Privacy Policy

Introduction

AEC Europe, a branch of AEC Underwriting SpA, is committed to protecting your privacy. This Privacy Notice explains how we handle the personal information that we collect about you. We take security issues seriously and have implemented appropriate steps to help maintain the security of our information systems and processes to prevent the accidental destruction, loss or unauthorised disclosure of the information we collect.

This Privacy Notice explains what personal information we collect, how we use your data, who the data is shared with, how we keep it safe and for how long we retain your personal information. In addition we set out your rights in respect of your data. Please take time to read this Policy and our website terms and conditions.

In this Privacy Notice “You” or “Your” means:

  • policyholders and covered parties,
  • brokers, intermediaries and agents,
  • service providers and advisers,
  • claimants and their agents and relatives,
  • enquirers and visitors to our websites.

About us

In this Privacy Notice reference to AEC EUROPE, a branch of AEC Underwriting SpA,  “we”, “our” or “us” means:

i. AEC EUROPE a branch of AEC Underwriting SpA is registered in Spain under company number W0084504J with its registered office at Cuitat de Granada 150, 08018, Barcelona, as branch office of AEC Underwriting SpA

ii. AEC Underwriting SpA, Codice Fiscale e P. Iva IT02170331207 registered in Italy at 7, Piazza Delle Muse – 00197 Rome, Italy
Each entity acts as the data controller in respect of the personal data they process

Our websites are:

Other privacy information you might find useful

The AEC Underwriting SpA Privacy Policy can viewed by clicking here

Information provided by The National Data Protection Authority of Spain can be viewed by clicking here

What Information do we collect about you?

The personal information we collect about you consists of the information you and others provide to enable us to:

  • provide you with the insurance from which you or others benefit,
  • enter into commercial contracts with you.

 

We collect ‘personal data’, which is information about you, and may include:

  • your name,
  • address,
  • date of birth,
  • qualifications and experience,
  • information relating to your financial history including Court Judgements, bankruptcy proceedings, and you may enter into to pay off your debts,
  • risk specific information including claims history about you and your business.

 

We may also collect more sensitive data, called ‘special category data’, principally being:

  • information on your physical or mental health,
  • Information relating to criminal convictions and offences committed by you.

How do we collect information about you?

We collect personal information about you from a variety of sources, including information:

  • you provide to us directly, including information provided on our website or that you give us when corresponding with us by email, by telephone or by post,
  • from third parties, which may include your employer, broker, agent or representatives, family members, medical professionals and hospitals,
  • from individuals who make applications on your behalf with your permission, or on behalf of a group(s) of people,
  • from our brokers,
  • from claim handlers and other experts that we may use to administer or carry out our obligations to you,
  • from fraud, money laundering and crime prevention services and databases,
  • from publicly available information, including information posted on websites and social media.

How do we use your information?

We use your personal information, as a data controller, for the following purposes:

  • to provide you with our insurance products and services,
  • to communicate with you and with third parties as part of our business,
  • to administer and pay claims,
  • to respond to and handle your complaints,
  • to notify you about changes to our products, services and the applicable terms and conditions,
  • as part of our due diligence assessments before we enter commercial contracts with you,
  • to comply with legal and regulatory obligations,
  • to detect, investigate and prevent fraud and financial crime,
  • to update and maintain client and accounting records,
  • for internal analysis and research,
  • to improve your experience when you use our websites,
  • to manage our business operations and comply with internal policies and procedures.

Marketing

We may also use your contact information to provide you with information about our products and services we think may be of interests to you. We may contact you about these by email if you have previously consented to this or the information relates to products and services previously purchased by you.

You can ask us or third parties to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time. 

In accordance with data protection legislation, we use your data where we have a legitimate legal basis to do so. These are listed below:

  • Legitimate Interests
    Where we have an appropriate, legitimate business need to use your personal information such as maintaining our business records, developing and improving our products and services, providing you with an insurance policy or service(s), handling and paying claims.
     
  • Legal Obligation
    Where we have a legal or regulatory obligation to use your information to maintain records of any dealings with you or to provide those records when obliged to do so.
     
  • Insurance specific exemptions  
    In some instances we rely upon a specific legal exemption to allow us to process sensitive personal information about you. This exemption applies where we need to process your information as an essential part of your insurance cover, for example, your medical history or health data.
     
  • Consent
    We will occasionally ask for your consent in relation to processing your sensitive personal information. If we ask for your consent we will explain why it is necessary.

Who is your information shared with?

We may share your personal information with third parties where relevant. Your information will not be shared other than for the reasons described in this Privacy Notice. Your information will be kept confidential and will not be used for any reason other than the reasons we have described.

