Privacy Policy

We are committed to protecting your privacy when dealing with your personal data. This Privacy Policy sets out details of the information that we may collect from you and how we may use that information. Please read this Privacy Policy carefully. When using the Talbot Underwriting website (the "Website"), this Privacy Policy should be read alongside, and in addition to, the Website terms and conditions.

In this Privacy Policy references to "we" or "us" or "Talbot Underwriting" are references to the members of the Talbot group of companies.

 

Talbot Underwriting is an international insurance and reinsurance specialist, operating within the Lloyd's Insurance Market through Syndicate 1183. Talbot has a team of highly skilled and experienced underwriters and a balanced, geographically diverse portfolio of business. To enable us to provide our insurance and reinsurance services, including dealing with any claims or complaints that might arise, we need to collect and process personal data. This makes us a "data controller" which makes us responsible for complying with UK data protection laws.

 

If you have any comments, questions or requests regarding your personal data, please contact the Talbot Underwriting Privacy Lead via privacy@talbotuw.com. In order to assist us in dealing with your query efficiently, it would be helpful if you could please provide your full name, policy number and/or claim reference, the type of policy and its validity dates, if possible, or the dates you worked for us, if you formerly worked for us. Depending on the nature of your request, we may need to obtain some further details from you before responding.

Insurance involves the use and disclosure of your personal data by various insurance market participants such as intermediaries, insurers and reinsurers. The London Insurance Market Core Uses Information Notice (as amended from time to time) sets out those core necessary personal data uses and disclosures. Our core uses and disclosures are consistent with the London Market Core Uses Information Notice. We recommend you review this notice.

Our relationship with you, for example, the type of services we provide, will dictate the nature of personal data that we need to collect about you. It will also dictate the uses we make of your personal data. For example, we will collect different personal data according to whether you are a beneficiary under an insurance policy, a third party claimant bringing a claim against a party that we insure, or a vendor supplying Talbot with a service. 

 

When we provide or receive services, we will sometimes ask for or receive "special categories of personal data” (which is information relating to your health, genetic or biometric data, criminal convictions, sex life, sexual orientation, racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership). For example, we may need information about your medical history if underwriting a health policyAdditionally, we may also need details of any unspent criminal convictions you have for fraud prevention and detection purposes.

 

Where you provide personal data to us about other individuals (for example, if you are an employer) we will also be data controller of their personal data. You should refer any such other individuals to this notice before supplying us with their data on their behalf.

 

We may amend the personal data that we hold so that you cannot be identified from the data either by itself or when combined with any other data we hold. That data will then not be subject to this notice or data protection law.

 

Data subject types

 

We may collect information about you if you are a prospective insured, employee or relative of an insured, claimant, broker, beneficiary of an insurance or reinsurance policy, supplier or applicant for employment.

 

What personal data will we collect?

 

Depending on our relationship with you and the services you require or provide to us, we may collect your name, job title, job history, address, telephone number, email address, date of birth, the results of any credit check, gender, information about your relationship to a policyholder, identification information such as passport details, driving licence and national insurance number, bank and payment details and information obtained as part of checking sanctions lists. We may also collect information which is relevant to an insurance application you may make or that may be made on your behalf, such as previous insurance policies held and claims made (this will also include any information specific to the type of policy being applied for is applying for), information gathered from publically available sources such as the electoral roll, newspapers and social media sites and any other information passed on from the insurance broker or the policy applicant.

 

What special categories of personal data will we collect?

 

Depending on our relationship with you and the services you require, we may collect information which reveals or is likely to reveal race, ethnicity or political opinions, health, genetic or biometric information or data concerning sex life.

 

Where relevant, we will also ask for details of any unspent criminal convictions.

 

How will we collect your personal data?

 

We collect information about you from a variety of sources depending on our relationship with you and the service you require or provide to us. This includes information you, your employer or a family member may provide to us, which may be provided to us directly or via a broker or legal adviser. We also collect information from brokers or other insurance intermediaries, via fraud prevention agencies, from risk due diligence and screening providers and via publically available sources. In a recruitment context, we may collect information about you from recruitment agencies and third party recruitment websites.

 

What will we use your personal data for?

 

We may use your personal data for a number of different purposes. For example:

 

Quotation and inception purposes

  • to set you up as a client, including fraud, credit and anti-money laundering and sanctions checks; and
  • evaluating the risks to be covered and matching to appropriate policy / premium.

 

Policy administration

  • collection and refund of premiums;
  • general client care, including communicating with you regarding administration and requested changes to your policy and settlement of litigation; and
  • sending you your policy documentation.

 

Claims processing

  • managing insurance claims;
  • defending or prosecuting legal claims; and
  • investigating and prosecuting fraud.

 

Renewals

  • contacting you in order to renew your insurance policy.

 

Insurance lifecycle

  • general risk modelling and underwriting;
  • complying with our legal or regulatory obligations;
  • developing and refining insurance products;
  • transferring books of business, company sales and reorganisations;
  • identifying products which may be of interest to you and providing you with information about those products, including tailored offers and enhanced services; and/or
  • to claim under Talbot’s own (re)insurance.

 

Human Resources and Recruitment

  • to consider your application for a role with us;
  • to perform background, criminal record, credit and qualifications checks;
  • to invite you for an interview;
  • to support you, provide career development opportunities and benefits to you if you work with us; and/or
  • to fulfil our employer obligations.

 

Procurement and Supplier Management

  • to obtain products and services;
  • administer contracts;
  • manage orders;
  • pay invoices; and/or
  • compare potential suppliers.

 

Profiling

  • When calculating insurance premiums we may compare your personal data against industry averages and use it to create the industry averages going forwards.

 

In each case, we must have a "legal ground" to use your personal information. We will rely on the following legal grounds when it is necessary for us to process your personal information:

  • Such use is necessary to enter into or perform a contract with you (such as using your personal data to provide your policy or process a claim);
  • Comply with a legal obligation;
  • Process data as may be required in the public interest, such as detecting and preventing fraud; and/or
  • Pursue our legitimate interests, such as providing clients and customers with insurance services, analysing claims in order to calculate insurance risk ratings and premiums, or for any sale, joint venture, merger or acquisition of any part of the Talbot Underwriting Group. When relying on this ground, we will always balance our interests against your rights.

 

We process special category data when you provide consent or have made the special category data public or where such use is necessary:

  • To protect, investigate, and defend legal claims; and/or
  • For an insurance purpose and there is a substantial public interest (such as underwriting and administering an insurance policy or administering a claim under an insurance policy);
  • For the prevention or detection of unlawful acts where it is in the substantial public interest.

