The following are also data controllers, in addition to the relevant data controller named above, in processing your personal data for the following products:

Telematics

(Dependent on product) Octo Telematics S.p.A, Drive Factor Inc., Vodafone Automotive UK Limited (3751493), Redtail Telematics Ltd (Registered Number 07407204).

Life Insurance

Cigna Insurance Services (Europe) Limited (Registered Number 04617110).

Pet Insurance

Ultimate Insurance Solutions Limited (Registered Number 03299891).

Motor Insurance

Great Lakes Insurance SE (Registered Number HRB 230378).

Ford Insure

FCE Bank plc (Registered number 772784).

GAP Insurance

Car Care Plan Ltd (Registered Number 850195

We will collect your personal data when:

• You provide us with details for a quote
• You enquire or apply for a finance agreement
• You make enquiries through a price comparison website or an authorised third party
• You purchase our products and services or those provided by our service partners
• You interact or mention us online to make customer enquiries or statements including through social media, or our web chat / web messaging functionality
• You register for information or other services
• You register an insurance claim
• You register a complaint
• You respond to communications or surveys
• We require additional information from you for validation purposes
• You message us via an instant messaging platform. Please note third party instant messaging tools will be subject to their own Privacy Notices and we advise reading them before choosing to contact us via those platforms.

We collect data about you through the use of technology such as cookies and device fingerprinting.

You have the ability to accept or decline cookies from any website by modifying the settings in your browser. If you wish to restrict or block the cookies which are set by our website, you can do this through your browser settings. For information about how to manage and disable cookies you can use the 'Help' function within your browser or please visit www.aboutcookies.org or www.allaboutcookies.org. However, please note that by deleting or disabling cookies this could affect the functionality of our website and you may not be able to access certain areas or features of our site.

View our full Cookie Policy.

If you use our Telematics product we will use the product data to capture associated vehicle and driving related information from your vehicle. This information includes:

• Date
• Time
• Latitude
• Longitude
• Speed
• Duration
• Distance
• Acceleration
• Braking
• Cornering
• Other associated vehicle information

Our Telematics products normally collect information while your vehicle is being used and transmit this to us and/or our suppliers after a delay. Instances where the Telematics products may send real-time data and alerts to us include where a collision or crash is detected, if the device's tamper alerts are activated, or if it is at your request, for example if your vehicle has been stolen and a Theft Tracking service has been activated.

We may collect your Driving Licence Number (DLN or "MyLicence") as part of your application for motor insurance (in some cases, we may not be able to insure you without this information) or when you make a claim.

The number is used to do an automatic check with the DVLA driver database, to retrieve the required information. The provided information is:

• Type of licence held
• Length of time the licence has been held for
• Entitlements to drive
• Penalty points
• Convictions
• Conviction dates
• Disqualifications

The data provided by the DVLA may be used alongside other information you have provided:

• To calculate a motor insurance quote
• To administer the policy
• For anti-fraud purposes

They will not be used for any other purpose, or be made available to anyone else. Only the motor insurance industry may use this information. If you apply for a quote with us and don't decide to take out insurance with us, the data returned from the DVLA database will be anonymised or deleted no later than 30 days after receipt of that data.

Searches may be carried out prior to the date of the insurance policy and at any point throughout the duration of your insurance policy including at the mid-term adjustment and renewal stage.

We may also use your DLN to search your (or any person included on the proposal) 'No Claims Bonus' details against a No Claims Bonus database ("NCB") to obtain information in relation to your 'No Claims Bonus' entitlement.

Such searches may be carried out against your (or the relevant person included on the proposal) DLN, name, date of birth, Vehicle Registration Mark ("VRM") and or postcode. A search of the DLN against the NCB should not show a footprint against your (or another relevant person included on the proposal) driving licence

Please note that under our User Agreement with the Motor Insurance Bureau, individual agents do not have access to the data returned by a DLN search and as such will not be able to discuss issues relating to your DLN with you. In these instances, we suggest checking the information associated with your DLN is correct at www.gov.uk/view-driving-licence

For details relating to information held about you by the Driver and Vehicle Licensing Agency ("DVLA") please visit www.dvla.gov.uk and www.mylicence.org.uk. To view your driving licence, visit www.gov.uk/view-driving-licence.