Your information may be disclosed to the following organisations:

  • our staff, agents and contractors,
  • our professional advisers,
  • third party contractors that provide services to us, such as surveyors, loss adjusters, solicitors, emergency assistance providers and auditors,
  • other companies within the Coverys European Holdings group,
  • governmental bodies, law enforcement agencies, regulatory authorities, anti-fraud organisations and industry bodies and databases (where we are required to share information in accordance with applicable legislation and guidelines).
  • insurance market participants such as brokers, third party administrators, other insurers and reinsurers,
  • analytics and search engine providers that assist us in the improvement and optimisation of our websites.


We take your data security seriously, and we have implemented appropriate measures to ensure that your data is handled securely. Where your data is transferred to a destination outside the European Economic Area (“EEA”), local laws may provide for a lower standard of protection for personal data than is applicable within the EEA. We implement appropriate safeguards so that your data is protected.

How long do we retain your information?

We keep your personal data for only as long as is reasonably necessary to fulfil the purposes for which we process your personal data, as listed above in this Privacy Notice.

The retention periods are set out in our Retention Policy, which considers factors including:

  • any applicable legal obligation to hold records for a specified minimum period,
  • the amount, nature and sensitivity of the personal data,
  • the potential risk of harm from unauthorised use or disclosure of your personal data,
  • the purposes for which we process your personal data, and whether we can achieve those purposes through other means.

For our proposers, policyholders and claimants we have different retention periods for different types of insurance policy. We do not keep your information for any longer than necessary, but certain types of insurance policy allow for claims to be made many years after the existence of the policy and therefore we need to retain your information to deal with any claims which may arise in the future.

For our business partners we collect personal information as part of our due diligence process. We will retain the information we collect for the duration of our working relationship and in line with any legal or contractual obligations.

Where your personal data is no longer required, we ensure it is securely deleted.

How do we keep your personal data safe?

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. The terms of our contracts with third party contractors include obligations on them in relation to what personal data they can process and what they can do with that information. 

Your Rights

A number of rights exist which allow you to ask us to do certain things with your information. Your rights are:

  • Right to be informed
    You have the right to be informed about the collection and use of your personal data. This Notice provides you with this information.
     
  • Right to access
    You have the right to obtain a copy of your personal data from us.
     
  • Right to rectification
    If we hold inaccurate information about you, you can ask us to correct it. If the data we hold is incomplete, you can ask us to consider additional information.
     
  • Right to erasure
    This right is sometimes called the right to be forgotten. You can ask us to erase your personal information.
     
  • Right to restrict processing
    You can ask us to stop processing your information. We will continue to store the data but will not carry out any further processing.
     
  • Right to data portability
    You can ask us to provide you with your data in a format which allows you to use it across different services.
     
  • Right to object
    In certain circumstances, you can object to our processing of your information.
     
  • Rights related to automated decision making and profiling
    For products where automated decision making is used, you can challenge any decision that has been made and ask us to review the outcome.
     

If you have provided us with consent to process specific data you can withdraw this consent at any time. In some circumstances exercising your rights, including withdrawing consent, may mean that we cannot continue to provide you with the insurance product(s) or services that we have agreed to, or we may not be able to administer or pay your claim or fulfil our contractual obligations. If this is the case, we will make you aware of the consequences of processing your request so that you can make a fully informed decision. Withdrawal of your consent will not affect the lawfulness of any processing that took place before your consent was withdrawn.

Not all of the above rights are absolute, which means that we may not have to comply with all aspects of your request. If this is the case we will explain the reasons for our decision.

If you would like to contact us about your rights, please see the How to contact us section below.

Changes to this Privacy Policy

We may change the content of this notice from time to time without further notice. Any changes will be highlighted to you in an updated Privacy Notice and the latest version will always be hosted on our website,  www.AEC-Europe.com.

Use of Cookies

Our websites use cookies. Information about how we use cookies is contained in the Cookie Policy section on each of our websites.

How to contact us

If you have any questions about how we collect, store or use your personal information, or you would like to update the information we hold about you, please contact our Data Protection Officer using the details below:

 

The Data Protection Officer
Antonella Agostini.
Mail: a.agostini@gmggroup.it
Phone: +39 06 3230983

Your right to complain

If you are not satisfied with our use of your personal data or our response to any request by you to exercise your data protection rights, or if you think we have breached any relevant data protection laws, then you have the right to complain to the authority that supervise our processing of your personal data. In Spain this is the AEPD, details of which can be found at https://www.aepd.es/es.