1. This Privacy Policy

The UK branch of HDI Global SE is committed to ensuring that your personal data and privacy is properly protected.

“Personal Data” is information that identifies and relates to you or other individuals, for example beneficiaries under your insurance policy.

This Privacy Policy describes how we, in the UK Branch use Personal Data that we collect both through this website and through other means for example your application and claim forms, telephone calls, e-mails and other communications with us, as well as from claim investigators, medical professionals, witnesses or other third parties involved in our business dealings with you.

This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties operating any site or service to which this website links.

2. What Personal Data do we collect?

The Personal Data that we collect will depend on your relationship with us.  We will collect different information depending on whether you are a policyholder, beneficiary under a policy, claimant, witness, broker or other third party.  We will only collect such personal data as we need in order to provide our services or otherwise with your consent.

Please note, in certain circumstances we may request and/or receive “Sensitive Personal Data” about you. For example we may need access to health records for the purposes of processing claims or details of any criminal convictions for the purposes of preventing, detecting and investigating fraud.

If you provide Personal Data to us about other individuals you agree: (a) to inform the individual about the content of this Privacy Policy; and (b) to obtain any legally-required consent for the processing of that individual’s personal data in accordance with this Privacy Policy.

3. Sources of Personal Data

We may receive Personal Data directly from you as well as from brokers, previous insurers, claim investigators, medical professionals, witnesses, claimants, other beneficiaries under an insurance policy or other third parties involved in our business dealings with you.

We may also obtain additional data from fraud and theft detection and credit reference databases.

4. How do we use the Personal Data we collect?

Our uses of your Personal Data will depend on your particular relationship with us.   We may use your Personal Data to:

  • Assess your eligibility for and providing our services to you
  • Communicate with you and others as part of our services
  • Resolve complaints
  • Provide improved quality, training and security (for example, with respect to recorded or monitored phone calls to our contact numbers)
  • Manage our business operations including accounting, auditing, reporting and business continuity
  • Prevent, detect and investigate crime, including fraud and money laundering
  • Comply with applicable laws and regulatory obligations (including laws outside your country of residence), such as those relating to anti-money laundering and anti-terrorism
  • Establish and defend legal rights
  • Provide marketing information to you (including information about other products and services offered by selected third-party partners) in accordance with preferences you have expressed
  • Deal with any other services you request or enquiry you may make with us

5. Who we will share your information with

Our Group Companies

We may share your personal data with certain of our group companies, but only for the purposes set out in this Privacy Policy and access is restricted to those individuals who have a need to access the information for our business purposes.

In the event that we undergo re-organisation or are sold to a third party any Personal Data we hold about you may be transferred to that re-organised entity or third party.

Insurance Partners

In the course of providing quotes, providing insurance and processing claims, we may make Personal Data available to brokers, other insurers; reinsurers; companies who  act as distributors; affinity marketing partners; and financial institutions, securities firms and other business partners.

To check information provided, and to detect and prevent fraudulent claims, Personal Data may be put on registers of claims and shared with other insurers. We may search these registers when dealing with claims to detect, prevent and investigate fraud.

Personal Data may also be placed on claims portals.  The Ministry of Justice has mandated that personal injury claims falling within the scope of the pre-action protocols must be processed using the Claims Portal further information about which is available at http://www.claimsportal.org.uk/en/about/why-the-claims-portal/#sthash.oQwGWHNw.dpuf

Our Service Providers

Often we will need to share your data with professional advisors such as lawyers, claim investigators and adjusters, medical professionals, accountants, auditors and other experts.

We also engage third party service providers to provide our IT systems; printing, advertising, marketing and market research; document and records management providers; and similar outsourced service providers that assist us in carrying out business activities.

In each case, we require these service providers only use the Personal Data as is necessary to carry out these services.

Public Authorities and Third Parties Involved in the Legal Process

If we believe it to be necessary or appropriate:

  • to comply with applicable law, including laws outside your country of residence
  • to comply with legal process
  • to respond to requests from public authorities

To protect our rights and/or that of our group companies, you or others we may share Personal Data with the applicable:

  • governmental or other public authorities including, but not limited to courts, the police, tax authorities and criminal investigations agencies
  • parties to civil claims and their lawyers and other advisors and representatives

6. Terms specific to Motor Fleet Policies

Motor Fleet Policies operating with Telematic Devices

Some of our motor fleet policies operate with the use of telematics devices fitted into the vehicles monitoring driver behaviour.  We only process anonymised data collected from these devices unless and until we are provided with personal data in the context of handling a claim.  Up until that point, the insured under these motor fleet policies is responsible for the privacy, information or other practices relating to the data collected by them through these telematics devices.  Once we have data from which an individual can be identified by us, we will process that personal data in accordance with this Privacy Policy.

All Motor Fleet Policies

Details of all of our fleet motor insurance policies including vehicle registration numbers  will be added to the Motor Insurance Database run by the Motor Insurers Information Centre ("MID").  MID data may then be used by:

  • the DVLA and DVLA Northern Ireland for the purpose of Electronic Vehicle Licensing; and
  • the police for the purpose of establishing whether a driver's use of the vehicle is likely to be covered by a motor insurance policy and/or preventing or detecting crime;
  • other insurers if you are involved in an accident to ascertain relevant policy information; and
  • persons with a valid claim in respect of a road traffic accident.

Further information is available at www.miic.org.uk.

7. International Transfers

We may transfer Personal Data to parties located in other countries (including countries outside the EEA that have a different data protection regime than we have in Europe).  We always ensure that appropriate safeguards are in place before permitting this transfer.

8. Security

We will take appropriate technical, physical, legal and organizational measures to protect your Personal Data.  When we provide personal information to a service provider, the service provider will be selected carefully and required to use appropriate measures to protect the security of your personal information.
However, no data transmission can be guaranteed to be 100% secure. If you have reason you feel that the security of any Personal Information you might have with us has been compromised), please immediately notify us (See the “Who to Contact About Your Personal Data” section below.).

9. Retention

We will retain Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

10. Who to Contact about your Personal Data

If you have any questions about our use of your Personal Data you can e-mail: DataProtection3@uk.hdi.global
or write to the Data Protection Officer, HDI Gerling 10 Fenchurch St, London EC3M 3BE.

Under the Data Protection Act 1998 you are entitled to receive a copy of the Personal Data we hold about you.

To receive a copy, please contact our Data Protection Officer, providing your name, address and your policy number if applicable. Please enclose a cheque for £10 payable to HDI Global SE.

To assist the process, please try to specify exactly what personal data it is you require. Examples of this could be copies of calls, letters and emails, loss adjustor reports.

Please be aware that once we have the information we need to process your request, under the Act we have 40 calendar days in which to respond.

11. Changes to this Privacy Policy

This Privacy Policy was last updated in October 2015. Please check back regularly to keep informed of updates to this privacy policy.