When you apply to us to open an account, at renewal, and in certain circumstances where an amendment to your agreement is requested, we make a number of checks to assess your application for credit and verifying identities to prevent and detect crime and money laundering. We may also check details you provided when buying or renewing your policy or applying for your financial agreement, to identify misrepresentation or prevent insurance fraud if a claim is made. To obtain this information, we will check the following records about you and anyone else who may also be insured or a joint party and whose personal details have been provided as part of the insurance application.

• Our own records.
• Credit Reference Agency (CRA) records. When CRAs receive a search from us they will place a search footprint on your credit file that may be seen by other lenders. They supply us with both public (including the electoral register), and shared credit and fraud prevention information
• Fraud Prevention Agency (FPA) Records

We make searches about you at credit reference agencies who will supply us with information, including the Electoral Register and credit information. The agencies will record details of the search whether or not your application proceeds. The searches will not be seen or used by lenders to assess your ability to obtain credit. We may use scoring methods to assess this application and to verify your identity.

Credit searches and other information which is provided to us and/or the credit reference agencies, about you and those with whom you are linked financially, may be used by ourselves and other companies if you, or other members of your household, apply for other facilities including insurance and loans applications and claims. This information may also be used for debt tracing and the prevention of money laundering as well as the management of your account. Alternatively, we may ask you to provide physical forms of identification.

If you are making a joint application or tell us that you have a spouse or financial associate, we will link your records together so you must be sure that you have their agreement to disclose information about them. CRAs also link your records together and these links will remain on your and their files until such time as you or your partner successfully files for a disassociation with the CRAs to breach that link.

We may also make periodic searches at CRAs and FPAs to manage your account and offers with us.

Information on applications will be sent to and recorded by CRAs. When you borrow from us, we will give details of your account(s) and how you manage it/them to CRAs. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs and FPAs to perform similar checks and to trace your whereabouts and recover debts that you owe. Records remain on file for six years after they are closed, whether settled by you or defaulted.

If you give us false or inaccurate information and we suspect or identify fraud, we will record it and may also pass this information to FPAs and other organisations involved in the prevention of crime and fraud.

If you borrow from us and do not make payments that you owe us, we will trace your whereabouts and recover debts.

If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services and financing you have requested, or to employ you, or we may stop providing existing services to you.

A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us using the details provided below.

Your data may also be used for other purposes for which you give your specific permission, when we have legitimate business interest and in very limited circumstances, when required by law or where permitted under the terms of the GDPR.

This is a condensed guide to the use of your personal information for credit reference purposes. If you would like to read the full details of how your data may be used please telephone us on 0333 220 2062, or write to us at Pricing Department, Tŷ Admiral, David Street, Cardiff, CF10 2EH.

You can contact the CRAs currently operating in the UK; the information they hold may not be the same so it is worth contacting them all. They will charge you a small statutory fee.

• TransUnion: Consumer Services Team, PO Box 647, Unit 4, Hull, HU9 9QZ or call 0330 024 7574 or email UKConsumer@transunion.com.
• Equifax: Credit File Advice Centre, PO Box 1140, Bradford, BD1 5US or call 0844 355 0550 or log on to www.equifax.co.uk.
• Experian: Consumer Help Service, PO Box 8000, Nottingham, NG80 7WF or call 0844 481 8000 or log on to www.experian.co.uk.

The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail at:

• www.transunion.co.uk
• www.equifax.co.uk\crain
• www.experian.co.uk\crain

We monitor or record calls, emails, SMS messages or other communications for:

• Business purposes such as quality control and training
• Processing necessary for entering into or performance of a contract
• Prevention of unauthorised use of our telecommunication systems and websites
• Ensuring effective systems operation
• Meeting any legal obligation
• Protecting your vital interests
• Prevention or detection of crime
• For the legitimate interests of the data controller

When you apply for one of our products, for example a loan or other financial product, or during the course of your agreement with us, we may ask you to share access to your chosen bank or building society account data through Open Banking. We do this for a range of purposes, such as facilitating settlement payments to you, to help us check that the product we offer is right for you, or continues to be right for you when your circumstances have changed.

