Fair Processing Notice | Zurich Insurance UK

Who controls my personal information?

This notice tells you how Zurich Insurance Company Ltd, as data controller, will deal with your personal information. Where Zurich introduces you to a company outside the group, that company will tell you how your personal information will be used.

If you have a policy relating to a property in Spain, Portugal, France, Italy or Ireland, you should also refer to the joint data controller statement issued by Zurich Insurance Europe AG UK (ZIE UK) and Zurich Insurance Europe AG Ireland (ZIE Ireland) at www.zurich.co.uk/privacy.

You can ask for further information about our use of your personal information or complain about its use in the first instance, by contacting our Data Protection Officer at Zurich Insurance, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

If you have any concerns regarding our processing of your personal information, or are not satisfied with our handling of any request by you in relation to your rights, you also have the right to make a complaint to the Information Commissioner's Office. Their address is: First Contact Team, Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF.

What personal information will you collect about me?

We will collect and process the personal information that you give us by phone, email, filling in forms, including on our website, and when you report a problem with our website. We also collect personal information from your appointed agent such as your trustee, broker, intermediary or financial adviser in order to provide you with the services you have requested and from other sources, such as credit reference agencies and other insurance companies, for verification purposes. We will also collect information you have volunteered to be in the public domain and other industry-wide sources.

The type of personal information we will collect includes general personal information (i.e. name, date of birth), contact details (i.e. address, telephone number, mobile telephone number, email address) occupation and financial details, health and family information, claims and convictions information and where you have requested other individuals be included in the arrangement, personal information about those individuals.

If you give us personal information relating to other individuals which is used to provide you with a quotation and/or contract of insurance and/or provision of financial services, you agree you have their permission to do so. Except where you are managing the contract on another's behalf, please ensure that the individual knows how their personal information will be used by Zurich. More information about this can be found in the ‘How do you use my personal information’ section.

How do you use my personal information?

We and our selected third parties will only collect and use your personal information (i) where the processing is necessary in connection with providing you with a quotation and/or contract of insurance and/or provision of financial services that you have requested; (ii) to meet our legal or regulatory obligations, or for the establishment, exercise or defence of legal claims; (iii) where you have provided the appropriate consent; (iv) for our "legitimate interests". It is in our legitimate interests to collect your personal information as it provides us with the information that we need to provide our services to you more effectively including providing you with information about our products and services. We will always ensure that we keep the amount of information collected and the extent of any processing to the absolute minimum to meet this legitimate interest.

Examples of the purposes for which we will collect and use your personal information to provide your insurance policy include:

to provide you with a quotation and/or contract of insurance
to identify you when you contact us
to deal with administration and assess claims
to make and receive payments.

Where we rely on the lawful basis of legitimate interests, the interests being relied upon will include:

to improve and develop our business, products and services, or those of a third party, e.g. to ensure the accuracy of customer data and to develop our pricing and risk methods and models
to help us better understand you and to obtain feedback on the service we provide to you including the use of analytics
to prevent, detect and investigate fraud
manage risk through data analysis, testing, research and statistical review
communicating with you about matters relating to the day to day servicing and administration of the products you have with us
carry out market research and product development, which can include creating customer demographics and/or profiling.

We and our selected third parties will only collect and use your sensitive personal information (for example, health or criminal conviction information) (i) where we have an insurance purpose to do so and there is a substantial public interest such as assessing your insurance application, arranging or administering a policy/plan and preventing and detecting fraud; (ii) where you have made your sensitive personal information public; (iii) where we need to use your sensitive personal information for the establishment, exercise or defence of legal claims.

We will contact you to obtain consent prior to processing your personal information for any other purpose, including for the purposes of targeted marketing.

Automated Decision Making

We use automated decision making to decide if we can provide insurance to you and the price, product and terms we can offer. We do this by taking the personal information you provide us (including age, address, occupation and other relevant factors) to calculate the cost of the insurance you have requested a quote or renewal for. You have the right to ask for a person to review an automated decision. Please see section entitled ‘What are my data protection rights’ for more information.

Who do you share my personal information with?

Where necessary, we share personal information for the purposes of providing you with the goods and services you requested with the types of organisations described below:

associated companies including reinsurers, suppliers and service providers
brokers, introducers and professional advisers
Zurich’s group companies
survey and research organisations
credit reference agencies
healthcare professionals, social and welfare organisations
other insurance companies
comparison websites and similar companies that offer ways to research and apply for financial services products
fraud prevention and detection agencies
companies who help us maintain, operate and promote our websites.

Also, in order to meet our legal or regulatory requirements, with the types of organisations described below:

regulatory and legal bodies
central government or local councils
law enforcement bodies, including investigators
credit reference agencies
other insurance companies.

We may also share the following information with the types of organisations outlined above, for the purpose of statistical analysis, research, improving services and to measure the effectiveness of marketing and advertising campaigns:

personal information - limited personal information, such as your name and postcode, but not containing any financial or sensitive details, including health data
anonymised data - data encrypted to make it anonymous, which protects an individual’s privacy by removing personally identifiable information
pseudonymised data - personally identifiable information replaced with a pseudonym to make the data less identifiable, such as replacing a name with a unique number
aggregated data - similar groups of data, such as age, profession or income which are expressed as a summary for statistical analysis.

How do you use my personal information for websites and email communications?

When you visit one of our websites we may collect information from you such as your email address or IP address. This helps us to track unique visits and monitor patterns of customer website traffic, such as who visits and why they visit.

We use cookies and/or pixel tags on some pages of our website. A cookie is a small text file sent to your computer. A pixel tag is an invisible tag placed on certain pages of our website but not on your computer. Pixel tags usually work together with cookies to assist us to provide you with a more tailored service. This allows us to monitor and improve our email communications and website. Useful information about cookies, including how to remove them, can be found on our websites.

How do you transfer my personal information to other countries?

Where we transfer your personal information to countries that are outside of the UK or European Economic Area (EEA), we will ensure that it is protected and that the transfer is lawful. We will do this by ensuring that where necessary the personal information is given adequate safeguards by using 'standard contractual clauses' which have been adopted or approved by the UK and the EU, or other solutions that are in-line with the requirements of UK and where applicable European data protection laws.

A copy of our security measures for personal information transfers can be obtained from our Data Protection Officer at Zurich Insurance, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

How long do you keep my personal information for?

We will keep and process your personal information for as long as necessary to meet the purpose it was originally collected. This includes if you request a quote from us but do not take up the policy.

