Guernsey Privacy Policy

• General information such as your name, address, contact details, date of birth, gender and relationship to the policyholder (where you are not the policyholder).
• Identification information such as national insurance number, passport number or driving licence number.
• Information about your job including job title, your status as a director or partner, employment history, education history and professional accreditations.
• Information which is relevant to your insurance policy including details of previous insurance policies and claims history. This will depend on the type of policy you hold with us. For example, if you hold a household policy, we may collect and use information which relates to your property or if you hold a travel policy, we may collect and use information which relates to your travel plans.
• Information relevant to any claim or complaint you may make. This will depend on the type of claim or complaint you make. For example, if you make a claim following a road traffic accident, we may use personal information which relates to your vehicle and named drivers.
• Financial information such as your bank details, payment details and information obtained as a result of our credit checks. This may include details of any bankruptcy orders, individual voluntary arrangements or county court judgements.
• Information (including photographs) obtained as a result of carrying out checks of publicly available sources such as newspapers and social media sites in the event that we suspect fraudulent activity.
• Information we obtain as a result of checking sanctions lists, such as those published by United Nations, European Union, UK Treasury, the U.S. Office of Foreign Assets Control (OFAC) and the U.S. Department of Commerce, Bureau of Industry and Security.
• Information such as IP address and browsing history obtained through our use of cookies. You can find more information about this in our cookies policy which can be found at https://www.hiscoxgroup.com/site-tools/cookies-policy.
• Information obtained during telephone recordings.
• Your marketing preferences and details of your customer experience with us.

• Information relating to criminal convictions (including offences and alleged offences and any court sentence or unspent criminal conviction).
• If relevant, details of your current or former physical or mental health condition. For example, if you hold a travel policy, we may need details about any medical conditions that affect you, another member of your party or any other person upon whose health your trip depends. This may take the form of medical reports or underlying medical data such as x-rays or blood tests. We may also collect this information if you inform us directly, such as during the handling of an insurance claim.
• In limited circumstances, we may process other sensitive personal information including details of your race; ethnicity; religious or philosophical beliefs; political opinions; trade union membership; genetic or biometric data; or data concerning your sex life or sexual orientation if relevant to your policy or claim. For example, we may process information relating to your trade union membership if you take out a policy with us via your trade union body and we may process information relating to your religious beliefs if relevant as part of your medical treatment.

We will collect information directly from you and from the following third parties:

• the named policyholder (where you are a beneficiary);
• third parties involved in the relevant insurance policy or claim (such as our business partners and representatives, brokers or other insurers, claimants, defendants or witnesses to an incident);
• third parties who provide a service in relation to the relevant insurance policy or claim (such as loss adjusters, claims handlers, and medical experts);
• publicly available sources such as internet search engines, news articles and social media sites;
• other companies within the Hiscox group;
• credit reference agencies;
• financial crime detection agencies and databases (such as for fraud prevention and checking against international sanctions) including the Claims Underwriting Exchange (known as "CUE");
• third parties who provide sanctions checking services;
• government agencies such as the police, the National Crime Agency, the DVLA or HMRC;
• insurance industry bodies (including the Employers’ Liability Tracing Office and the Association of British Insurers);
• third parties who provide us with details of individuals who have expressed an interest in hearing about insurance products;
• in limited circumstances, private investigators;
• third party data suppliers (for example in relation to flood modelling data and property surveys and valuations);
• third party administrators and suppliers we appoint to help us carry out our everyday business activities including IT suppliers, actuaries, auditors, lawyers, document management providers, outsourced business process management providers, our subcontractors and tax advisers;
• our own websites; and
• selected third parties in connection with any sale, transfer or disposal of our business.

We may use your information for a number of different purposes. For each purpose we must have a “legal ground” to use your personal information in such a way.

When the information that we process is classed as “sensitive personal information”, we must have a specific, additional “legal ground” to process such information.

• We need to use your personal information to enter into or perform a contract that we hold with you. For example, we need to use your personal information to provide you with a quote or to provide your insurance policy and other associated products (e.g. legal expenses cover). We will rely on this for activities such as assessing your application, managing your insurance policy, handling claims and providing other products to you.
• We have a legal or regulatory obligation to use such personal information. For example, our regulators require us to hold certain records of our dealings with you.
• We have an appropriate business need (sometimes referred to as a "legitimate interest") to use your personal information. We will rely on this for activities such as maintaining our business records, training and quality assurance, and developing and improving our products and services.
• Such use is necessary to protect your vital interests. For example, in relation to a kidnap claim.
• You have provided your consent to our use of your personal information (e.g. in relation to your marketing preferences).