 

Who do we share your personal data with?

 

We will keep your personal data confidential.

 

We may disclose it to any member of our group, which means our subsidiaries, our parent company and its subsidiaries (some of which are outside the European Economic Area in countries which do not have laws protecting the use of personal information to the same standards as in the United Kingdom).

 

We will only disclose your personal information to third parties (for example, insurance intermediaries, third party suppliers, claims handlers, loss adjusters, recruitment companies, legal advisers, the police, our auditors, fraud detection agencies, credit reference agencies, claims handlers, loss adjusters, regulatory bodies, our reinsurers etc.) if it is necessary for the purposes set out in section 3 and we have a legal ground to do so.

 

Where we transfer personal information to third parties we will ensure that it is secure and protected from unauthorised access.

 

Talbot Underwriting markets to brokers, coverholders, insureds, potential joint venture partners and other insurance market participants.

For example, we may identify products which may be of interest to you and provide you with information about those products, including tailored offers and enhanced services. You always have the option to opt-out of marketing communications.

We will not keep personal data for longer than necessary for the purposes for which it is processed as set out in section 3 above. It will be retained in accordance with our data retention policy. Laws or regulations may require us to keep records for specific periods of time. We may also need to keep records in order to administer the insurance relationship, to fulfil our contractual or statutory obligations or to resolve queries or disputes which may arise.

 

We will store your personal data based upon the following criteria:

  • Whether the personal data is actively required for the purposes stated in this Data Privacy Notice
  • Whether there is a legal or regulatory reason to continue to retain the personal data.

 

The exact time period will depend on your relationship with us and the type of personal data we hold. This is usually between three and ten years after our relationship with you ends or after the last possible time when a claim can be made, but it will vary depending on what data we hold, why we hold it, whether there could be a dispute and what we’re obliged to do by the regulator or the law.

 

If you would like further information regarding the periods for which your personal data will be stored, please contact us using the details set out in section 9.

When necessary, sometimes we (or third parties acting on our behalf) will transfer personal data that we collect about you to countries outside of the European Economic Area ("EEA"). Where a transfer occurs we will take steps to ensure that your personal data is protected. For example, where we send your personal data to third parties, and they are or their sub-processor is located outside of the EEA and in a country where the data protection regime has not been deemed adequate by the European Commission, the transfer will be subject to the Data Processor Standard Contractual Clauses (http://eur-lex.europa.eu/legal-content/en/TXT/?uri=CELEX%3A32010D0087). Where the third party we send your data to is acting as a data controller in their own right, the transfer of your data overseas will be subject to the Data Controller Standard Contractual Clauses (http://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32004D0915) (together, the “Model Clauses”).

 

We share your data with Talbot Underwriting’s offices outside the UK and EU, including in Australia, Singapore, the United States of America, Bermuda, Chile and Canada. We do this to arrange (re)insurance, handle claims, instruct third parties and conduct other activities in the ordinary course of our business. To protect personal data when it moves between offices, we use encryption and secure data transfers, the Model Clauses (listed above) and there are intra-group rules on data protection, and access is limited to those that have a business need to see the personal data.

 

In some circumstances we may also share your personal information outside Talbot. For example, we use a third party in India to provide data processing services to support our underwriting activities. In these cases, we use a number of special measures to protect the data, such as encryption and secure data transfers, contractual protections, we conduct due diligence on third parties and we enter into the relevant Model Clauses with them.

 

If you would like further information regarding our data transfers and the steps we take to safeguard your personal data, please contact us using the details set out in section 9.

At Talbot Underwriting, we take the security and confidentiality of your personal data very seriously. We have implemented a combination of technical solutions, security practices and processes to maintain the confidentiality of your information. For example, we protect information systems from malicious actors using a range of measures such as:

  • Using software designed to detect and provide protection from malicious code
  • Prohibiting the use of unauthorised software in our environments
  • Pro-actively checking files, including attachments and downloads, for malicious code before use
  • Maintaining continuity plans to recover from malicious code incidents.

 

Supporting controls that we use across our infrastructure include:

  • Multi-layered security of servers and applications
  • Multiple firewalls which protect our environments
  • Regular reviews of our security practices and technology updates
  • Regular reviews of our security and privacy policies and standards

Under data protection law you have a number of rights in relation to the personal data that we hold about you. These rights might not apply in every circumstance. You can exercise your rights by contacting us at any time using the details set out in section 9. We will not usually charge you in relation to a request.

 

Please note that although we take your rights seriously, there may be some circumstances where we cannot comply with your request. For example, we may have legal or regulatory requirements which mean that we cannot comply with a request for erasure. Even if this is the case, we will still respond to your request and explain why we cannot comply.

 

In some circumstances, complying with your request may have other consequences. For example, if you withdraw your consent to processing certain data which is relevant to your cover or claim, we may no longer be able to offer you cover or process that claim. If complying with your request will have a consequence like this, we will let you know at the time you make a request.

 

The right to access your personal data

 

You are entitled to a copy of the personal data we hold about you and certain details of how we use it.

 

We will usually provide your personal data to you in writing unless you request otherwise. Where your request has been made electronically (e.g. by email), a copy of your personal data will be provided to you by electronic means where possible.

 

The right to erasure

 

In certain circumstances, you are entitled to request deletion of your personal data. For example, where we no longer need your personal data for the original purpose we collected it for, and if there are no legal, regulatory or policy grounds which require us to retain it.

 

The right to rectification

 

We always take care to ensure that the personal data we hold about you is accurate and where necessary up to date. If you believe that there are any inaccuracies, discrepancies or gaps in the personal data we hold about you, you can contact us and ask us to update or amend it.

 

The right to restriction of processing

 

In certain circumstances, you are entitled to ask us to stop using your personal data, for example where you think it might be inaccurate or where you think that we no longer need to use it.

 

The right to withdraw your consent

 

Where we rely on your consent in order to process your personal data, (as set out in section 3 above) you have the right to withdraw such consent to further use of your personal data.

 

Please note that in some cases, withdrawal of your consent may have other consequences (such as a risk that we may be unable to continue your cover or your claim might not be paid). We will advise you of this at the point you seek to withdraw your consent. Please also note that certain information will be required from you in order for us to consider or proceed with an application from you to work with us.

 

The right to object

 

Direct marketing

 

Regardless of your role, you have control over the extent to which we market to you and you have the right to request that we stop sending you marketing messages at any time. You can do this by contacting us using the details set out in section 9. Please note that we may still send you service related communications where necessary.

