Your Privacy and Security
You acknowledge that by providing your personal data to us, you consent to its processing in the manners outlined below. When providing personal data about others, you confirm that you have the consent of these individuals to supply their personal data. We are unable to offer you any product or service unless you provide explicit consent for the collection and use of sensitive personal data as defined in the Data Protection Act 1998.
2. Who we are
Admiral, Diamond, Bell and elephant.co.uk are trading names of the data controller EUI Limited (Registered Number 02686904). EUI Limited is part of Admiral Group plc.
Additional data controllers
The following are joint data controllers, along with EUI Limited, in processing your personal data for the following products:
- Telematics: (Dependent on product) Octo Telematics S.p.A, Drive Factor Inc., Redtail Telematics Ltd (Registered Number 07407204).
- AppyDriver Mobile App: Wunelli Ltd (Registered Number 05942167).
- Life Insurance: Cigna Life Insurance Company of Europe S.A.-N.V.
- Travel Insurance: Rock Travel Insurance (Registered Number 04255878).
- Pet Insurance: Ultimate Pet Partners (Registered Number 6740793).
Companies within Admiral Group plc:
- EUI Limited; trading as Admiral, Bell, Diamond and elephant.co.uk
- Able Insurance Services Limited; trading as Gladiator
- Admiral Law Limited; trading as Admiral Law
- BDE Law Limited; trading as EUI Law, Diamond Law and Elephant Law
- Inspop.com Limited; trading as Confused.com
3. Data we collect
We collect personal data and sensitive personal data as part of providing services to you. We may also monitor or record calls, emails, SMS messages or other communications in accordance with UK law.
Please note that from July 2015, we may collect your Driving Licence Number (DLN or "MyLicence") as part of your application for motor insurance (in some cases, we may not be able to insure you without this information) or when you make a claim . For details relating to information held about you by the Driver and Vehicle Licensing Agency ("DVLA") please visit www.dvla.gov.uk. and www.mylicence.org.uk. To view your driving licence, visit www.gov.uk/view-driving-licence.
Types of data we collect
Examples of personal data we may collect includes:
- Name and address, date of birth and gender
- Telephone numbers and email address
- Credit/debit card details
- Lifestyle and other information
Sensitive personal data
Examples of sensitive personal data we may collect includes:
- Medical history
- Claims history
- Criminal convictions etc.
Driving Licence Number ("MyLicence")
The number is used to do an automatic check with the DVLA driver database, to retrieve the required information. The provided information is:
- Type of licence held
- Length of time the licence has been held for
- Entitlements to drive
- Penalty points
- Conviction dates
Call recording and monitoring
We monitor or record calls, emails, SMS messages or other communications for:
- Business purposes such as quality control and training
- Processing necessary for entering into or performance of a contract
- Prevention of unauthorised use of our telecommunication systems and websites
- Ensuring effective systems operation
- Meeting any legal obligation
- Protecting your vital interests
- Prevention or detection of crime
- For the legitimate interests of the data controller
If you have a Telematics Unit, we will use the Unit to capture data date, time, speed, location and other associated vehicle and driving related information from your vehicle. This information includes:
- Other associated vehicle information
AppyDriver Mobile App
In order for the app to provide you with a discount code for use when purchasing a policy, you will be required to disclose certain pieces of your personal information. The app will also collect location-based data using your GPS signal.
So that we can apply the any discount you may have earned over the course of 250 miles, the information we will ask for will include:
- First name
- Date of birth
- E-mail address
- Renewal month
- Vehicle Registration Mark (VRM)
- Password and password confirmation
4. When data is collected
We will collect your personal data when:
- You ask for a quote
- You purchase our products and services
- You make customer enquiries
- You register for information or other services
- You register a claim
- You respond to communications or surveys
- We require additional information from you for validation purposes
When we collect Telematics data
Our Telematics systems normally collect information while your vehicle is being used, and transmit this to us and/or our suppliers some time later. Instances where the Telematics systems may send real-time data and alerts to us include where a collision or crash is detected, if the device's tamper alerts are activated, or if it is at your request, for example if your vehicle has been stolen and a Theft Tracking service has been activated.
AppyDriver Mobile App
We will not have access to your real-time location and you can choose whether or not to use the app for a journey.
