Liberty Specialty Markets takes the protection of your personal data seriously and is committed to protecting your privacy. This Privacy Notice sets out details of the information that we may collect from you and how we may use that information. Please take your time to read this notice carefully. When using a Liberty Specialty Markets website, this notice should be read alongside the website terms and conditions.
1. About Liberty Specialty Markets
Liberty Specialty Markets is an international insurance business. We offer insurance to individuals, companies and other insurers. “You” shall include, as relevant, individual insured customers (including prospective customers) such as sole traders, a company’s owners, directors, partners and/or any individual who may be covered by an insurance policy with Liberty. You should show this notice to anyone who may also be covered by your insurance policy with us.
In order for us to deliver insurance services which involve providing you with a quote and then insurance, and dealing with any claims or complaints that might arise, we need to collect and process data. We also collect your information for recruitment purposes, in our contractual relationships with you and for relationship development, where appropriate. This makes us a "data controller".
Liberty Specialty Markets is comprised of a number of data controllers depending on the interaction you have with us or the policy written.
- If you are contacting us for recruitment purposes, please review the relevant Recruitment Privacy Notice.
- If you are a broker, customer, supplier, contractual counterparty or other third party then one of the following will be the data controllers of your personal data:
- Liberty Specialty Markets MENA Limited and/or
- Liberty Managing Agency Limited (for and on behalf of the Underwriting Members of Lloyd’s Syndicate 4472) and/or
- Liberty Mutual Insurance Europe SE and/or
- Liberty Specialty Markets Europe S.a.r.L and/or
- Liberty Specialty Markets Europe Two S.a.r.L and/or
- Liberty Mutual Reinsurance (a division of Liberty Mutual Insurance Company) and/or
- Liberty Specialty Markets Bermuda Limited and/or
- Liberty Specialty Markets Agency Limited.
Any documentation you receive may state any of our trading names, including Liberty Specialty Markets, Liberty Mutual Reinsurance, Global Transaction Solutions or Liberty Mutual Surety. The specific company acting as a data controller of your personal data will be listed in the in the documentation we provide to you.
If you are a customer residing in California, please view the relevant supplementary privacy notice here.
Where you provide personal data to us about other individuals (for example, members of your family) we will also be data controller of and responsible for their personal data. You should refer them to this notice before supplying us data on behalf of others.
If you are unsure about who the data controller of your personal data is, you can also contact us at any time by e-mailing us at dataprotectionofficer@libertyglobalgroup.com or by writing to Data Protection Officer, Liberty Specialty Markets, 20 Fenchurch Street, London, EC3M 3AW.
2. About the insurance market
Insurance involves the use and disclosure of your personal data by various insurance market participants such as intermediaries, insurers and reinsurers. The London Insurance Market Core Uses Information Notice sets out those core necessary personal data uses and disclosures. Our core uses and disclosures are consistent with the London Market Core Uses Information Notice. We recommend you review this notice (by clicking the link above). The 2007 DIFC data protection law is due to be updated, at which point this privacy notice will be updated to reflect the new requirements.
3. Our processing of your personal and special category data
The types of personal data that we collect and our uses of that personal data will depend on our relationship with you. For example, we will collect different personal data depending on whether you are a policyholder, a beneficiary under an insurance policy, a claimant, a witness, a broker, a potential employee or another third party.
Sometimes we will request or receive your “sensitive personal data” (which is information relating to your health, genetic or biometric data, criminal convictions, sex life, sexual orientation, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership). For example we may need access to information about your health in order to provide you with a quote, provide your insurance policy, or process any claims you make. We may also need details of any unspent criminal convictions you have for fraud prevention purposes.
This notice sets out the legal grounds enabling us to process your personal and special category data. There are different requirements in different jurisdictions for processing special category data. For example, in the DIFC, we are able to process special category data where it is necessary to provide insurance services to you. In other jurisdictions, we require your explicit consent. Where the tables below note that special category data will be processed for the purposes of providing insurance, this only applies to our data controllers subject to English, DIFC, Irish, Dutch or Spanish law law (this will be clear from the documentation supplied to you).
Where the provision of information is legally or contractually required, we will tell you this at the time of collection.
Where you provide personal data to us about other individuals (for example, members of your family) we will also be data controller of and responsible for their personal data. You should refer them to this notice before supplying us data on behalf of others.
We may amend the personal data so that you cannot be identified from the data either by itself or when combined with any other data we hold. That data will then not be subject to this notice or data protection law.
In order to make this notice as user friendly as possible, we have split it into different sections. The notice is available in different languages to reflect our global presence. Please click on the section below that best describes your relationship with us.
3.1. Prospective policyholders or beneficiaries
If you apply for an insurance policy or where someone else (such as a family member or your employer) applies for an insurance policy which will benefit you, this section will be relevant to you and sets out our uses of your personal data.
What personal data will we collect?
- General information such as your name, address, contact phone numbers and email addresses, date of birth and gender.
- Information about your relationship to the policyholder where you are the beneficiary.
- Identification information such as passport details, driving licence and national insurance number.
- Your bank and payment details.
- If relevant, information about your job such as job title, employment history and professional accreditations.
- Any financial information about you which we have obtained as a result of conducting credit checks such as bankruptcy orders, individual voluntary arrangements or country court judgments.
- Information which we obtain as part of checking sanctions lists, such as those published by United Nations, European Union, UK Treasury, the U.S. Office of Foreign Assets Control (OFAC) and the U.S. Department of Commerce, Bureau of Industry and Security .
- Any information which is relevant to your insurance application such as previous insurance policies you have held and claims you have made. This will also include any information specific to the type of policy you are applying for, for example, if you are applying for a fine art policy we may collect and use information which relates to your art collection.
- Information which we have gathered from publically available sources such as the electoral roll, newspapers and social media sites.
- Any other information passed on from you, your insurance broker or someone else applying on your behalf.
What sensitive personal data will we collect?
- Details about your criminal convictions and any related information. This will include information relating to any offences or alleged offences you have committed or any court sentences which you are subject to.
- Details about your physical and mental health which are relevant to your policy or claim (e.g. if you are a pilot and take out or are covered by an aviation policy, we may need details of pre-existing medical conditions). This may take the form of medical reports or underlying medical data such as x-rays or blood tests.
- We may also collect information because it is relevant to your policy or claim, which reveals or is likely to reveal your race or ethnicity, religious or philosophical beliefs; political opinions; trade union membership; genetic or biometric data; or data concerning your sex life or sexual orientation. For example, we may process information relating to your trade union membership if you take out a policy with us via your trade union body, as we can determine that you are a member of a trade union or where you specify certain medical treatments, this could indicate your religious beliefs.
How will we collect your personal data?
We will collect information directly from you:
- when you apply for or renew a policy;
- when we are providing you with a quotation;
- when you make a claim on your policy;
- when you contact us by email, telephone and through other written and verbal communications;
- when you contact our third party administrators by telephone (please note that call recording may be used).
- when you make a complaint.
As well as obtaining information directly from you, we will collect information from:
- The named policyholder where you are a beneficiary.
- Third parties involved in the relevant insurance policy or claim (such as our business partners and representatives, brokers or other insurers, claimants, defendants or witnesses to an incident).
- Third parties who provide a service in relation to the relevant insurance policy or claim (such as loss adjusters, claims handlers, and medical experts).
- Publically available sources such as the electoral roll, court judgments, insolvency registers, internet search engines, news articles and social media sites.
- Other Liberty Mutual Insurance Group companies.
- Third parties who provide sanctions checking services.
- Insurance industry bodies.
- Financial crime detection agencies and insurance industry databases
- Our regulators including the Dubai Financial Services Authority, Financial Conduct Authority, the Prudential Regulation Authority and the relevant data protection regulator.
- If relevant, your policy details will also be added to the Motor Insurance Database (MID), run by the Motor Insurers’ Information Centre (MIIC).