 

Processing based on our legitimate interests

 

If we process your personal data on the basis of our legitimate interests, you can object to such processing. If you do, we will consider your objection against our purpose.

 

The right to data portability

 

In certain circumstances, you can request that we transfer personal data that you have provided to us to a third party. Please contact us if you have questions about this.

 

Rights relating to automated decision-making

 

We do not carry out any automated decision making. If this changes in the future, we will update this notice.

 

The right to make a complaint with the Regulator

 

You have a right to complain to the Information Commissioner's Office (ICO) or any other local Data Protection Regulator if you believe that we have breached data protection laws when using your personal data.

 

You can visit the ICO's website at https://ico.org.uk/ for more information. Please note that lodging a complaint will not affect any other legal rights or remedies that you may have.

If you would like further information about any of the matters in this notice or if have any other questions about how we collect, store or use your personal data, you may contact us at privacy@talbotuw.com or by writing to us at Privacy Leads, Talbot Underwriting, 60 Threadneedle Street, London EC2R 8HP.

 

Please note that we are not responsible for the privacy policies or content of any websites linked to this website.

From time to time we may need to make changes to this notice, for example, as the result of changes to law, technologies, or other developments. On request, we will email you with the most up-to-date notice or you can check our website periodically to view it.

 

This notice was last updated on 27 September 2018.

Summary:

This is our main Privacy Policy and it explains how we use Personal Information which we collect about individuals.

Personal Information is information about you and other individuals.

Before providing us with Personal Information about someone else, please tell that individual about this Privacy Policy and (where possible) get their permission to share their Personal Information with us.

In detail:

We use the words Personal Information to describe information about you and other individuals (for example, your partner or other members of your family), and from which you or they are identifiable.  

Our aim is responsible and secure handling of Personal Information, balancing the benefits of activities like research and data analytics to improve our products and service delivery, with our other commitments, including fairness, transparency and non-discrimination.  

This is our main Privacy Policy which describes how we use Personal Information that we collect as part of our business activities.  

This Privacy Policy will be supplemented by additional privacy notices tailored to our specific relationships with you where this is useful to provide you with a full picture of how we collect and use your Personal Information.

Personal Information is obtained from a variety of sources, including:

  • application, proposal and claim forms, and other forms;
  • telephone calls, emails, meetings and other communications;
  • service providers, brokers and agents, claims investigators, witnesses, medical professionals, driver and vehicle licensing authorities, credit reference agencies, your employer, and other third parties;
  • this website (the Site);
  • the software applications made available by us on computers, smart phones and other mobile devices (the Apps); and
  • our social media pages, other social media content, tools and applications (our Social Media Content).

In this Privacy Policy, we refer to the Site, the Apps and Social Media Content together as AIG Digital Services.

Unless otherwise indicated, the AIG Digital Services are not intended for use by individuals under the age of eighteen (18), and we request that if you are under eighteen (18) you do not provide Personal Information through the AIG Digital Services.

Personal Information may be provided to us by you directly or by a third party.  For example, an insurance policyholder may provide Personal Information about you so that you can benefit under their insurance policy.

Please note:

Before providing us with Personal Information about another individual you must (unless we agree otherwise): (a) inform the individual about the content of this Privacy Policy and any other applicable privacy notices provided to you; and (b) obtain their permission (where possible) to share their Personal Information with us in accordance with this Privacy Policy and other applicable privacy notices.

Summary:

The Personal Information we collect and hold depends on our relationship with you. 

It will often include information relating to: 

  • contact details
  • identification 
  • administration of your insurance policy or claim (which may include medical or health information)
  • finance and banking 
  • marketing preferences
  • Use of AIG Digital Services.

In detail: 

The Personal Information we collect and hold about you and other individuals will differ depending on our relationship, including the type of communications between us and the products and services we provide. Different types of Personal Information will be held if you are a consumer insurance policyholder or claimant, or you have enquired about our services, compared to where you benefit from insurance coverage under an insurance policy taken out by another policyholder (for example, you are insured under a corporate policy taken out by your employer). 

Likewise, we will hold different Personal Information if you are a commercial insurance broker or appointed representative, a witness, or another individual with whom we have a relationship.  

As we are in the business of providing insurance, claims handling, assistance and related services, the Personal Information we hold and process, depending on our relationship, includes:

Type of Personal Information

Examples

1. Contact information

Name, address, email and telephone number

2. General information

Gender, marital and family status, date and place of birth, and physical characteristics (appropriate to the circumstances)

3. Education and employment information

Educational background, employer details and employment history, skills and experience, professional licences, memberships and affiliations

4. Insurance and claim information

Policy and claim numbers, relationship to policyholder, insured, claimant or other relevant individual, date and cause of property damage, loss or theft, injury, disability or death, activity records (for example, driving records), and other information relevant to insurance policy issuance, and claim assessment and settlement. For liability insurance, this will include details of the dispute, claim or proceedings involving you.

5. Government and other official identification numbers

Social security or national insurance number, passport number, tax identification number, driver’s licence number, or other government issued identification number 

6. Financial information and account details

Payment card number (credit or debit card), bank account number, or other financial account number and account details, credit history, credit reference information and credit score, assets, income, and other financial information, account log-in information and passwords for accessing insurance policy, claim and other accounts, and AIG Digital Services

7. Medical condition and health status

Current or previous physical, mental or medical condition, health status, injury or disability information, medical diagnosis, medical procedures performed and treatment given, personal habits (for example, smoking or consumption of alcohol), prescription information, and medical history

8. Other sensitive information 

Information about religious beliefs, ethnicity, political opinions or trade union membership (for example, if an insurance application is made through a third party marketing partner that is a professional, trade, religious, community or political organization), sexual life and orientation, or genetic or biometric information 

We may obtain information about criminal records or civil litigation history (for example, for preventing, detecting and investigating fraud)

Information provided voluntarily to us (for example, preferences expressed regarding medical treatment based on religious beliefs)  (where collected in accordance with applicable law)

9. Telephone recordings

Recordings of telephone calls with our representatives and call centres

10. Photographs and video recordings

Images (including photographs and pictures) or video recordings created in connection with our insurance or other business activities, including for claims assessment, administration and settlement, claim disputes, or for other relevant purposes as permitted by law, as well as CCTV recordings captured by equipment on our premises

11. Information to detect, investigate or prevent crime, including fraud and money laundering

Insurers commonly collect, hold and share information about their previous dealings with policyholders and claimants with the intention of the detection, investigation and prevention of fraud, money laundering and other criminal activities