There are a number of factors influencing how long we will keep this information including:

complying with applicable laws and regulations or with requirements set out in codes issued by regulatory authorities or professional bodies
performing our business processes, associated with the type of product or service you have requested
what types of information that we hold about you
whether your information relates to any ongoing, pending, threatened, imminent or likely dispute, litigation or investigation
to enable us to respond to any questions, complaints, claims or potential claims
if you or a regulatory authority require us to keep your information for a legitimate purpose
to prevent and detect fraud.

What are my data protection rights?

We will, for the purposes of providing you with a contract of insurance, processing claims, reinsurance and targeted marketing, process your personal information by means of automated decision making and profiling where we have a legitimate interest and/or you have consented to this.

You have a number of rights under the data protection laws, namely:

to access your personal information (by way of a subject access request)
to have your personal information rectified if it is inaccurate or incomplete
in certain circumstances, to have your personal information deleted or removed
in certain circumstances, to restrict the processing of your personal information
a right of data portability, namely to obtain and reuse your personal information for your own purposes across different services
to object to direct marketing
not to be subject to automated decision making (including profiling), where it produces a legal effect or a similarly significant effect on you
to claim compensation for damages caused by a breach of the data protection legislation
if we are processing your personal information with your consent, you have the right to withdraw your consent at any time.

You can exercise your rights by contacting our Data Protection Officer at Zurich Insurance, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

What happens if I fail to provide my personal information to you?

If you do not provide us with your personal information, we will not be able to provide you with a contract or assess future claims for the service you have requested.

Who controls my personal information?

This notice tells you how Zurich Assurance Ltd (“Zurich”), as data controller, will deal with your personal information, as data controller, will deal with your personal information. Where Zurich introduces you to a company outside the group, that company will tell you how your personal information will be used.

You can ask for further information about our use of your personal information or complain about its use in the first instance, by contacting our Data Protection Officer at Zurich Insurance, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

If you have any concerns regarding our processing of your personal information, or are not satisfied with our handling of any request by you in relation to your rights, you also have the right to make a complaint to the Information Commissioner's Office. Their address is: First Contact Team, Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF.

What personal information will you collect about me?

We will collect and process the personal information that you give us by phone, email, filling in forms, including on our website, and when you report a problem with our website. We also collect personal information from your appointed agent such as your trustee, broker, intermediary or financial adviser in order to provide you with the services you have requested and from other sources, such as credit reference agencies and other insurance companies, for verification purposes. We will also collect information you have volunteered to be in the public domain and other industry-wide sources.

The type of personal information we will collect includes general personal information (i.e. name, date of birth), contact details (i.e. address, telephone number, mobile telephone number, email address) occupation and financial details, health and family information, claims and convictions information and where you have requested other individuals be included in the arrangement, personal information about those individuals.

If you give us personal information relating to other individuals which is used to provide you with a quotation and/or contract of insurance and/or provision of financial services, you agree you have their permission to do so. Except where you are managing the contract on another's behalf, please ensure that the individual knows how their personal information will be used by Zurich. More information about this can be found in the ‘How do you use my personal information’ section.

How do you use my personal information?

We and our selected third parties will only collect and use your personal information (i) where the processing is necessary in connection with providing you with a quotation and/or contract of insurance and/or provision of financial services that you have requested; (ii) to meet our legal or regulatory obligations, or for the establishment, exercise or defence of legal claims; (iii) where you have provided the appropriate consent; (iv) for our "legitimate interests". It is in our legitimate interests to collect your personal information as it provides us with the information that we need to provide our services to you more effectively including providing you with information about our products and services. We will always ensure that we keep the amount of information collected and the extent of any processing to the absolute minimum to meet this legitimate interest.

Examples of the purposes for which we will collect and use your personal information to provide your insurance policy include:

to provide you with a quotation and/or contract of insurance
to identify you when you contact us
to deal with administration and assess claims
to make and receive payments.

Where we rely on the lawful basis of legitimate interests, the interests being relied upon will include:

to improve and develop our business, products and services, or those of a third party, e.g. to ensure the accuracy of customer data and to develop our pricing and risk methods and models
to help us better understand you and to obtain feedback on the service we provide to you including the use of analytics
to prevent, detect and investigate fraud
manage risk through data analysis, testing, research and statistical review
communicating with you about matters relating to the day to day servicing and administration of the products you have with us
carry out market research and product development, which can include creating customer demographics and/or profiling.

We and our selected third parties will only collect and use your sensitive personal information (for example, health or criminal conviction information) (i) where we have an insurance purpose to do so and there is a substantial public interest such as assessing your insurance application, arranging or administering a policy/plan and preventing and detecting fraud; (ii) where you have made your sensitive personal information public; (iii) where we need to use your sensitive personal information for the establishment, exercise or defence of legal claims.

We will contact you to obtain consent prior to processing your personal information for any other purpose, including for the purposes of targeted marketing.

Automated Decision Making

We use automated decision making to decide if we can provide insurance to you and the price, product and terms we can offer. We do this by taking the personal information you provide us, the answers to our Lifestyle Questions (e.g. whether you smoke or any existing medical conditions) as well as health outcomes in the area you live to calculate the cost of the cover that you have requested in your application. You have the right to ask for a person to review an automated decision. If you wish to exercise this right please contact us at underwriting.team@uk.zurich.com.

Who do you share my personal information with?

Where necessary, we share personal information for the purposes of providing you with the goods and services you requested with the types of organisations described below:

associated companies including reinsurers, suppliers and service providers
brokers, introducers and professional advisers
Zurich’s group companies;
survey and research organisations
credit reference agencies
healthcare professionals, social and welfare organisations
other insurance companies
comparison websites and similar companies that offer ways to research and apply for financial services products
fraud prevention and detection agencies
companies who help us maintain, operate and promote our websites.

Also, in order to meet our legal or regulatory requirements, with the types of organisations described below:

regulatory and legal bodies
central government or local councils
law enforcement bodies, including investigators
credit reference agencies
other insurance companies.

We may also share the following information with the types of organisations outlined above, for the purpose of statistical analysis, research, improving services and to measure the effectiveness of marketing and advertising campaigns:

personal information - limited personal information, such as your name and postcode, but not containing any financial or sensitive details, including health data
anonymised data - data encrypted to make it anonymous, which protects an individual’s privacy by removing personally identifiable information
pseudonymised data - personally identifiable information replaced with a pseudonym to make the data less identifiable, such as replacing a name with a unique number
aggregated data - similar groups of data, such as age, profession or income which are expressed as a summary for statistical analysis.