- The police, tax authorities and other crime prevention and detection agencies.
- Third party suppliers we appoint to help us carry out our everyday business activities including IT suppliers, actuaries, auditors, lawyers, document management providers, outsourced business process management providers, our subcontractors and tax advisers.
- Selected third parties in connection with any sale, transfer or disposal of our business.
What will we use your personal data for?
We may use your personal data for a number of different purposes. In each case, we must have a "legal ground" to do so. We will rely on the following “legal grounds”, when we process your "personal data":
- We need to use your personal data to enter into or perform the insurance contract that we hold with you. For example, we need to use your personal data to provide you with a quote or to provide your insurance policy and other associated products (e.g. legal expenses cover). We will rely on this for activities such as assessing your application, managing your insurance policy, handling claims and providing other products to you.
- We have a legal or regulatory obligation to use such personal data. For example, our regulators require us to hold certain records of our dealings with you.
- We need to use your personal data for a legitimate interest (e.g. to properly investigate incidents which are the subject of a claim, to keep business records, to carry out strategic business analysis, review our business planning and to develop and improve our products and services). When using your personal data for these purposes, we will always consider your rights and interests.
When the information that we process is classed as “sensitive personal data", we must have an additional “legal ground". We will rely on the following legal grounds when we process your "sensitive personal data":
- In the UK, we need to use your sensitive personal data for purposes relating to an insurance policy or claim and there is a substantial public interest in such use. Such purposes include assessing your insurance application, managing claims and preventing and detecting fraud.
- We need to use such sensitive personal data to establish, exercise or defend legal rights. This might happen when we are faced with legal proceedings or want to bring legal proceedings ourselves or when we are investigating a legal claim that a third party brings against you.
- We need to use such special category data for a justifiable public interest purpose on the basis of a legal requirement (e.g. security scanning of email contents to detect cyber threats).
- You have provided your consent to our use of your sensitive personal data (e.g. in relation to your claim). In some circumstances, we may need your consent to process sensitive personal data (e.g. health information). Without it, we may be unable to provide your policy or handle claims. We will always explain why your consent is necessary.
Purpose for processing
To evaluate prospective clients, including carrying out fraud, credit and anti-money laundering checks.
Legal grounds for using your personal data
- It is necessary to enter into your insurance contract.
- We have a legitimate interest (to assess the insurance application).
Legal grounds for using your sensitive personal data
- It is in the substantial public interest to prevent or detect unlawful acts (where we suspect fraud).
- Such use is necessary for insurance purposes.
- We need to establish, exercise or defend legal rights.
- You have given us your explicit consent.
Purpose for processing
To manage and handle your insurance application and queries.
Legal grounds for using your personal data
- It is necessary to enter into or perform your insurance contract.
- We have a legitimate interest (to assess the insurance application).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent. We will need your consent before we can provide your policy.
- Such use is necessary for insurance purposes.
Purpose for processing
To provide improved quality, training and security (for example, through recorded or monitored phone calls to our contact numbers, or carrying out customer satisfaction surveys).
Legal grounds for using your personal data
We have a legitimate interest (to develop and improve the products and services we offer).
Legal grounds for using your sensitive personal data
You have given us your explicit consent.
Purpose for processing
To comply with our legal or regulatory obligations.
Legal grounds for using your personal data
We need to use your information in order to comply with our legal obligations.
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- We need to use your information in order to establish, exercise or defend legal rights.
Purpose for processing
For business and management processes and activities including analysis, review, planning, business transaction and IT hosting, support and security.
Legal grounds for using your personal data
We have a legitimate interest (to effectively manage our business).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- We need to use your information in order to establish, exercise or defend legal rights.
- Such use is necessary in the substantial public interest.
Purpose for processing
For insurance administration purposes including analysis of trends, carrying out actuarial work, planning service delivery, risk assessment and costs and charges.
Legal grounds for using your personal data
We have a legitimate interest (to develop and improve the products and services we offer).
Legal grounds for using your sensitive personal data
You have given us your explicit consent.
Who will we share your personal data with?
We will keep your personal data confidential and we will only share it where necessary for the purposes set out above with the following parties:
- Other Liberty Mutual Insurance Group companies (both inside and outside the European Economic Area) and their service providers.
- Third parties involved in the administration of your insurance application. These include surveyors, valuers and other experts.
- Other insurers (e.g. where another insurer has previous provided you with a policy or handled a claim).
- Insurance brokers and other intermediaries.
- Other insurers who provide our own insurance (reinsurers) and companies who arrange such reinsurance.
- Credit reference agencies in relevant jurisdictions.
- Third parties who provide sanctions checking services.
- Insurance industry bodies.
- Financial crime detection agencies and insurance industry databases.
- Our regulators including the Dubai Financial Services Authority, Financial Conduct Authority, the Prudential Regulation Authority and the relevant data protection regulator.
- If relevant, your policy details will also be added to the Motor Insurance Database (MID), run by the Motor Insurers’ Information Centre (MIIC).
- The police, tax authorities and other crime prevention and detection agencies.
- Third party suppliers, agents and contractors appointed by Liberty Specialty Markets or the Liberty Mutual Group to help us carry out our everyday business activities including IT suppliers, actuaries, auditors, lawyers, document management providers, outsourced business process management providers, our subcontractors and tax advisers.
- Selected third parties in connection with any sale, transfer or disposal of our business.
- Any agent or representative acting for you.
- Any other person where necessary to perform any insurance contract with you, in order to protect ourselves from risk or to ensure regulatory compliance or good governance.
3.2. Policyholder or beneficiary under an insurance policy
If you take out an insurance policy with us (e.g. a fine art policy) or if you are listed as an applicant or beneficiary under a policy that someone else has with us (such as a named director under a Directors & Officers policy), this section will be relevant to you and sets out our uses of your personal data.
What personal data will we collect?
- General information such as your name, address, contact phone numbers and email addresses, date of birth and gender.
- Information about your relationship to the policyholder where you are the beneficiary.
- Identification information such as passport details, driving licence and national insurance number.
- Your bank and payment details.
- If relevant, information about your job such as job title, employment history and professional accreditations.
- Any financial information about you which we have obtained as a result of conducting credit checks, such as bankruptcy orders, individual voluntary arrangements or county court judgments.
- Information which we obtain as part of checking sanctions lists, such as those published by United Nations, European Union, UK Treasury, the U.S. Office of Foreign Assets Control (OFAC) and the U.S. Department of Commerce, Bureau of Industry and Security .
- Any information which is relevant to your insurance application such as previous insurance policies you have held and claims you have made. This will also include any information specific to the type of policy you are applying for, for example, if you hold a property protection policy, we will collect and use information about your property or if you hold a fine art policy, we will collect and use information about your fine art or jewellery collection.
- Information (including photographic evidence) which is relevant to your policy or claim. For example, if you make a claim following damage to your property, we may use information relating to your property or if you make a claim following a road traffic accident, we may use personal data relating to your vehicle and named drivers.
- Information which we have gathered from publically available sources such as the electoral roll, newspapers and social media sites.
- Any other information passed on from you, your insurance broker or someone else applying on your behalf.
What sensitive personal data will we collect?
- Details about your criminal convictions and any related information. This will include information relating to any offences or alleged offences you have committed or any court sentences which you are subject to.
- Details about your physical and mental health which are relevant to your policy or claim (e.g. if you are a pilot and take out or are covered by an aviation policy, we may need details of pre-existing medical conditions). This may take the form of medical reports or underlying medical data such as x-rays or blood tests.
- We may also collect information because it is relevant to your policy or claim, which reveals or is likely to reveal your race or ethnicity, religious or philosophical beliefs; political opinions; trade union membership; genetic or biometric data; or data concerning your sex life or sexual orientation. For example, we may process information relating to your trade union membership if you take out a policy with us via your trade union body, as we can determine that you are a member of a trade union or where you specify certain medical treatments, this could indicate your religious beliefs.