12. Information enabling us to provide products and services

Location and identification of property insured (for example, property address, vehicle licence plate or identification number), travel plans, age categories of individuals to be insured, details of the risks to be insured, prior accident or loss history, and cause of loss, status as company officer or director, or partner, or other ownership or management interest in an organisation, history of disputes, civil or criminal proceedings or formal investigations involving you, and information about other insurance held

13. Marketing preferences, marketing activities and customer feedback

Marketing preferences, information relating to competition, prize draw or other promotion entry, or responses to voluntary customer satisfaction surveys 

To improve our marketing communications, we may collect information about interaction with, and responses to, our marketing communications

14. Online activity information

We will receive Personal Information about you when you use AIG Digital Services; this may include your social media account identifier and profile picture, your IP address and other online identifiers (to the extent that they are Personal Information), and other Personal Information that you provide to us online

If you choose to connect your social media account provided by another social media service provider to your account on any of the AIG Digital Services, Personal Information from your other social media account may be shared with us, which may include Personal Information that is part of your social media account profile, or the profiles of your friends and other connected individuals

15. Supplemental information from other sources

We and our service providers may supplement the Personal Information we collect with information obtained from other sources (for example, publicly available information from online social media services and other information resources, third party commercial information sources, and information from our group companies and business partners). We will use any such supplemental information in accordance with applicable law (including obtaining your consent where required)

Summary:

We use Personal Information for different purposes depending on our relationship with you.  

The main purposes are to:

  • provide insurance and other services and make related assessments and decisions (automated and non-automated) 
  • manage claims
  • communicate with you
  • obtain feedback and manage complaints
  • detect, investigate and prevent crime
  • manage, develop and improve our business, products and services (including using data analysis)
  • advertise and market our services.

In detail:

We use Personal Information to carry out our business activities.  The purposes for which we use your Personal Information will differ based on our relationship, including the type of communications between us and the services we provide. Personal Information will be used for different purposes if you are a policyholder, insured or claimant under an insurance policy, a commercial insurance broker or appointed representative, a witness or another individual with whom we have a relationship. 

The main purposes for which we use Personal Information are to: 

A. Communicate with you and other individuals. 

B. Make assessments and decisions (automated and non-automated, including by profiling individuals) about: (i) the provision and terms of insurance and (ii) settlement of claims and provision of assistance and other services.

C. Provide insurance, claims and assistance services, and other products and services which we offer, including claim assessment, administration, settlement and dispute resolution.

D. Assess your eligibility for payment plans, and process your premium and other payments.

E. Improve the quality of our products and services, provide staff training and maintain information security (for example, for this purpose we may record or monitor phone calls).

F. Prevent, detect and investigate crime, including fraud and money laundering, and analyse and manage other commercial risks.

G. Carry out research and data analysis, including analysis of our customer base and other individuals whose Personal Information we collect, complete market research, including customer satisfaction surveys, and assess the risks faced by our business, in accordance with applicable law (including obtaining consent where required).

H. Provide marketing information in accordance with preferences you have told us about (marketing information may be about products and services offered by our third party partners subject to your expressed preferences). We may carry out marketing activities in accordance with your preferences by using email, SMS and other text messaging, post or telephone.

I. Allow you to participate in competitions, prize draws and similar promotions, and to administer these activities. These activities have additional terms and conditions, which will contain more information about how we use and disclose your Personal Information where this is useful to provide you with a full picture of how we collect and use Personal Information, so we recommend that you review those too.

J. Personalise your experience when you use AIG Digital Services or visit third party websites by presenting information and advertisements tailored to you, identify you to anyone to whom you send messages through the AIG Digital Services, and facilitate sharing on social media.

K. Manage our business operations and IT infrastructure, in line with our internal policies and procedures, including those relating to finance and accounting; billing and collections; IT systems operation; data and website hosting; data analytics; business continuity; records management; document and print management; and auditing.

L. Manage complaints, feedback and queries, and handle requests for data access or correction, or the exercise of other rights relating to Personal Information.

M. Comply with applicable laws and regulatory obligations (including laws and regulations outside your country of residence), for example, laws and regulations relating to anti-money laundering, sanctions and anti-terrorism; comply with legal process and court orders; and respond to requests from public and government authorities (including those outside your country of residence).

N. Establish, enforce and defend legal rights to protect our business operations, and those of our group companies or business partners, and secure our rights, privacy, safety or property, and that of our group companies or business partners, you, or other individuals or third parties; to enforce our terms and conditions; and pursue available remedies and limit our damages.  

The table below is a summary of the types of Personal Information used where necessary in connection with each main purpose described above. Personal Information will only be processed for these purposes where permitted under applicable law.

 

Summary:

We may use Personal Information to detect, investigate and prevent fraud, and this may include sharing Personal Information with other insurers, fraud prevention agencies and databases, and law enforcement agencies.

 

In detail:

We are committed to detecting and preventing fraud, and other financial crime.  We take this commitment very seriously and use Personal Information in a number of ways for this purpose.  

For example, if relevant to our relationship with you we will (where permitted by applicable law):

  • submit your Personal Information (including details of any claims you make, for example, details of injuries) so that they appear on registers of claims which are shared between different insurance providers;
  • search registers of previous claims when assessing a claim; and
  • share your Personal Information with other insurers, fraud prevention agencies databases, and law enforcement agencies.  

For further details, please see the section below ‘Who is Personal Information shared with?' or please contact us using the details provided below (see section below ‘Who to contact about your Personal Information?’).

Summary:

Sometimes we use automated decision making tools (i.e. where a person is not involved in the decision).

We typically use these tools when making straightforward decisions about you (for example, in certain claims handling and medical screening processes).  

Where this is the case we provide you with more information so you understand what is involved.

 

In detail:

Sometimes, as part of our business operations, decisions about you are taken using automated computer software and systems.  These decisions do not involve human input, and the software and systems apply pre-defined logic programming and criteria to make a decision and assess how we deal with you in connection with the provision of services.

For example, we sometimes use automated decision making as part of a process to:

  • decide whether a travel insurance claim should be paid as requested (for example, if pre-specified criteria are met by responses that you provide, the claim will be paid automatically without the need for additional human intervention); or
  • identify known pre-existing medical conditions in connection with our travel insurance business to decide whether we can offer insurance to you and on what terms.

We provide you with more information in relation to any automated decision processes before or at the time that we intend to make decisions in this way. You have the right in certain circumstances not to be subject to a decision which is based solely on automated processing. Please see the section below 'What are your Personal Information rights?' below for further details of this right.

 

Summary:

AIG group companies are responsible for looking after the Personal Information we collect, hold and use.

