some circumstances exercising some of these rights will mean we are unable to continue providing you with cover under your insurance policy and may therefore result in the cancellation of the policy. You will therefore lose the right to bring any claim or receive any benefit under the policy, including in relation to any event that occurred before you exercised your right, if our ability to handle the claim has been prejudiced. Your policy terms and conditions set out what will happen in the event your policy is cancelled.

    You’re in control of how we use your information for marketing. We will only contact you if you’ve agreed it’s okay. Then, we might use your information to tell you about products and services that could interest you. But we don’t use your personal information for our online ad campaigns – you’ll need to check your browser or social media settings to avoid seeing these.

    We may share information between the AXA UK Group* to inform you of other products and services that may be of interest to you or members of your family, but we will only do this where you have provided your consent. You can always change your mind by contacting us using the details shown in your documentation and telling us you no longer wish to be contacted.

    We are committed to only sending you marketing communications that you have clearly expressed an interest in receiving. If you wish to unsubscribe from emails sent by us, you may do so at any time by following the unsubscribe instructions that appear in all emails. Otherwise you can always contact us using the details set out in your documentation to update your contact preferences. In such circumstances, we will continue to send you service related (non-marketing) communications where necessary.

    Very occasionally we may also share your details with our selected business partners, for example national newspaper groups, but we will specifically tell you about this when we obtain your marketing preferences.

    We would like to keep you informed, from time to time about relevant products and services. We may do this by mail, email, telephone or other electronic methods such as text message. In order to help us get to know you and identify what products and services may interest you we obtain information about you from other sources inside and outside the AXA Group for example, companies who provide consumer classification and market segmentation data for marketing purposes. Examples of these organisations are Experian or LexisNexis.

    From time to time we may run specific marketing campaigns through social media and digital advertising that you may see which are based on general demographics and interests. Individual personal information is not used for these campaigns. If you do not want to see any campaigns then you will need to adjust your preferences within social media settings and your cookie browser settings.

    We will also share information that we collect about you for marketing within the AXA Group, if you give us permission to do so. If you change your mind you can let us know by adjusting your choice.

    Please note that we may retain any data provided to us on our websites for a limited period, even if you do not complete your quote. The information may be used to enquire as to why you did not complete your quote or for us to better understand your needs but only if you have agreed for us to contact you.

    *List of AXA UK Group companies and trading names who may market to you:

    • AXA UK plc,
    • AXA Insurance UK plc,
    • Swiftcover,
    • AXA PPP healthcare Limited,
    • Health-on-Line Company (UK) (trading as Health-on-Line, SecureHealth and InsureMe-on-line),
    • Health and Protection Solutions Limited (trading as The Health Insurance Group),
    • AXA ICAS Limited (trading as Active+),
    • The Permanent Health Company Limited,
    • PPP Taking Care Limited

    If you wish to contact the Data Protection Officer the details are below:

    For AXA Insurance plc, for Household, Motor, Travel Insurance and Business Insurance Products.

    The Data Protection Officer:

    AXA Insurance UK Plc
    Brooke Lawrance House
    80 Civic Drive
    Ipswich
    Suffolk IP1 2AN                               email address:dataprotection.ins@axa-insurance.co.uk

    For AXA Healthcare PPP Healthcare

    The Data Protection Officer:

    AXA PPP Healthcare
    Jubilee House
    Vale Road
    Tunbridge Wells
    TN1 1BJ                                email address:dpaandamlteam.health@axa-ppp.co.uk

    If you do not wish to deal direct with the above AXA companies then you can contact our head office:

    The Data Protection Officer:

    AXA UK Plc
    5 Old Broad Street
    London EC2N 1AD                         email address:ukgroupprivacy@axa-uk.co.uk

    If you would like to contact the UK’s Information Commissioner’s Officer direct; please write to the Information Commissioner's Office Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, Telephone: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number https://ico.org.uk/global/contact-us/email/

    AXA UK Group

    Wherever the name “AXA” is used on the Website, this implies one or more of the following companies within the AXA UK Group of companies, which may offer products or services on the Website. Further details can be found on the respective companies’ websites.

    AXA Insurance UK Plc

    Trading as AXA Insurance a public company limited by shares incorporated in England and Wales with company number 078950 and whose registered office is at 5 Old Broad Street, London, EC2N 1AD. Swiftcover and Swiftcover.com are both trading names of AXA Insurance UK Plc.

    AXA PPP healthcare Limited

    Trading as AXA PPP healthcare, a private limited company incorporated in England and Wales with company number 03148119 and whose registered office is at 5 Old Broad Street London EC2N 1AD

    AXA PPP healthcare Administration Services Limited

    Trading as AXA PPP healthcare, a private limited company incorporated in England and Wales with company number 03429917 and whose registered office is at 5 Old Broad Street London EC2N 1AD

    AXA PPP Administration Services Limited

    Trading as AXA PPP healthcare, a private limited company incorporated in England and Wales with company number 05961472 and whose registered office is at 5 Old Broad Street London EC2N 1AD

    AXA UK Plc

    Registered company number: 02937724 and whose registered office is at 5 Old Broad Street London EC2N 1AD

    Your personal information can help us give you a better, more personalised service. But looking after that data is a big responsibility. We take our responsibilities seriously, so we’ve introduced internationally recognised data privacy rules to protect you. We keep your data safe, confidential and will never sell it. And, if you ask us to, we’ll tell you exactly what information we have so you can be sure it’s up-to-date and accurate.

    AXA's mission is to help you, our customers, live your lives with more peace of mind by protecting your family, your property and your assets against risks. Doing so involves the collection of data so that we understand the nature of these risks that we cover for you, and that we may provide you with the right products and services to meet your needs.

    Today's world is one in which the amount of available data is growing exponentially. Ultimately, this allows us to enhance your experience through tailor-made protection, more relevant information and simplified, efficient procedures.

    We believe that protecting your personal information is essential when seizing these opportunities. This is why we considered it important to share with you the principles that will guide us with regard to the treatment of personal information.

    Our Commitment to Safeguard Personal information

    We know that respecting the confidentiality of personal information is critical to preserving your trust and therefore have developed security procedures and we use a range of organisational and technical security measures designed to protect your personal information from unauthorized use or disclosure.

    We have a Data Privacy team at a global level and a network of Data Privacy Officers throughout our businesses to oversee data safety.

    We are the first insurance group to have adopted Binding Corporate Rules. These rules represent an internationally recognized standard for protection of personal information and are an adequate safeguard for transferring your personal information to our group companies outside the European Economic Area. They were approved by the French Data Protection Authority (CNIL) and 15 other EU Data Protection Authorities including the UK’s Information Commissioner’s Office.

    Our Commitment in Respect to the Use of Personal information

    We provide you with up-to-date prevention and protection solutions, through an in-depth and well-informed understanding of the risks you face. To do this, we collect your personal information and use it in compliance with data protection laws.

    We have in place procedures and contractual arrangements designed to ensure that all employees, sales representatives, advisers and service providers keep client files confidential.

    Our customers often entrust us with sensitive personal information in connection with insurance coverage we provide to them - both at the time of their initial subscription and during the term of their coverage. We view ourselves as custodians of this data and do not sell it to third parties outside the AXA Group. We may market products jointly with other companies in cases where we believe there is a unique or compelling value proposition for our customers.

    Our Commitment to Dialogue and Transparency

    As a leading international insurance group, we play a proactive role in public policy and regulatory debates around personal information protection.

    These are our continuing commitments to you. We will keep pace with future developments surrounding data privacy to adapt them to your evolving needs.

    For more information, please feel free to contact privacy@axa.com