How will we collect your personal data?
We will collect information directly from you:
- when you apply for or renew a policy;
- when we are providing you with a quotation;
- when you make a claim on your policy;
- when you contact us by email, telephone and through other written and verbal communications;
- when you contact our third party administrators by telephone (please note that call recording may be used).
- when you make a complaint.
As well as obtaining information directly from you, we will collect information from:
- The named policyholder where you are a beneficiary.
- Third parties involved in the relevant insurance policy or claim (such as our business partners and representatives, brokers or other insurers, claimants, defendants or witnesses to an incident).
- Third parties who provide a service in relation to the relevant insurance policy or claim (such as loss adjusters, claims handlers, and medical experts).
- Publically available sources such as the electoral roll, court judgments, insolvency registers, internet search engines, news articles and social media sites.
- Other Liberty Mutual Insurance Group companies.
- Third parties who provide sanctions checking services.
- Insurance industry bodies (including the Employers’ Liability Tracing Office and the Association of British Insurers).
- Financial crime detection agencies and insurance industry databases (such as for fraud prevention and checking against international sanctions) including the Claims Underwriting Exchange (known as "CUE") operated by IDS and the Motor Insurance Anti-Fraud and Theft Register operated by the Association of British Insurers.
- Our regulators including the Financial Conduct Authority, the Prudential Regulation Authority and the Information Commissioner's Office.
- If relevant, your policy details will also be added to the Motor Insurance Database (MID), run by the Motor Insurers’ Information Centre (MIIC).
- The police, HMRC and other crime prevention and detection agencies.
- Third party suppliers we appoint to help us carry out our everyday business activities including IT suppliers, actuaries, auditors, lawyers, document management providers, outsourced business process management providers, our subcontractors and tax advisers.
- Selected third parties in connection with any sale, transfer or disposal of our business.
What will we use your personal data for?
We may use your personal data for a number of different purposes. In each case, we must have a "legal ground" to do so. We will rely on the following “legal grounds”, when we process your "personal data":
- We need to use your personal data to enter into or perform the insurance contract that we hold with you. For example, we need to use your personal data to provide you with a quote or to provide your insurance policy and other associated products (e.g. legal expenses cover). We will rely on this for activities such as assessing your application, managing your insurance policy, handling claims and providing other products to you.
- We have a legal or regulatory obligation to use such personal data. For example, our regulators require us to hold certain records of our dealings with you.
- We need to use your personal data for a legitimate interest (e.g. to properly investigate incidents which are the subject of a claim, to keep business records, to carry out strategic business analysis, review our business planning and to develop and improve our products and services). When using your personal data for these purposes, we will always consider your rights and interests.
When the information that we process is classed as “sensitive personal data", we must have an additional “legal ground". We will rely on the following legal grounds when we process your "sensitive personal data":
- In the UK, we need to use your sensitive personal data for purposes relating to an insurance policy or claim and there is a substantial public interest in such use. Such purposes include assessing your insurance application, managing claims and preventing and detecting fraud.
- We need to use such sensitive personal data to establish, exercise or defend legal rights. This might happen when we are faced with legal proceedings or want to bring legal proceedings ourselves or when we are investigating a legal claim that a third party brings against you.
- We need to use such special category data for a justifiable public interest purpose on the basis of a legal requirement (e.g. security scanning of email contents to detect cyber threats).
- You have provided your consent to our use of your sensitive personal data (e.g. in relation to your claim). In some circumstances, we may need your consent to process sensitive personal data (e.g. health information). Without it, we may be unable to provide your policy or handle claims. We will always explain why your consent is necessary.
Purpose for processing
To evaluate clients, including carrying out fraud, credit and anti-money laundering checks on you.
Legal grounds for using your personal data
- It is necessary to enter into your insurance contract.
- We have a legitimate interest (to prevent fraud and other financial crime).
Legal grounds for using your sensitive personal data
- It is in the substantial public interest to prevent or detect unlawful acts (where we suspect fraud).
- Such use is necessary for insurance purposes.
- We need to establish, exercise or defend legal rights.
- You have given us your explicit consent.
Purpose for processing
To manage and handle your insurance application and queries.
Legal grounds for using your personal data
- It is necessary to enter into or perform your insurance contract.
- We have a legitimate interest (to assess the insurance application and manage the application process).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent. In some circumstances, we will need your consent before we can provide your policy.
- Such use is necessary for insurance purposes.
Purpose for processing
To manage any claims you make under your insurance policy.
Legal grounds for using your personal data
- It is necessary to enter into or perform your insurance contract.
- We have a legitimate interest (to prevent and detect fraud and other financial crime).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent. In some circumstances, we will need your consent before we can provide your policy or pay your claim.
- We need to use your information in order to establish, exercise or defend legal rights.
Purpose for processing
To comply with our legal or regulatory obligations.
Legal grounds for using your personal data
We need to use your information in order to comply with our legal obligations.
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- We need to use your information in order to establish, exercise or defend legal rights.
Purpose for processing
To communicate with you and resolve any complaints that you might have.
Legal grounds for using your personal data
- It is necessary to enter into or perform your insurance contract.
- We have a legitimate interest (to send you communications, record and investigate complaints and ensure that future complaints and handled appropriately).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- We need to use your information in order to establish, exercise or defend legal rights.
- Such use is necessary for insurance purposes.
Purpose for processing
To provide improved quality, training and security (for example, through recorded or monitored phone calls to our contact numbers, or carrying out customer satisfaction surveys).
Legal grounds for using your personal data
We have a legitimate interest (to develop and improve the products and services we offer).
Legal grounds for using your sensitive personal data
You have given us your explicit consent.
Purpose for processing
For business and management processes and activities including analysis, review, planning, business transaction and IT hosting, support and security.
Legal grounds for using your personal data
We have a legitimate interest (to effectively manage our business).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- Such use is necessary in the substantial public interest.
Purpose for processing
For insurance administration purposes including analysis of trends, carrying out actuarial work, planning service delivery, risk assessment and costs and charges.
Legal grounds for using your personal data
We have a legitimate interest (to develop and improve the products and services we offer).
Legal grounds for using your sensitive personal data
You have given us your explicit consent.
Purpose for processing
To apply for and claim on our insurance.
Legal grounds for using your personal data
We have a legitimate interest (to ensure that we have appropriate insurance in place).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent
- We need to use your information in order to establish, exercise or defend legal rights.
Who will we share your personal data with?
We will keep your personal data confidential and we will only share it where necessary for the purposes set out above with the following parties.
- Other Liberty Mutual Group companies and their service providers (both inside and outside the European Economic Area).
- Third parties involved in the administration of the relevant insurance policy or claim. These include loss adjusters, claims handlers, private investigators, accountants, auditors, banks, lawyers and other experts including medical experts.
- Other insurers (e.g. where another insurer has previous provided you with a policy or handled a claim).
- Insurance brokers and other intermediaries.
- Other insurers who provide our own insurance (reinsurers) and companies who arrange such reinsurance.
- Credit reference agencies in relevant jurisdictions.
- Third parties who provide sanctions checking services.
- Insurance industry bodies (including the Employers’ Liability Tracing Office).
- Financial crime detection agencies and insurance industry databases.
- Our regulators including the Dubai Financial Services Authority, Financial Conduct Authority, the Prudential Regulation Authority and the relevant data protection regulator.
- The police, tax authorities and other crime prevention and detection agencies.
- If relevant, your policy details will also be added to the Motor Insurance Database (MID), run by the Motor Insurers’ Information Centre (MIIC).
- Third party suppliers, agents and contractors appointed by Liberty Specialty Markets or the Liberty Mutual Group to help us carry out our everyday business activities including IT suppliers, actuaries, auditors, lawyers, document management providers, outsourced business process management providers, our subcontractors and tax advisers.
- Selected third parties in connection with any sale, transfer or disposal of our business.