 

In detail:

The AIG group comprises a number of companies, including, but not limited to, the AIG parent company American International Group, Inc., AIG Europe Limited (AEL) and AEL country branches in Europe, Laya Healthcare Limited and AIG Life Limited.  

Each AIG group company that processes your Personal Information is responsible for looking after it in accordance with this Privacy Policy, our internal standards and procedures, and the requirements of data protection law. 

Your relationship with us will determine which of our group companies has access to and processes your Personal Information, and which of our group companies are the data controller(s) responsible for your Personal Information. A list of the key AIG group companies that are data controllers is available here www.aig.com/datacontrollers Usually, if you are an individual policyholder, the AIG group company that underwrites your insurance policy will be the main company responsible for your Personal Information, the controller. Depending on our relationship with you, we will provide further information in a supplemental privacy notice tailored to our relationship.

For more precise information about the specific company or companies in the AIG group that have access to and are responsible for your Personal Information (including the identity of the relevant AIG companies that are the data controller(s) for your Personal Information), please contact us using the details provided below (see section below ‘Who to contact about your Personal Information?’).

We may also share your information with third parties (see section below 'Who is Personal Information shared with?').  Those third parties will assume certain responsibilities under data protection law for looking after the Personal Information that they receive from us.

Summary:

Personal Information may be shared between AIG group companies and other third parties, including:

  • other insurance and insurance distribution parties
  • service providers 
  • recipients of your social media sharing activities
  • government authorities
  • third parties involved in legal proceedings.

In detail:

In connection with the purposes described above (see section above 'How do we use Personal Information?'), we sometimes need to share your Personal Information with third parties (this can involve third parties disclosing Personal Information to us and us disclosing Personal Information to them).  

These third parties may include:

Type of third party

Examples

Our group companies

We belong to the American International Group, Inc. group of companies. AIG has group companies throughout the world, both inside and outside Europe (for example, in the USA).  We may share your Personal Information with other group companies (including for administrative accounting purposes).

A list of the key AIG group companies is available here www.aig.com/datacontrollers

Other insurance and insurance distribution parties

Where permitted by applicable law, AIG may share Personal Information with other third parties, for example, other insurers, reinsurers, insurance and reinsurance brokers, other intermediaries and agents, appointed representatives, distributors, affinity marketing partners and financial institutions, securities firms and other business partners. 

Our service providers

External third party service providers, such as medical and security professionals, accountants, actuaries, auditors, experts, lawyers and other professional advisors; travel and medical assistance providers; call centre service providers; IT systems, support and hosting service providers; printing, advertising, marketing and market research, and data analysis service providers; banks and financial institutions that service our accounts; third party claim administrators; document and records management providers; claim investigators and adjusters; construction consultants; engineers; examiners; jury consultants; translators; and other third party vendors and outsourced service providers that assist us in carrying out business activities. 

Recipients of your social media sharing activity

Where you have friends and other connections associated with your social media account, other website users and your social media account provider may receive your Personal Information in connection with your social sharing activity (for example, if you connect a social media account provided by another social media service provider to your AIG Digital Services account or log into your AIG Digital Services account from another social media account).  By connecting your AIG Digital Services account and your other social media account you authorize us to share information with the provider of your other social media account and you understand that the use of the Personal Information we share will be governed by the other service provider’s privacy policy.  If you do not want your Personal Information shared with other users or with your other social media account provider, please do not connect your other social media account with your AIG Digital Services account and do not participate in social sharing while using AIG Digital Services.

Government authorities and third parties involved in legal proceedings

We may also share Personal Information with: (a) government or other public authorities (including, but not limited to, workers’ compensation boards, courts, regulatory bodies, law enforcement agencies, tax authorities and criminal investigations agencies); and (b) third party participants in legal proceedings and their accountants, auditors, lawyers, and other advisors and representatives, as we believe to be necessary or appropriate.

Other third parties

We may share Personal Information with payees; emergency providers (fire, police and medical emergency services); retailers; medical networks, organisations and providers; travel carriers; credit bureaus; credit reporting agencies; other people involved in an incident that is the subject of a claim; as well as purchasers and prospective purchasers or other parties in any actual or proposed reorganisation, merger, sale, joint venture, assignment, transfer or other transaction relating to all or any portion of our businesses, assets, companies or stock (i.e. company shares).  

Where permitted by applicable law, Personal Information (including details of injuries) may be put on registers of claims and shared with other insurers. We may search these registers when dealing with claims to prevent, detect and investigate fraud.  

If you benefit from another party’s insurance policy or service arrangement with AIG (for example, a policy taken out by your employer), Personal Information relating to the administration of that insurance policy or service may be shared with that other party.

Personal Information may also be shared by you on message boards, chat, profile pages and blogs, and other AIG Digital Services to which you are able to post information and materials (including, without limitation, our Social Media Content).  Please note that any information you post or disclose through these services will become public information, and may be available to visitors and users of the AIG Digital Services and to the general public.  We urge you to be very careful when deciding to disclose your Personal Information, or any other information, when using the AIG Digital Services.

Summary:

We may process Personal Information both nationally and internationally.  

This may include transferring Personal Information outside the European Economic Area (EEA). 

We take additional steps to ensure the security of Personal Information when we transfer it outside the EEA.

 

In detail:

Due to the global nature of our business activities, for the purposes set out above (see section entitled 'How do we use Personal Information?'), depending on the nature of our relationship with you, we will transfer Personal Information to parties located in other countries (including the USA, China, Mexico, Malaysia, Philippines, Bermuda and other countries that have data protection regimes which are different to those in the country where you are based, including countries which have not been found to provide adequate protection for Personal Information by the European Commission).

For example, we may transfer Personal Information in order to process international travel insurance claims and provide emergency medical assistance services when you are abroad.  We may transfer information internationally to our group companies, service providers, business partners, government or public authorities, and other third parties.

When making these transfers, we will take steps to ensure that your Personal Information is adequately protected and transferred in accordance with the requirements of data protection law.  

This typically involves the use of data transfer agreements in the form approved by the European Commission and permitted under Article 46 of the EU General Data Protection Regulation (GDPR) (the relevant data protection law). If there is no data transfer agreement in place, we may use other mechanisms recognised by the GDPR as ensuring an adequate level of protection for Personal Information transferred outside the EEA (for example, the US Privacy Shield framework or any framework that replaces it).

For further information about these transfers and to request details of the safeguards in place, please contact us using the details below (see section below ‘Who to contact about your Personal Information?’).

Summary:

Information security is extremely important to us.  

