This privacy notice describes how AXA Partners (also referred to as "we" or "us") use personal data relating to our policyholders, service users and related individuals, and other enquirers and users of our website ("you").

We may update this notice from time to time, and will publish the new version on our website. This notice was updated and published in September 2020.

This notice is set out in 10 sections:

  1. Who we are
  2. What information we collect (including where we collect it from) and how we use it
  3. Sharing your information, and our relationship with other parties
  4. Legal basis for use of your information
  5. International data transfers
  6. Retaining your information
  7. Security of your information
  8. Your legal rights, including your right to access a copy of data we hold
  9. Our contact details
  10. Related notices and terms

1. Who we are

AXA Partners is made up of a number of different companies and is part of the worldwide AXA Group. The specific AXA Partners company that is acting as the Data Controller of your personal information will depend on your relationship with us. This will be detailed in the documentation that we send to you, such as your policy terms and conditions. Our website is at www.axa-assistance.co.uk. We offer insurance policies and service-only contracts, providing assistance in situations such as motor breakdowns, home emergencies or boiler servicing. We have appointed a Data Protection Officer, who is responsible for overseeing use of personal data by AXA Partners. You may contact the Data Protection Officer with any queries relating to the processing of your data by us, and to exercise your data protection rights (see section 8 below). Contact details for the Data Protection Officer are set out at section 9 below.

2. Information we collect & how we use it

2.1 Purchasing insurance or services directly from us

You may obtain a quote and purchase our insurance or services on our website or over the telephone. We will collect relevant information from you in order to provide you with a quote, and to set up and administer your policy or service-only contract. These details include:

  • Name (of policyholder or service user, and any other individuals who may benefit from the relevant insurance claims or services)
  • Username and password for a website account (which you may set up in order to obtain a quote or purchase insurance or services)
  • Address and contact details, including email address
  • Level of cover and policy details (for insurance policies)
  • Details of your contract, including the services to be provided under it (for service-only contracts)
  • Other details requested on application forms such as vehicle registration, make and model, or boiler make and model
  • Payment details, which may include your credit card or bank details

We will also assign you a policy or contract number which we will record alongside your other personal details.

If you are purchasing pay-on-use services, we will also collect the details needed to provide the relevant assistance to you (see section 2.3).

If you provide us with details relating to other individuals (for example, those with an interest under the policy or contract), please ensure such individuals are aware that we will use their details for the purposes of the relevant insurance policy or services, and direct them to this privacy notice for more information. If you do not provide us with the requested information, then we may not be able to offer you the applicable insurance policy or services.

2.2 Purchasing insurance from our business partners

You may purchase our insurance from one of our business partners (for example as an add-on to other insurance you are buying from them). You may also purchase a policy which is underwritten by our business partner, but for which we process and service your claims (see section 2.3).

In these circumstances, our business partner will collect and share some of your personal data with us in order for us to underwrite and administer your policy (where we are the underwriter) and to provide you with relevant services if you make a claim. These details include:

  • Name (of policyholder and any related individuals under the policy)
  • Address and contact details
  • Level of cover and policy details
  • Vehicle details, including car registration number (for motor breakdown insurance policies)
  • Bank details for claims payments, reimbursements, policy checking

Our business partner will also assign you a policy number which we will record alongside your other personal details. See also section 2.5 below.

2.3 Making a claim or requesting a service

You may contact us by telephone or on our website to:

  • Make a claim under your insurance policy
  • Request a specific service under an existing service-only contract
  • Request a pay-on-use service (and enter into a new service-only contract under section 2.2 above)

You may also enquire about such claims or services.

When you contact us in this way (or otherwise contact us for these purposes), we will collect additional information from you to assist with your enquiry, verify and handle your claim or service request, and, where appropriate, to settle the claim and provide the services. This includes arranging for our service providers to respond to and deal with qualifying incidents in settlement of your claim or as part of the services.

If you have purchased our insurance from one of our business partners, or where we are handling a claim under a policy underwritten by one of our business partners (see section 2.2 above), our claims handling service may use the brand of our business partner in dealing with your enquiry. However, the information we collect is used by us (rather than our business partner) for these purposes.