- Any agent or representative acting for you.
- Any other person where necessary to perform any insurance contract with you, in order to protect ourselves from risk or to ensure regulatory compliance or good governance.
3.3. Third party claimant
If you make a claim against a third party who has an insurance policy with us, this section will be relevant to you and sets out our uses of your personal data.
What personal data will we collect?
- General information such as your name, address, contact phone numbers and email addresses, date of birth and gender.
- Identification information such as passport details, driving licence and national insurance number.
- Your bank and payment details.
- Other financial data such as income salary information
- If relevant to your claim, we may collect information about your job such as job title, employment history and professional accreditations. We may also collect telematic data such as information about your driving habits.
- Information which we obtain as part of checking sanctions lists, such as those published by United Nations, European Union, UK Treasury, the U.S. Office of Foreign Assets Control (OFAC) and the U.S. Department of Commerce, Bureau of Industry and Security.
- Information relating to previous insurance policies you have held and claims you have made.
- Information (including photographic evidence) which is relevant to your claim. For example, if you make a claim following damage to your property, we may use information relating to your property or if you make a claim following a road traffic accident, we may use personal data relating to your vehicle and named drivers.
- Information which we have gathered from publically available sources such as the electoral roll, newspapers and social media sites.
- Any other information passed on from you, your representative or someone else making the claim on your behalf.
What sensitive personal data will we collect?
- Details about your criminal convictions and any related information. This will include information relating to any offences or alleged offences you have committed or any court sentences which you are subject to.
- Details about your physical and mental health which are relevant to your claim (e.g. because you have been injured whilst at a property insured by us). This may take the form of medical reports or underlying medical data such as x-rays or blood tests.
- We may also collect information because it is relevant to your claim, which reveals or is likely to reveal your race or ethnicity, religious or philosophical beliefs; political opinions; trade union membership; genetic or biometric data; or data concerning your sex life or sexual orientation.
How will we collect your personal data?
We will collect information directly from you:
- when you make a claim;
- when you contact us by email, telephone and through other written and verbal communications;
- when you contact our third party administrators by telephone (please note that call recording may be used).
- when you make a complaint.
As well as obtaining information directly from you, we will collect information from:
- The party who holds a policy with us.
- Third parties involved in the insurance policy or claim (such as our business partners and representatives, brokers or other insurers, claimants, defendants or witnesses to an incident).
- Third parties who provide a service in relation to the claim (such as loss adjusters, claims handlers, and experts).
- Publicly available sources such as the electoral roll, court judgements, insolvency registers, internet search engines, news articles, litigation information and social media sites.
- Other Liberty Mutual Insurance Group companies.
- Financial crime detection agencies and insurance industry databases
- In limited circumstances, private investigators.
What will we use your personal data for? ►
We may use your personal data for a number of different purposes. In each case, we must have a "legal ground" to do so. We will rely on the following “legal grounds”, when we process your "personal data":
- We have a legal or regulatory obligation to use such personal data. For example, our regulators require us to hold certain records of our dealings with you.
- We need to use your personal data for a legitimate interest (e.g. to properly investigate incidents which are the subject of a claim, to keep business records, to carry out strategic business analysis, review our business planning and to develop and improve our products and services). When using your personal data for these purposes, we will always consider your rights and interests.
When the information that we process is classed as “sensitive personal data", we must have an additional “legal ground". We will rely on the following legal grounds when we process your "sensitive personal data":
- In the UK, we need to use your sensitive personal data for purposes relating to an insurance policy or claim and there is a substantial public interest in such use. Such purposes include managing claims and preventing and detecting fraud.
- We need to use such sensitive personal data to establish, exercise or defend legal rights. This might happen when we are faced with legal proceedings or want to bring legal proceedings ourselves or we are considering the claim that has been made against our policyholder.
- We need to use such special category data for a justifiable public interest purpose on the basis of a legal requirement (e.g. security scanning of email contents to detect cyber threats)
You have provided your consent to our use of your personal data. In some circumstances, we may need your consent to process sensitive personal data (e.g. health information). Without it, we may be unable to handle your claims. We will always explain why your consent is necessary.
Purpose for processing
To manage claims.
Legal grounds for using your personal data
- We have a legitimate interest (to assess and pay your claim and manage the claims process).
- We need to use your information in order to comply with our legal obligations.
Legal grounds for using your sensitive personal data
- You have given us your explicit consent. In some cases, we will need your consent before we can pay your claim.
- We need to use your information in order to establish, exercise or defend legal rights
- Such use is necessary for insurance purposes.
Purpose for processing
To prevent and investigate fraud.
Legal grounds for using your personal data
We have a legitimate interest (to prevent and detect fraud and other financial crime).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent. In some cases, we will need your consent before we can pay your claim.
- We need to use your information in order to establish, exercise or defend legal rights.
Purpose for processing
To comply with our legal or regulatory obligations.
Legal grounds for using your personal data
We need to use your information in order to comply with our legal obligations.
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- We need to use your information in order to establish, exercise or defend legal rights.
- Such use is necessary for insurance purposes.
Purpose for processing
To provide improved quality, training and security (for example, through recorded or monitored phone calls to our contact numbers, or carrying out customer satisfaction surveys).
Legal grounds for using your personal data
We have a legitimate interest (to develop and improve the products and services we offer).
Legal grounds for using your sensitive personal data
You have given us your explicit consent.
Purpose for processing
For business and management processes and activities including analysis, review, planning, business transaction and IT hosting, support and security.
Legal grounds for using your personal data
- We have a legitimate interest (to effectively manage our business).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- Such use is necessary in the substantial public interest.
Purpose for processing
For insurance administration purposes including analysis of trends, carrying out actuarial work, planning service delivery, risk assessment and costs and charges.
Legal grounds for using your personal data
We have a legitimate interest (to effectively manage our business).
Legal grounds for using your sensitive personal data
You have given us your explicit consent.
Purpose for processing
To apply for and claim on our own insurance.
Legal grounds for using your personal data
We have a legitimate interest (to ensure that we have appropriate insurance in place).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- We need to use your information in order to establish, exercise or defend legal rights.
Who will we share your personal data with?
We will keep your personal data confidential and we will only share it where necessary for the purposes set out above with the following parties.
- Other Liberty Mutual Insurance Group companies (both inside and outside the European Economic Area) and their service providers.
- Third parties involved in the administration of your claim such as loss adjusters, claims handlers, private investigators, accountants, auditors, banks, lawyers and other experts including medical experts.
- Other insurers (e.g. where another insurer is also involved in a claim that you are making).
- Our insured policyholder
- Insurance brokers and other intermediaries.
- Other insurers who provide our own insurance (reinsurers) and companies who arrange such reinsurance.
- Insurance industry bodies (including the Employers’ Liability Tracing Office).
- Third parties who provide sanctions checking services.
- Insurance industry bodies (including the Employers’ Liability Tracing Office).
- Financial crime detection agencies and insurance industry databases.
- Our regulators including the Dubai Financial Services Authority, Financial Conduct Authority, the Prudential Regulation Authority and the relevant data protection regulator.
- The police, tax authorities and other crime prevention and detection agencies.
- If relevant, your policy details will also be added to the Motor Insurance Database (MID), run by the Motor Insurers’ Information Centre (MIIC).
- Third party suppliers, agents and contractors appointed by Liberty Specialty Markets and the Liberty Mutual Group to help us carry out our everyday business activities including IT suppliers, actuaries, auditors, lawyers, document management providers, outsourced business process management providers, our subcontractors and tax advisers.
- Selected third parties in connection with any sale, transfer or disposal of our business.
- Any agent or representative acting for you.
- Any other person where necessary to perform any insurance contract with you, in order to protect ourselves from risk or to ensure regulatory compliance or good governance.
3.4. Witnesses to an incident
Witnesses to an incident
If you are a witness to an incident which is the subject of a claim, this section will be relevant to you and sets out our uses of your personal data.