5. How your data is used
We will use your data for:
- Processing your quotes
- Administering your policy, including claims handling
- Fraud prevention and detection
- Credit scoring or other automated decision-making systems
- Administering debt recoveries
- Verifying your identity when required
- Undertaking market research, product development and statistical purposes
- Keeping you informed about promotions and new developments by email, telephone or post
- Processing auto-renewal of your policy
- For assessment and analysis to enable us to review, develop and improve the services which we offer and to enable us to provide you and other customers with relevant information through our marketing programme.
- We may use your information to make decisions about you using computerised technology to profile you, such as assessing which products might be most suitable for you.
Driving Licence Number ("MyLicence")
The data provided by the DVLA may be used alongside other information you have provided:
- To calculate a motor insurance quote
- To administer the policy
- For anti-fraud purposes
They will not be used for any other purpose, or be made available for anyone else. Only the motor insurance industry may use this information. If you apply for a quote with us and don't decide to take out insurance with us, the data returned from the DVLA database will be anonymised or deleted no later than 30 days after receipt of that data.
Please note that under our User Agreement with the Motor Insurance Bureau, individual agents do not have access to the data returned by a DLN search and as such will not be able to discuss issues relating to your DLN with you. In these instances, we suggest checking the information associated with your DLN is correct at www.gov.uk/view-driving-licence
Dealing with other people
All policies must have an Administrator.
The Administrator must be a Policyholder within the current Period of Insurance and will be our primary point of contact in relation to the policy.
- Will have access to all documentation, information and personal data relating to all Insured(s) on this policy
- Can nominate another Policyholder to become the Administrator
- Can make any change to all parts of the policy
- Can cancel the whole policy in line with General Condition 4 of your Policy Book
With the exception of cancellation (General Condition 4), it is our policy to deal with those named on your policy or any acceptable callers. The ways in which we may deal with those named on your policy or any acceptable callers include adding or removing vehicles to the policy.
An acceptable caller is:
- a Policyholder
- Named Driver
- the spouse, partner or parent of a Policyholder
- any other person or organisation that provides evidence that they have authority to act on behalf of the Policyholder and passes our data protection procedure
If you would like someone else to deal with your policy on your behalf on a regular basis please let us know.
To ensure an efficient and speedy claim process we will take instruction from you or any other person provided they are named on the policy. If you would like someone else to deal with your claim on your behalf please let us know.
If you give us data about another person, in doing so you confirm that they have given you permission to provide it to us to be able to process their personal data (including any sensitive personal data) and also that you have told them who we are and what we will use their data for, as set out in this policy.
Our use of your data at renewal and our use of your Telematics data
Searches may be carried out prior to the date of the insurance policy and at any point throughout the duration of your insurance policy including at the mid-term adjustment and renewal stage. A search of the DLN with the DVLA should not show a footprint against your (or another relevant person included on the proposal) driving licence.
We may also use your DLN to search your (or any person included on the proposal) 'No Claims Bonus' details against a No Claims Bonus database ("NCB") to obtain information in relation to your 'No Claims Bonus' entitlement. Such searches may be carried out against your (or the relevant person included on the proposal) DLN, name, date of birth, Vehicle Registration Mark ("VRM") and or postcode. A search of the DLN against the NCB should not show a footprint against your (or another relevant person included on the proposal) driving licence.
In order to offer you continuous cover on your policy, EUI Limited will arrange for your policy to be automatically renewed. You should be aware that we can only guarantee automatic renewal when:
- You have made us aware of any changes to your policy details
- The credit/debit card details have not changed
- The credit/debit card holder has given their explicit consent to his or her card being charged at renewal
We may conduct a search against your DLN if an insurance policy is incepted at the renewal stage.
Unless we hear to the contrary, EUI Limited is entitled to assume at renewal that your details have not changed and you have the consent of the card holder.
If you wish to make changes to your policy then, unless you inform us otherwise, EUI Limited will charge the payment details (card or bank account) held on record for any additional amount due.
You may inform us of any changes or opt out of automatic renewal at any time by contacting our Customer Service department. We will also contact you with a reminder that your insurance is due for renewal.
EUI Ltd and joint controller companies we partner with to administer Telematics products will use the data captured by the Telematic Unit for the purposes of:
- Calculating and charging insurance premiums based upon actual vehicle usage, and compiling and generating Driving Scores.