How do you use my personal information for websites and email communications?

When you visit one of our websites we may collect information from you such as your email address or IP address. This helps us to track unique visits and monitor patterns of customer website traffic, such as who visits and why they visit.

We use cookies and/or pixel tags on some pages of our website. A cookie is a small text file sent to your computer. A pixel tag is an invisible tag placed on certain pages of our website but not on your computer. Pixel tags usually work together with cookies to assist us to provide you with a more tailored service. This allows us to monitor and improve our email communications and website. Useful information about cookies, including how to remove them, can be found on our websites.

How do you transfer my personal information to other countries?

Where we transfer your personal information to countries that are outside of the UK or European Economic Area (EEA), we will ensure that it is protected and that the transfer is lawful. We will do this by ensuring that where necessary the personal information is given adequate safeguards by using 'standard contractual clauses' which have been adopted or approved by the UK and the EU, or other solutions that are in-line with the requirements of UK and where applicable European data protection laws.

A copy of our security measures for personal information transfers can be obtained from our Data Protection Officer at Zurich Insurance, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

How long do you keep my personal information for?

We will keep and process your personal information for as long as necessary to meet the purpose it was originally collected. This includes if you request a quote from us but do not take up the policy.

There are a number of factors influencing how long we will keep this information including:

complying with applicable laws and regulations or with requirements set out in codes issued by regulatory authorities or professional bodies
performing our business processes, associated with the type of product or service you have requested
what types of information that we hold about you
whether your information relates to any ongoing, pending, threatened, imminent or likely dispute, litigation or investigation
to enable us to respond to any questions, complaints, claims or potential claims
if you or a regulatory authority require us to keep your information for a legitimate purpose
to prevent and detect fraud.

What are my data protection rights?

We will, for the purposes of providing you with a contract of insurance, processing claims, reinsurance and targeted marketing, process your personal information by means of automated decision making and profiling where we have a legitimate interest and/or you have consented to this.

You have a number of rights under the data protection laws, namely:

to access your personal information (by way of a subject access request)
to have your personal information rectified if it is inaccurate or incomplete
in certain circumstances, to have your personal information deleted or removed
in certain circumstances, to restrict the processing of your personal information
a right of data portability, namely to obtain and reuse your personal information for your own purposes across different services
to object to direct marketing
not to be subject to automated decision making (including profiling), where it produces a legal effect or a similarly significant effect on you
to claim compensation for damages caused by a breach of the data protection legislation
if we are processing your personal information with your consent, you have the right to withdraw your consent at any time.

You can exercise your rights by contacting our Data Protection Officer at Zurich Insurance, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

What happens if I fail to provide my personal information to you?

If you do not provide us with your personal information, we will not be able to provide you with a contract or assess future claims for the service you have requested.

Who controls my personal information?

This notice tells you how Sterling will deal with your personal information. Sterling is a trading name of Zurich Assurance Ltd. Zurich Assurance Ltd is part of the Zurich Group. Where Sterling introduce you to a company outside the Zurich Group, that company will tell you how your data will be used. Sterling will remain a data controller for administration and marketing purposes.

You can ask for further information about our use of your personal information or complain about its use in the first instance, by contacting our Data Protection Officer at:

Zurich Insurance Group
Unity Place
1 Carfax Close
Swindon
SN1 1AP

or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

If you have any concerns regarding our processing of your personal information, or are not satisfied with our handling of any request by you in relation to your rights, you also have the right to make a complaint to the Information Commissioner's Office. Their address is: First Contact Team, Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF.

What personal information will you collect about me?

We will collect and process the personal information that you give us by phone, e-mail, filling in forms, including on our website, and when you report a problem with our website. We also collect personal information from your appointed agent such as your trustee, broker, intermediary or financial adviser in order to provide you with the services you have requested and from other sources, such as credit reference agencies and other insurance companies, for verification purposes. We will also collect information you have volunteered to be in the public domain and other industry-wide sources.

We will only collect personal information that we require to fulfil our contractual or legal requirements unless you consent to provide additional information. The type of personal information we will collect includes; basic personal information (i.e. name, address and date of birth), occupation and financial details, health and family information, claims and convictions information and where you have requested other individuals be included in the arrangement, personal information about those individuals.

If you give us personal information on other individuals, this will be used to provide you with a quotation and/or contract of insurance and/or provision of financial services. You agree you have their permission to do so. Except where you are managing the contract on another's behalf, please ensure that the individual knows how their personal information will be used by Zurich. More information about this can be found in the ‘How do you use my personal information’ section.

How do you use my personal information?

We and our selected third parties will only collect and use your personal information (i) where the processing is necessary in connection with providing you with a quotation and/or contract of insurance and/or provision of financial services that you have requested; (ii) to meet our legal or regulatory obligations; or (iii) for our "legitimate interests". It is in our legitimate interests to collect your personal information as it provides us with the information that we need to provide our services to you more effectively including providing you with information about our products and services. We will always ensure that we keep the amount of information collected and the extent of any processing to the absolute minimum to meet this legitimate interest. Examples of the purposes for which we will collect and use your personal information are:

to provide you with a quotation and/or contract of insurance;
to identify you when you contact us;
to deal with administration and assess claims;
to make and receive payments;
to obtain feedback on the service we provide to you;
to administer our site and for internal operations including troubleshooting, data analysis, testing, research, statistical and survey purposes;
for fraud prevention and detection purposes.

We will contact you to obtain consent prior to processing your personal information for any other purpose, including for the purposes of targeted marketing unless we already have consent to do so.

Who do you share my personal information with?

Where necessary, we will share the personal information you gave us for the purposes of providing you with the goods and services you requested with the types of organisations described below:

associated companies including reinsurers, suppliers and service providers;
introducers and professional advisers;
Zurich’s group companies;
regulatory and legal bodies;
survey and research organisations;
credit reference agencies;
healthcare professionals, social and welfare organisations;
companies who help us maintain, operate and promote our websites; and
other insurance companies.

Or, in order to meet our legal or regulatory requirements, with the types of organisations described below:

regulatory and legal bodies;
central government or local councils;
law enforcement bodies, including investigators;
credit reference agencies; and
other insurance companies.

How do you use my personal information for websites and email communications?

When you visit one of our websites we may collect information from you such as your email address or IP address. This helps us to track unique visits and monitor patterns of customer website traffic, such as who visits and why they visit.