What personal data will we collect?
- General information such as your name, address, contact phone numbers and email addresses, date of birth and gender.
- Information relevant to the incident that you have witnessed.
What sensitive personal data will we collect?
It is not standard practice to collect special category data of witnesses to an accident. However, if you are involved in the accident and your details are supplied to us (for example, within a medical report) we might process your sensitive personal data.
How will we collect your information?
As well as obtaining information directly from you, we will collect information from:
- Third parties involved in the incident you witnessed (such as brokers or other insurers, claimants, defendants or other witnesses).
- Other third parties who provide a service in relation to the claim which relates to the incident you witnessed (such as loss adjusters, claims handlers, and experts).
- Publically available sources such as the electoral roll, court judgments, insolvency registers, insurance industry databases, internet search engines, news articles and social media sites.
- Other companies within the Liberty Mutual Insurance Group.
What will we use your personal data for?
We may use your personal data for a number of different purposes. In each case, we must have a "legal ground" to do so. We will rely on the following “legal grounds”, when we process your "personal data":
- We have a legal or regulatory obligation to use such personal data. For example, our regulators require us to hold certain records of our dealings with you.
- We need to use your personal data for a legitimate interest (e.g. to properly investigate incidents which are the subject of a claim, to keep business records, to carry out strategic business analysis, review our business planning and to develop and improve our products and services). When using your personal data for these purposes, we will always consider your rights and interests.
When the information that we process is classed as “sensitive personal data", we must have an additional “legal ground". We will rely on the following legal grounds when we process your "sensitive personal data":
- In the UK, we need to use your sensitive personal data for purposes relating to an insurance policy or claim and there is a substantial public interest in such use. Such purposes include managing claims and preventing and detecting fraud.
- We need to use such sensitive personal data to establish, exercise or defend legal rights. This might happen when we are faced with legal proceedings or want to bring legal proceedings ourselves.
- We need to use such special category data for a justifiable public interest purpose on the basis of a legal requirement (e.g. security scanning of email contents to detect cyber threats)
- You have provided your consent to our use of your sensitive personal data.
Purpose for processing
To investigate and manage claims made under an insurance policy.
Legal grounds for using your personal data
We have a legitimate interest (to assess and pay claims and manage the claims process).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- We need to use your information in order to establish, exercise or defend legal rights
- Such use is necessary for insurance purposes.
Purpose for processing
For business and management processes and activities including analysis, review, planning, business transaction and IT hosting, support and security.
Legal grounds for using your personal data
We have a legitimate interest (to effectively manage our business).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- Such use is necessary in the substantial public interest.
Purpose for processing
To comply with our legal or regulatory obligations.
Legal grounds for using your personal data
We need to use your information in order to comply with our legal obligations.
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- We need to use your information in order to establish, exercise or defend legal rights.
Purpose for processing
To prevent and investigate fraud.
Legal grounds for using your personal data
We have a legitimate interest (to prevent and detect fraud and other financial crime).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- We need to use your information in order to establish, exercise or defend legal rights.
- Such use is necessary for insurance purposes.
Who will we share your personal data with?
We will keep your personal data confidential and we will only share it where necessary for the purposes set out above with the following parties:
- Other Liberty Group companies.
- Third parties involved in the administration of an insurance policy or claim. These include loss adjusters, claims handlers, private investigators, accountants, auditors, banks, lawyers and other experts including medical experts.
- Other insurers (e.g. where another insurer is also involved in the claim which relates to the incident you witnessed).
- Insurance brokers and other intermediaries.
- Other insurers who provide our own insurance (reinsurers) and companies who arrange such reinsurance.
- Insurance industry bodies (including the Employers’ Liability Tracing Office).
- Financial crime detection agencies and insurance industry databases.
- Our regulators including the Dubai Financial Services Authority, Financial Conduct Authority, the Prudential Regulation Authority and the relevant data protection regulator.
- The police, tax authorities and other crime prevention and detection agencies.
- If relevant, your policy details will also be added to the Motor Insurance Database (MID), run by the Motor Insurers’ Information Centre (MIIC).
- Third party suppliers, agents and contractors appointed by Liberty Specialty Markets or the Liberty Mutual Group to help us carry out our everyday business activities including IT suppliers, actuaries, auditors, lawyers, document management providers, outsourced business process management providers, our subcontractors and tax advisers.
- Selected third parties in connection with any sale, transfer or disposal of our business.
- Any agent or representative acting for you.
- Any other person where necessary to perform any insurance contract with you, in order to protect ourselves from risk or to ensure regulatory compliance or good governance.
3.5. Brokers, appointed representatives, suppliers and other business partners
If you are a broker doing business with us, an appointed representative or other business partner such as an introducer or supplier, this section will be relevant to you and sets out our uses of your personal data.
What personal data will we collect?
- General information such as your name, address, contact phone numbers and email addresses, date of birth and gender, language spoken.
- Identification information such as passport details, driving licence and national insurance number.
- Information about your job such as job title and previous roles.
- Log in information, IP address if you are directly accessing any of our systems.
- Information which we obtain as part of checking sanctions lists, such as those published by United Nations, European Union, UK Treasury, the U.S. Office of Foreign Assets Control (OFAC) and the U.S. Department of Commerce, Bureau of Industry and Security.
- Other information (including publically available information) obtained as part of our due diligence checks.
- If you attend an event with us, we may collect relevant details such as your event preferences and dietary requirements.
What sensitive personal data will we collect?
- Information relating to your criminal convictions (including offences and alleged offences and any court sentence or unspent criminal convictions).
- If you attend an event with us, we may collect dietary requirements which could indicate a health condition or religious belief.
- In the event of an emergency, we may need to collect sensitive data about you such us health information.
How will we collect your information?
As well as obtaining information directly from you, we will collect information from:
- Invoices, contracts, policies, correspondence and business cards.
- Other Liberty Mutual Insurance Group companies.
- Publicly available sources such as internet search engines.
- From service providers who carry out sanctions checks.
- Information is disclosed by you (e.g. in case of emergency) or by your employer to us.
What will we use your personal data for?
We may use your personal data for a number of different purposes. In each case, we must have a "legal ground" to do so. We will rely on the following “legal grounds”, when we process your "personal data":
- We need to use your personal data to enter into or perform the contract that we hold with you. For example, we may need certain information in order to operate our business partnership arrangement.
- We have a legal or regulatory obligation to use such personal data. For example, we may be required to carry out certain background checks.
- We need to use your personal data for a legitimate interest (e.g. to keep business records, to carry out strategic business analysis, review our business planning and to develop and improve our products and services). When using your personal data for these purposes, we will always consider your rights and interests.
When the information that we process is classed as “sensitive personal data", we must have an additional “legal ground". We will rely on the following legal grounds when we process your "sensitive personal data":
- We need to use your sensitive personal data for purposes relating to an insurance policy or claim and there is a substantial public interest in such use. Such purposes include assessing an insurance application, managing claims and preventing and detecting fraud.
- We need to use your sensitive personal data to establish, exercise or defend legal rights. This might happen when we are faced with legal proceedings or want to bring legal proceedings ourselves.
- We need to use such special category data for a justifiable public interest purpose on the basis of a legal requirement (e.g. security scanning of email contents to detect cyber threats).
- You have provided your consent to our use of your sensitive personal data.
- We need to use your sensitive personal data in an emergency in order to prevent e.g. serious physical harm to you
Purpose for processing
For business and management processes and activities including analysis, review, planning, business transactions and IT hosting, support and security.
Legal grounds for using your personal data
We have a legitimate interest (to effectively manage our business).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- Such use is necessary in the substantial public interest.
Purpose for processing
To comply with our legal or regulatory obligations.
Legal grounds for using your personal data
We need to use your information in order to comply with our legal obligations.
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- We need to use your information in order to establish, exercise or defend legal rights.
