Your Privacy and Security

The following are joint data controllers, along with EUI Limited, in processing your personal data for the following products:

• Telematics: (Dependent on product) Octo Telematics S.p.A, Drive Factor Inc., Vodafone Automotive UK Limited (3751493), Redtail Telematics Ltd (Registered Number 07407204).
• Life Insurance: Cigna Insurance Services (Europe) Limited (Registered Number 04617110).
• Travel Insurance: Rock Travel Insurance (Registered Number 04255878).
• Pet Insurance: Ultimate Pet Partners (Registered Number 6740793).
• Motor Insurance:Great Lakes Reinsurance (Registered Number HRB 230378).
• Goods in Transit Insurance:Royal and Sun Alliance plc (Registered Number 93792).
• Public and Employers Liability:Ageas Insurance Limited (Registered Number 354568); AXA Insurance UK plc (Registered Number 78950); Covea Insurance plc (Registered Number 613259).

Personal Data

Examples of personal data we may collect includes:

• Names and titles
• Physical address and address history
• Contact details including telephone numbers and email address
• Gender
• Lifestyle and other information

Special category personal data

Examples of special category personal data we may collect include:

• Medical history
• Claims history
• Criminal convictions and CCJs.

We may also indirectly collect other special category personal data during the course of any fraud investigations.

Call recording and monitoring

We monitor or record calls, emails, SMS messages or other communications for:

• Business purposes such as quality control and training
• Processing necessary for entering into or performance of a contract
• Prevention of unauthorised use of our telecommunication systems and websites
• Ensuring effective systems' operation
• Meeting any legal obligation
• Protecting your vital interests
• Prevention or detection of crime
• For the legitimate interests of the data controller

Telematics (Insurance products only)

If you have a Telematics Unit, we will use the Unit to capture data including date, time, speed, location and other associated vehicle and driving related information from your vehicle. This information includes:

• Date
• Time
• Latitude
• Longitude
• Speed
• Duration
• Distance
• Acceleration
• Braking
• Cornering
• Other associated vehicle information

Our Telematics systems normally collect information while your vehicle is being used, and transmit this to us and/or our suppliers some time later. Instances where the Telematics systems may send real-time data and alerts to us include where a collision or crash is detected, if the device's tamper alerts are activated, or if it is at your request, for example if your vehicle has been stolen and a Theft Tracking service has been activated.

Public and Employers Liability

For Public and Employers Liability insurance products we will process the Employers Reference Number (ERN) where employees are covered under a policy. We will also provide this information to the relevant underwriter who will record this information with the Employers Liability Tracing Office (ELTO). We are legally required to retain this data during the term of the relevant Policy and for a period of forty (40) years from the date on which cover under that Policy is terminated or lapses.

Admiral Group plc has various offerings and from time to time we would like to keep you informed of news, products or services, including but not limited to insurance (e.g. other automotive, insurance, legal or financial products, or other carefully selected offers or promotions that we feel may be of interest to you). This could be by telephone, post, email, social media channels or SMS.

If you would rather we did not contact you for this purpose, or would like to let us know how you prefer to be contacted (such as by email or post), or to confirm the types of products and services that would be of most interest to you, then let us know by emailing us at optout@admiralgroup.co.uk or writing to us at Head of Customer Assurance, Tŷ Admiral, David Street, Cardiff, CF10 2AA.

If you have visited our site and have selected to view a quote or loan offer, we may contact you, by telephone or other means, to discuss your quote or offer and the cover options available to you. If you do not want to hear from us about your quote, please let us know by emailing us at optout@admiralgroup.co.uk or writing to us at Head of Customer Assurance, Tŷ Admiral, David Street, Cardiff, CF10 2AA.

Other carefully selected companies may also contact you by post unless you have opted-out of this. If you would like to opt out of hearing from these companies, please let us know by emailing us at optout@admiralgroup.co.uk or writing to us at Head of Customer Assurance, Tŷ Admiral, David Street, Cardiff, CF10 2AA.

We also engage in online advertising, to keep you aware of what we're up to and to help you see and find our services.

Like many companies, we target Admiral banners and ads to you when you are on other websites and apps. We do this using a variety of digital marketing networks and ad exchanges, and we use a range of advertising technologies like web beacons, pixels, ad tags, cookies, and mobile identifiers, as well as specific services offered by some sites and social networks, such as Facebook's Custom Audience service.

Managing, Disabling and Enabling Cookies

You have the ability to accept or decline cookies from any website by modifying the settings in your browser. If you wish to restrict or block the cookies which are set by our website, you can do this through your browser settings. For information about how to manage and disable cookies you can use the 'Help' function within your browser or please visit www.aboutcookies.org or www.allaboutcookies.org. However, please note that by deleting or disabling cookies this could affect the functionality of our website and you may not be able to access certain areas or features of our site.

To opt out of being tracked by Google Analytics across all websites click here.