When the information that we process is classed as “sensitive personal information", we must have an additional “legal ground". We will rely on the following legal grounds when we process your "sensitive personal information":

• We need to use your sensitive personal information for an insurance purpose and there is a substantial public interest in such use. Such purposes include assessing your insurance application, managing claims and preventing and detecting fraud.
• We need to use your sensitive personal information to comply with or help someone else comply with a regulatory requirement relating to unlawful acts and dishonesty and there is a substantial public interest in such use.
• We need to use your sensitive personal information to establish, exercise or defend legal rights. This might happen when we are faced with legal proceedings or want to bring legal proceedings ourselves or when we are investigating a legal claim that a third party brings against you.
• We need to use your sensitive personal information to prevent or detect crime and there is a substantial public interest in such use. This might happen when we are investigating allegations of insurance fraud.
• Such use is necessary to protect your vital interests. For example, in relation to a kidnap claim.
• You have provided your explicit consent to our use of your sensitive personal information.

You will find further details of our "legal grounds" for each of our processing purposes set out below.

From time to time, we may share your personal information with the other companies in our group or with third parties. We will keep your personal information confidential and only share it with the third parties listed below for the purposes set out above.

If you would like further information regarding the disclosures of your personal information, please contact us using the details set out in section 9 below.

Where relevant, we will share your personal information with:

• other companies in the Hiscox group, including where:
  • one of our group companies is placing your insurance policy with another group company;
  • one of our group companies is unable to provide you with an insurance policy but another might be able to assist you;
  • we are arranging our own insurance;
  • necessary for our business administration purposes;
  • we are using information for the prevention or detection of fraud or other crime; or
  • we need to report information within our group of companies.
     
• our insurance and reinsurance partners such as brokers, other (re)insurers or other companies who act as (re)insurance distributors;
• other third parties who assist in the administration of your insurance policy or claim, such as loss adjusters, claims handlers, accountants, auditors, banks, lawyers and other experts including medical experts;
• companies who provide you with certain services such as home emergency cover and legal expenses cover;
• our regulators;
• other insurers;
• fraud detection agencies and other third parties who operate and maintain fraud detection registers (including the Motor Insurance Database) or undertake investigations in cases of suspected insurance fraud;
• the police and other third parties (such as banks or other insurance companies);
• other insurers who provide our own insurance;
• industry bodies (such as the Association of British Insurers, Lloyd’s Market Association or Employers’ Liability Tracing Office);
• credit referencing agencies and third parties who carry out sanctions checks on our behalf;
• our third party services providers, such as IT suppliers, actuaries, auditors, lawyers, document management providers, outsourced business process management providers and tax advisers;
• third parties who handle our direct marketing on our behalf (this includes, for example, inclusion or suppression of your personal information from our contact lists, sending marketing communications, and analysis of responses to our marketing communications);
• social media sites (such as Facebook) to carry out marketing;
• selected third parties in connection with any sale, transfer or disposal of our business; or
• where necessary, courts and other alternative dispute resolution providers (such as arbitrators, mediators and the Financial Ombudsman Service).

• General information such as your name, address, contact details, date of birth and gender.
• Identification information such as your national insurance number, passport number or driving licence number.
• Information about your job including job title, your status as a director or partner, employment history, education history and professional accreditations.
• Information relevant to your claim. This will depend on the type of claim you make. For example, if you make a claim following a road traffic accident, we may use personal information which relates to your vehicle and named drivers.
• Information relating to previous insurance policies or claims.
• Financial information such as your bank details and payment details.
• Information (including photographs) obtained as a result of carrying out checks of publicly available sources such as newspapers and social media sites in the event that we suspect fraudulent activity.
• Information we obtain as a result of checking sanctions lists.
• Information such as IP address and browsing history obtained through our use of cookies. You can find more information about this in our cookies policy which can be found at https://www.hiscoxgroup.com/site-tools/cookies-policy.
• Information obtained during telephone recordings.

