MSIEU Data Privacy Notice

 

MSIEU values its customers and is committed to protecting and respecting your privacy. This Data Privacy Notice explains how we process and protect any personal data we collect or receive about you. This Data Privacy Notice applies to personal data provided by customers, brokers, coverholders, claimants, third party agents (TPAs) and complainants. Please read this Data Privacy Notice carefully to understand our practices regarding personal data.

 

We seek to comply with principles of "data minimisation". This means we try to ensure that we avoid collecting or processing data other than the types and volume of personal data required to achieve the purposes set out in this Data Privacy Notice.

 

1. Who we are

Mitsui Sumitomo Insurance Company (Europe), Limited “MSIEU” is the data controller, this means we decide how your personal data is processed and for what purposes. Your personal data has either been, or will be collected by, or transferred to, MSIEU. We can be contacted via post at the below address or e-mail us at DPO@msi-europe.com We aim to respond to all correspondence within thirty calendar days.

 

The Data Protection Officer
Mitsui Sumitomo Insurance Company (Europe), Limited
25 Fenchurch Avenue
London
EC3M 5AD

 

Our Data Protection Officer will handle any questions you may have on the use of your personal data and your rights as a data subject. This is covered in further detail in section 10, Your Data Subject Rights.

2. Types of personal data we hold

We capture and process a variety of different types of personal data depending on the nature of the services involved. This includes but is not limited to:

 

Type of Personal Data Example
Individual details Name, address (including proof of address), other contact details (e.g. e-mail and telephone numbers), gender, marital status, date and place of birth, nationality, employer, job title and employment history, and family details, including their relationship to you.
Official identification details Identification numbers issued by government bodies or agencies, including your national insurance number, passport number, tax identification number and driving licence number.
Financial information Bank account or payment card details, income or other financial information.
Risk details Information about you which we need to collect in order to assess the risk to be insured and provide a quote. This may include data relating to the health, criminal convictions, or other special categories of personal data of the people to be covered.
Policy information Information about the quotes you receive and policies you take out.
Credit and anti-fraud data Credit history, credit score, sanctions and criminal offences, and information received from various anti-fraud databases relating to you.
Previous and current claims Information about previous and current claims, (including other unrelated insurances), which may including data relating to your health, criminal convictions, or other special categories of personal data and in some cases surveillance reports.

 

Sometimes we may need to process special categories of personal data. These are certain types of personal data which require additional privacy protection. The special categories are:

  • Racial or ethnic origin;
  • Political opinions;
  • Religious or philosophical beliefs;
  • Trade union membership;
  • Genetic or biometric data;
  • Health data;
  • Sex life or sexual orientation.

Personal data and special category data may be required to allow us to provide a quote, underwrite your policy, consider your claim or provide other insurance and ancillary services.

3. Where we might collect your personal data from

We might collect your personal data from various sources including:

  • You;
  • Your family members, employer or representative;
  • Other insurance market participants such as, authorised agents, service providers, reinsurers, other insurers, legal advisers, loss adjusters and claims handlers;
  • Credit reference agencies;
  • Anti-fraud databases, sanctions lists, court judgements and other databases;
  • Government agencies such as the HMRC;
  • Open electoral register; or
  • In the event of a claim, third parties including any other party to the claim (such as a claimant/defendant), witnesses, experts (including medical experts), loss adjusters, lawyers and solicitors, and third party claims handlers.

Which of the above sources apply will depend on your particular circumstances.

4. Why we use your personal data

We collect your personal data to help us with evaluating, arranging, underwriting or administering an insurance contract or administering a claim under an insurance contract. Specifically:

  • a. Evaluating, arranging and underwriting your policy, including:
  • Performing credit or money laundering checks;
  • Understanding your insurance requirements to offer you a product that matches your needs and circumstances;
  • Gaining a reasonable understanding of the nature of the risk to be covered by the policy;
  • Providing competitive and appropriate pricing;
  • Contacting you to renew your policy for another year.
  • b. Administering your policy, including:
  • Managing any changes to your policy;
  • Providing client services as appropriate;
  • Maintaining contact with you, for issues relating to your policy and general customer contact.
  • c. Administering your claims, including:
  • Registering your claims;
  • Assessing your claims, including any liaison with third parties potentially involved in your claims, e.g. communications regarding health information;
  • Running due diligence checks e.g. money laundering;
  • The investigation of fraudulent claims;
  • The defence of or prosecution of valid and legal claims.
  • d. Further reasons, including:
  • Any sale or transfer of our policies to another company due to restructuring;
  • To allow us to perform the essential practice and process of underwriting;
  • To ensure we comply with any legal or regulatory obligations;
  • The testing of our systems and processes where imitation data is unavailable. Testing which uses personal data will only by carried out in limited circumstances and only when appropriate safeguards and controls have been put in place.

