Here in the Admiral Group plc, we will always treat your personal data with respect and design our products and services with your privacy in mind.
This Privacy Notice will help you understand how we collect, use and protect your personal data.
Admiral, Diamond, Bell and Elephant, Gladiator and Veygo are trading names of the data controller EUI Limited (Registered Number 02686904).
Gladiator is a trading name of the data controller Able Insurance Services Limited (Registered Number 02890075).
Admiral Law, EUI Law, Diamond Law, Elephant Law and BDE Law are trading names of the data controller Admiral Law Limited (Registered Number 08023665).
Admiral Loans, Admiral Car Finance and Admiral One are trading names of the data controller Admiral Financial Services Limited (Registered Number 10255225).
Confused.com is a trading name of the data controller Inspop.com Limited (Registered Number 03857130).
EUI Limited, Able Insurance Services Limited, Admiral Law Limited, Admiral Financial Services Limited and Inspop.com Limited, are each part of Admiral Group plc (Registered Number 03849958).
Additional data controllers
The following are also data controllers, in addition to the relevant data controller named above, in processing your personal data for the following products:
(Dependent on product) Octo Telematics S.p.A, Drive Factor Inc., Vodafone Automotive UK Limited (3751493), Redtail Telematics Ltd (Registered Number 07407204).
Cigna Insurance Services (Europe) Limited (Registered Number 04617110).
Rock Travel Insurance (Registered Number 04255878).
Insurance Factory Ltd (Registered Number 02982445).
Great Lakes Insurance SE (Registered Number HRB 230378).
FCE Bank plc (Registered number 772784).
Automobile Association Insurance Services Limited (Registered Number 02414212).
For more detailed information, please check out our group website.
Data we collect
In order to provide you with our services, we will need to process your personal data. We will collect data from you, from your use of our services and from external sources (both public and private).
The personal information we collect about you may include:
- Your contact details such as name, physical and email addresses, phone numbers;
- Further personal details such as marital status, employment status, income information, proof of residency;
- Government identifiers such as driving license number;
- Your claims history;
- Location information;
- Machine identifiers including your IP address;
- Information about how you interacted with us, our websites and our services;
- Your Payment card and banking details in order to complete your purchase
- Information about others who will be or are included on your policy (which you should have their permission to share)
- Information on your vehicle or property, some of which will be collected from external databases. Examples include road tax status and geological/flood data for your area.
- Your medical history;
- Criminal convictions and county court judgements
Examples of special category data we collect may include:
If you provide us with personal data about another individual, you acknowledge that you have permission from that individual to do so and that they understand how we will process their personal data. We would strongly encourage that any individual, whose personal data you provide to us, reads this Privacy Notice.
How we collect your data
We will collect your personal data when:
- You provide us with details for a quote
- You enquire or apply for a loan
- You make enquiries through a price comparison website
- You purchase our products and services or those provided by our service partners
- You interact with us or make customer enquiries
- You register for information or other services
- You register an insurance claim
- You respond to communications or surveys
- We require additional information from you for validation purposes
We collect data about you through the use of technology such as cookies and device fingerprinting.
You have the ability to accept or decline cookies from any website by modifying the settings in your browser. If you wish to restrict or block the cookies which are set by our website, you can do this through your browser settings. For information about how to manage and disable cookies you can use the 'Help' function within your browser or please visit www.aboutcookies.org or www.allaboutcookies.org. However, please note that by deleting or disabling cookies this could affect the functionality of our website and you may not be able to access certain areas or features of our site.
If you have a Telematics Unit, we will use the Unit to capture data date, time, speed, location and other associated vehicle and driving related information from your vehicle. This information includes:
- Other associated vehicle information
Our Telematics systems normally collect information while your vehicle is being used and transmit this to us and/or our suppliers after a delay. Instances where the Telematics systems may send real-time data and alerts to us include where a collision or crash is detected, if the device's tamper alerts are activated, or if it is at your request, for example if your vehicle has been stolen and a Theft Tracking service has been activated.