When you choose to use Open Banking this enables you to securely share your bank or building society account data, through the use of an FCA-regulated Account Information Service Provider (AISP). We will put you safely in contact with an AISP, who work with UK banks and building societies enabling you to provide secure access to your information. When you have given your permission, they will collect information from your bank or building society account(s) which we can then securely access and use. You will be informed during the permission process who the AISP is and links to their privacy policies. Data collected includes:

• Name, number and sort-code
• Balances, and incoming or outgoing transactions
• Fees, charges, interest, benefits/rewards
• Regular payments such as standing orders and direct debits

If you are applying for a loan or other product, from the date you agree to provide access we will receive two years of information from your main bank or building society current account, and any further accounts you may select. We will also be able to update the information provided within the next 90 days – for example, when you have agreed an arrangement with us, and we will further review whether that arrangement is still suitable for you. After this period of 90 days we will ask you for your permission if we need to access your information again.

At any time, you can revoke access to your bank or building society account(s), by contacting us.

When you share your bank or building society account data with us, we may use the information you provide for the following purposes:

• To consider whether you can afford the loan or other financial product
• To check the accuracy of other information you have provided to us
• To manage your ongoing relationship with us
• To help us understand how your circumstances may have changed
• To help us prevent criminal activity and financial crime including fraud and money laundering
• To process payments you may be due following a claim settlement or similar payment process

We may also collect and use your personal information to create and improve the products and services we offer and to develop and improve our processes, credit risk systems and policies, so we can better meet the needs of our  customers.

We may use this data together with information collected from credit reference agencies and other organisations to profile your information, for example where we analyse characteristics, interactions and/or behaviours, both now and in the future. We will continue to do this whether you, or Admiral, choose to proceed with your application, arrangement or continue to be a customer of ours. This is what we call analytical modelling, which helps us to review our risk appetite when making lending decisions or making other arrangements with  you.

Further things you need to know about Open Banking:

Where you are providing access to a joint bank account, data about you and your spouse, partner or other financial associate may be provided to us and AISPs that we work with. The rules and regulations on Open Banking enable this access to be granted by any of the holders of a joint bank or building society account.

As part of our responsibilities when lending or offering other financial products and services, it is important to make sure the products we provide you are affordable and suitable for your circumstances. To do this we securely share your payment performance with credit reference agencies to ensure we have sufficient data to make well-informed decisions about offering credit. This also helps ensure the wider financial sector gain a better understanding of your credit history and accounts, so they can ensure you are offered financial products and services you can afford.

As well as managing access to your bank and building society account (s), AISPs may use the information they receive for their own purposes. You can view further details on how AISPs use your data via the links or contacting them via the details below.

Admiral Money:

• Credit Kudos Ltd, Support Team, 4 Bath Place, London, EC2A 3DR. Privacy Policy can be found here.
• Moneyhub Financial Technology Limited, Roxburgh Milkins Limited Merchants House North, Wapping Road, Bristol, United Kingdom, BS1 4RW. Privacy Policy can be found here.

Admiral Pioneer:

• Trustly Group AB, Rådmansgatan 40, floor 5, 113 57 Stockholm, Sweden. Privacy Policy can be found here.

Sometimes we need to use your personal data for legitimate business purposes in order to ensure we continue to provide a great customer experience. In every instance. we will always balance our interests against yours.

The processes below are considered legitimate interests:

• Fraud detection and prevention across Admiral Group, which may include conducting checks against external databases, publicly available information and social media profiles;
• Engaging and contacting you throughout the lifecycle of your policy or finance agreement to ensure you have a good experience as an Admiral customer;
• Setting reserves for our injury claims;
• Internally auditing our processes to maintain our high standards;
• Some of our marketing activities;
• Use of your quote data (whether you accepted a policy/finance agreement or not), data collected during the lifetime of your policy or finance agreement, and data collected from third parties (such as credit reference agencies), to refine our pricing and risk assessment models across all our products within the Admiral Group, to improve the accuracy of our premiums and finance pricing and improve the quality of our services;
• If you leave us, we will contact you the following year with an automatically generated quote based on your information on file
• Sharing data with selected third parties in order to add value to our products
• Credit and account data is used to screen individuals from marketing lists for certain products (for example loans) and for the advertisement of products to eligible customers.
• Managing Complaints

If necessary we may also have to investigate your claims and conviction history in the course of administering the claim. You can be assured that we will keep such investigations strictly confidential.