- Controlling your personal data for the purpose of providing you with services relating to the insurance policy. We will process your data in accordance with our responsibilities under the Data Protection Act 1998 and the European Data Protection Directive.
- Carrying out the installation, activation, deinstallation, disconnection, servicing, updating or testing of the Telematic Unit.
- General research and analysis, mapping purposes, researching and refining techniques for analysing motor Telematics data and the supply of traffic data. In all such circumstances the data will be used anonymously and will not identify any individual, vehicle user, or the policyholder.
- Enabling EUI Ltd, joint controller companies and any service partners, to contact you by post, electronic mail, telephone or text messaging regarding the administration of your insurance policy and the associated services.
- Provision of the insurance services under the policy, including management of claims, underwriting and policy servicing. Data will be used for any underwriting or claims development or investigations that may be required, and for fraud prevention, detection and investigation purposes.
Admiral Group plc will contact you from time to time by telephone, post, email, social media channels or SMS to keep you informed with news, our range of products or services.
Marketing & your preferences
We would like to keep you informed of news, products or services, including but not limited to insurance (e.g. other automotive, insurance, legal or financial products, or other carefully selected offers or promotions which we feel may be of interest to you).
If you have visited our site and have selected to view a quote, we may contact you, by telephone or other means, to discuss your quote and the cover options available to you.
Other carefully selected companies may also contact you by post. If you have opted in to receive emails, SMS or telephone calls from other selected companies, you may also be contacted about other products that we believe may be of interest to you by these contact methods.
If you would like to alter your marketing preferences please click here or write to the Marketing Department, EUI Limited, Tŷ Admiral, David Street, Cardiff, CF10 2EH.
7. Our technology
Your cookie preferences
Managing, Disabling And Enabling Cookies
You have the ability to accept or decline cookies from any website by modifying the settings in your browser. If you wish to restrict or block the cookies which are set by our website, you can do this through your browser settings. For information about how to manage and disable cookies you can use the 'Help' function within your browser or please visit www.aboutcookies.org or www.allaboutcookies.org. However, please note that by deleting or disabling cookies this could affect the functionality of our website and you may not be able to access certain areas or features of our site.
To opt out of being tracked by Google Analytics across all websites click here.
8. Who has access to your data
Apart from ourselves, other companies that may have access to your data include:
- Companies within the Admiral Group (For the purposes of this Privacy Statement, "Admiral Group" means Admiral Group plc and any company or entity in which Admiral Group plc owns more than 15% of the issued share capital. Companies in the Admiral Group shall include, without limitation, EUI Limited, Admiral Insurance Company Ltd, Admiral Insurance (Gibraltar) Ltd, Inspop.com Ltd, Able Insurance Services Ltd and any other company that is incorporated within the Admiral Group at any time in the future). A full list of our companies can be found at www.admiralgroup.co.uk/business/our_companies.php
- In the event that we undergo re-organisation or are sold to a third party, in which case you agree that any personal data we hold about you may be transferred to that re-organised entity or third party.
- Where it is necessary to deliver the products and services bought by you. For example, we may disclose your personal data to a credit card company to validate your credit card details and obtain payment. It may also be necessary for us to pass your personal data to the organisation from whom you have ordered any products or services other than your EUI Limited insurance product, such as a travel insurance or a personal accident cover provider, etc. At all times, EUI Limited will remain the data controller unless we inform you otherwise.
How your Telematics data is shared
Telematics data will only be disclosed to other parties in the following circumstances:
- To the joint controller Telematic Service Providers we use to collect and transmit Telematics information. The service provider in question may vary depending on the type of Telematics product and/or device you have chosen. Further details can be found in your policy guide.
- To our agents, partners and subcontractors for operational reasons, including providing the agreed services under the policy.
- To parties whom we are required by law to disclose data to, such as our regulators or if we are issued with a court order.
- To other parties with your permission, as outlined in the 'Confidentiality and Disclosure of your Data' section of this privacy statement.
9. Request your data
You have the right to access the data we hold about you under Section 7 of the Data Protection Act 1998.
How to make a Subject Access Request
Please write to:
Head of Central Quality
Cardiff CF10 2AA
- Your name, address, policy/claim number and what information you would like.
- Two forms of identification such as a copy of a driving licence, passport, or document containing your signature, and a copy of a recent utility bill that confirms your address. (This is to take reasonable steps to confirm your identity before providing you with details of any personal information we may hold about you.)