Purpose for processing
To write business and for claims handling.
Legal grounds for using your personal data
We have a legitimate interest (to effectively write policies and manage claims).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- We need to use your information in order to establish, exercise or defend legal rights
- Such use is necessary for insurance purposes.
Purpose for processing
For business development and relationship purposes.
Legal grounds for using your personal data
We have a legitimate interest (relationship management and business analysis).
Legal grounds for using your sensitive personal data
You have given us your explicit consent.
Purpose for processing
Providing improved quality, training and security (for example, through recorded or monitored phone calls to our contact numbers).
Legal grounds for using your personal data
We have a legitimate interest (to develop and improve the products and services we offer).
Legal grounds for using your sensitive personal data
You have given us your explicit consent.
Purpose for processing
To manage and handle your queries.
Legal grounds for using your personal data
- We have a legitimate interest (to effectively manage our business and respond to queries).
- It is necessary to enter into or perform our contract with you.
Legal grounds for using your sensitive personal data
You have given us your explicit consent.
Purpose for processing
For insurance administration purposes including analysis of trends, carrying out actuarial work, planning service delivery, risk assessment and costs and charges.
Legal grounds for using your personal data
We have a legitimate interest (to develop and improve the products and services we offer).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- We need to use your information in order to establish, exercise or defend legal rights
- Such use is necessary for insurance purposes.
Purpose for processing
To provide protection in case of emergency.
Legal grounds for using your personal data
The processing is necessary in order to protect your vital interests or those of another person.
Legal grounds for using your sensitive personal data
The processing is necessary in order to protect your vital interests or those of another person.
Who will we share your personal data with?
We will keep your personal data confidential and we will only share it where necessary for the purposes set out above with the following parties:
- Our policyholders and other third parties such as claimants where relevant.
- Other Liberty Mutual Insurance Group companies.
- Third parties involved in the administration of an insurance policy or claim. These include loss adjusters, claims handlers, private investigators, accountants, auditors, banks, lawyers and other experts including medical experts.
- Our insurance partners such as other brokers and insurers.
- Other insurers who provide our own insurance (reinsurers) and companies who arrange such reinsurance.
- Third parties who provide sanctions checking services.
- Financial crime and fraud detection agencies and other third parties who operate and maintain fraud detection registers.
- Our regulators including the Dubai Financial Services Authority, Financial Conduct Authority, the Prudential Regulation Authority and the relevant data protection regulator.
- The police, tax authorities and other crime prevention and detection agencies.
- If relevant, your policy details will also be added to the Motor Insurance Database (MID), run by the Motor Insurers’ Information Centre (MIIC).
- Third party suppliers, agents and contractors appointed by Liberty Specialty Markets or the Liberty Mutual Insurance Group to help us carry out our everyday business activities including IT suppliers, actuaries, auditors, lawyers, document management providers, client relationship system providers, outsourced business process management providers, our subcontractors and tax advisers.
- Selected third parties in connection with any sale, transfer or disposal of our business.
- Any agent or representative acting for you.
- Any other person where necessary to perform any insurance contract, in order to protect ourselves from risk or to ensure regulatory compliance or good governance.
- Anyone where strictly necessary in order to protect you in case of emergency.
3.6. Users of the Liberty Specialty Markets websites or platforms and event attendees
If you are a user of the Liberty Specialty Markets website (or a platform that links through to this Notice), this section will be relevant to you and sets out our uses of your personal data.
What personal data will we collect?
- General information submitted via the website or platform, for example where you provide your details in the contact section such as your name, contact details and company name.
- Information obtained through our use of cookies. You can find more information about this in our cookies policy in the Cookies section below.
- Information obtained through a sign up form for an event or promotion.
What sensitive personal data will we collect?
We do not anticipate collecting special category data through the website. However, where relevant, we may collect dietary requirements for an event or you might submit special category data through a query or complaint.
How will we collect your personal data?
- We will collect your information directly from our website or a platform that links you through to our website.
- Our websites may also collect your device's unique identifier, such as an IP address.
What will we use your personal data for?
We may use your personal data for a number of different purposes. In each case, we must have a "legal ground" to do so. We will rely on the following “legal grounds”, when we process your "personal data":
- We need to use your personal data to enter into or perform the insurance contract that we hold with you. For example, we need to use your personal data to respond to your enquiry about a quote.
- We have a legal or regulatory obligation to use such personal data. For example, our regulators require us to hold certain records of our dealings with you.
- We need to use your personal data for a legitimate interest (e.g. to monitor the number of visitors to our website, to keep business records and to develop and improve our products and services). When using your personal data for these purposes, we will always consider your rights and interests.
When the information that we process is classed as “sensitive personal data", we must have an additional “legal ground". We will rely on the following legal grounds when we process your "sensitive personal data":
- We need to use your sensitive personal data for purposes relating to an insurance policy or claim and there is a substantial public interest in such use. Such purposes include assessing an insurance application, managing claims and preventing and detecting fraud.
- We need to use your sensitive personal data to establish, exercise or defend legal rights. This might happen when we are faced with legal proceedings or want to bring legal proceedings ourselves.
- You have provided your consent to our use of your sensitive personal data (e.g. in relation to your marketing preferences).
Purpose for processing
To register you as a user of the website (including recording information on our server logs from your browser, including your IP address and the page you requested).
Legal grounds for using your personal data
We have a legitimate interest (to allow you to use the website and ensure its proper functionality).
Legal grounds for using your sensitive personal data
Not Applicable
Purpose for processing
To follow up on enquiries you make.
Legal grounds for using your personal data
We have a legitimate interest (to respond to your queries).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- Such use is necessary for insurance purposes.
Purpose for processing
To provide marketing information to you.
Legal grounds for using your personal data
We have a legitimate interest (to send you selected communications about other products and services we offer).
Legal grounds for using your sensitive personal data
You have given us your explicit consent.
Purpose for processing
To allow you to apply for a recruitment opportunity and for our subsequent management of your application.
Legal grounds for using your personal data
We have a legitimate interest (to ensure that your application is processed and managed effectively).
Legal grounds for using your sensitive personal data
You have given us your explicit consent.
Purpose for processing
To allow you to apply for an event and out subsequent management of the event.
Legal grounds for using your personal data
We have a legitimate interest (to enable you to register for the event).
Legal grounds for using your sensitive personal data
You have given us your explicit consent.
Purpose for processing
To store your details on our Customer Relationship Management systems.
Legal grounds for using your personal data
We have a legitimate interest (to improve our relationship with you).
Legal grounds for using your sensitive personal data
You have given us your explicit consent.
Who will we share your personal data with?
We will keep your personal data confidential and we will only share it where necessary for the purposes set out above with our Liberty Mutual Insurance Group companies, our agents or contractors.
3.7. Prospective job applicants
If you are applying for a job with us, this section will be relevant to you and sets out our uses of your personal data.
What personal data will we collect?
- General information such as your name, address, contact phone numbers and email addresses, date of birth and gender.
- Information about your job such as job title and previous roles.
- Information about your right to work.
- Other information (including publically available information) obtained as part of our due diligence checks.
- In the event you attend events with us, we may collect relevant details e.g. your event preferences, dietary requirements etc.
What sensitive personal data will we collect?
- Information relating to your criminal convictions (including offences and alleged offences and any court sentence or unspent criminal convictions). In the event you attend events with us, we may collect dietary requirements. If your CV contains any trade union memberships these will be collected
How will we collect your information?
As well as obtaining information directly from you, we will collect information from service providers e.g. recruitment companies you have instructed.
Note, if you email us your CV or speculative application we will store it in our recruitment portal for 6 months unless you object.
What will we use your personal data for?
We may use your personal data for a number of different purposes. In each case, we must have a "legal ground" to do so. We will rely on the following “legal grounds”, when we process your "personal data":
- We need to use your personal data to enter into or perform the employment contract that we hold with you. For example, we may need certain information draft an offer of employment.