Driving Licence Number ("MyLicence")
We may collect your Driving Licence Number (DLN or "MyLicence") as part of your application for motor insurance (in some cases, we may not be able to insure you without this information) or when you make a claim.
The number is used to do an automatic check with the DVLA driver database, to retrieve the required information. The provided information is:
- Type of licence held
- Length of time the licence has been held for
- Entitlements to drive
- Penalty points
- Conviction dates
The data provided by the DVLA may be used alongside other information you have provided:
- To calculate a motor insurance quote
- To administer the policy
- For anti-fraud purposes
They will not be used for any other purpose, or be made available to anyone else. Only the motor insurance industry may use this information. If you apply for a quote with us and don't decide to take out insurance with us, the data returned from the DVLA database will be anonymised or deleted no later than 30 days after receipt of that data.
Searches may be carried out prior to the date of the insurance policy and at any point throughout the duration of your insurance policy including at the mid-term adjustment and renewal stage.
We may also use your DLN to search your (or any person included on the proposal) 'No Claims Bonus' details against a No Claims Bonus database ("NCB") to obtain information in relation to your 'No Claims Bonus' entitlement.
Such searches may be carried out against your (or the relevant person included on the proposal) DLN, name, date of birth, Vehicle Registration Mark ("VRM") and or postcode. A search of the DLN against the NCB should not show a footprint against your (or another relevant person included on the proposal) driving licence
Please note that under our User Agreement with the Motor Insurance Bureau, individual agents do not have access to the data returned by a DLN search and as such will not be able to discuss issues relating to your DLN with you. In these instances, we suggest checking the information associated with your DLN is correct at www.gov.uk/view-driving-licence
For details relating to information held about you by the Driver and Vehicle Licensing Agency ("DVLA") please visit www.dvla.gov.uk and www.mylicence.org.uk. To view your driving licence, visit www.gov.uk/view-driving-licence.
When you apply to us to open an account, at renewal, and in certain circumstances where an amendment to your agreement is requested, we make a number of checks to assess your application for credit and verifying identities to prevent and detect crime and money laundering. To obtain this information, we will check the following records about you and anyone else who may also be insured and whose personal details have been provided as part of the insurance application.
- Our own records.
- Credit Reference Agency (CRA) records. When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders. They supply us with both public (including the electoral register), and shared credit and fraud prevention information
- Fraud Prevention Agency (FPA) Records
We make searches about you at credit reference agencies who will supply us with information, including the Electoral Register and credit information. The agencies will record details of the search whether or not your application proceeds. The searches will not be seen or used by lenders to assess your ability to obtain credit. We may use scoring methods to assess this application and to verify your identity.
Credit searches and other information which is provided to us and/or the credit reference agencies, about you and those with whom you are linked financially, may be used by ourselves and other companies if you, or other members of your household, apply for other facilities including insurance and loans applications and claims. This information may also be used for debt tracing and the prevention of money laundering as well as the management of your account. Alternatively, we may ask you to provide physical forms of identification.
If you are making a joint application or tell us that you have a spouse or financial associate, we will link your records together so you must be sure that you have their agreement to disclose information about them. CRAs also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to breach that link.
We may also make periodic searches at CRAs and FPAs to manage your account with us.
Information on applications will be sent to and recorded by CRAs. When you borrow from us, we will give details of your account(s) and how you manage it/them to CRAs. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs and FPAs to perform similar checks and to trace your whereabouts and recover debts that you owe. Records remain on file for six years after they are closed, whether settled by you or defaulted.
If you give us false or inaccurate information and we suspect or identify fraud, we will record it and may also pass this information to FPAs and other organisations involved in the prevention of crime and fraud.
If you borrow from us and do not make payments that you owe us, we will trace your whereabouts and recover debts.
If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services and financing you have requested, or to employ you, or we may stop providing existing services to you.
A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us using the details provided below.