- A cheque made payable to "EUI Limited" for £10. (In accordance with the Data Protection Act 1998, we are entitled to charge £10 to cover the administration costs.)
Please note that if your SAR involves personal data of other people (such as named drivers on your policy) or you are making a request on behalf of another (such as a parent on behalf of their child), we will need identification from these individuals, as well as a signed letter of authority from them that they are happy for you to act on their behalf and for us to release their data to you.
10. Confidentiality and disclosure of your data
We will endeavour to treat your personal data as private and confidential. From time to time we will employ agents and subcontractors to process your personal data on our behalf. The same duty of confidentiality and security will apply to them and all processing will be carried out under our instruction.
We would like to bring to your attention our obligations to disclose data in the following four exceptional cases permitted by law, and the other situations set out below. These are:
- Where we are legally compelled to do so
- Where there is a duty to the public to disclose
- Where disclosure is required to protect our interest
- Where disclosure is made at your request or with your consent
In the unfortunate event that you have to make a claim then we will need to disclose data with any other party involved in that claim. This may include:
- Third parties involved with the claim, their insurer, solicitor or representative
- Medical teams, the police or other investigators
If you make a complaint about the service we have provided, we may be obliged to forward details about your complaint, including your personal data, to the relevant ombudsman. You can be assured that they are similarly obliged to adhere to the Data Protection Act and keep your personal data strictly confidential.
Please note that we make a number of checks to assess your application for credit and verifying identities to prevent and detect crime and money laundering, as well as data sharing at any time for the purposes of fraud prevention. From June 2015, these checks may also include your DLN/MyLicence.
Using data obtained from your DLN, we may pass details of your 'No Claims Bonus' to certain organisations to be recorded on an NCB database. This may occur if information requires updating or correcting at any stage, and also at the renewal stage of your policy and upon or after the cancellation of your policy prior to the expiry date.
Use of your data for fraud prevention & detection and credit checking
When you apply to us to open an account, we make a number of checks to assess your application for credit and verifying identities to prevent and detect crime and money laundering. To obtain this information, we will check the following records about you and anyone else who may also be insured and whose personal details have been provided as part of the insurance application.
- Our own records.
- Credit Reference Agency (CRA) records. When we search these records CRAs will place a search footprint on your credit file that may be seen by other lenders. They supply us with both public (including the electoral register), and shared credit and fraud prevention information
- Fraud Prevention Agency (FPA) Records
We make searches about you at credit reference agencies who will supply us with information, including the Electoral Register and credit information. The agencies will record details of the search whether or not your application proceeds. The searches will not be seen or used by lenders to assess your ability to obtain credit. We may use scoring methods to assess this application and to verify your identity.
Credit searches and other information which is provided to us and/or the credit reference agencies, about you and those with whom you are linked financially, may be used by EUI Limited and other companies if you, or other members of your household, apply for other facilities including insurance applications and claims. This information may also be used for debt tracing and the prevention of money laundering as well as the management of your account. Alternatively, we may ask you to provide physical forms of identification.
We may also make periodic searches at CRAs and FPAs to manage your account with us.
Information on applications will be sent to and recorded by CRAs. When you borrow from us, we will give details of your account(s) and how you manage it/them to CRAs. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs and FPAs to perform similar checks, and to trace your whereabouts and recover debts that you owe. Records remain on file for six years after they are closed, whether settled by you or defaulted.
If you give us false or inaccurate information and we suspect or identify fraud, we will record it and may also pass this information to FPAs and other organisations involved in the prevention of crime and fraud.
If you borrow from us and do not make payments that you owe us, we will trace your whereabouts and recover debts.
Your data may also be used for other purposes for which you give your specific permission or, in very limited circumstances, when required by law or where permitted under the terms of the Data Protection Act 1998.
How to find out more
This is a condensed guide to the use of your personal information for credit reference purposes. If you would like to read the full details of how your data may be used please phone our Customer Services Department, or write to Us at Pricing Department, Tŷ Admiral, David Street, Cardiff, CF10 2EH.
You can contact the CRAs currently operating in the UK; the information they hold may not be the same so it is worth contacting them all. They will charge you a small statutory fee.
When you make a claim
If necessary we may also have to investigate your claims and conviction history in the course of administering the claim. You can be assured that we will keep such investigations strictly confidential.