- We have a legal or regulatory obligation to use such personal data. For example, we may be required to carry out certain background checks.
- We need to use your personal data for a legitimate interest (e.g. to keep your CV on file in case future opportunities arise). When using your personal data for these purposes, we will always consider your rights and interests.
When the information that we process is classed as “sensitive personal data", we must have an additional “legal ground". We will rely on the following legal grounds when we process your "sensitive personal data":
- We need to use such special category data for a justifiable public interest purpose on the basis of a legal requirement (e.g. security scanning of email contents to detect cyber threats).
- You have provided your consent to our use of your sensitive personal data.
Purpose for processing
For business and management processes and activities including analysis, review, planning, business transactions and IT (hosting, support and security).
Legal grounds for using your personal data
- We have a legitimate interest (to effectively manage our business).
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- Such use is necessary in the substantial public interest.
Purpose for processing
To comply with our legal or regulatory obligations.
Legal grounds for using your personal data
We need to use your information in order to comply with our legal obligations.
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- We need to use your information in order to establish, exercise or defend legal rights.
Purpose for processing
To manage and handle your queries.
Legal grounds for using your personal data
- We have a legitimate interest (to effectively manage our business and respond to queries).
- It is necessary to enter into or perform our contract with you.
Legal grounds for using your sensitive personal data
- You have given us your explicit consent.
- Such use is necessary for insurance purposes.
Purpose for processing
For recruitment administration purposes.
Legal grounds for using your personal data
We have a legitimate interest (to operate our recruitment function).
Legal grounds for using your sensitive personal data
You have given us your explicit consent.
Who will we share your personal data with?
We will keep your personal data confidential and we will only share it where necessary for the purposes set out above with the following parties:
- Other Liberty Mutual Insurance Group companies (both inside and outside the European Economic Area) and their service providers.
- Third parties involved in the hosting, analysis and supply of recruitment services
- Credit reference agencies in relevant jurisdictions.
- Our regulators including the Dubai Financial Services Authority, Financial Conduct Authority, the Prudential Regulation Authority and the relevant data protection regulator.
- The police, tax authorities and other crime prevention and detection agencies.
- If relevant, your policy details will also be added to the Motor Insurance Database (MID), run by the Motor Insurers’ Information Centre (MIIC).
- Third party suppliers, agents and contractors appointed by Liberty Specialty Markets or the Liberty Mutual Group to help us carry out our everyday business activities including IT suppliers, auditors, lawyers, document management providers, outsourced business process management providers, our subcontractors and tax advisers.
- Selected third parties in connection with any sale, transfer or disposal of our business.
- Any agent or representative acting for you.
A select group of third party suppliers used to host and manage our recruitment portals ( based in the USA).
3.8 External Visitors to our offices
If you will be visiting one of our offices, this section will be relevant to you and sets out our uses of your personal data.
What personal data will we collect?
• General information such as your name, address, contact phone numbers and email addresses.
• Information about your job such as job title and reason for visiting the office.
What sensitive personal data will we collect?
• We may need to use your sensitive personal data in case of emergency.
How will we collect your information?
We will ordinarily obtain information directly from you.
What will we use your personal data for?
We may use your personal data for a number of different purposes. In each case, we must have a "legal ground" to do so. We will rely on the following “legal grounds”, when we process your "personal data":
• We need to use your personal data to record your access for security reasons.
• We have a legal or regulatory obligation to use such personal data. For example, we may be required to comply with Health and Safety laws and regulations.
When the information that we process is classed as “sensitive personal data", we must have an additional “legal ground". We will rely on the following legal grounds when we process your "sensitive personal data":
• We need to use such special category data to protect vital interests.
Purpose for processing
For business management
Legal grounds for using your personal data
- We have a legitimate interest (to effectively manage our business and ensure secure access to our premises).
Legal grounds for using your sensitive personal data
- N/A
Purpose for processing
To comply with our legal or regulatory obligations.
Legal grounds for using your personal data
We need to use your information in order to comply with our legal obligations.
Legal grounds for using your sensitive personal data
- We need to use your information in order to ensure health and safety in our premises
Purpose for processing
To provide protection in case of emergency
Legal grounds for using your personal data
- The processing is necessary in order to protect your vital interests or those of another person
Legal grounds for using your sensitive personal data
- The processing is necessary in order to protect your vital interests or those of another person
You have provided your consent to our use of your sensitive personal data.
Who will we share your personal data with?
We will keep your personal data confidential, and we will only share it where necessary for the purposes set out above with the following parties:
• Other Liberty Mutual Insurance Group companies (both inside and outside the European Economic Area) and their service providers.
• Third parties providing security services.
• The emergency services and other public bodies.
• Any agent or representative acting for you.
3.9 Children
In the course of providing our products and services, we may process the personal data of people under the age of eighteen years old in a limited number of instances. This may, for example, be where a child’s details are passed to us as part of an insurance claim. We have created a dedicated privacy policy to help children understand our collection and use of their personal data, that can be viewed by [clicking here].
3.10. Whistleblowing
You may report a concern on an anonymous or non-anonymous basis. Where your report is not made anonymously, we process your personal data for the purposes of investigating your report and in order to fulfill our obligations under applicable Whistleblowing laws and regulations.
What personal data will we collect?
Where you provide Us with this information as part of your report, we may process the following:
- General information such as your name, contact phone numbers and email addresses
- Information about your job such as job title and company
- Any other information you provide Us with on the application form
What sensitive personal data will we collect?
- We would not collect special category personal data and/or criminal convictions and offences information as a rule, unless you provide such information to Us as part of your report.
- Any other sensitive information you will provide us with on the application form.
How will we collect your information?
- We will collect information from you or as appropriate as part of our investigation
What will we use your personal data for?
The data will be used by Us to comply with our obligations under Whistleblowing laws and regulations.
Purpose for processing
To comply with our legal or regulatory obligations
Legal grounds for using your personal data
- We need to use the data supplied in order to comply with our legal obligations
Legal grounds for using your sensitive personal data
- You have given us your explicit consent (where this is the case)
- Processing is necessary for the purposes of carrying out the obligations and exercising specific rights of the controller or of the data subject in the field of employment
- We need to use the information supplied in order to establish, exercise or defend legal rights
- Processing is necessary for reasons of substantial public interest
Who will we share your personal data with?
We will handle your personal data in accordance with our Whistleblowing Policy, which sets out safe and confidential mechanism for individuals to report any concerns or wrongdoing.
- Internal stakeholders
- Other Liberty Mutual Insurance Group companies
- External legal advisors and other supplier in connection with the investigations required
- Supervisory or enforcement authorities, with whom the reports or results of the investigations may need to be shared
- Financial crime and fraud detection agencies and other third parties who operate and maintain fraud detection register
- Any agent or representative active for you
Should you have any questions or concerns regarding our Whistleblowing Policy or the processing of your personal data, please do not hesitate to contact our Data Protection Officer as indicated on Section 10 “Contacting Us”.
4. What marketing and/or profiling activities do we carry out?
Marketing: We will only send marketing communications to our business contacts. This may be done by post, email or telephone.
In each case, we will give you the opportunity to opt out. You can also opt out at any time by contacting us using the details set out in section 10.
Profiling: Profiling is integral to the offering of insurance. We assess the risk that you would like to insure (e.g. the risk of your home being damaged by a flood) against the likelihood of that event occurring (e.g. based on the geographical location of your property and history of floods in the area). We use this profiling to help us decide whether or not to offer you insurance, the terms and the price of your policy.
While carrying out necessary due diligence (e.g. sanctions checks) on our business partners, potential customers, and other people we may do business with, we may need to provide a limited set of your information to third party vendors who assist us with this process. Their processing may involve an element of profiling. We do not make automated decisions based on this processing
Whilst we use profiling to help us make our decisions, it is always a member of our team who makes a decision taking into account the profiling outcome and other relevant factors.