We use cookies and/or pixel tags on some pages of our website. A cookie is a small text file sent to your computer. A pixel tag is an invisible tag placed on certain pages of our website but not on your computer. Pixel tags usually work together with cookies to assist us to provide you with a more tailored service. This allows us to monitor and improve our email communications and website. Useful information about cookies, including how to remove them, can be found on our websites.

How do you transfer my personal information to other countries?

Where we transfer your personal information to countries that are outside of the UK or European Economic Area (EEA), we will ensure that it is protected and that the transfer is lawful. We will do this by ensuring that where necessary the personal information is given adequate safeguards by using 'standard contractual clauses' which have been adopted or approved by the UK and the EU, or other solutions that are in-line with the requirements of UK and where applicable European data protection laws.

A copy of our security measures for personal information transfers can be obtained from our Data Protection Officer at:

Zurich Insurance Group
Unity Place
1 Carfax Close
Swindon
SN1 1AP

or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

How long do you retain my personal information for?

We will retain and process your personal information for as long as necessary to meet the purposes for which it was originally collected. These periods of time are subject to legal, tax and regulatory requirements or to enable us to manage our business.

What are my data protection rights?

You have a number of rights under the data protection laws, namely:

to access your data (by way of a subject access request);
to have your data rectified if it is inaccurate or incomplete;
in certain circumstances, to have your data deleted or removed;
in certain circumstances, to restrict the processing of your data;
a right of data portability, namely to obtain and reuse your data for your own purposes across different services;
to object to direct marketing;
not to be subject to automated decision making (including profiling), where it produces a legal effect or a similarly significant effect on you;
to claim compensation for damages caused by a breach of the data protection legislation;
if we are processing your personal information with your consent, you have the right to withdraw your consent at any time.

We will, for the purposes of providing you with a contract of insurance, processing claims, reinsurance and targeted marketing, process your personal information by means of automated decision making and profiling where we have a legitimate interest or you have consented to this.

What happens if I fail to provide my personal information to you?

If you do not provide us with your personal information, we will not be able to provide you with a contract or assess future claims for the service you have requested.

Who controls my personal information?

This notice tells you how Zurich Insurance Company Ltd, as data controller, will deal with your personal information. Where Zurich introduces you to a company outside the group, that company will tell you how your personal information will be used.

You can ask for further information about our use of your personal information or complain about its use in the first instance, by contacting our Data Protection Officer at Zurich Insurance, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

If you have any concerns regarding our processing of your personal information, or are not satisfied with our handling of any request by you in relation to your rights, you also have the right to make a complaint to the Information Commissioner's Office. Their address is: First Contact Team, Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF.

What personal information will you collect about me?

We will collect and process the personal information that you give us by phone, email, filling in forms, including on our website, and when you report a problem with our website. We also collect personal information from your appointed agent such as your trustee, broker, intermediary or financial adviser in order to provide you with the services you have requested and from other sources, such as credit reference agencies and other insurance companies, for verification purposes. We will also collect information you have volunteered to be in the public domain and other industry-wide sources.

The type of personal information we will collect includes general personal information (i.e. name, date of birth), contact details (i.e. address, telephone number, mobile telephone number, email address) occupation and financial details, health and family information, claims and convictions information and where you have requested other individuals be included in the arrangement, personal information about those individuals.

If you give us personal information relating to other individuals which is used to provide you with a quotation and/or contract of insurance and/or provision of financial services, you agree you have their permission to do so. Except where you are managing the contract on another's behalf, please ensure that the individual knows how their personal information will be used by Zurich. More information about this can be found in the ‘How do you use my personal information’ section.

How do you use my personal information?

We and our selected third parties will only collect and use your personal information (i) where the processing is necessary in connection with providing you with a quotation and/or contract of insurance and/or provision of financial services that you have requested; (ii) to meet our legal or regulatory obligations, or for the establishment, exercise or defence of legal claims; (iii) where you have provided the appropriate consent; (iv) for our "legitimate interests". It is in our legitimate interests to collect your personal information as it provides us with the information that we need to provide our services to you more effectively including providing you with information about our products and services. We will always ensure that we keep the amount of information collected and the extent of any processing to the absolute minimum to meet this legitimate interest.

Examples of the purposes for which we will collect and use your personal information to provide your insurance policy include:

to provide you with a quotation and/or contract of insurance
to identify you when you contact us
to deal with administration and assess claims
to make and receive payments.

Where we rely on the lawful basis of legitimate interests, the interests being relied upon will include:

to improve and develop our business, products and services, or those of a third party, e.g. to ensure the accuracy of customer data and to develop our pricing and risk methods and models
to help us better understand you and to obtain feedback on the service we provide to you including the use of analytics
to prevent, detect and investigate fraud
manage risk through data analysis, testing, research and statistical review
communicating with you about matters relating to the day to day servicing and administration of the products you have with us
carry out market research and product development, which can include creating customer demographics and/or profiling.

We and our selected third parties will only collect and use your sensitive personal information (for example, health or criminal conviction information) (i) where we have an insurance purpose to do so and there is a substantial public interest such as assessing your insurance application, arranging or administering a policy/plan and preventing and detecting fraud; (ii) where you have made your sensitive personal information public; (iii) where we need to use your sensitive personal information for the establishment, exercise or defence of legal claims.

We will contact you to obtain consent prior to processing your personal information for any other purpose, including for the purposes of targeted marketing.

Automated Decision Making

We use automated decision making to decide if we can provide insurance to you and the price, product and terms we can offer. We do this by taking the personal information you provide us (including age, address, occupation and other relevant factors) to calculate the cost of the insurance you have requested a quote or renewal for. You have the right to ask for a person to review an automated decision. Please see section entitled ‘What are my data protection rights’ for more information.

Who do you share my personal information with?

Where necessary, we share personal information for the purposes of providing you with the goods and services you requested with the types of organisations described below:

associated companies including reinsurers, suppliers and service providers
brokers, introducers and professional advisers
Zurich’s group companies;
survey and research organisations
credit reference agencies
healthcare professionals, social and welfare organisations
other insurance companies
comparison websites and similar companies that offer ways to research and apply for financial services products
fraud prevention and detection agencies
companies who help us maintain, operate and promote our websites.

Also, in order to meet our legal or regulatory requirements, with the types of organisations described below:

regulatory and legal bodies
central government or local councils
law enforcement bodies, including investigators
credit reference agencies
other insurance companies.