We put in place technical and physical security measures to keep Personal Information safe and secure.

If, despite our efforts, you believe that Personal Information is no longer secure, please tell us so that we can resolve any security issue.

 

In detail:

AIG uses appropriate technical, physical, legal and organisational measures, which comply with data protection laws to keep Personal Information secure.

As most of the Personal Information we hold is stored electronically we have implemented appropriate IT security measures to ensure this Personal Information is kept secure.  For example, we may use anti-virus protection systems, firewalls, and data encryption technologies.  We have procedures in place at our premises to keep any hard copy records physically secure.  We also train our staff regularly on data protection and information security.

When AIG engages a third party (including our service providers) to collect or otherwise process Personal Information on our behalf, the third party will be selected carefully and required to use appropriate security measures to protect the confidentiality and security of Personal Information.  

Unfortunately, no data transmission over the Internet or electronic data storage system can be guaranteed to be 100% secure.  If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of any Personal Information you might have sent to us has been compromised), please immediately notify us (see section below ‘Who to contact about your Personal Information?’).

Summary: 

To comply with the law, we need to tell you the legal justification we rely on for using your Personal Information.  The legal justification depends on the purpose for using your Personal Information, but it will usually be considered to be in our legitimate interests or involve your consent.

 

In detail:

Data protection law seeks to ensure that the way Personal Information is used is fair.  

To comply with the law, we need to tell you the legal justification we rely on for using your Personal Information.

While the law provides several legal justifications, the table below describes the main legal justifications that apply to our purposes for using Personal Information.

We may be required to obtain Personal Information from you to comply with applicable legal requirements, and certain Personal Information may be needed to enable us to fulfil the terms of our contract with you (or someone else), or in preparation of entering into a contract with you (or someone else). We may inform you of this at the time that we are obtaining the Personal Information from you.  In these circumstances, if you do not provide the relevant Personal Information to us, we may not be able to provide our products or services to you.  If you would like further information, please contact us using the details below (see section below ‘Who to contact about your Personal Information?’).

 

Sensitive Special Categories of Personal Information

For more sensitive special categories of Personal Information we will rely on either: 

  • your consent; or
  • one or more of the other legal justifications set out in the table below and typically one of the following two additional justifications (however other legal justifications may be available):
    • the use is necessary for the establishment, exercise or defence of legal claims, or whenever courts are acting in their judicial capacity (for example, when a court issues a court order requiring the processing of Personal Information); or
    • the use is necessary for the purposes of preventive or occupational medicine, medical diagnosis or the provision of health or social care or treatment.

These more sensitive special categories of Personal Information include Personal Information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning an individual’s sex life or sexual orientation.

Additional legal justifications may also be available in the country in which you are based and we may also rely on these justifications from time to time. 

Processing of Personal Information relating to criminal convictions and offences is subject to the requirements of applicable law.

Summary:

To protect you, our business and third parties we may record calls and monitor communications between us.


In detail:

We may record telephone calls with you so that we can:

  • improve the standard of service that we provide by providing our staff with feedback and training;
  • address queries, concerns or complaints;
  • prevent, detect and investigate crime, including fraud and money laundering, and analyse and manage other commercial risks; and
  • comply with our legal and regulatory obligations.

In addition, we monitor electronic communications between us (for example, emails) to protect you, our business and IT infrastructure, and third parties including by:

  • identifying and dealing with inappropriate communications; and
  • looking for and removing any viruses, or other malware, and resolving any other information security issues.

Summary:

We will keep your Personal Information only as long as necessary for the purposes for which we collected it and to comply with applicable law.  

Depending on our relationship with you, we may keep your Personal Information for a number of years after our relationship ends.

 

In detail:

We will keep Personal Information for as long as is necessary for the purposes for which we collect it.  The precise period will depend on the purpose for which we hold your information.  In addition, as a regulated financial services institution, there are laws and regulations that apply to us which set minimum periods for retention of Personal Information. We will provide you with further information if appropriate to give you a full picture of how we collect and use your Personal Information. 

For example:

  • Where we hold Personal Information to comply with a legal or regulatory obligation, we will keep the information for at least as long as is required to comply with that obligation.
  • Where we hold Personal Information in order to provide a product or service (such as an insurance policy and claims handling), we will keep the information for at least as long as we provide the product or service, and for a number of years after expiry of the policy and the handling of any related claim.  

The number of years varies depending on the nature of the product or service provided – for example, for certain insurance policies it may be necessary to keep the Personal Information for several years after the expiry of the policy. Among other reasons, we retain the information in order to respond to any queries or concerns that may be raised at a later date with respect to the policy or the handling of a claim.  Typically, for consumer insurance products, the retention period is seven 7 years.

For further information about the period of time for which we retain your Personal Information, please contact us using the details below (see section below ‘Who to contact about your Personal Information?’).

Summary:

You can change your marketing preferences at any time.  If you would like to stop receiving marketing information from us, please:

contact us by email: AIGDirect.Queries@aig.com  

or write to: 

Customer Support  Team, AIG Building, 2-8 Altyre Road, Croydon, Surrey, CR9 2LG

 

In detail:

We will provide you with regular opportunities to tell us your marketing preferences, including in our communications to you. 

To tell us your marketing preferences, and to change your preferences if required, you can contact us by email at: AIGDirect.Queries@aig.com or by writing to: Customer Support Team, The AIG Building, 2-8 Altyre Road, Croydon, Surrey, CR9 2LG

In addition, you can also opt-out of receiving marketing communications as follows: 

  • Receiving email messages and text messages from us:  If you no longer want to receive marketing emails or text messages from AIG, you can opt-out of receiving these marketing-related messages by clicking on the link to “unsubscribe” provided in each email message, following the stop instructions in a text message, or by contacting us using the addresses above.
  • Receiving telephone communications and postal mail from us:  If you no longer want to receive marketing via telephone communications or postal mail from AIG, you may opt-out of receiving these marketing communications by contacting us using the addresses above.  You may also be able to contact a "Do not call" registry in your country to opt-out on a general basis from receiving marketing communications by telephone, although we may still contact you if you are listed on such a register if you have given your consent.
  • Sharing of your Personal Information with our group companies for their marketing purposes:  With your consent we may share your Personal Information with our group companies for their own marketing purposes.  If you change your mind, you may opt-out of this sharing by contacting us using the addresses above. 
  • Sharing of your Personal Information with selected third party partners for their marketing purposes:  If you have provided your consent we may share your Personal Information with our third party partners for their own marketing purposes. If you change your mind, you may opt-out of this sharing by contacting us using the addresses above.