Your data may also be used for other purposes for which you give your specific permission or, in very limited circumstances, when required by law or where permitted under the terms of the GDPR.
Call Recording and Monitoring
We monitor or record calls, emails, SMS messages or other communications for:
- Business purposes such as quality control and training
- Processing necessary for entering into or performance of a contract
- Prevention of unauthorised use of our telecommunication systems and websites
- Ensuring effective systems operation
- Meeting any legal obligation
- Protecting your vital interests
- Prevention or detection of crime
- For the legitimate interests of the data controller
How we use your data
The data we collect from you could be used for a wide variety of reasons:
- Processing your quotes or loan application;
- Administering your policy, including claims handling and administering your loan;
- Fraud detection and prevention;
- Credit scoring or other automated decision-making;
- Administering debt recoveries;
- Verifying your identity when required;
- Undertaking market research, product development and statistical purposes;
- To enable us to provide you and other customers with relevant information through our marketing programme;
- Keeping you informed about promotions and new developments by email, telephone, SMS, social media or post (dependent on your preferences);
- Processing the auto-renewal of your policy;
- For assessment and analysis to enable us to review, develop and improve the services we offer; and
- To make decisions about you using computerised technology to profile you, such as assessing which products might be most suitable for you.
In order to offer you continuous cover on your insurance policy, we will arrange for your policy to be automatically renewed. You should be aware that we can only guarantee automatic renewal when:
- You have made us aware of any changes to your policy details
- The credit/debit card details have not changed
- The credit/debit card holder has given their explicit consent to his or her card being charged at renewal
We may conduct a search against your DLN if an insurance policy is incepted at the renewal stage.
Unless we hear to the contrary, we are entitled to assume at renewal that your details have not changed, and you have the consent of the card holder.
If you wish to make changes to your policy then, unless you inform us otherwise, we will charge the payment details (card or bank account) held on record for any additional amount due.
You may inform us of any changes or opt out of automatic renewal at any time by contacting our Customer Service department. We will also contact you with a reminder that your insurance is due for renewal.
Sometimes we need to use your personal data for legitimate business purposes in order to ensure we continue to provide a great customer experience. In every instance. we will always balance our interests against yours.
The processes below are considered legitimate interests:
- Fraud detection and prevention across Admiral Group;
- Engaging and contacting you throughout the lifecycle of your policy to ensure you have a good experience as an Admiral customer;
- Setting reserves for our injury claims;
- Internally auditing our processes to maintain our high standards;
- Some of our marketing activities;
- Use of your quote data (whether you accepted a policy or not) to refine our pricing models across all our products within the Admiral Group, improve the accuracy of our premiums and improve the quality of our services;
- If you leave us, we will contact you the following year with an automatically generated quote based on your information on file
- Sharing data with selected third parties in order to add value to our products
We and joint controller companies we partner with to administer Telematics products will use the data captured by the Telematic Unit for the purposes of:
- Calculating and charging insurance premiums based upon actual vehicle usage and compiling and generating Driving Scores.
- Controlling your personal data for the purpose of providing you with services relating to the insurance policy. We will process your data in accordance with our responsibilities under the European Data Protection Regulation (GDPR).
- Carrying out the installation, activation, deinstallation, disconnection, servicing, updating or testing of the Telematics Unit.
- General research and analysis, mapping purposes, researching and refining techniques for analysing motor Telematics data and the supply of traffic data. In all such circumstances the data will be used anonymously and will not identify any individual, vehicle user, or the policyholder.
- Enabling us, joint controller companies and any service partners, to contact you by post, electronic mail, telephone or text messaging regarding the administration of your insurance policy and the associated services.
- Provision of the insurance services under the policy, including management of claims, underwriting and policy servicing. Data will be used for any underwriting or claims development or investigations that may be required, and for fraud prevention, detection and investigation purposes.