We pass information to the Claims Underwriting and Exchange Register, run by Insurance Database Services (IDS) and, in the case of motor insurance, the Motor Insurance Anti-Fraud and Theft Register, run by the Association of British Insurers (ABI). This helps insurers check information and prevent fraudulent claims. When we deal with your request for insurance we may search these registers. Under the conditions of your policy, you must tell us about any incident (such as an accident or theft) which may give rise to a claim. When you tell us about an incident we will pass information to the Registers.
Information relating to your insurance policy will be added to the Motor Insurance Database ("MID") managed by the Motor Insurers' Bureau ("MIB"). MID and the data stored on it may be used by certain statutory and/or authorised bodies including the Police, the DVLA, the DVANI, the Insurance Fraud Bureau and other bodies permitted by law for purposes not limited to but including:
- Electronic Licensing
- Continuous Insurance Enforcement; Law enforcement (prevention, detection, apprehension and or prosecution of offenders)
- The provision of government services and or other services aimed at reducing the level and incidence of uninsured driving
If you are involved in a road traffic accident (either in the UK, the EEA or certain other territories), insurers and or the MIB may search the MID to obtain relevant information.
Persons (including his or her appointed representatives) pursuing a claim in respect of a road traffic accident (including citizens of other countries) may also obtain relevant information which is held on the MID.
It is vital that the MID holds your correct registration number. If it is incorrectly shown on the MID you are at risk of having your vehicle seized by the Police. You can check that your correct registration number details are shown on the MID at www.askmid.com.
Fraud prevention and detection
In order to prevent and detect fraud insurers may, at any time share information about you with our other group companies.
If false or inaccurate information is provided and fraud is identified details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information.
We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:
- checking details on applications for credit and credit related or other facilities
- managing credit and credit related accounts or facilities
- recovering debt
- checking details on proposals and claims for all types of Insurance
- checking details of job applicants and employees
As part of our fraud prevention and detection measures, we may undertake searches against your (or any person included on the proposal) DLN against details held by the DVLA to confirm your licence status, entitlement and restriction information and endorsement/conviction data. This helps insurers check information to prevent fraud and reduce incidences of negligent misrepresentation and non-disclosure. A search of the DLN with the DVLA should not show a footprint against your (or another relevant person included on the proposal) driving licence.
Please contact us on 0800 052 3144 if you want to receive details of the relevant fraud prevention agencies.
We may exchange your details such as NCB, DLN and Claims records with insurance industry databases for the purpose of validation and financial crime prevention.
We and other organisations may access and use, from other countries, the information recorded by fraud prevention agencies.
11. Information Security
On our websites we protect any data you have given us by providing you with a User ID and password. We also use industry standard security to encrypt sensitive data in transit to our servers.
It may be necessary to transfer your personal data to other Group companies or service providers located outside of the European Economic Area. The data protection and other laws of these countries may not be as comprehensive as those in the UK or the EEA - in these instances we will take steps to ensure that your data is given an equivalent level of protection as it is in the EEA.
Show further information
The User ID and password helps us to protect your personal data You must keep this password safe and must not disclose it to anyone. Some suspicious emails contain attachments or links to websites that try to install malicious software on your computer. If you have entered your password on what you think might be a malicious website, please contact us immediately and ask us to change your password.
If you have entered your credit card information on what you think might be a malicious website or replied to an e-mail with that information, you should contact your credit card company immediately. Do not forget to contact us to update your card details.
When you ask for a quote from us, we will process the data on a secure server. Your browser will confirm that you are in a secure area by displaying an unbroken key or lock in the bottom right hand corner of your browser window.
Many organisations use security features such as firewalls to protect their computer systems. These firewalls may prevent you from connecting to our secure server to get a quote. If you are at work and cannot connect to our web site, please speak to your IT administrator.
Please be aware that communications over the Internet, such as emails, are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered - this is the nature of the Internet. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.
Additionally, you can protect your system by installing anti-virus and running scans as recommended by the vendor. You should also run any security updates / patches you receive for your system from the supplier.
Never respond to unsolicited emails from unfamiliar sources. Such emails may be fraudulent and attempt to get you to provide your personal details or payment information.
12. Changes to this policy
From time to time we may need to change the way we use your personal data. Where we believe you may not reasonably expect such a change we will write to you. When we do so, you will have 60 days to object to the change but if we do not hear from you within that time you consent to that change.