We may also share the following information with the types of organisations outlined above, for the purpose of statistical analysis, research, improving services and to measure the effectiveness of marketing and advertising campaigns:

personal information - limited personal information, such as your name and postcode, but not containing any financial or sensitive details, including health data
anonymised data - data encrypted to make it anonymous, which protects an individual’s privacy by removing personally identifiable information
pseudonymised data - personally identifiable information replaced with a pseudonym to make the data less identifiable, such as replacing a name with a unique number
aggregated data - similar groups of data, such as age, profession or income which are expressed as a summary for statistical analysis.

How do you use my personal information for websites and email communications?

When you visit one of our websites we may collect information from you such as your email address or IP address. This helps us to track unique visits and monitor patterns of customer website traffic, such as who visits and why they visit.

We use cookies and/or pixel tags on some pages of our website. A cookie is a small text file sent to your computer. A pixel tag is an invisible tag placed on certain pages of our website but not on your computer. Pixel tags usually work together with cookies to assist us to provide you with a more tailored service. This allows us to monitor and improve our email communications and website. Useful information about cookies, including how to remove them, can be found on our websites.

How do you transfer my personal information to other countries?

Where we transfer your personal information to countries that are outside of the UK or European Economic Area (EEA), we will ensure that it is protected and that the transfer is lawful. We will do this by ensuring that where necessary the personal information is given adequate safeguards by using 'standard contractual clauses' which have been adopted or approved by the UK and the EU, or other solutions that are in-line with the requirements of UK and where applicable European data protection laws.

A copy of our security measures for personal information transfers can be obtained from our Data Protection Officer at Zurich Insurance, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

How long do you keep my personal information for?

We will keep and process your personal information for as long as necessary to meet the purpose it was originally collected. This includes if you request a quote from us but do not take up the policy.

There are a number of factors influencing how long we will keep this information including:

complying with applicable laws and regulations or with requirements set out in codes issued by regulatory authorities or professional bodies
performing our business processes, associated with the type of product or service you have requested
what types of information that we hold about you
whether your information relates to any ongoing, pending, threatened, imminent or likely dispute, litigation or investigation
to enable us to respond to any questions, complaints, claims or potential claims
if you or a regulatory authority require us to keep your information for a legitimate purpose
to prevent and detect fraud.

What are my data protection rights?

We will, for the purposes of providing you with a contract of insurance, processing claims, reinsurance and targeted marketing, process your personal information by means of automated decision making and profiling where we have a legitimate interest and/or you have consented to this.

You have a number of rights under the data protection laws, namely:

to access your personal information (by way of a subject access request)
to have your personal information rectified if it is inaccurate or incomplete
in certain circumstances, to have your personal information deleted or removed
in certain circumstances, to restrict the processing of your personal information
a right of data portability, namely to obtain and reuse your personal information for your own purposes across different services
to object to direct marketing
not to be subject to automated decision making (including profiling), where it produces a legal effect or a similarly significant effect on you
to claim compensation for damages caused by a breach of the data protection legislation
if we are processing your personal information with your consent, you have the right to withdraw your consent at any time.

You can exercise your rights by contacting our Data Protection Officer at Zurich Insurance, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

What happens if I fail to provide my personal information to you?

If you do not provide us with your personal information, we will not be able to provide you with a contract or assess future claims for the service you have requested.

Who controls your personal information

This notice tells you how Zurich Management Services Ltd ( Zurich), as data controller, will deal with your personal information. Where Zurich introduces you to a company outside the group, that company will tell you how your personal information will be used.

You can ask for further information about our use of your personal information or complain about its use in the first instance, by contacting our Data Protection Officer at: Zurich Insurance Group, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

If you have any concerns regarding our processing of your personal information, or are not satisfied with our handling of any request by you in relation to your rights, you also have the right to make a complaint to the Information Commissioner's Office. Their address is: First Contact Team, Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF.

What personal information we collect about you

We will collect and process the personal information that you give us by phone, e-mail, filling in forms, including on our website, and when you report a problem with our website. We also collect personal information from your appointed agent such as your trustee, broker, intermediary or financial adviser in order to provide you with the services you have requested We will also collect information you have volunteered to be in the public domain and other industry-wide sources.

We will only collect personal information that we require to fulfil our contractual or legal requirements unless you consent to provide additional information. The type of personal information we will collect includes; basic personal information i.e. name, address and date of birth, national insurance number, contact details, occupation and where you have requested other individuals be included in the arrangement, personal information about those individuals.

If you give us personal information on other individuals, this will be used to provide you with a quotation and/or the services you have requested. You agree you have their permission to do so. Except where you are managing the contract on another's behalf, please ensure that the individual knows how their personal information will be used by Zurich. More information about this can be found in the ‘How we use my personal information’ section.

How we use your personal information

We and our selected third parties will only collect and use your personal information (i) where the processing is necessary in connection with providing you with a quotation and/or the services you have requested; (ii) to meet our legal or regulatory obligations; or (iii) for our "legitimate interests". It is in our legitimate interests to collect personal information as it provides us with the information that we need to provide our services to you more effectively including providing you with information about our products and services. We will always ensure that we keep the amount of information collected and the extent of any processing to the absolute minimum to meet this legitimate interest. Examples of the purposes for which we will collect and use your personal information are:

to provide you with a quotation and/or contract of insurance;
to identify you when you contact us;
to deal with administration and provide you with necessary documentation
to make and receive payments;
to obtain feedback on the service we provide to you;
to administer our site and for internal operations including troubleshooting, data analysis, testing, research, statistical and survey purposes;
for fraud prevention and detection purposes.

Who we share your personal information with

Where necessary, we will share the personal information you gave us for the purposes of providing you with the goods and services you requested with the types of organisations described below:

associated companies including, suppliers and service providers;
professional advisers;
regulatory and legal bodies; and
credit management organisations.

Or, in order to meet our legal or regulatory requirements, with the types of organisations described below:

regulatory and legal bodies;
central government or local councils; and
law enforcement bodies, including investigators.

How we use your personal information for websites and email communications

When you visit one of our websites we may collect information from you such as your email address or IP address. This helps us to track unique visits and monitor patterns of customer website traffic, such as who visits and why they visit.

We use cookies and/or pixel tags on some pages of our website. A cookie is a small text file sent to your computer. A pixel tag is an invisible tag placed on certain pages of our website but not on your computer. Pixel tags usually work together with cookies to assist us to provide you with a more tailored service. This allows us to monitor and improve our email communications and website. Useful information about cookies, including how to remove them, can be found on our websites.