We pass information to the Claims and Underwriting Exchange Register and, in the case of motor insurance, the Motor Insurance Anti-Fraud and Theft Register, both of which are managed by the Motor Insurance Bureau (MIB). This helps insurers check information and prevent fraudulent claims.

When we deal with your request for insurance we may search these registers. Under the conditions of your policy, you must tell us about any incident (such as an accident or theft) which may give rise to a claim. When you tell us about an incident we will pass information to the Registers.

Information relating to your motor insurance policy will be added to the Motor Insurance Database ("MID") managed by the Motor Insurers' Bureau ("MIB"). MID and the data stored on it may be used by certain statutory and/or authorised bodies including the Police, the DVLA, the DVANI, the Insurance Fraud Bureau and other bodies permitted by law for purposes not limited to but including:

• Electronic Licensing
• Continuous Insurance Enforcement; Law enforcement (prevention, detection, apprehension and or prosecution of offenders)
• The provision of government services and/or other services aimed at reducing the level and incidence of uninsured driving

If you are involved in a road traffic accident (either in the UK, the EEA or certain other territories), insurers and/or the MIB may search the MID to obtain relevant information.

Persons (including their appointed representatives) pursuing a claim in respect of a road traffic accident (including citizens of other countries) may also obtain relevant information which is held on the MID.

It is vital that the MID holds your correct registration number. If it is incorrectly shown on the MID you are at risk of having your vehicle seized by the Police. You can check that your correct registration number details are shown on the MID online at www.askmid.com, or by writing to:

Motor Insurers’ Bureau
Linford Wood House
6-12 Capital Drive
Milton Keynes
MK14 6XT

In order to prevent and detect fraud, insurers may at any time share information about you with companies within the Admiral Group.

The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money laundering and to verify your identity. These include CIFAS (Fair Processing Notice) and the Insurance Fraud Bureau.

If false or inaccurate information is provided and fraud is identified, details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information.

We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:

• checking details on applications for credit and credit related or other facilities
• managing credit and credit related accounts or facilities
• recovering debt
• checking details on proposals and claims for all types of Insurance
• checking details of job applicants and employees

Our Telematics product normally collects information while your vehicle is being used in transit and transmits this to us and/or our suppliers after a delay. Instances where the Telematics products may send realtime data and alerts to us include where a collision or crash is detected, if the device’s tamper alerts are activated, or if it is at your request, for example if your vehicle has been stolen and a Theft Tracking service has been activated.

We along with other companies we partner with to administer Telematics products will use the data captured by the Telematic product for the purposes of:

• Calculating and charging insurance premiums based upon actual vehicle usage and compiling and generating Driving Scores.
• Providing you with services relating to the insurance policy. We will process your data in accordance with our responsibilities under the European Data Protection Regulation (GDPR).
• Carrying out the installation, activation, deinstallation, disconnection, servicing, updating or testing of the Telematics product.
• General research and analysis, mapping purposes, researching and refining techniques for analysing motor Telematics data and the supply of traffic data. In all such circumstances the data will be used anonymously and will not identify any individual, vehicle user, or the policyholder.
• Enabling us, and any service partners, to contact you by post, electronic mail, telephone or text messaging regarding the administration of your insurance policy and the associated services.
• Provision of the insurance services under the policy, including management of claims, underwriting and policy servicing. Data will be used for any underwriting or claims development or investigations that may be required, and for fraud prevention, detection and investigation purposes.

Please note that where the Telematics product indicates a severe crash has occurred, we will try to contact the policy holder and the named driver to offer assistance. If they cannot be reached, we will try to reach anyone else named on the account. If we are unable to contact any of those persons named on the account then we will contact the emergency services with details of the vehicle, its last known location, and the names of those individuals named on the policy.

