Who do we share your personal information with?
- Our Privacy Principles
- How do we collect your personal information?
- What personal information do we collect?
- How do we use your personal information?
- Who do we share your personal information with?
- How long do we keep records for?
- Your rights
- Marketing data usage
- Download our Privacy Policy
- How do I contact the Data Protection Officer?
- AXA UK company details
- Data Privacy Declaration
We might share your personal information with two types of organisation – companies inside the AXA Group, and other third parties outside the Group. For further details of disclosures, please see below. We won’t share any of your personal information other than for the purposes described in this Privacy Policy.
Who might we disclose your personal information to?
Disclosures within our group
In order to provide our services your personal information is shared with other companies in the AXA Group including, but not limited to AXA Global Business Services in India. Your personal information might be shared for our general business administration, efficiency and accuracy purposes or for the prevention and detection of fraud, and also when we make changes to our Group company structure.
Disclosures to third parties outside our group
We also disclose your information to the types of third parties listed below for the purposes described in this Privacy Policy. This might include:
- Your relatives or, guardians or someone else acting on your behalf where you are incapacitated or unable, or other people or organisations associated with you such as your insurance broker or your lawyer
- Where you have named an alternative contact (such as a relative) to speak with us on your behalf. Once you have told us your alternative contact, this person will be able to discuss all aspects of your policy (including claims and cancellation) with us and make changes on your behalf.
- Our insurance partners such as brokers, other insurers, reinsurers or other companies who act as insurance distributors
- Other third parties who assist in the administration of insurance policies such as another Insurance Company if there has been an accident which requires a claim to or from that Insurance Company
- Other suppliers, providers of goods and services associated with this insurance and/or to enable us to deal with any claims you make including contractors and their subcontractors
- We may share the personal information of any persons named on the policy with third parties to obtain information which may be used by AXA to inform its risk selection, pricing and underwriting decisions
- Fraud detection agencies and other third parties who operate and maintain fraud detection registers and/or assist with identification checks
- The police and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime
- Motor Insurers' Information Centre and the DVLA
- We work in partnership with the Motor Insurers’ Bureau (MIB) and associated not-for-profit companies who provide several services on behalf of the insurance industry. At every stage of your insurance journey, the MIB will be processing your personal information and more details about this can be found via their website: mib.org.uk. Set out below are brief details of the sorts of activity the MIB undertake:
- Checking your driving licence number against the DVLA driver database to obtain driving licence data (including driving conviction data) to help calculate your insurance quote and prevent fraud
- Checking your ‘No Claims Bonus’ entitlement and claims history
- Prevent, detect and investigate fraud and other crime, including, by carrying out fraud checks
- Maintaining databases of:
- Insured vehicles (Motor Insurance Policy Database or Motor Insurance Database/MID)
- Vehicles which are stolen or not legally permitted on the road (Vehicle Salvage & Theft Data or MIAFTR)
- Motor, personal injury and home claims (CUE)
- Employers’ Liability Insurance Policies (Employers’ Liability Database)
- Managing insurance claims relating to untraced and uninsured drivers in the UK and abroad
- Working with law enforcement to prevent uninsured vehicles being used on the roads
- Supporting insurance claims processes.
- Passing information to a third party for the purpose of validating your No Claims Discount (NCD) entitlement and this may be made available to other insurers
- Also to other companies or insurers for the purpose of validating your NCD entitlement
- Your Road Relay Agent, such as the AA or Greenflag
- An AXA recommended garage or panel beater or your designated garage or panel beater
- If you are a third party involved in a motoring incident where our policyholder is at fault we may pass your details to a third party in order to offer services (e.g. repairs and/or hire)
- Our third party services providers such as IT suppliers, actuaries, auditors, lawyers, marketing agencies, research specialists, document management providers and tax advisers
- Categorised postcodes may be shared for brand tracking purposes
- Financial organisations and advisers
- Central Government
- The Financial Ombudsman Service and regulatory authorities such as the Financial Conduct Authority and the Information Commissioner’s Office
- Overseas assistance companies
- Loss Adjusters
- Car Hire Companies
- If you are a third party making a credit hire claim, we may disclose your vehicle registration details in order to obtain ANPR (Automatic Number Plate Recognition) data for the purpose of verifying your claim
- House Builders or other House Repairers
- Emergency Assistance Companies
- Your healthcare practitioner
- Debt collection agencies
- Credit Reference Agencies (CRAs) for the purposes of fraud prevention, identity checking, assessing creditworthiness, risk selection, pricing and underwriting. The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail at:
- TransUnion: www.transunion.co.uk/crain
- Equifax: www.equifax.co.uk/crain
- Experian: www.experian.co.uk/legal/crain
- The Employers Liability Tracing Office
- Other insurers to obtain a claim contribution where there is another insurance covering the same loss, damage, expense or liability
- Selected third parties in connection with the sale, transfer or disposal of our business or any part of our business.