5. How long do we keep personal data for?
We will keep your personal data for as long as reasonably necessary to fulfil the purposes set out in section 3 above and to comply with our legal and regulatory obligations.
We have a detailed retention policy in place which governs how long we will hold different types of information for. The exact time period will depend on your relationship with us and the type of personal data we hold, for example:
- if we provide quote for a policy but this is not taken up by you (or on your behalf) then we hold the associated information for 36 months.
- if you make a claim under a policy we provide, we will keep your personal data for 10 years from the date on which the claim is closed.
If you would like further information regarding the periods for which your personal data will be stored, please contact us using the details set out in section 10.
6. What is our approach to sending your personal data overseas?
Sometime we (or third parties acting on our behalf) will transfer personal data that we collect about you to countries outside of the Dubai International Financial Centre ("DIFC").
Where a transfer occurs we will take steps to ensure that your personal data is protected. We will do this using a number of different methods including:
- putting in place appropriate contracts. We will use a set of contract wording known as the "standard contractual clauses" which has been approved by the data protection authorities.
Depending on our relationship and your particular circumstances, we might transfer personal data anywhere in the world. For example, if you have a personal accident policy with us and are injured, we may need to instruct medical experts or other service providers in the country you are injured in. A summary of our regular data transfers outside the DIFC are set out below:
Country of transfer
United States / United Kingdom / European Union
Reason for the transfer
Transfer to Liberty Mutual Group Companies - Reporting to our parent company, IT support and hosting, centralised business functions.
Method we use to protect your information
Robust IT Security Standards employed and Standard Contractual Clauses.
Country of transfer
United States / United Kingdom / European Union
Reason for the transfer
Transfer to service providers to enable us to perform our business.
Method we use to protect your information
Supplier due diligence, contracts, audits and Standard Contractual Clauses.
Country of transfer
India
Reason for the transfer
Transfer to service providers to enable us to perform our business.
Method we use to protect your information
Supplier due diligence, contracts, audits and Standard Contractual Clauses.
Country of transfer
Brazil , Columbia and China
Reason for the transfer
Service providers have access to certain applications for risk analysis and policy processing.
Method we use to protect your information
IT Security Standards employed and Standard Contractual Clauses.
Country of transfer
Brazil , Columbia and China
Reason for the transfer
Service providers have access to certain applications for risk analysis and policy processing.
Method we use to protect your information
IT Security Standards employed and Standard Contractual Clauses.
If you would like further information regarding our data transfers and the steps we take to safeguard your personal data, please contact us using the details set out in section 10.
7. How do we protect your personal data?
Liberty Specialty Markets takes security of your information very seriously. We maintain appropriate technical, organisational, and physical safeguards designed to protect the personal data we process in accordance with client instructions and in line with our legal and regulatory obligations. The security measures in place on our website and computer systems are in place to protect the loss, misuse or alteration of the information you provide to us. We keep your personal data only for as long as reasonably necessary for the purpose for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements.
The Liberty Mutual Group has a number of Information Security Standards that apply depending on the data type and data location. These standards cover access controls, encryption, network and host security, physical security, data recovery and business continuity. Our standards change from time to time as we react to market challenges and changing regulatory requirements.
Because e-mails submitted via this website are not protected by the same security measures we use in other areas where we actively collect information, you should be particularly careful in deciding what information you wish to send to us via e-mail.
In the event that you become aware of any actual or potential misuse of any such information or for more information on IT Security please contact us using the details set out in section 10.
8. Your rights
Under certain circumstances you have a number of rights in relation to the personal data that we hold about you which we set out below. You can explore and exercise your rights by contacting us at any time using the details set out in section 10. We will not usually charge you in relation to a request.
Please note that although we take your rights seriously, there may be some circumstances where we cannot comply with your request such as where complying with it would mean that we couldn't comply with our own legal or regulatory requirements. In these instances we will let you know why we cannot comply with your request.
In some circumstances, complying with your request may result in your insurance policy being cancelled or your claim being discontinued. For example, if you request erasure of your personal data, we would not have the information required to pay your claim. We will inform you of this at the time you make a request.
- The right to access your personal data
You are entitled to a copy of the personal data we hold about you and certain details of how we use it.
We will usually provide your personal data to you in writing unless you request otherwise. Where your request has been made electronically (e.g. by email), a copy of your personal data will be provided to you by electronic means where possible.
- The right to rectification
We take reasonable steps to ensure that the information we hold about you is accurate and where necessary up to date and complete. If you believe that there are any inaccuracies, discrepancies or gaps in the information we hold about you, you can contact us and ask us to update or amend it.
- The right to restriction of processing
In certain circumstances, you are entitled to ask us to stop using your personal data, for example where you think that the personal data we hold about you may be inaccurate or where you think that we no longer need to use your personal data.
- The right to withdraw your consent
Where we rely on your consent in order to process your personal data, you have the right to withdraw such consent to further use of your personal data.
- The right to erasure
This is sometimes known as the 'right to be forgotten'. It entitles you, in certain circumstances, to request deletion of your personal data. For example, where we no longer need your personal data for the original purpose we collected it for or where you have exercised your right to withdrawn consent.
- The right to object
Marketing: You have control over the extent to which we market to you and you have the right to request that we stop sending you marketing messages at any time. You can do this either by clicking on the "unsubscribe" button in any email that we send to you or by contacting us using the details set out in section 10.
Please note that even if you exercise this right because you do not want to receive marketing messages, we may still send you service related communications where necessary.
Processing based on our legitimate interests: Where we process your personal data based on our legitimate interests, you can object to our processing. We will consider your objection and determine whether or not our legitimate interests prejudice your privacy rights.
- The right to data portability
In certain circumstances, you can request that we transfer personal data that you have provided to us to a third party.
- Rights relating to automated decision-making
We do not carry out any automated decision making. If this changes in the future, we will provide you with an updated notice setting out our decision making process.
- The right to make a complaint with the Regulator
You have a right to complain to the Information Commissioner's Office (ICO) or any other local Data Protection Regulator if you believe that we have breached data protection laws when using your personal data.
You can visit the ICO's website at https://ico.org.uk/ for more information. Please note that lodging a complaint will not affect any other legal rights or remedies that you have.
By accessing and using this website you indicate that you accept Liberty Specialty Market’s use of cookies.
The website uses cookies which are small files of letters and numbers that Liberty Specialty Markets puts on your computer if you allow it. After your visit to the website, the cookies will remember your language selection during your visit. They also allow us to recognise and count the number of visitors and to see how visitors move around the site. Some of the cookies are required to provide you with access to the website and to make your browsing experience more user-friendly.
This website may link through to third party websites (including websites of companies within the Liberty Mutual Insurance Group) which may also use cookies over which we have no control. We recommend that you check the relevant third parties’ privacy policies for information about any cookies that they may use.
You can configure your web browser to refuse cookies, to delete cookies, or to be informed if a cookie is set. The “Help” section on the menu bar of most internet browsers will tell you how to do so. You may delete and block all cookies but, if you do so, our website may not function correctly and you may not be able to access certain areas. For more information about cookies and how to delete them, visit http://www.allaboutcookies.org/.
If you want to know more about the cookies we use on this website please click here.
10. Contacting us
If you would like further information about any of the matters in this notice or if have any other questions about how we collect, store or use your personal data, you may contact our Data Protection Officer at dataprotectionofficer@libertyglobalgroup.com or by writing to Data Protection Officer, Liberty Specialty Markets, 20 Fenchurch Street, London, EC3M 3AW or click here.
Please note that we are not responsible for the privacy policies or content of any websites linked to this website, (including websites of companies within the Liberty Mutual Insurance Group).
From time to time we may need to make changes to this notice, for example, as the result of changes to law, technologies, or other developments. We will provide you with the most up-to-date notice and you can check our website here periodically to view it.
This notice was last updated on 18th December 2024.