In each case, the details we collect will include:

  • Name, and policy or contract details
  • Information about the claim or service request, including the surrounding circumstances, the assistance you require, and information within any related documents you provide to us

This may include some sensitive personal data, and other information of a sensitive nature. For example, we may need to know information about the health or vulnerability of you, your dependents, or related individuals receiving services or involved in the assistance we provide, or other sensitive information about the circumstances of the claim or request. This is collected in order to make appropriate arrangements to deal with your claim and provide the relevant services. See also section 4 below.

We will also assign you a claim or service number, which we will record alongside your other personal details.

If you provide us with details relating to other individuals, please ensure such individuals are aware that we will use their details for the purposes of the insurance claim or service request, and direct them to this privacy notice for more information.

Calls to our call centres may be recorded, and we may keep additional records of our communications with you, and any arrangements made to settle your claim and provide you with services. See section 2.5 below for more information about this.

2.4 Other use of our website & social media

We may collect other personal details from users of our website or our social media accounts, for example users who send us queries, enter our competitions, or are involved in other activities run by us within this context. We may use such details in order to deal with your enquiry, and to administer the relevant competitions or activities.

Note that information provided over social media may also be used and stored by the social media provider, in accordance with its own terms and policies.

We may also use cookies or similar technologies to collect website usage information, including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths. We do not, however, seek to relate this information to you as an individual nor combine it with other data relating to you. For further information, please refer to the Cookies Policy, www.axapartners.co.uk.

Our website may include hyperlinks to, and details of, third party websites. Subject to our data sharing responsibilities (see section 3 below), we have no control over, and are not responsible for, the privacy policies and practices of third parties.

2.5 Direct marketing

If you give us your consent, we may send you communications (including by email and SMS) about products and services offered by us and third parties, which we believe may be of interest to you (for example because they relate to other products and services which you have purchased or in which you have shown an interest). Our products and services include; motor breakdown and home emergency insurance and services, travel insurance and insurance which covers the payment of an excess amount under another policy. Third party products and services may include those relating to motor breakdown or home emergency, or those complementary to motor breakdown or home emergency, such as MOTs, car servicing, hire cars, tyres or home emergency assistance services provided on a pay-on-use basis.

If you give us your consent, we may also share your data with other parties for their marketing purposes. This may include sharing your name, phone number, email address and (where relevant) car registration with organisations providing home emergency or motor breakdown products and services, so that they may contact you for marketing purposes, for example with special offers.

These marketing activities (of us or third parties) may involve matching your data against information from public sources, in order to send you relevant communications tailored to your needs. This may include, for example, using your car number plate and postcode to check against a government database of when your MOT is due, in order to send you a marketing communication about MOT services at an appropriate time.

If you do not consent to any of these marketing activities, you may still receive feedback requests, surveys and other customer care communications from us – see section 2.6 below.

You may withdraw your consent to these marketing activities at any time, or opt out of receiving feedback requests and surveys using our website (if you have a website account with us), or using the contact details at section 9 below.

2.6 Other collection & uses of your personal data

We may also collect and use your personal data as follows:

  • We may record calls made to us for the purposes of record-keeping, training, quality control
  • We may conduct surveys or ask you for feedback on our products and services, and may invite you to take part in focus groups. We use your responses and contributions to these for the purposes of quality control and improvement of our products and services
  • We carry out sanctions checking including to safeguard against fraud and money laundering
  • We may carry out audits of third parties who handle claims under our policies (see section 3.4 below), which may involve us reviewing samples of personal details used in relation to such services
  • If you contact us, for example over email, by telephone, by post, or over our website or social media, we may retain your contact details and your communication in order to handle your query and maintain records of communications
  • We maintain records of our activities and services, which may include communications exchanged with you or concerning you
  • We may use your data in order to handle complaints about our activities, and to assess and manage any potential or actual legal action arising from such complaints
  • We may use some data for analytical purposes and to assist us in improving our processes, products and services, for example root cause analysis on complaints. We seek to use anonymous data sets for these purposes
  • We may review and enforce your compliance with our policy terms, website terms or other terms relevant to our relationship with you, or deal with related enquiries
  • We may use your data in order to comply with our legal and regulatory obligations (including those imposed by the Financial Conduct Authority), or to protect and enforce our legal rights and those of other individuals

2.7. Children's data

We do not intentionally offer insurance policies or service-only contracts or collect any personal information from children under 18 years of age. We shall seek to cancel a policy or service-only contract, refund the premium or payment and delete the details of such individuals when a parent or guardian notifies us that any personal details have been obtained from their child in this context.