We aim to comply with your opt-out requests within a reasonable time period and in any event within any period prescribed by law.  Please note that if you opt-out as described above, we will not be able to remove your Personal Information from the databases of third parties with whom we have already shared your Personal Information (i.e. to those to whom we have already provided your Personal Information as of the date on which we respond to your opt-out request).  

Please also note that if you do opt-out of receiving marketing communications from us, we may still send you other important service and administration communications relating to the services which we provide to you, and you cannot opt-out from these service and administration communications.

Summary:

Individuals in the European Economic Area (EEA) have a number of rights in connection with their Personal Information. These rights only apply in certain circumstances and are subject to certain exemptions.  These rights include a right to request a copy of the Personal Information we hold about you.

If you wish to exercise these rights, please contact us using the details below (see section below 'Who to contact about your Personal Information?')

 

In detail:

The following is a summary of the data protection rights available to individuals in the European Economic Area (EEA) in connection with their Personal Information. These rights may only apply in certain circumstances and are subject to certain legal exemptions.

If you wish to exercise your rights, please contact us using the details below (see section below ‘Who to contact about your Personal Information?’).

 

Description

When is this right applicable?

Right of access to Personal Information

You have the right to receive a copy of the Personal Information we hold about you and information about how we use it. 

This right is applicable at all times when we hold your Personal Information (subject to certain exemptions)

Right to rectification of Personal Information

You have the right to ask us to correct Personal Information we hold about you where it is incorrect or incomplete.

This right is applicable at all times when we hold your Personal Information (subject to certain exemptions).

Right to erasure of Personal Information

This right is sometimes referred to as 'the right to be forgotten'.  This right entitles you to request that your Personal Information be deleted or removed from our systems and records.  However, this right only applies in certain circumstances.

Examples of when this right applies to Personal Information we hold include (subject to certain exemptions):

• when we no longer need the Personal Information for the purpose we collected it;

• if you withdraw consent to our use of your information and no other legal justification supports our continued use of your information;

• if you object to the way we use your information and we have no overriding grounds to continue using it;

• if we have used your Personal Information unlawfully; and

• if the Personal Information needs to be erased for compliance with law.

Right to restrict processing of Personal Information

You have the right to request that we suspend our use of your Personal Information.  However, this right only applies in certain circumstances. 

Where we suspend our use of your Personal Information we will still be permitted to store your Personal Information, but any other use of this information while our use is suspended will require your consent, subject to certain exemptions.

You can exercise this right if:

• you think that the Personal Information we hold about you is not accurate, but this only applies for a period of time that allows us to consider if your Personal Information is in fact inaccurate;

• the processing is unlawful and you oppose the erasure of your Personal Information and request the restriction of its use instead;

• we no longer need the Personal Information for the purposes we have used it to date,  but the Personal Information is required by you in connection with legal claims; or

• you have objected to our processing of the Personal Information and we are considering whether our reasons for processing override your objection.  

Right to data portability

This right allows you to obtain your Personal Information in a format which enables you to transfer that Personal Information to another organisation.  However, this right only applies in certain circumstances.

You may have the right to have your Personal Information transferred by us directly to the other organisation, if this is technically feasible.

This right will only apply:

• to Personal Information you provided to us;

• where we have justified our use of your Personal Information based on:

o your consent; or 

o the fulfilment by us of a contract with you; and

• if our use of your Personal Information is by electronic means.

Right to object to processing of Personal Information

You have the right to object to our use of your Personal Information in certain circumstances.  

You can object to our use of your Personal Information where you have grounds relating to your particular situation and the legal justification we rely on for using your Personal Information is our (or a third party's) legitimate interests.

However, we may continue to use your Personal Information, despite your objection, where there are compelling legitimate grounds to do so or we need to use your Personal Information in connection with any legal claims. 

This right is different where it relates to direct marketing and you can read about how to exercise your right to opt-out of receiving any direct marketing in the 'How can you tell us about your marketing preferences?' section of this Privacy Policy.

You can also object to the use of your Personal Information for direct marketing purposes at any time (including if we are carrying out profiling related to direct marketing).

Rights relating to automated decision making and profiling

You have the right not to be subject to a decision which is based solely on automated processing (without human involvement) where that decision produces a legal effect or otherwise significantly affects you. However, this right only applies in certain circumstances.

This right is not applicable if:

• we need to make the automated decision in order to enter into or fulfil a contract with you;

• we are authorised by law to take the automated decision; or

• you have provided your explicit consent to the decision being taken in this way using your Personal Information.

Right to withdraw consent to processing of Personal Information

Where we have relied upon your consent to process your Personal Information, you have the right to withdraw that consent. 

This right only applies where we process Personal Information based upon your consent.  

Right to complain to the relevant data protection authority

If you think that we have processed your Personal Information in a manner that is not in accordance with data protection law, you can make a complaint to the data protection regulator.  If you live or work in an EEA member state, you may complain to the regulator in that state.

This right applies at any time.

Right to provide instructions regarding the management of your Personal Information after your death (only where such right applies under applicable law)

You may have the right to inform us of instructions on how we manage the Personal Information we hold about you after your death.

This right is applicable at all times when we hold your Personal Information (only where such right applies under applicable law).

Summary:

If you have any questions or concerns about the way your Personal Information is used by us, you can contact us by email or post

 

In detail:

If you have any questions, concerns or complaints about the way your Personal Information is used by us, you can contact us by email or post using the details below.  

email: dataprotectionofficer.uk@aig.com

writing: Data Protection Officer, AIG Europe Limited, The AIG Building, 58 Fenchurch Street, London EC3M 4AB

Summary:

In addition to Personal Information, we may collect other information about your use of AIG Digital Services, and the devices you use to interact with us, from which you may not be identifiable, including:

  • internet browser and electronic device information;
  • app usage data;
  • information collected through cookies, pixel tags and other technologies;
  • demographic information; and
  • aggregated data.

 

In detail:

User and device data is collected when you use AIG Digital Services. This information may not reveal your specific identity and therefore may not be Personal Information which is used as described in the earlier sections of this Privacy Policy. 

Examples of this type of user and device data are: 

  • internet browser and electronic device information;
  • app usage data;
  • information collected through cookies, pixel tags and other technologies;
  • demographic information; and
  • data grouped together so that it is not possible to link the data to a particular individual, known as aggregated data.   