How we transfer your personal information to other countries

Where we transfer your personal information to countries that are outside of the UK or European Economic Area (EEA), we will ensure that it is protected and that the transfer is lawful. We will do this by ensuring that where necessary the personal information is given adequate safeguards by using 'standard contractual clauses' which have been adopted or approved by the UK and the EU, or other solutions that are in-line with the requirements of UK and where applicable European data protection laws.

A copy of our security measures for personal information transfers can be obtained from our Data Protection Officer at: Zurich Insurance Group, Unity Place, 1 Carfax Close, Swindon, SN1 1AP, or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

How long we keep your personal information for

We will retain and process your personal information for as long as necessary to meet the purposes for which it was originally collected. These periods of time are subject to legal, tax and regulatory requirements or to enable us to manage our business.

Your data protection rights

You have a number of rights under the data protection laws, namely:

to access your data (by way of a subject access request);
to have your data rectified if it is inaccurate or incomplete;
in certain circumstances, to have your data deleted or removed;
in certain circumstances, to restrict the processing of your data;
a right of data portability, namely to obtain and reuse your data for your own purposes across different services;
to object to direct marketing;
not to be subject to automated decision making (including profiling), where it produces a legal effect or a similarly significant effect on you;
to claim compensation for damages caused by a breach of the data protection legislation;
if we are processing your personal information with your consent, you have the right to withdraw your consent at any time.

We will, for the purposes of providing you with a contract of insurance, processing claims, reinsurance and targeted marketing, process your personal information by means of automated decision making and profiling where we have a legitimate interest or you have consented to this.

What happens if you fail to provide your personal information to us

If you do not provide us with your personal information, we will not be able to provide you with a contract or assess future claims for the service you have requested.

Fraud Prevention and Detection

In order to prevent and detect fraud we may at any time:

a) check your personal data against counter fraud systems;

b) use your information to search against various publicly available and third party resources; use industry fraud tools including undertaking credit searches;

c) share information about you with other organisations including but not limited to the police and other interested parties.

If you provide false or inaccurate information and fraud is identified, the matter will be investigated and appropriate action taken. This may result in your case being referred to the Insurance Fraud Enforcement Department (IFED) or other police forces and fraud prevention agencies. You may face fines or criminal prosecution. In addition, Zurich may register your name on the Insurance Fraud Register, an industry-wide fraud database.

Who controls my personal information?

This notice tells you how Zurich Insurance Company Ltd (“Zurich”), as data controller, will deal with your personal information.

This notice is important and should be read by the person making the claim. Please ensure that this notice is brought to their attention. In this notice the words “you”, “your” and “yours” refer to the person making the claim.

You can ask for further information about our use of your personal information or complain about its use in the first instance, by contacting our Data Protection Officer at Zurich Insurance, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

If you have any concerns regarding our processing of your personal information, or are not satisfied with our handling of any request by you in relation to your rights, you also have the right to make a complaint to the Information Commissioner's Office. Their address is: First Contact Team, Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF.

What personal information will you collect about me?

We will collect and process the personal information that you give us by phone, email, or filling in forms on our website. We also collect personal information from your appointed agent such as your trustee, broker, intermediary or financial adviser and from other sources, for verification purposes, such as credit reference agencies, other insurance companies, information you have volunteered to be in the public domain and other industry-wide sources.

We will only collect personal information that we require to fulfil our contractual or legal requirements unless you consent to provide additional information. The type of personal information we may collect includes basic personal information (i.e. name, address and date of birth), occupation and financial details, confidential health and family information, claims and convictions information and, where you have requested other individuals be included in the arrangement, personal information about those individuals.

How do you use my personal information?

We and our selected third parties will only collect and use your personal information (i) where the processing is necessary in connection with processing your claim, (ii) to meet our legal or regulatory obligations or (iii) for our "legitimate interests". It is in our legitimate interests to collect your personal information as it provides us with the information that we need to provide our services to you more effectively including providing you with information about our products and services. We will always ensure that we keep the amount of information collected and the extent of any processing to the absolute minimum to meet this legitimate interest. Examples of the purposes for which we will collect and use your personal information are:

to identify you when you contact us
to deal with administration and assess claims
to make and receive payments
to obtain feedback on the service we provide to you
for fraud prevention and detection purposes.

We and our selected third parties will only collect and use your sensitive personal information (for example, health or criminal conviction information) (i) where we have an insurance purpose to use your sensitive personal information and there is a substantial public interest such as assessing your insurance application, arranging or administering a policy/plan and preventing and detecting fraud; ii) you have made your sensitive personal information public; iii) we need to use your sensitive personal information to establish, exercise or defend legal rights.

We will contact you to obtain consent prior to processing your personal information for any other purpose, including for the purposes of targeted marketing unless we already have consent to do so.

Automated Decision Making

We may use automated decision making to help assess and validate your claim in order to offer settlement where appropriate. You have the right to ask for a person to review an automated decision.

Who do you share my personal information with?

Where necessary, we will share the personal information you gave us for the purpose of processing your claim with the types of organisations listed below:

associated companies including reinsurers, suppliers and service providers
introducers and professional advisers
Zurich’s group companies;
regulatory and legal bodies
survey and research organisations
credit reference agencies
healthcare professionals, social and welfare organisations
other insurance companies
the person, entity or organisation against which you have made a claim and to their authorised business partners, including brokers; and
companies who help us maintain, operate and promote our websites.

Or, in order to meet our legal or regulatory requirements, with the types of organisations described below:

regulatory and legal bodies
central government or local councils
law enforcement bodies, including investigators
credit reference agencies; and
other insurance companies.

We may also share policy and claims outcome data with the types of organisations outlined above, for the purpose of statistical analysis, the prevention and detection of fraud and to improve the services we provide:

personal information - personal information such as name and postcode, and where we have a legitimate business interest to do so, health/medical information
anonymised data - data encrypted to make it anonymous, which protects an individual’s privacy by removing personally identifiable information
pseudonymised data - personally identifiable information replaced with a pseudonym to make the data less identifiable, such as replacing a name with a unique number
aggregated data - similar groups of data, such as age, profession or income which are expressed as a summary for statistical analysis.

How do you transfer my personal information to other countries?

Where we transfer your personal information to countries that are outside of the UK or European Economic Area (EEA), we will ensure that it is protected and that the transfer is lawful. We will do this by ensuring that where necessary the personal information is given adequate safeguards by using 'standard contractual clauses' which have been adopted or approved by the UK and the EU, or other solutions that are in-line with the requirements of UK and where applicable European data protection laws.

A copy of our security measures for personal information transfers can be obtained from our Data Protection Officer at Zurich Insurance, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

How long do you keep my personal information for?