However, some information about children may be collected and used in connection with a policy claim or provision of a service, for example where relevant to the circumstances of the claim or service provision and associated vulnerabilities (see section 2.3 above).

3. Sharing your information & our relationship with other parties

3.1 Providers of services to you

We share your personal data with providers of services to settle claims and provide a service, including the provision of emergency assistance or recovery services, under your insurance policy or service-only contract. These include, for example, providers who come to assist you in the case of a motor breakdown, boiler service or home emergency. We will share details such as your name, address or location, car registration number, number of passengers, boiler make and model, and other details and circumstances of the relevant incident. These details may include sensitive personal data relevant to the service they are providing, such as the health and vulnerabilities of individuals involved in a relevant incident. We remain responsible for how our providers use your data for these purposes.

3.2 Business partners

Information about your claims and other correspondence with you may be disclosed to our business partners from whom you purchased a policy (see section 2.2 above) for their audit purposes.

3.3 Payment services provider

All your premium payments or service fees, other than Direct Debit payment instructions which we handle directly with the paying bank, are handled through our payment services provider. We will share information with our payment services provider to the extent necessary for the purposes of processing payments you make, refunding such payments and dealing with complaints and queries relating to such payments and refunds.

3.4 Third party claims handlers

Third party organisations may handle claims under some of our insurance policies. Where this is relevant, further detail can be found in your policy documentation. They will obtain information about you and your policy directly from our business partner who sold you the policy (see section 2.2 above). These organisations will also act as a data controller, meaning that they will decide how they use your data in handling a claim and what additional information they may need from you, in accordance with their own data protection practices. We will not generally have access to the data they record, other than for audit purposes.

3.5 Other companies in the worldwide AXA Group

We may share some of your personal data with other companies within the worldwide AXA Group. These companies are located both within the European Economic Area (EEA) (the European Union plus Norway, Liechtenstein and Iceland), as well as outside the EEA.

These AXA Group companies assist us with certain services, including telephone sales of our insurance products, overnight claims handling, call recordings, the prevention and detection of fraud and sanctions checking.

We will only transfer your personal data to another country outside the EEA where we have taken the required steps to ensure that your personal data is protected. Such steps may include placing the party we are transferring the data to under contractual obligations to protect it to adequate standards. These group entities will act on our behalf, and we remain responsible for how they use your data for these purposes.

We may also share your details with other companies within the worldwide AXA Group for the purposes of claims cost management, product improvement, and personalisation of product offerings. We may also use the data for statistical purposes. Except where the data is provided to ensure our compliance with legal and/or regulatory obligations, those companies will not be able to identify any individual user from the information we provide them.

3.6 Other disclosures

We may also disclose your personal data to the following parties:

  • Legal authorities or regulatory bodies. For example, we are required to report details of any suspicious activities (for example relating to fraud or money laundering) to the National Crime Agency (NCA)
  • Parties involved with current or prospective legal proceedings, or assisting us to establish, exercise or defend our legal rights. For example, we may share information with our legal or other professional advisers.
  • Parties with whom you have given us permission to speak about your insurance policy or claim (including other relevant individuals under a policy)
  • Providers of other products and services for them to send you direct marketing communications, to the extent that you have consented to us doing so – see section 2.5 above
  • Other service providers, for example those providing data backup or technology services
  • Other parties to the extent that you have consented to us doing so, or where we are otherwise required or permitted to do so by law

3.7 Prohibition on the sale of your personal data

We will not sell, assign, lease or otherwise dispose of your personal data to third parties or allow your data to be commercially exploited in that manner by us or them or on our behalf.

