Alpha This is a new service – your feedback will help us to improve it.

Menu Search

Admiral

The information on this page is from the privacy notice published by Admiral.

You can use this page to learn about how this organisation uses personal data and find out how to make a request related to the data they hold about you.

Make a request

Organisation information

Description

Insurance

Registration country

United Kingdom

Registration number

03849958

Data Protection Officer

Organisations that use special categories of data, are public bodies, or do large scale processing must appoint a Data Protection Officer.

Role

Data Protection Officer

Email address

yourinformationrights@admiralgroup.co.uk

Postal address

Data Protection Officer, Admiral Group plc, Tŷ Admiral, David Street, Cardiff, CF10 2AA

Data categories collected

Organisations must give details about what categories of data are stored and processed.

Unusual processing purposes

Organisations must provide information about what they do with data. This section highlights less common uses of data.

This privacy notice does not appear to mention any unusual processing purposes.

Third parties

Organisations must give details about other parties that personal data is shared with.

List of third parties

  • Companies in the Admiral Group

  • Companies involved in mergers and acquisitions

  • Companies involved in delivering the products and services bought by you

  • Telematic Service Providers (in the case of vehicle telematics data)

  • Agents, parties and subcontractors

  • Parties to whom Admiral are required by law to disclose data to

How specific is this information?

Third parties are listed as groups

Retention rules

Organisations must give details about how long data is kept.

Summary

Admiral note that personal data will be kept as long as it is needed to provide customers with the agreed products or services.

After an account, policy or service has closed, it will continue to be held for as long as the user may bring a claim against Admiral.

How specific is this information?

  • Retention rules are given without mentioning specific categories of data

  • Unspecific times for how long data is kept

Lawful bases

Organisations must justify collection and use of data under six lawful bases and provide information about their decisions

  • Legitimate interests

    * Fraud detection and prevention across Admiral Group
    * Engaging and contacting you throughout the lifecycle of your policy to ensure you have a good experience as an Admiral customer
    * Setting reserves for our injury claims
    * Internally auditing our processes to maintain our high standards
    * Some of our marketing activities
    * Refining and improving our pricing models to improve the accuracy of our premiums
    * Sharing data with selected third parties in order to add value to our products

Observations

Admiral appear to only rely upon legitimate interests as the lawful basis for processing any data.

Security standards

Organisations must ensure that data is stored and processed securely.

Observations

Admiral note that they use "industry standard security" to encrypt sensitive data when it is in transit to their servers. Admiral do not provide in-depth information about how data is secured.

How specific is this information?

This organisation provides general details about how they secure data

Data processing addendum

Some organisations offer a data processing addendum that gives data adequate protections when it leaves the EEA.

This privacy notice does not appear to have this information.

Automated decision making

Organisations must give details about how data is used to make decisions without human involvement.

Summary

This organisation uses automated decision making

Observations

Admiral indicate that automated decision-making is used for "credit scoring or other automated decision-making systems".

How specific is this information?

The organisation mentions use of automated decision making for specific purposes

Complaint information

Organisations must give details about how to make a complaint with a data protection authority.

Summary

This privacy notice contains information about to make a complaint to a data protection regulator

Observations

Admiral direct complaints to their Data Protection Officer in the first instance, and note that subsequent complaints can be submitted to the Information Commissioner's Office.

How specific is this information?

This privacy notice contains specific contact details for a data protection regulator

Design recommendations

Organisations are required to provide privacy information in a transparent way. The Article 29 Working Party has provided recommendations on how to do this.

Assessment

This privacy notice:

  • Has language that is easy to understand

  • Is designed in a way that makes it easy to find information

  • Can be easily found on the organisation's website

Last updated 2018-06-29 at 08:06:09 • Download as JSONAPI documentationView on GitHubView on OpenCorporates