5. Automated decision making

We do not use an automated decision making process to generate a quote to provide you with an insurance service or for any other purpose.

6. Our legal bases for processing your personal data

We process personal data where necessary in order to:

  • Engage with you when you or someone acting on your behalf asks us for a quote and are considering entering into a contract;
  • Satisfy our obligations under a contract with a client or customer;
  • Comply with a legal obligation;
  • Process data as may be required in the public interest, such as detecting and preventing fraud;
  • Pursue our legitimate interests in providing clients and customers with insurance services.

We process special category data when you provide consent or when we need to:

  • Evaluate, arrange, underwrite or administer an insurance policy or administer a claim under an insurance policy;
  • Protect, investigate, and defend legal claims;
  • Process data for reasons of substantial public interest.

7. Who we share personal data with

To allow us to meet our obligations and effectively provide our services to you, it may be necessary to pass your personal data onto external parties. These external parties may include:

  • Credit reference agencies;
  • Anti-fraud databases;
  • Banks;
  • Claims handlers;
  • Lawyers and Solicitors;
  • Loss adjusters;
  • Co-insurers and/or Reinsurers;
  • External parties involved in the claim;
  • Private investigators;
  • The police and law enforcement;
  • External parties involved in the investigation, defence or prosecution of claims;
  • Other insurers (under court order or to prevent and detect fraud);
  • The Prudential Regulatory Authority, the Financial Conduct Authority, the Information Commissioner’s Office and other regulators as required by law;
  • Companies that are part of the MS&AD group;
  • Our suppliers and sub-contractors for the performance of any contract we have with them;
  • Experts and Purchasers for any sale or transfer of our policies to another company due to restructuring.

Your data will be shared securely, and only when absolutely necessary. It will never be processed by us or shared with external parties or organisations for marketing purposes without your consent.

8. International data transfers

We may need to transfer or share your data outside the European Economic Area for our operational procedures e.g. our Parent Company, Mitsui Sumitomo Insurance Company, Limited “MSIJ” in Japan. It may also be processed by staff operating outside the EEA who are working for us or one of our suppliers. We will always take steps to ensure your data is treated and transferred securely with appropriate safeguards and controls in place.

9. Ongoing storage and use of your personal data

We will not keep personal data for longer than necessary for the purpose for which it is processed. It will be retained in accordance with our Data Retention Standard. Laws or regulations may require us to keep records for specific periods of time. We may also need to keep records in order to administer the insurance relationship, to fulfil our contractual or statutory obligations or to resolve queries or disputes which may arise.

We will store your personal data based upon the following criteria:

  • Whether the personal data is actively required for the purposes stated in this Data Privacy Notice;
  • Whether there is a legal or regulatory reason to continue to retain the personal data.

10. Your data subject rights

Under Data Protection regulation you have the right to:

  • Obtain a copy of your personal data held by MSIEU;
  • Have any incorrect personal data updated;
  • Request the erasure of any of your personal data;
  • Restrict the use of your personal data;
  • Object to the use of your personal data;
  • Request the personal data you provided to MSIEU to be moved to another organisation.

If you wish to exercise any of these rights please write to or e-mail the address in Section 1 stating your request and contact details. In order for MSIEU to respond to your requests effectively and efficiently, please provide any further information you feel is necessary.

 

In certain circumstances, we may need to restrict the above rights particularly where we are required to keep and use that data to comply with legal or regulatory requirements or safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege).

11. Complaints

MSIEU is dedicated to providing a high quality service and we want to ensure that this is maintained at all times, however, if you feel that we have not met your expectations, we'd like to know so we can put things right for you. You can submit a complaint by writing to or e-mailing the address in Section 1

 

We would expect that any complaint can best be dealt with by contacting us in the first instance, and we will take complaints made to us seriously. However, if you wish to complain about our use of your personal data, and do not wish to contact us first, you also have the right to complain directly to the supervisory authority. Full details on this can be found on the https://ico.org.uk/.

Mitsui Sumitomo Insurance Company, Limited

Financial strength rating

 

MSI Financial Strength Rating

Mitsui Sumitomo Insurance Company (Europe), Limited

Financial strength rating

 

Standard & Poor's - AA