We will keep and process your personal information for as long as necessary to meet the purpose it was originally collected. There are a number of factors influencing how long we will keep this information including:

complying with applicable laws and regulations or with requirements set out in codes issued by regulatory authorities or professional bodies
performing our business processes, associated with the type of product or service you have requested
what types of data that we hold about you
whether your data relates to any ongoing, pending, threatened, imminent or likely dispute, litigation or investigation
to enable us to respond to any questions, complaints, claims or potential claims
if you or a regulatory authority require us to keep your data for a legitimate purpose
to prevent and detect fraud.

What are my data protection rights?

We will, for the purposes of providing you with a contract of insurance, processing claims, reinsurance and targeted marketing, process your personal information by means of automated decision making and profiling where we have a legitimate interest, or you have consented to this.

You have a number of rights under the data protection laws, namely:

to access your personal information (by way of a subject access request)
to have your personal information rectified if it is inaccurate or incomplete
in certain circumstances, to have your personal information deleted or removed
in certain circumstances, to restrict the processing of your personal information
a right of data portability, namely to obtain and reuse your data for your own purposes across different services
to object to direct marketing
not to be subject to automated decision making (including profiling), where it produces a legal effect or a similarly significant effect on you
to claim compensation for damages caused by a breach of the data protection legislation
if we are processing your personal information with your consent, you have the right to withdraw your consent at any time.

You can exercise your rights by contacting our Data Protection Officer at Zurich Insurance, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

What happens if I fail to provide my personal information to you?

If you do not provide us with your personal information, we will not be able to provide you with a contract or assess future claims for the service you have requested.

Fraud prevention and detection

In order to prevent and detect fraud we may at any time:

check your personal data against counter fraud systems
use your information to search against various publicly available and third-party resources, use industry fraud tools, including undertaking credit searches, investigating and analysing information you provide in support of your claim and to review your claims history
utilise voice and document analysis tools
share information about you with other organisations including but not limited to the police, the Insurance Fraud Bureau (IFB), other insurers and other interested parties.

If you provide false or inaccurate information and fraud is identified, the matter will be investigated, and appropriate action taken. This may result in your case being referred to the Insurance Fraud Enforcement Department (IFED) or other police forces and fraud prevention agencies. You may face fines or criminal prosecution. In addition, Zurich may register your name on the Insurance Fraud Register, an industry-wide fraud database.

Claims history

Insurers pass information to the Claims and Underwriting Exchange Register (CUE) and the Motor Insurance Anti-Fraud and Theft Register (MIAFTR), where the data is controlled by the Motor Insurers’ Bureau (MIB) and other relevant databases.

We and other insurers will search these databases when you apply for insurance, in the event of any incident or claim or at time of renewal to validate your claims history or that of any other person or property likely to be involved in the policy or claim.

This helps to check information provided and prevent fraudulent claims.

Zurich Consultancy Services (Trading as Zurich Management Services Ltd) ("Zurich, we, us, our") collects personal information about you either directly from you or from the organisation that requires you to undertake competency assessment(s).

We collect your name, date and place of birth and a unique identifier, such as a staff identification or employee number so that we can identify you and carry out the required competency or certification assessment(s). We carry out the assessments as required and then provide you or the organisation that procured the competency assessments with the appropriate certification. We retain this information and the outcome of your competency assessments for a minimum of 10 years to ensure we meet our legal obligations as an accredited inspection and testing organisation. During this time, we may be required to share this information with regulators or the United Kingdom Accreditation Service (UKAS).

Your information is held in the UK.

You have a number of rights under the data protection laws, namely:

to access your data (by way of a subject access request);
to have your data rectified if it is inaccurate or incomplete;
in certain circumstances, to have your data deleted or removed;
in certain circumstances, to restrict the processing of your data;
a right of data portability, namely to obtain and reuse your data for your own purposes across different services;
to object to direct marketing;
not to be subject to automated decision making (including profiling), where it produces a legal effect or a similarly significant effect on you;
to claim compensation for damages caused by a breach of the data protection legislation.
if we are processing your personal information with your consent, you have the right to withdraw your consent at any time.

You can ask for further information about our use of your personal information or complain about its use in the first instance, by contacting our Data Protection Officer at: Zurich Insurance Group, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

If you have any concerns regarding our processing of your personal information, or are not satisfied with our handling of any request by you in relation to your rights, you also have the right to make a complaint to the Information Commissioner's Office. Their address is: First Contact Team, Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF.

Who controls my personal information?

This notice tells you how Zurich Assurance Ltd, as data controller, will deal with your personal information.

You can ask for further information about our use of your personal information or complain about its use in the first instance, by contacting our Data Protection Officer at: Zurich Insurance Group, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

If you have any concerns regarding our processing of your personal information, or are not satisfied with our handling of any request by you in relation to your rights, you also have the right to make a complaint to the Information Commissioner's Office. Their address is: First Contact Team, Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, SK9 5AF.

What personal information will you process about me?

We will process personal information about you, as a member of a pension scheme, that the trustee of the scheme or the scheme’s annuity provider (as applicable) provides to us to enable either of them (as applicable) to obtain insurance in respect of your pension.

We will only process personal information that we require to fulfil our contractual or legal requirements. The type of personal information we will process includes your full postcode, gender, date of birth, date pension commenced, marital status, pension payments, indicators of ill health (or partial ill health) early retirement, and any other high-level indicators of reason for/timing of member retirement and where other individuals are included in the arrangement, certain personal information (of the same nature as set out above) about those individuals.

In connection with insurance that we may take out so we can manage our own risk, we may pass your personal information to reinsurers, including Zurich Insurance Company Ltd ("ZIC") (a Swiss based entity). To the extent your personal information is passed to ZIC, it will process your personal information broadly in line with ZAL’s approach as set out in this fair processing notice. If you would like more information about how ZIC processes your personal information, please contact: privacy@zurich.com. For more information about how other reinsurers process your personal information, please refer to their respective fair processing notices (links to such fair processing notices on-line or contact details to request a copy will be provided to you separately by the trustee of the scheme, or the scheme’s annuity provider). If you have given the trustee personal information about other individuals, please note that this third party personal information may be passed to us. We will use this personal information to fulfil our contractual or legal requirements. Please ensure that the individual knows how their personal information will be used by Zurich. More information about this can be found in the ‘How do you use my personal information’ section.

How do you use my personal information?

