Privacy Notice for Maiden Life & General

•••

For Maiden Life & General it is extremely important that personal information should be protected. If we are to offer you our insurance policies or any of our other services we will use your personal data in the way which is set out below. When we process your personal data we always do so with the utmost care and in accordance with current laws and regulations.

In this privacy notice you can read about how we gather and use your personal data. You will also be given information about the rights you have in your dealings with us and how you can use them.

We would advise you to read through this privacy notice carefully so you understand it before you begin using any of our services.

What information will we collect from you?

In your communication with us you may submit information about yourself to us in a variety of different ways. For example, when you take out a policy with us, contact us, or register a claim, or if you use another of our services where you provide personal information.

The following are examples of information about yourself which you may submit to us:

Personal and contact information — name, date of birth, national insurance number, passport number, e-mail address, mobile telephone number, etc.
Information about your health and employment — whether you are in full-time employment and how long you have been employed for, etc.
Information relating to claims for indemnification — for example, information about illness and other events which may create an entitlement under the policy.
Payment Information — bank account numbers etc.

All this information is necessary so we can conclude and implement our agreement with you. If you do not submit this information to us we may be prevented from offering you a policy or meeting your claim. We also process other information about you which is essential to our contractual relationship:

Technical information — for example an IP address, language setting, time zone, operating system, geographical location etc.
Information about your contacts with us — how you use our services, including information about how you found us, response time for pages, download errors, notices etc.

We may also gather personal information about you from other sources. The following are examples of information about you which we may gather from another party:
Financial information — information about the loans which you insure with us. Such information is gathered from the lenders and/or the insurance intermediary who arranged the policy.
Information about customer/member relations — that you are a customer or member of a specific company or organisation which has a group policy with Maiden Life & General, to establish that you are entitled to take out a specific policy. Such information is gathered from the insurance intermediary or from the party which has a group policy with us.

Why do we use your details and what do we use them for?

The information which you submit to us and which we otherwise gather about you is necessary so we can assess if you can have a policy with us or not, identify the premiums and conditions we can offer you and conclude and manage the insurance policy. Your personal details are primarily used for those purposes, but we may also process your personal details for other purposes as set out below.

Purpose for which your details will be processed (i.e. why we process your details)	Legal basis for processing your details (i.e. the basis on which process your details)
To manage your relationship with us (including confirmation of your identity and checking that your personal and contact details are correct) and your payment details, e.g. so we can fulfil our obligations to you as an insured and can provide the services which you require of us and provide information about them.	To conclude and implement a policy with you
To manage our services and internal activities, including customer analysis, marketing, trouble shooting, data analysis, testing, research and statistical purposes.	Our legitimate interests and to develop our activities and services and to market ourselves
To prevent any abuse of our services, including fraud, to manage risk and carry out our risk analysis.	To comply with the relevant legislation and our legitimate interest in identifying, asserting and pursuing legitimate claims
To ensure that content is presented clearly for you on-line (with the help, among other things, of cookies).	Consent and/or an interest in the smooth and effective operation of the service (see also our cookie policy)
To develop and improve our services with a view, for example, to generating new products and create new business opportunities.	Our legitimate interest in developing our activities, our services and the range of services we offer *
To comply with the relevant legislation including legislation on measures to counter money-laundering, accountancy law, tax law and rules on the capital adequacy ratio requirements.	To comply with the relevant legislation

*For more information about the way in which we balance our interest in processing your personal details and any interest you may have in your personal data not being processed for the stated purpose please contact us. You can find the contact details under ’Contacting us’ below.

We shall also use your details in our communications with you. Sometimes we carry out customer satisfaction surveys of services, for example after you have been in contact with our Customer Services. That communication may take place via electronic communication channels or by telephone. If you do not want us to communicate with you in that way you can contact us by sending an e-mail to dataprotection@maideniis.com or unsubscribing from the e-mails we send to you.