Disclosure of your personal information to a third party outside of the AXA Group with the exception of law enforcement agencies or other bodies exercising their official authority will only be made where the third party has agreed to keep your information strictly confidential and shall only be used for the specific purpose for which we provide it to them.
We may also disclose your personal information to other third parties where:
- we are required or permitted to do so by law or by regulatory bodies such as where there is a court order, statutory obligation or Prudential Regulatory Authority / Financial Conduct Authority or Information Commissioners Office request; or
- we believe that such disclosure is necessary in order to assist in the prevention or detection of any criminal action (including fraud) or is otherwise in the overriding public interest; or
- exemptions under the data protection legislation allow us to do so.
Some of the recipients and technical solutions set out above may be in countries outside the United Kingdom notably in (i) Switzerland, where AXA has a European Data Centre, and (ii) India, where some administration is undertaken. Where we make a transfer of your personal information outside the United Kingdom, in all cases where personal data is transferred to a country which is deemed not to have the same standards of protection for personal data as the UK AXA will ensure appropriate safeguards such as UK regulator approved Standard Contractual Clauses and further contractual, organisational and technical measures (as may be required following an assessment of the risk) have been implemented to ensure that your personal information is protected. Occasionally there may also be some circumstances where we are required to transfer your personal information outside the United Kingdom and we shall rely on the basis of processing it for being necessary for the performance of your contract.
Who might we disclose your personal information to?
Disclosures within our group
In order to provide our services your personal information is shared with other companies in the AXA Group including, but not limited to AXA Global Business Services in India . Also, your AXA insurance broker if you have one. Your personal information might be shared for our general business administration, efficiency and accuracy purposes, and also when we make changes to our Group company structure.
Disclosures to third parties outside our group
We also disclose your information to the types of third parties listed below for the purposes described in this Privacy Policy. This might include:
- Your relatives, guardians or someone else acting on your behalf where you are incapacitated or unable, or other people or organisations connected to you such as your insurance broker, or your lawyer
- A relative or guardian (or their insurance broker) who has purchased an insurance policy (the ‘Lead Member’) and included you as a dependent on it – we will inform them that you have made a claim if this impacts their No Claims Discount. We may also share the cost of the claim if that cost is less than the cost of the change in no claims discount it caused. Depending on the type of insurance cover you have, this may amount to sharing your health information. Similarly, if you notify us of a medical condition that you had at the time of purchase which the Lead Member didn’t tell us about, we may share this with them if it affects the terms of their policy
- Your current, past or prospective employers if you have been part of a group scheme or their agents
- Your healthcare social and welfare advisers, or practitioners and similar practitioners appointed by us to review claims
- Other insurers if you are transferring from one insurer to another, or our reinsurers
- Our third-party services providers such as IT suppliers, actuaries, auditors, lawyers, marketing agencies, research specialists, document management providers and contractors and their sub-contractors
- Suppliers and providers of goods or services that we make available to you such as the provider of the Doctor@hand service and the Working body and Healthy Mind services
- Categorised postcodes may be shared for brand tracking purposes
- Financial organisations and advisers
- Central and local Government (for example if they are investigating fraud or because we need to contact them regarding international sanctions)
- The Financial Ombudsman Service and regulatory authorities such as the Financial Conduct Authority, the Care Quality Commission and the Information Commissioner’s Office
- Other insurance companies, NHS fraud teams, the General Medical Council, the police, National Crime Agency, other law enforcement agencies and organisations that maintain anti-fraud or other crime databases and third parties (including Credit Reference Agencies) to assist with identity checks in order to combat fraud, where reasonably necessary for the prevention or detection of crime
- Selected third parties in connection with the sale, transfer or disposal of our business or any part of our business.
Disclosure of your personal information to a third party outside of the AXA Group with the exception of law enforcement agencies or other bodies exercising their official authority will only be made where the third party has agreed to keep your information strictly confidential and shall only be used for the specific purpose for which we provide it to them.
We may also disclose your personal information to other third parties where:
- we are required or permitted to do so by law or by regulatory bodies such as where there is a court order, statutory obligation or Prudential Regulatory Authority / Financial Conduct Authority or Information Commissioners Office request;
- we believe that such disclosure is necessary in order to assist in the prevention or detection of any criminal action (including fraud) or is otherwise in the overriding public interest; or
- where exemptions under the data protection legislation allow us to do so.
Some of the recipients and technical solutions set out above may be in countries outside the United Kingdom notably in i) Switzerland, where AXA has a European Data Centre, and ii) India, where some administration is undertaken. Where we make a transfer of your personal information outside the United Kingdom in all cases where personal data is transferred to a country which is deemed not to have the same standards of protection for personal data as the UK AXA will ensure appropriate safeguards such as UK regulator approved Standard Contractual Clauses and further contractual, organisational and technical measures (as may be required following an assessment of the risk) have been implemented to ensure that your personal information is protected. Occasionally there may also be some circumstances where we are required to transfer your personal information outside the United Kingdom and we shall rely on the basis of processing it for being necessary for the performance of your contract; for example, where you have a travel insurance policy and we need to contact you when you are on holiday.