• Information relating to your criminal convictions (including offences and alleged offences and any court sentence or unspent criminal conviction).
• If relevant, details of your current or former health condition. For example, if you are injured whilst at a property insured by Hiscox, and the owner of the property makes a claim under their insurance policy in relation to your injury.
• In limited circumstances, we may process other sensitive personal information including details of your race; ethnicity; religious or philosophical beliefs; political opinions; trade union membership; genetic or biometric data; or data concerning your sex life or sexual orientation if relevant to your claim. For example, we may process information relating to your religious beliefs if relevant as part of your medical treatment.

We will collect information directly from you and from the following third parties:

• the policyholder;
• third parties involved in the relevant insurance policy or claim (such as our business partners and representatives, brokers or other insurers, claimants, defendants or witnesses to an incident);
• third parties who provide a service in relation to the relevant insurance policy or claim (such as loss adjusters, claims handlers, and medical experts);
• publicly available sources such as internet search engines, news articles and social media sites;
• other companies within the Hiscox group;
• credit reference agencies;
• financial crime detection agencies and databases (such as for fraud prevention and checking against international sanctions) including the Claims Underwriting Exchange (known as "CUE");
• third parties who provide sanctions checking services;
• government agencies such as the police, the National Crime Agency, the DVLA or HMRC;
• insurance industry bodies (including the Employers’ Liability Tracing Office and the Association of British Insurers);
• in limited circumstances, private investigators;
• third party data suppliers (for example in relation to flood modelling data and property surveys and valuations);
• third party administrators and suppliers we appoint to help us carry out our everyday business activities including IT suppliers, actuaries, auditors, lawyers, document management providers, outsourced business process management providers, our subcontractors and tax advisers;
• our own websites; and
• selected third parties in connection with any sale, transfer or disposal of our business.

We may use your information for a number of different purposes. For each purpose we must have a “legal ground” to use your personal information in such a way.

When the information that we process is classed as “sensitive personal information”, we must have a specific, additional “legal ground” to process such information.

• We have a legal or regulatory obligation to use such personal information. For example, our regulators require us to hold certain records of our dealings with you.
• We have an appropriate business need (sometimes referred to as a "legitimate interest") to use your personal information. We will rely on this for activities such as maintaining our business records, training and quality assurance, and developing and improving our products and services.
• You have provided your consent to our use of your personal information.

When the information that we process is classed as “sensitive personal information", we must have an additional “legal ground". We will rely on the following legal grounds when we process your "sensitive personal information":

• We need to use your sensitive personal information for an insurance purpose and there is a substantial public interest in such use. Such purposes include managing claims and preventing and detecting fraud.
• We need to use your sensitive personal information to establish, exercise or defend legal rights. This might happen when we are faced with legal proceedings or want to bring legal proceedings ourselves or when we are investigating a legal claim that a third party brings against you.
• We need to use your sensitive personal information to prevent or detect crime and there is a substantial public interest in such use. This might happen when we are investigating allegations of insurance fraud.
• We need to use your sensitive personal information to comply with or help someone else comply with a regulatory requirement relating to unlawful acts and dishonesty and there is a substantial public interest in such use.
• You have provided your explicit consent to our use of your sensitive personal information.

You will find further details of our "legal grounds" for each of our processing purposes set out below.

From time to time, we may share your personal information with the other companies in our group or with third parties. We will keep your personal information confidential and only share it with the third parties listed below for the purposes explained above.

If you would like further information regarding the disclosures of your personal information, please contact us using the details set out in section 9 below.

Where relevant, we will share your personal information with:

• other companies in the Hiscox group, including where:
  • we are arranging our own insurance;
  • necessary for our business administration purposes;
  • we are using information for the prevention or detection of fraud or other crime; or
  • we need to report information within our group of companies.
     
• our insurance and reinsurance partners such as brokers, other (re)insurers or other companies who act as (re)insurance distributors;
• other third parties who assist in the administration of your insurance claim, such as loss adjusters, claims handlers, accountants, auditors, banks, lawyers and other experts including medical experts;
• companies who provide you with certain services such as home emergency cover and legal expenses cover;
• our regulators;
• other insurers;
• fraud detection agencies and other third parties who operate and maintain fraud detection registers (including the Motor Insurance Database) or undertake investigations in cases of suspected insurance fraud;
• the police and other third parties (such as banks or other insurance companies);
• other insurers who provide our own insurance;
• industry bodies (such as the Association of British Insurers, Lloyd’s Market Association or Employers’ Liability Tracing Office);
• credit referencing agencies and third parties who carry out sanctions checks on our behalf;
• our third party services providers, such as IT suppliers, actuaries, auditors, lawyers, document management providers, outsourced business process management providers and tax advisers;
• selected third parties in connection with any sale, transfer or disposal of our business; or
• where necessary, courts and other alternative dispute resolution providers (such as arbitrators, mediators and the Financial Ombudsman Service).