Your rights

Your rights	What does this mean?
Right of access	You are entitled to access the personal information we have about you and you can request a copy of it from us. You can usually request a copy at no charge, but if you require multiple copies or ask repeatedly we may charge a fee.
Right to correction	It is important that we should have correct information about you and we advise you to let us know if any of your personal details are incorrect, for example if you have changed your name or moved. You can correct information about yourself which is incorrect or incomplete at any time.
Right to deletion	If your personal details are no longer needed for the purpose for which they were gathered, you are entitled to require that they be deleted. That right to have details deleted is known, amongst other things, as the ‘right to be forgotten’. In some cases we may be under a legal obligation which prevents us from deleting your information immediately. That may involve, for example, obligations under legislation on accountancy, tax or money-laundering, or the legislation and regulations which apply to insurance companies. In such cases we ensure that access to your information is restricted in such a way that it is only used to allow us to fulfil our legal obligations and our contractual obligations to you.
Right to restrict	From the moment when you request that we correct your personal details or object to its processing and until we have successfully examined the matter or confirm that your personal details are correct (or have changed them in accordance with your instructions) you will be entitled to restricted processing. That means that (with the exception of storage) we shall only be entitled to process your personal details with your consent, if it is necessary with reference to legal claims, in order to protect someone else’s rights or there is a significant public interest in processing it. You are also entitled to request that we restrict the processing of your personal details if the processing is unlawful but you do not want us to delete the personal details.
Right to object	You are entitled to object to direct marketing at any time. If you should otherwise consider that we have no right to process your personal details or if you want an automatic decision to be reviewed, you are also entitled to object to our processing your data. In that event we only have the right to continue processing if we can show compelling reasons which outweigh your own interests, rights and freedoms. However, we are at all times entitled to process your personal details if it is necessary to establish, exert or defend legitimate claims.
Right of data portability	You are entitled to have the information which you have submitted to us, and which we process on the basis of your consent or in order to conclude and/or implement our contract with you, moved to another party in a structured and machine-readable format.
Right to withdraw consent	If we process your personal details based on your consent, you have the right to withdraw your consent at any time. The withdrawal will not have any retrospective effect, and will not therefore have any impact on processing which has already taken place.
Right to complain	If you are not satisfied with the way in which we handle your personal details you can contact our data protection officer and we shall look into your complaint: dataprotection@maideniis.com If you are not satisfied with our answer or consider that we are processing your personal details in an illegitimate or unlawful way you may lodge a complaint with the UK Information Commissioner’s Office https://ico.org.uk/global/contact-us/

Whom do we share your details with?

To work effectively we need to share your details within our Group and with our contractors. We shall take all reasonable legal, technical and organisational steps to ensure that your information is managed securely and with a suitable level of protection.

It should be noted that we shall never sell your information to a third party without your express approval.

We shall share your details with contractors and sub-contractors (including companies within the Maiden Life & General Group) in order to implement our contract with you and for other purposes which will be apparent from this privacy notice. Such contractors include suppliers of insurance administration, claim adjustment, and IT contractors. If the contractor/sub-contractor processes your personal data on behalf of Maiden Life & General, Maiden Life & General will ensure that the contractor/sub-contractor has undertaken to process your details in accordance with Maiden Life & General’s data protection policy and other regulations.

We shall also share your details with the insurance intermediary you have contact with when taking out an insurance policy and with a re-insurance company which re-insures our policies. This applies to any information which we need to allow the insurance intermediary/re-insurance company to manage your insurance policy and our own re-insurance policy and to fulfil their undertakings in accordance with the law, the Regulation and the rules of our regulators.

We shall also release your details to the authorities, including the Police, the Tax Service, and other authorities if we are obliged to do by law or with your approval. One example of when the law obliges us to release information is in the case of measures designed to combat money laundering and funding for terrorism. The information which is shared is subject to the authority’s data protection policy.

Lastly, Maiden Life & General will share your details with third parties in connection with the purchase or sale of business or assets. Your details may then be shared with prospective vendors or purchasers. In the event that Maiden Life & General or a significant part of Maiden Life & General’s business or assets should be acquired by a third party your details may then be shared with it.

Privacy Notice for Maiden Life & General

What information will we collect from you?

Why do we use your details and what do we use them for?

Your rights

Whom do we share your details with?

Where do we process your details?

How long shall we keep your information?

Cookies and similar technology

Contacting us