Please note that where the Telematics Unit indicates a severe crash has occurred, we will try to contact the policy holder and the named driver to offer assistance. If they cannot be reached, we will try to reach anyone else named on the account. If we are unable to contact any of those persons named on the account then we will contact the emergency services with details of the vehicle, its last known location, and the names of those individuals named on the policy.
Admiral Group plc may contact you from time to time to ask you to take part in a survey, in order to enable us to review, develop and improve our services. We usually use Survey Monkey’s website to host our surveys. In providing its services to us, Survey Monkey act as a data processor. To view Survey Monkey’s Privacy Notice please click here. At all times, we will remain the data controller.
Your survey responses, including any personal data provided, will only be used by Admiral Group plc for the purposes stated within this Privacy and Security statement. Personal data can include (but is not restricted to) your name, age and e-mail address. We may also collect special category personal data, depending on the survey to which you are responding.
How we use your data
We will likely share your data with the other companies within the Admiral Group. For the purposes of this Privacy Notice, "Admiral Group" means Admiral Group plc and any company or entity in which Admiral Group plc owns more than 15% of the issued share capital.
Companies in the Admiral Group shall include, without limitation, EUI Limited, Admiral Insurance Services Limited, Admiral Insurance Company Ltd, Admiral Insurance (Gibraltar) Ltd, Inspop.com Ltd, Able Insurance Services Ltd, AFSL, and any other company that is incorporated within the Admiral Group at any time in the future).
A full list of our companies can be found here.
There are also some circumstances where we will share your data with external companies. At all time, privacy remains paramount and we will endeavour to minimise the data shared at every opportunity.
These circumstances include:
- Enriching our data sets with information from external databases in order to provide a quote. Examples of this may include checking your driving license number with the DVLA, or checking your address against flood databases;
- Comparing our records with those of third parties, such as Lexis Nexis, in order to assess the validity of the data provided;
- Sharing with other insurers, re-insurers, brokers, and other third parties who assist us in administering your insurance contract and/or financial products;
- Servicing your claim and sharing with companies that assist us such as loss adjusters, claims administrators, our approved repairers’ network, medical professionals and any company representing third parties to the claim;
- Sharing with carefully selected partners in order to add value to our products;
- Sharing with third parties so they can provide you with surveys;
- Building a marketing profile to find similar customers with similar needs; and
- Sharing with regulatory or public bodies such as the PRA, FCA, ICO and the Financial Services Ombudsman.
As well as what’s been mentioned above, there are further scenarios where we would have to share your data. These are:
- Where we are legally compelled to do so
- Where there is a duty to the public to disclose
- Where disclosure is required to protect our interest
- Where disclosure is made at your request or with your consent
If you make a complaint about the service we have provided, we may be obliged to forward details about your complaint, including your personal data, to the relevant ombudsman. You can be assured that they are similarly obliged to adhere to all applicable data protection legislation and keep your personal data strictly confidential.
In order to prevent and detect fraud, we may at any time share information about you with the other companies within the Admiral Group.
The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. These include CIFAS and the Insurance Fraud Bureau.
If false or inaccurate information is provided and fraud is identified, you could be refused certain services, finance, or employment and details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information.
We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:
- Checking details on applications for credit and credit related or other facilities;
- Managing credit and credit related accounts or facilities;
- Recovering debt;
- Checking details on proposals and claims for all types of Insurance; and
- Checking details of job applicants and employees.
We and other organisations may access and use, from other countries, the information recorded by fraud prevention agencies.
For further details on how your information will be used by us and these fraud prevention agencies, and your data protection rights, please contact us at Central Underwriting Department, Tŷ Admiral, David Street, Cardiff, CF10 2EH
No Claims Bonus
Using data obtained from your driving licence number, we may pass details of your 'No Claims Bonus' to certain organisations to be recorded on a No Claims Bonus database. This may occur if information requires updating or correcting at any stage, and also at the renewal stage of your policy and upon or after the cancellation of your policy prior to the expiry date.
Dealing with other people
All policies must have an administrator.