• General information such as your name, address, contact details, date of birth and gender.
• Identification information such as your national insurance number, passport number or driving licence number.
• Information about your job including job title, your status as a director or partner, employment history, education history and professional accreditations.
• Information relevant to any claim made.
• Information relating to previous insurance policies or claims.
• Financial information such as your bank details and payment details.
• Information (including photographs) obtained as a result of carrying out checks of publicly available sources such as newspapers and social media sites in the event that we suspect fraudulent activity.
• Information we obtain as a result of checking sanctions lists.
• Information such as IP address and browsing history obtained through our use of cookies. You can find more information about this in our cookies policy which can be found at https://www.hiscoxgroup.com/site-tools/cookies-policy.
• Information obtained during telephone recordings.

• Information relating to your criminal convictions (including offences and alleged offences and any court sentence or unspent criminal conviction).
• If relevant, details of your current or former health condition. For example, if you are injured whilst at a property insured by Hiscox, and the owner of the property makes a claim under their insurance policy in relation to your injury.
• In limited circumstances, we may process other sensitive personal information including details of your race; ethnicity; religious or philosophical beliefs; political opinions; trade union membership; genetic or biometric data; or data concerning your sex life or sexual orientation if relevant to the policy. For example, we may process information relating to your religious beliefs if relevant as part of your medical treatment.

We will collect information directly from you and from the following third parties:

• the policyholder;
• third parties involved in the relevant insurance policy or claim (such as our business partners and representatives, brokers or other insurers, claimants, defendants or witnesses to an incident);
• third parties who provide a service in relation to the relevant insurance policy or claim (such as loss adjusters, claims handlers, and medical experts);
• publicly available sources such as internet search engines, news articles and social media sites;
• other companies within the Hiscox group;
• credit reference agencies;
• financial crime detection agencies and databases (such as for fraud prevention and checking against international sanctions) including the Claims Underwriting Exchange (known as "CUE");
• third parties who provide sanctions checking services;
• government agencies such as the police, the National Crime Agency, the DVLA or HMRC;
• insurance industry bodies (including the Employers’ Liability Tracing Office and the Association of British Insurers);
• in limited circumstances, private investigators;
• third party data suppliers (for example in relation to flood modelling data and property surveys and valuations);
• third party administrators and suppliers we appoint to help us carry out our everyday business activities including IT suppliers, actuaries, auditors, lawyers, document management providers, outsourced business process management providers, our subcontractors and tax advisers;
• our own websites; and
• selected third parties in connection with any sale, transfer or disposal of our business.

We may use your information for a number of different purposes. For each purpose we must have a “legal ground” to use your personal information in such a way.

When the information that we process is classed as “sensitive personal information”, we must have a specific, additional “legal ground” to process such information.

• We have a legal or regulatory obligation to use such personal information. For example, our regulators require us to hold certain records of our dealings with you.
• We have an appropriate business need (sometimes referred to as a "legitimate interest") to use your personal information. We will rely on this for activities such as maintaining our business records, training and quality assurance, and developing and improving our products and services.
• Such use is necessary to protect your vital interests. For example, in relation to a kidnap claim.
• You have provided your consent to our use of your personal information.

When the information that we process is classed as “sensitive personal information", we must have an additional “legal ground". We will rely on the following legal grounds when we process your "sensitive personal information":

• We need to use your sensitive personal information for an insurance purpose and there is a substantial public interest in such use. Such purposes include assessing the insurance application, managing claims and preventing and detecting fraud.
• We need to use your sensitive personal information to establish, exercise or defend legal rights. This might happen when we are faced with legal proceedings or want to bring legal proceedings ourselves or when we are investigating a legal claim that a third party brings against you.
• We need to use your sensitive personal information to prevent or detect crime and there is a substantial public interest in such use. This might happen when we are investigating allegations of insurance fraud.
• We need to use your sensitive personal information to comply with or help someone else comply with a regulatory requirement relating to unlawful acts and dishonesty and there is a substantial public interest in such use.
• Such use is necessary to protect your vital interests. For example, in relation to a kidnap claim.
• You have provided your explicit consent to our use of your sensitive personal information.

