We use cookies to provide you with a responsive service to make your experience of our website(s) better. Please confirm that you agree to our use of cookies in accordance with our cookies policy.

By continuing to use our website we will assume that you are happy to receive non-privacy intrusive cookies. Please be aware that if you disable cookies some functionality on the site will not work.

Alternatively, read our cookies policy to find out more about our cookie use and how to disable cookies.

    • Protect the environment. Think before you print.

The EU General Data Protection Regulation at Zurich

At Zurich we take our data protection obligations extremely seriously and the security of our customer data is very important to us. We rely on personal data to accurately and effectively assess risk and provide customers with cover that meets their needs. We are currently working through the detail of the new EU General Data Protection Regulation to ensure we continue to deliver good outcomes for our customers when it takes effect from 25 May 2018.

If you want to contact us in relation to your data protection rights, we have a dedicated point of contact for each of our business areas which you can access here. Please be ready to quote your name and address as they appear on your insurance documents and your appropriate reference code (e.g. your policy number, quote number or plan number) as this will assist us in dealing with your request. If you are unsure about your product type, you can contact us here, or call 0800 096 6233

What is GDPR?

The General Data Protection Regulation, more commonly known as GDPR, is the new EU-wide law which applies directly to the UK. Here are some of the key changes in the new regulation:

  • It will apply to all EU member states from 25 May 2018, including the UK as GDPR will apply prior to BREXIT.
  • It applies globally to all organisations processing the personal data of EU subjects and to all EU Member state organisations where they are acting as controllers of that personal data regardless of the location of the data subject.
  • Significant new rights for data subjects including the right to seek compensation and rights to erasure and accurate representation. Here is the full list of individual rights.
  • Significant fines for companies in the event of an infringement of the Regulations of up to 20million euros or, in the case of an undertaking, 4% of annual global turnover.
  • Consent requirements have also been toughened. Organisations will be required to evidence that they have a legitimate basis for processing Personal data or that customers have given their consent. This is to ensure customers have more control over the use of their personal data.
  • To find out more about the regulation and to assess your own readiness we recommend you visit the Information Commissioner’s Office (ICO) website to find out more.

    Our GDPR programme is well established and will ensure our alignment on regulatory interpretation to enable delivery of GDPR compliance specifically taking care of the individuals rights and freedoms, transparency of our data processing and where applicable carrying out Privacy Impact Assessments.

    For more information, read our FAQ's