Telematics

Telematics data will only be disclosed to other parties in the following circumstances:

• To the joint controller Telematic Service Providers we use to collect and transmit Telematics information. The service provider in question may vary depending on the type of Telematics product and/or device you have chosen. Further details can be found in your policy guide.
• To our agents, partners and subcontractors for operational reasons, including providing the agreed services under the policy.
• To parties whom we are required by law to disclose data to, such as our regulators or if we are issued with a court order.
• To other parties with your permission, as outlined in the 'Confidentiality and Disclosure of your Data' section of this privacy statement.

Your data may also be shared with the relevant insurance and claims databases, in accordance with the Privacy Policy, shown above.

In order to access the data we hold about you, you need to make a 'Subject Access Request', or SAR. To make a SAR please email us at:

EUIadmin@admiralgroup.co.uk

or write to us at:

Head of Customer Assurance
Subject Access Request
Tŷ Admiral
David Street
Cardiff CF10 2AA

Please provide:

1. Your name, address, policy/claim number and what information you would like.
2. Identification documents; one which shows your name and signature (e.g. a copy of your passport) and one which shows your name and address (e.g. a copy of a recent bill or bank statement or other official document). We will accept just one identification document if it shows your name, address and signature such as a copy of your driving licence. (This is to take reasonable steps to confirm your identity before providing you with details of any personal information we may hold about you.)

Please note that if your SAR involves the personal data of other people, or you are making a request on behalf of someone else (such as a parent on behalf of their child), we may need identification from these individuals, as well as a signed letter of authority from them confirming that they are happy for you to act on their behalf and for us to release their data to you.

Once we have received your written request and identification documents, we will have one month to fulfil your request. Where for some reason this will not be possible, for instance due to large volumes of data being involved, we are permitted by law to take up to an additional two months to fulfil your request. Where any such delay is anticipated we will inform of you this as soon as possible along with details of when we expect to be able to provide you with the requested documentation.

Your other rights as a data subject, where applicable, include:

• The right to be informed about our processing of your personal data
• The right to have your personal data corrected if it is inaccurate, and to have incomplete personal data completed
• The right to object to the processing of your personal data
• The right to have your personal data erased ("right to be forgotten")
• The right to move, copy, or transfer your personal data ("data portability")
• Rights regarding automated decision making, including profiling

For more details on these rights and how to exercise them, please contact:

EUIadmin@admiralgroup.co.uk

If you have any queries about your rights, or believe that they have not been met by Admiral Group plc or any of the companies within the group, please contact our Data Protection Officer at:

yourinformationrights@admiralgroup.co.uk

or by writing to:

Data Protection Officer
Admiral Group plc
Tŷ Admiral
David Street
Cardiff CF10 2AA

If you have any complaints relating to the processing of your personal data, you also have the right to complain to the relevant Supervisor Authority. In the UK this is the Information Commissioner's Office (ICO). They can be contacted at:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

Fraud prevention and detection

In order to prevent and detect fraud, we may at any time share information about you with members of the Admiral group of companies.

If false or inaccurate information is provided and fraud is identified, you could be refused certain services, finance, or employment and details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information.

We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:

• checking details on applications for credit and credit related or other facilities
• managing credit and credit related accounts or facilities
• recovering debt
• checking details on proposals and claims for all types of Insurance
• checking details of job applicants and employees

We and other organisations may access and use, from other countries, the information recorded by fraud prevention agencies.

For further details on how your information will be used by us and these fraud prevention agencies, and your data protection rights, please contact us at Central Underwriting Department, Ty Admiral, David Street, Cardiff, CF10 2EH

Credit Reference

When you apply to us to open an account, we make a number of checks to assess your application for credit and verifying identities to prevent and detect crime and money laundering. To obtain this information, we will check the following records about you and anyone else who may also be insured and whose personal details have been provided as part of the insurance application.

• Our own records.
• Credit Reference Agency (CRA) records. When we search these records CRAs will place a search footprint on your credit file that may be seen by other lenders. They supply us with both public (including the electoral register), and shared credit and fraud prevention information
• Fraud Prevention Agency (FPA) Records

We make searches about you at credit reference agencies who will supply us with information, including the Electoral Register and credit information. The agencies will record details of the search whether or not your application proceeds. The searches will not be seen or used by lenders to assess your ability to obtain credit. We may use scoring methods to assess this application and to verify your identity.

Credit searches and other information which is provided to us and/or the credit reference agencies, about you and those with whom you are linked financially, may be used by EUI Limited and other companies if you, or other members of your household, apply for other facilities including insurance applications and claims. This information may also be used for debt tracing and the prevention of money laundering as well as the management of your account. Alternatively, we may ask you to provide physical forms of identification.

If you are making a joint application or tell us that you have a spouse or financial associate, we will link your records together so you must be sure that you have their agreement to disclose information about them. CRAs also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to breach that link.

We may also make periodic searches at CRAs and FPAs to manage your account with us.

Information on applications will be sent to and recorded by CRAs. When you borrow from us, we will give details of your account(s) and how you manage it/them to CRAs. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs and FPAs to perform similar checks, and to trace your whereabouts and recover debts that you owe. Records remain on file for six years after they are closed, whether settled by you or defaulted.

If you give us false or inaccurate information and we suspect or identify fraud, we will record it and may also pass this information to FPAs and other organisations involved in the prevention of crime and fraud.