You will find further details of our "legal grounds" for each of our processing purposes set out below.

From time to time, we may share your personal information with the other companies in our group or with third parties. We will keep your personal information confidential and only share it with the third parties listed below for the purposes explained above.

If you would like further information regarding the disclosures of your personal information, please contact us using the details set out in section 9 below.

Where relevant, we will share your personal information with:

• other companies in the Hiscox group, including where:
  • one of our group companies is placing the insurance policy with another group company;
  • one of our group companies is unable to provide the insurance policy but another might be able to assist;
  • we are arranging our own insurance;
  • necessary for our business administration purposes;
  • we are using information for the prevention or detection of fraud or other crime; or
  • we need to report information within our group of companies.
     
• our insurance and reinsurance partners such as brokers, other (re)insurers or other companies who act as (re)insurance distributors;
• other third parties who assist in the administration of the insurance policy or claim, such as loss adjusters, claims handlers, accountants, auditors, banks, lawyers and other experts including medical experts;
• our regulators;
• other insurers;
• fraud detection agencies and other third parties who operate and maintain fraud detection registers (including the Motor Insurance Database) or undertake investigations in cases of suspected insurance fraud;
• the police and other third parties (such as banks or other insurance companies);
• other insurers who provide our own insurance;
• industry bodies (such as the Association of British Insurers, Lloyd’s Market Association or Employers’ Liability Tracing Office);
• credit referencing agencies and third parties who carry out sanctions checks on our behalf;
• our third party services providers, such as IT suppliers, actuaries, auditors, lawyers, document management providers, outsourced business process management providers and tax advisers;
• selected third parties in connection with any sale, transfer or disposal of our business; or
• where necessary, courts and other alternative dispute resolution providers (such as arbitrators, mediators and the Financial Ombudsman Service).

• General information such as your name, address, contact details, date of birth and gender.
• Identification information such as your national insurance number, passport number or driving licence number.
• Information relevant to the incident that you have witnessed.

We will collection information directly from you and from the following third parties:

• third parties involved in the incident you witnessed (such as brokers or other insurers, claimants, defendants or other witnesses);
• other third parties who provide a service in relation to the claim which relates to the incident you witnessed (such as loss adjusters, claims handlers, and experts);
• publicly available sources such as the electoral roll, court judgments, insolvency registers, insurance industry databases, internet search engines, news articles and social media sites; and
• other companies within the Hiscox group.

We may use your information for a number of different purposes. For each purpose we must have a “legal ground” to use your personal information in such a way.

When the information that we process is classed as “sensitive personal information”, we must have a specific, additional “legal ground” to process such information.

• We have a legal or regulatory obligation to use such personal information. For example, our regulators require us to hold certain records of our dealings with you.
• We have an appropriate business need (sometimes referred to as a "legitimate interest") to use your personal information. We will rely on this for activities such as maintaining our business records, training and quality assurance, and developing and improving our products and services.
• You have provided your consent to our use of your personal information.

When the information that we process is classed as “sensitive personal information", we must have an additional “legal ground". We will rely on the following legal grounds when we process your "sensitive personal information":

• We need to use your sensitive personal information for an insurance purpose and there is a substantial public interest in such use. Such purposes include assessing your insurance application, managing claims and preventing and detecting fraud.
• We need to use your sensitive personal information to establish, exercise or defend legal rights. This might happen when we are faced with legal proceedings or want to bring legal proceedings ourselves or when we are investigating a legal claim that a third party brings against you.
• We need to use your sensitive personal information to prevent or detect crime and there is a substantial public interest in such use. This might happen when we are investigating allegations of insurance fraud.
• We need to use your sensitive personal information to comply with or help someone else comply with a regulatory requirement relating to unlawful acts and dishonesty and there is a substantial public interest in such use.
• You have provided your explicit consent to our use of your sensitive personal information.

You will find further details of our "legal grounds" for each of our processing purposes set out below.

From time to time, we may share your personal information with the other companies in our group or with third parties. We will keep your personal information confidential and only share it with the third parties listed below for the purposes explained above.

If you would like further information regarding the disclosures of your personal information, please contact us using the details set out in section 9 below.