We will only process and use your personal information (i) to meet our legal or regulatory obligations, or for the establishment, exercise or defence of legal claims; and (ii) for our "legitimate interests". It is in our legitimate interests to process your personal information in order that we are able to fulfil our obligations under our contractual arrangements with the scheme trustee or the scheme’s annuity provider (as applicable). We ensure that this processing does not adversely impact your privacy or other human rights by processing only the minimum data that we require and we will use this personal information only for the purposes specified in this fair processing notice. Examples of the purposes for which we will process and use your personal information are:

to perform our contractual obligations to identify you when you contact us
to make and receive payments
to administer our site and for internal operations including troubleshooting, data analysis, testing, research, statistical and survey purposes
for fraud prevention and detection purposes.

Who do you share my personal information with?

Where necessary, we share personal information with the types of organisations described below for the purposes of fulfilling our obligations in our contractual arrangements:

associated companies (including ZIC), suppliers and service providers
professional advisers (including pension consultants and scheme agents)
other insurance (including reinsurance) companies
fraud prevention and detection agencies.

Or, in order to meet our legal or regulatory requirements, with the types of organisations described below:

regulatory and legal bodies
law enforcement bodies, including investigators
credit reference agencies
other insurance (including reinsurance) companies.

We may also share the following data with the types of organisations outlined above, for the purpose of statistical analysis, research and improving services:

anonymised data - data encrypted to make it anonymous, which protects an individual’s privacy by removing personally identifiable information
pseudonymised data - personally identifiable information replaced with a pseudonym to make the data less identifiable, such as replacing a name with a unique number
aggregated data - similar groups of data, such as age, profession or income which are expressed as a summary for statistical analysis.

How do you use my personal information for websites and email communications?

When you visit one of our websites we may process information from you such as your email address or IP address. This helps us to track unique visits and monitor patterns of customer website traffic, such as who visits and why they visit.

We use cookies and/or pixel tags on some pages of our website. A cookie is a small text file sent to your computer. A pixel tag is an invisible tag placed on certain pages of our website but not on your computer. Pixel tags usually work together with cookies to assist us to provide you with a more tailored service. This allows us to monitor and improve our email communications and website. Useful information about cookies, including how to remove them, can be found on our websites.

How do you transfer my personal information to other countries?

Where we transfer your personal information to countries that are outside of the UK or European Economic Area (EEA), we will ensure that it is protected and that the transfer is lawful. We will do this by ensuring that where necessary the personal information is given adequate safeguards by using 'standard contractual clauses' which have been adopted or approved by the UK and the EU, or other solutions that are in-line with the requirements of UK and where applicable European data protection laws.

A copy of our security measures for personal information transfers can be obtained from our Data Protection Officer at: Zurich Insurance Group, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

How long do you keep my personal information for?

We will keep and process your personal information for as long as necessary to meet the purposes for which it was originally received.

There are a number of factors influencing how long we will keep your personal information, and these are shown below:

to comply with applicable laws and regulations or set out in codes issued by regulatory authorities or professional bodies
our business processes, associated with the type of arrangement we have described in this fair processing notice
the type of data that we hold about you
if your data relates to any ongoing, pending, threatened, imminent or likely dispute, litigation or investigation
to enable us to respond to any questions, complaints, claims or potential claims
if you or a regulatory authority require us to keep your data for a legitimate purpose.

What are my data protection rights?

You have a number of rights under the data protection laws, namely:

to access your data (by way of a subject access request)
to have your data rectified if it is inaccurate or incomplete
in certain circumstances, to have your data deleted or removed
in certain circumstances, to restrict the processing of your data
a right of data portability, namely to obtain and reuse your data for your own purposes across different services
to object to direct marketing
not to be subject to automated decision making (including profiling), where it produces a legal effect or a similarly significant effect on you
to claim compensation for damages caused by a breach of the data protection legislation
if we are processing your personal information with your consent, you have the right to withdraw your consent at any time.

You can exercise your rights by contacting our Data Protection Officer at: Zurich Insurance Group, Unity Place, 1 Carfax Close, Swindon, SN1 1AP or by emailing the Data Protection Officer at GBZ.General.Data.Protection@uk.zurich.com.

What happens if I object to my personal information being processed by you?

If you object to us processing your personal information, we may not be able to provide appropriate insurance which may adversely impact on your pension scheme’s ability to manage its risks.

Data Protection Statement

General Insurance

Who controls my personal information?

What personal information will you collect about me?

How do you use my personal information?

Automated Decision Making

Who do you share my personal information with?

How do you use my personal information for websites and email communications?

How do you transfer my personal information to other countries?

How long do you keep my personal information for?

What are my data protection rights?

What happens if I fail to provide my personal information to you?

Life Insurance

Who controls my personal information?

What personal information will you collect about me?

How do you use my personal information?

Automated Decision Making

Who do you share my personal information with?

How do you use my personal information for websites and email communications?

How do you transfer my personal information to other countries?

How long do you keep my personal information for?

What are my data protection rights?

What happens if I fail to provide my personal information to you?

Pensions and Investments

Who controls my personal information?

What personal information will you collect about me?

How do you use my personal information?

Who do you share my personal information with?

How do you use my personal information for websites and email communications?

How do you transfer my personal information to other countries?

How long do you retain my personal information for?

What are my data protection rights?

What happens if I fail to provide my personal information to you?

Charity and community

Who controls my personal information?

What personal information will you collect about me?

How do you use my personal information?

Automated Decision Making

Who do you share my personal information with?

How do you use my personal information for websites and email communications?

How do you transfer my personal information to other countries?

How long do you keep my personal information for?

What are my data protection rights?

What happens if I fail to provide my personal information to you?

Engineering inspection

Who controls your personal information

What personal information we collect about you

How we use your personal information

Who we share your personal information with

How we use your personal information for websites and email communications

How we transfer your personal information to other countries

How long we keep your personal information for

Your data protection rights

What happens if you fail to provide your personal information to us

Fraud Prevention and Detection

General Insurance Claims

Who controls my personal information?

What personal information will you collect about me?

How do you use my personal information?

Automated Decision Making

Who do you share my personal information with?

How do you transfer my personal information to other countries?

How long do you keep my personal information for?

What are my data protection rights?

What happens if I fail to provide my personal information to you?

Fraud prevention and detection

Claims history

Zurich Consultancy services

Longevity swap

Who controls my personal information?

What personal information will you process about me?

How do you use my personal information?

Who do you share my personal information with?

How do you use my personal information for websites and email communications?

How do you transfer my personal information to other countries?

How long do you keep my personal information for?

What are my data protection rights?

What happens if I object to my personal information being processed by you?