The Administrators must be a policyholder within the current period of insurance and will be our primary point of contact in relation to the administration of the policy.
- Will have access to all documentation, information and personal data relating to the insured(s) on the policy;
- Can nominate another policyholder to become the Administrator;
- Can make any changes to all parts of the policy; and
- Can cancel the whole policy in line with General Condition 4 of your policy book.
With the exception of cancellation, it is Admiral policy to deal with those named on your policy or any acceptable callers. The ways in which we may deal with those named on your policy or any acceptable callers include adding or removing vehicles to the policy.
An acceptable caller is:
- A policyholder;
- A named driver;
- The spouse, partner or parent of a policyholder;
- A secretary or personal assistant who has been added by a policyholder; and
- Any other person or organisation that provides evidence that they have authority to act on behalf of the policyholder and passes our data protection procedure.
If you would like someone else to deal with your policy on your behalf on a regular basis, please let us know either call us or writing to us at Admiral Group plc, Tŷ Admiral, David Street, Cardiff, CF10 2EH.
We will share your information with Admiral Law where their involvement is requested by you and sharing your case file becomes necessary for them to perform their role. For more information, please visit the Admiral Law website.
Ford Insure Customers
We will share your personal information with FCE Bank plc for complaints handling, reporting and audit purposes. FCE Bank plc will also become a data controller in respect of your personal data provided to EUI in the event that the provider of Ford Insure changes. FCE Bank plc will instruct the new provider to contact you before your policy renewal date. Further information about how FCE Bank plc uses your personal data can be accessed here.
Protecting your data
On our websites we protect any data you have given us by providing you with a User ID and password. We also use industry standard security to encrypt sensitive data in transit to our servers.
It may be necessary to transfer your personal data to other Group companies or service providers located outside of the European Economic Area. The data protection and other laws of these countries may not be as comprehensive as those in the UK or the EEA - in these instances we will take steps to ensure that your data is given an equivalent level of protection as it is in the EEA.
The User ID and password helps us to protect your personal data. You must keep this password safe and must not disclose it to anyone. Some suspicious emails contain attachments or links to websites that try to install malicious software on your computer. If you have entered your password on what you think might be a malicious website, please contact us immediately and ask us to change your password.
If you have entered your credit card information on what you think might be a malicious website or replied to an e-mail with that information, you should contact your credit card company immediately. Do not forget to contact us to update your card details.
When you ask for a quote from us, we will process the data on a secure server. Your browser will confirm that you are in a secure area by displaying an unbroken key or lock in the bottom right hand corner of your browser window.
Many organisations use security features such as firewalls to protect their computer systems. These firewalls may prevent you from connecting to our secure server to get a quote. If you are at work and cannot connect to our web site, please speak to your IT administrator.
Please be aware that communications over the Internet, such as emails, are not secure unless they have been encrypted. Your communications may route through a number of countries before being delivered - this is the nature of the Internet. We cannot accept responsibility for any unauthorised access or loss of personal information that is beyond our control.
Additionally, you can protect your system by installing anti-virus and running scans as recommended by the vendor. You should also run any security updates / patches you receive for your system from the supplier.
Never respond to unsolicited emails from unfamiliar sources. Such emails may be fraudulent and attempt to get you to provide your personal details or payment information.
How long do we keep your data
We are subject to various legislative requirements concerning retention of data, and also have our own legitimate interests in retaining your data for a period of time beyond your policy lifecycle. These include defence of any late or delayed claims and improving our products and pricing.
We will not process your personal data for longer than is necessary nor will we process it for purposes beyond what it was collected for.
Your Rights as a Customer
You have a number of rights as a data subject, which are explained below. Please be aware that these rights do not apply in all circumstances, but where we can we’ll give you what you want.
In order to access the data we hold about you, you need to make a ‘Subject Access Request’, or SAR.