Where relevant, we will share your personal information with:

• other companies in the Hiscox group, including where:
  • we are arranging our own insurance;
  • necessary for our business administration purposes;
  • we are using information for the prevention or detection of fraud or other crime; or
  • we need to report information within our group of companies.
• our insurance and reinsurance partners such as brokers, other (re)insurers or other companies who act as (re)insurance distributors;
• other third parties who assist in the administration of the insurance policy or claim, such as loss adjusters, claims handlers, accountants, auditors, banks, lawyers and other experts including medical experts;
• our regulators;
• other insurers;
• fraud detection agencies and other third parties who operate and maintain fraud detection registers (including the Motor Insurance Database) or undertake investigations in cases of suspected insurance fraud;
• the police and other third parties (such as banks or other insurance companies);
• other insurers who provide our own insurance;
• industry bodies (such as the Association of British Insurers, Lloyd’s Market Association or Employers’ Liability Tracing Office);
• credit referencing agencies and third parties who carry out sanctions checks on our behalf;
• our third party services providers, such as IT suppliers, actuaries, auditors, lawyers, document management providers, outsourced business process management providers and tax advisers;
• selected third parties in connection with any sale, transfer or disposal of our business; or
• where necessary, courts and other alternative dispute resolution providers (such as arbitrators, mediators and the Financial Ombudsman Service).

• General information such as your name, address, contact details, date of birth and gender.
• Information about your job such as job title, your status as a director or partner, employment history, education history and professional accreditations.
• Information which we obtain as part of checking sanctions lists.
• Other information (including publically available information) obtained as part of our due diligence checks.

• Information relating to your criminal convictions (including offences and alleged offences and any court sentence or unspent criminal conviction).

As well as obtaining information directly from you, we will collect information from:

• Invoices, contracts, policies, correspondence and business cards.
• Other Hiscox group companies.
• Publically available sources such as internet search engines.
• From service providers who carry out sanctions checks.

We may use your information for a number of different purposes. For each purpose we must have a “legal ground” to use your personal information in such a way.

When the information that we process is classed as “sensitive personal information”, we must have a specific, additional “legal ground” to process such information.

• We have a legal or regulatory obligation to use such personal information. For example, our regulators require us to hold certain records of our dealings with you.
• We have an appropriate business need (sometimes referred to as a "legitimate interest") to use your personal information. We will rely on this for activities such as maintaining our business records, training and quality assurance, and developing and improving our products and services.
• You have provided your consent to our use of your personal information.

When the information that we process is classed as “sensitive personal information", we must have an additional “legal ground". We will rely on the following legal grounds when we process your "sensitive personal information":

• We need to use your sensitive personal information for an insurance purpose and there is a substantial public interest in such use. Such purposes include assessing your insurance application, managing claims and preventing and detecting fraud.
• We need to use your sensitive personal information to establish, exercise or defend legal rights. This might happen when we are faced with legal proceedings or want to bring legal proceedings ourselves.
• We need to use your sensitive personal information to prevent or detect crime and there is a substantial public interest in such use. This might happen when we are investigating allegations of insurance fraud.
• We need to use your sensitive personal information to comply with or help someone else comply with a regulatory requirement relating to unlawful acts and dishonesty and there is a substantial public interest in such use.

You will find further details of our "legal grounds" for each of our processing purposes set out below.

We will keep your personal information confidential and only share it for the purposes outlined about where necessary with the following parties:

• Other companies in the Hiscox group including where:
  • we are arranging our own insurance;
  • necessary for our business administration purposes;
  • we are using information for the prevention or detection of fraud or other crime; or
  • we need to report information within our group of companies.
• our other insurance and reinsurance partners such as brokers, other (re)insurers or other companies who act as (re)insurance distributors;
• our regulators;
• fraud detection agencies and other third parties who operate and maintain fraud detection registers (including the Motor Insurance Database) or undertake investigations in cases of suspected insurance fraud;
• the police and other third parties (such as banks or other insurance companies) where reasonably necessary for the prevention or detection of crime;
• other insurers who provide our own insurance;
• industry bodies (such as the Association of British Insurers, Lloyd’s Market Association or Employers’ Liability Tracing Office);
• credit referencing agencies and third parties who carry out sanctions checks on our behalf;
• our third party services providers, such as IT suppliers, actuaries, auditors, lawyers, document management providers, outsourced business process management providers and tax advisers; or
• third parties who handle our direct marketing on our behalf (this includes, for example, inclusion or suppression of your personal information from our contact lists, sending marketing communications, and analysis of responses to our marketing communications).