If you borrow from us and do not make payments that you owe us, we will trace your whereabouts and recover debts.

If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services and financing you have requested, or to employ you, or we may stop providing existing services to you.

A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us using the details provided below.

Your data may also be used for other purposes for which you give your specific permission or, in very limited circumstances, when required by law or where permitted under the terms of the GDPR.

How to find out more

This is a condensed guide to the use of your personal information for credit reference purposes. If you would like to read the full details of how your data may be used please phone our Customer Services Department, or write to Us at Pricing Department, Tŷ Admiral, David Street, Cardiff, CF10 2EH.

You can contact the CRAs currently operating in the UK; the information they hold may not be the same so it is worth contacting them all. They will charge you a small statutory fee.

• Call Credit: Consumer Services Team, PO Box 491, Leeds, LS3 1WZ or call 0870 060 0550 or log on to www.callcredit.co.uk.
• Equifax: Credit File Advice Centre, PO Box 1140, Bradford, BD1 5US or call 0844 355 0550 or log on to www.equifax.co.uk.
• Experian: Consumer Help Service, PO Box 8000, Nottingham, NG80 7WF or call 0844 481 8000 or log on to www.experian.co.uk.

The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail at:

• www.callcredit.co.uk\crain
• www.equifax.co.uk\crain
• www.experian.co.uk\crain

Please contact us at Central Underwriting Department, Ty Admiral, David Street, Cardiff CF10 2EH if you want to receive details of the relevant fraud prevention agencies.

When you make a claim

If necessary we may also have to investigate your claims and conviction history in the course of administering the claim. You can be assured that we will keep such investigations strictly confidential.

We pass information to the Claims and Underwriting Exchange Register and, in the case of motor insurance, the Motor Insurance Anti-Fraud and Theft Register, both of which are managed by the Motor Insurers' Bureau (MIB). This helps insurers check information and prevent fraudulent claims. When we deal with your request for insurance we may search these registers. Under the conditions of your policy, you must tell us about any incident (such as an accident or theft) which may give rise to a claim. When you tell us about an incident we will pass information to the Registers.

Information relating to your insurance policy will be added to the Motor Insurance Database ("MID") managed by the Motor Insurers' Bureau ("MIB"). MID and the data stored on it may be used by certain statutory and/or authorised bodies including the Police, the DVLA, the DVANI, the Insurance Fraud Bureau and other bodies permitted by law for purposes not limited to but including:

• Electronic Licensing
• Continuous Insurance Enforcement; Law enforcement (prevention, detection, apprehension and or prosecution of offenders)
• The provision of government services and or other services aimed at reducing the level and incidence of uninsured driving

If you are involved in a road traffic accident (either in the UK, the EEA or certain other territories), insurers and or the MIB may search the MID to obtain relevant information.

Persons (including his or her appointed representatives) pursuing a claim in respect of a road traffic accident (including citizens of other countries) may also obtain relevant information which is held on the MID.

It is vital that the MID holds your correct registration number. If it is incorrectly shown on the MID you are at risk of having your vehicle seized by the Police. You can check that your correct registration number details are shown on the MID at askmid.com

Motor Insurers' Bureau
Linford Wood House
6-12 Capital Drive
Milton Keynes
MK14 6XT

MyLicence

As part of our fraud prevention and detection measures, we may undertake searches against your (or any person included on the proposal) DLN against details held by the DVLA to confirm your licence status, entitlement and restriction information and endorsement/conviction data. This helps insurers check information to prevent fraud and reduce incidences of negligent misrepresentation and non-disclosure. A search of the DLN with the DVLA should not show a footprint against your (or another relevant person included on the proposal) driving licence.

Please contact us on 0800 052 3144 if you want to receive details of the relevant fraud prevention agencies.

We may exchange your details such as NCB, DLN and Claims records with insurance industry databases for the purpose of validation and financial crime prevention.

We and other organisations may access and use, from other countries, the information recorded by fraud prevention agencies.

The User ID and password helps us to protect your personal data You must keep this password safe and must not disclose it to anyone. Some suspicious emails contain attachments or links to websites that try to install malicious software on your computer. If you have entered your password on what you think might be a malicious website, please contact us immediately and ask us to change your password.

If you have entered your credit card information on what you think might be a malicious website or replied to an e-mail with that information, you should contact your credit card company immediately. Do not forget to contact us to update your card details.

When you ask for a quote from us, we will process the data on a secure server. Your browser will confirm that you are in a secure area by displaying an unbroken key or lock in the bottom right hand corner of your browser window.

Many organisations use security features such as firewalls to protect their computer systems. These firewalls may prevent you from connecting to our secure server to get a quote. If you are at work and cannot connect to our web site, please speak to your IT administrator.

Please be aware that communications over the Internet, such as emails, are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered - this is the nature of the Internet. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.

Additionally, you can protect your system by installing anti-virus and running scans as recommended by the vendor. You should also run any security updates / patches you receive for your system from the supplier.

Never respond to unsolicited emails from unfamiliar sources. Such emails may be fraudulent and attempt to get you to provide your personal details or payment information.