We and our third party service providers may collect user and device data in a variety of ways when you use AIG Digital Services, including:

Method of data collection

Examples

Through your internet browser or electronic device

Certain information is collected by most websites or automatically through your electronic device, such as your IP address (i.e. your computer’s address on the internet), screen resolution, operating system type (Windows or Mac) and version, internet browser type and version, electronic device manufacturer and model, language, time of the visit, pages visited, and the name and version of the AIG Digital Services (such as the App) you are using. We use this information to ensure that the AIG Digital Services function properly.

Through your use of an App

When you download and use an App, we and our service providers may track and collect App usage data, such as the date and time the App on your electronic device accesses our servers and what information and files have been downloaded to the App based on your device number.

Using cookies and online tracking

We may use cookies and other online tracking tools (with your consent where required by applicable law). 

Cookies are pieces of information stored directly on the device you are using. Cookies allow us to recognize your device and to collect information such as internet browser type, time spent using AIG Digital Services, pages visited, language preferences and relevant country website. We may use the information for security purposes, to facilitate navigation, to display information more effectively, and to personalize your experience while using the AIG Digital Services. In addition, we may use the information to gather statistical information about the usage of the AIG Digital Services in order to understand how they are used, continually improve their design and functionality, and assist us with resolving questions about them. Cookies further allow us to present to you the advertisements or offers that are most likely to appeal to you. We may also use cookies to track your responses to our advertisements and we may use cookies or other files to track your use of other websites. 

You can refuse to accept the cookies we use by adjusting your browser settings. However, if you do not accept these cookies, you may experience some inconvenience in your use of the Site and some online products.  We do not respond to browser do not track signals at this time.  

Third parties may collect information about your use of AIG Digital Services and your use of other websites or online services.  

For more detailed information about the cookies we use on our UK Site, see below.

Using pixel tags, web beacons, clear GIFs or other similar technologies

We may use pixel tags, web beacons, clear GIFs and other similar technologies with your consent (where required by applicable law).

These may be used in connection with some AIG Digital Services and HTML-formatted email messages to, among other things, track the actions of users of AIG Digital Services and email recipients, measure the success of our marketing campaigns and compile statistics about usage of AIG Digital Services and response rates.

We may use interest-based advertising service providers to customize, target, serve and report on AIG advertisements served across the web and mobile applications, based on information relating to our offline interactions with you, our online interactions with you (on any of your devices) and information received from third parties.  To do this, these service providers may use cookies, pixel tags and other technologies to collect information about your and other users’ use of the AIG Digital Services and third party sites and mobile applications.  They may also use these technologies along with information they collect about your online use, to recognise you across the devices you use, such as a mobile phone and a laptop.  Our service providers may also match personal information we provide to them with your IP address and serve AIG advertisements to you across the web, based on your IP address.  If you would like to opt out of having your information used for these purposes, visit the self-regulatory program opt out pages at www.aboutads.info/choices/ or www.networkadvertising.org/managing/opt_out.asp to opt out in desktop and mobile web browsers on the particular device from which you access the opt-out options.  Download the AppChoices app at www.aboutads.info/appchoices to opt out in mobile applications.

Physical location

Subject to applicable law (and your consent where required by applicable law), we may collect the physical location of your electronic device by, for example, using satellite, mobile/cell phone tower or WiFi signals. We may use your device’s physical location to provide you with personalized location-based services and content. 

Subject to your marketing preferences and applicable law, we may also share your device’s physical location, combined with information about what advertisements you viewed and other information we collect, with our marketing partners to enable them to provide you with more personalized content and to study the effectiveness of advertising campaigns. 

In some instances, you may be permitted to allow or deny such uses and/or sharing of your device’s location, but if you choose to deny such uses and/or sharing, we and/or our marketing partners may not be able to provide you with the applicable personalized services and content. 

In addition, we may obtain the precise geolocation of your device when you use our mobile applications for travel or other assistance services.  In connection with providing travel or other assistance services, we may share your device’s precise geolocation information with our clients and other entities with whom we work.  You may opt-out of our collection and sharing of precise geolocation information by deleting the mobile application from your device, by disallowing the mobile application to access location services through the permission system used by your device’s operating system, or by following any additional opt-out instructions provided in the privacy notice available within the mobile application.

In some circumstances, physical location information may become your Personal Information if you are identifiable in relation to the physical location information. In such cases, the physical location information will be handled as Personal Information as described in the earlier sections of this Privacy Policy.

Using information provided by you

Some information (for example, your location or preferred means of communication) is collected when you voluntarily provide it. Unless combined with Personal Information, this information does not personally identify you

By aggregating information

We may group information together so that it does not link to a specific individual, i.e. aggregate, and use that information (for example, we may aggregate information to calculate the percentage of our users who have a particular telephone area code).

Please note that, where user and device data is not Personal Information, we may use and disclose that data for any purpose to the extent we are allowed to by law. If we are required to treat user and device data as Personal Information under applicable law, or if we combine user and device data with identifiable Personal Information, then, in addition to the uses listed in this section, we may use and disclose user and device data for all the purposes for which we use and disclose Personal Information.

Summary:

Cookies are pieces of information stored directly on the device you are using. 

We use a number of cookies and tracking technologies on our website (UK). Among other things, cookies help us to understand user behaviour, make our website work better and target online advertising.

 

In detail:

The cookies we use on our website are as follows:

You can refuse to accept the cookies we use by adjusting your browser settings. However, if you do not accept all the cookies on the Site, you may experience some inconvenience in your use of the Site and some online products.

In addition to the cookies mentioned above, cookies may also be placed on your electronic device when you open emails we send to you.  We use these emails to track the effectiveness of our advertising.

Summary:

We are not responsible for the privacy, information or other practices of any third parties, including any third party operating any site or service to which the AIG Digital Services link.

 


In detail:

This Privacy Policy does not address, and we are not responsible for, the privacy, information or other practices of any third parties, including any third party operating any site or service to which AIG Digital Services link.  The inclusion of a link on AIG Digital Services does not imply endorsement of the linked site or service by us or by our group companies. 

Please note that we are not responsible for the collection, usage and disclosure policies and practices (including the information security practices) of other organizations, such as Facebook®, Twitter®, Apple®, Google®, Microsoft®, RIM/Blackberry® or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider or electronic device manufacturer, including any Personal Information you disclose to other organizations through or in connection with AIG Digital Services.

Summary:

This Privacy Policy was last updated on 25/03/2018. We may review this policy and make changes from time to time.

 

In detail:

This Privacy Policy was last updated on 25/03/2018.

We review this Privacy Policy regularly and reserve the right to make changes at any time to take account of changes in our business activities, legal requirements, and the manner in which we process Personal Information.  We will place updates on this website and where appropriate we will give reasonable notice of any changes.