4. Legal basis for use of your information

Data protection laws require us to identify the legal basis for the collection, use and disclosure of your data, as described above. The following apply to our activities:

  • Collection and use of data which is necessary for performance of our contract of insurance or service-only contract with you, for example in order to administer a policy, handle claims and provide relevant services
  • Collection and use of the data is necessary for performance of your contract of insurance with another company, to enable us to provide assistance or services and/or pay claims to you, where these are benefits processed and serviced by us
  • Collection and use of data which is in our legitimate interests, for example to manage our business, handle claims, provide services, respond to enquiries, maintain records of communications, handle complaints, enforce compliance with our terms and investigate fraud
  • Disclosure of data in the legitimate interests of the third party who receives it, for example our business partners who audit us, or third parties who handle claims under our insurance policies
  • Collection, use or disclosure of data to comply with a legal obligation, for example where our regulator or law enforcement authorities require us to do so
  • We obtain consent for direct marketing communications (see section 2.5 above) and, in some circumstances, for disclosures of your data (see section 3.6 above)

Where we collect or record sensitive personal data, such as information about your health, we will separately seek your explicit consent to its use, unless our use of that data is necessary in the vital interests of you or another individual, or for the establishment, exercise or defence of legal claims.

5. International data transfers

We collect, use, store and share your information as described above within the United Kingdom and the EEA, across which the data protection laws provide a similar level of protection. We may also transfer your information to other countries outside the United Kingdom and the EEA. Where we do so, we will ensure your data is given a similar level of protection to that required under United Kingdom data protection law. We do not, therefore, currently transfer your data to countries without adequate data protection laws.

6. Retaining your information

We will retain your personal data for as long as we need it for the relevant purposes specified above. This includes retention of some personal data following the end of our relationship with you, for example to resolve any potential disputes and for ongoing or prospective legal proceedings, to maintain records of our services, and otherwise to comply with our legal obligations and to defend our legal rights. You have a right to request further information about our retention periods. Please use the contact details at section 9 below to make such a request.

7. Security of your information

We regularly review the technical and organisational security measures we have in place on our information and communications systems in order to prevent the loss, misuse or unauthorised alteration of your personal information.

Communications sent over our website, or using email or social media, rely on the internet which is a publicly hosted network. So although we implement security measures for our systems, there remain risks that personal information you provide may be intercepted by others and any encrypted data may be decrypted. Further information about security measures we apply to communications sent by email or over our website is available on request – please use the contact details at section 9 below.

You are responsible for keeping the password you use for accessing our website confidential. We will not ask you for your password, except when you log in to our website.

8. Your legal rights

In accordance with data protection laws, you have a right to:

  • Obtain a copy of the personal data we hold about you, together with other information about how we process it
  • Request rectification of inaccurate data, and, in some circumstances, to request us to erase or restrict our use of your data, or otherwise to object to our processing of your data for direct marketing purposes or for reasons relating to your particular situation
  • Receive a copy (in a machine-readable format) of personal data which you have provided to us, where we process it electronically based on your consent or that it is necessary for performance of our contract with you (see section 4 above). Such data may be transmitted to another data controller (such as another insurance provider); and make a complaint about how we handle your data to the Information Commissioner's Office. Please visit www.ico.org.uk for further information about how to do this
  • Withdraw any consent which you have given relating to use of your data, at any time. This includes consents to receiving direct marketing communications (see section 2.5 and section 4)

Note that there are certain limitations and exemptions to these rights which we may apply depending on the circumstances. Please use the contact details under section 9 below to send us requests to exercise these rights (specifying what you are requesting), or if you would like further information about them.

9. Our contact details

Data Protection Officer

AXA Partners

The Quadrangle

106-118 Station Road

Redhill

Surrey

RH1 1PR

Email: dataprotectionenquiries@axa-assistance.co.uk

10. Related notices & terms

  • Our Cookie Policy, is available at www.axapartners.co.uk, this provides information about the use of cookies on our website. We will also ask you to consent to our use of cookies in accordance with the terms of the policy when you first visit our website
  • Terms relating to your insurance policy or service-only contract with us (where relevant) which are provided separately by us on this website or by our business partner from whom you obtained your policy
  • EN