Create a SAR
Either email us or write to us at:
Head of Customer Assurance
Subject Access Request
Cardiff CF10 2AA
1. Your name, address, policy/claim number or loan reference number and what information you would like.
2. Identification documents; one which shows your name and signature (e.g. a copy of your passport) and one which shows your name and address (e.g. a copy of a recent bill or bank statement or other official document). We will accept just one identification document if it shows your name, address and signature such as a copy of your driving licence. (This is to take reasonable steps to confirm your identity before providing you with details of any personal information we may hold about you.)
Please note that if your SAR involves the personal data of other people, or you are making a request on behalf of someone else (such as a parent on behalf of their child), we may need identification from these individuals, as well as a signed letter of authority from them confirming that they are happy for you to act on their behalf and for us to release their data to you.
Once we have received your written request and identification documents, we will have 30 calendar days to fulfil your request. Where for some reason this will not be possible, for instance due to large volumes of data being involved, we are permitted by law to take up to an additional 30 days to fulfil your request. Where any such delay is anticipated we will inform of you this as soon as possible along with details of when we expect to be able to provide you with the requested documentation.
Other data subject rights
Your other rights as a data subject, where applicable, include:
- The right to be informed about our processing of your personal data
- The right to have your personal data corrected if it is inaccurate, and to have incomplete personal data completed
- The right to object to the processing of your personal data
- The right to have your personal data erased (“right to be forgotten”)
- The right to move, copy, or transfer your personal data (“data portability”)
- Rights regarding automated decision making, including profiling
For more details on these rights and how to exercise them, please email us.
If you have any queries about your rights, or believe that they have not been met by Admiral Group plc or any of the companies within the group, please contact our Data Protection Officer by email or by writing to:
Data Protection Officer
Admiral Group plc
Cardiff CF10 2AA
Complaints relating to processing of your personal data
If you have any complaints relating to the processing of your personal data, you also have the right to complain to the relevant Supervisor Authority. In the UK this is the Information Commissioner’s Office (ICO). They can be contacted at:
Information Commissioner’s Office
Admiral Group plc has various offerings and from time to time we would like to keep you informed of news, products or services, including but not limited to insurance (e.g. other automotive, insurance, legal or financial products, or other carefully selected offers or promotions that we feel may be of interest to you). This could be by telephone, post, email, social media channels or SMS.
If you would rather we did not contact you for this purpose, or would like to let us know how you prefer to be contacted (such as by email or post), or to confirm the types of products and services that would be of most interest to you, then let us know by emailing us at firstname.lastname@example.org or writing to us at Head of Customer Assurance, Tŷ Admiral, David Street, Cardiff, CF10 2AA.
If you have visited our site and begun enquiring about one of our services, we may contact you by telephone or other means to discuss and the cover options available to you. If you do not want to hear from us about your quote, please let us know by emailing us at email@example.com or writing to us at Head of Customer Assurance, Tŷ Admiral, David Street, Cardiff, CF10 2AA.
Other carefully selected companies may also contact you by post unless you have opted-out of this. If you would like to opt out of hearing from these companies, please let us know by emailing us at firstname.lastname@example.org or writing to us at Head of Customer Assurance, Tŷ Admiral, David Street, Cardiff, CF10 2AA.
We also engage in online advertising, to keep you aware of what we’re up to and to help you see and find our services.
Like many companies, we target Admiral banners and ads to you when you are on other websites and apps. We do this using a variety of digital marketing networks and ad exchanges, and we use a range of advertising technologies like web beacons, pixels, ad tags, cookies, and mobile identifiers, as well as specific services offered by some sites and social networks, such as Facebook’s Custom Audience service.
Changes to this policy
This Privacy Notice was last updated on 2nd August 2019. We reserve the right to make changes to this policy and you will be prompted of any changes when you next visit our website.
From time to time we may need to change the way we use your personal data. Where we believe you may not reasonably expect such a change, we will write to you. When we do so, you will have 60 days to object to the change but if we do not hear from you within that time you consent to that change.