Admiral Group plc may contact you from time to time to ask you to take part in a survey, in order to enable us to review, develop and improve our services. We usually use a third-party supplier to host our surveys. In providing their services to us, these third-party suppliers act as data processors. Please note, third party survey tools will be subject to their own Privacy Notices, and we advise reading them before choosing to complete a survey via those platforms.

Your survey responses, including any personal data provided, will only be used by Admiral Group plc for the purposes stated within this Privacy and Security statement. Personal data can include (but is not restricted to) your name, age and e-mail address. We may also collect special category personal data, depending on the survey to which you are responding.

In order to prevent and detect fraud, we may at any time share information about you with the other companies within the Admiral Group.

The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money laundering and to verify your identity. These include CIFAS (Fair Processing Notice) and the Insurance Fraud Bureau.

If false or inaccurate information is provided and fraud is identified, you could be refused certain services, finance, or employment and details will be passed to fraud prevention agencies. Law enforcement agencies may access and use this information.

We and other organisations may also access and use this information to prevent fraud and money laundering, for example, when:

• Checking details on applications for credit and credit related or other facilities;
• Managing credit and credit related accounts or facilities;
• Recovering debt;
• Checking details on proposals and claims for all types of Insurance; and
• Checking details of job applicants and employees.

We and other organisations may access and use, from other countries, the information recorded by fraud prevention agencies.

For further details on how your information will be used by us and these fraud prevention agencies, and your data protection rights, please contact us at Central Underwriting Department, Tŷ Admiral, David Street, Cardiff, CF10 2EH

Using data obtained from your driving licence number, we may pass details of your 'No Claims Bonus' to certain organisations to be recorded on a No Claims Bonus database. This may occur if information requires updating or correcting at any stage, and also at the renewal stage of your policy and upon or after the cancellation of your policy prior to the expiry date.

We work in partnership with the Motor Insurers’ Bureau (MIB) and associated not-for-profit companies who provide several services on behalf of the insurance industry. At every stage of your insurance journey, the MIB will be processing your personal information and more details about this can be found via their website: mib.org.uk. Set out below are brief details of the sorts of activity the MIB undertake:

• Checking your driving licence number against the DVLA driver database to obtain driving licence data (including driving conviction data) to help calculate your insurance quote and prevent fraud
• Checking your ‘No Claims Bonus’ entitlement and claims history
• Prevent, detect and investigate fraud and other crime, including, by carrying out fraud checks
• Maintaining databases of:
  • Insured vehicles (Motor Insurance & Policy Data or Motor Insurance Database)
  • Vehicles which are stolen or not legally permitted on the road (Vehicle Salvage & Theft Data or MIAFTR)
  • Motor, personal injury and home claims (CUE)
  • Employers’ Liability Insurance Policies (Employers’ Liability Database)
• Managing insurance claims relating to untraced and uninsured drivers in the UK and abroad
• Working with law enforcement to prevent uninsured vehicles being used on the roads
• Supporting insurance claims processes

All policies must have an administrator.

The Administrators must be a policyholder within the current period of insurance and will be our primary point of contact in relation to the administration of the policy.

The Administrator:

• Will have access to all documentation, information and personal data relating to the insured(s) on the policy;
• Can nominate another policyholder to become the Administrator;
• Can make any changes to all parts of the policy; and
• Can cancel the whole policy in line with General Condition 4 of your policy book.

With the exception of cancellation, it is Admiral policy to deal with those named on your policy or any acceptable callers. The ways in which we may deal with those named on your policy or any acceptable callers include adding or removing vehicles to the policy.

An acceptable caller is:

• A policyholder;
• A named driver;
• The spouse, partner or parent of a policyholder;
• A secretary or personal assistant who has been added by a policyholder; and
• Any other person or organisation that provides evidence that they have authority to act on behalf of the policyholder and passes our data protection procedure.

If you would like someone else to deal with your policy on your behalf on a regular basis, please let us know either call us or writing to us at Admiral Group plc, Tŷ Admiral, David Street, Cardiff, CF10 2EH.

We will share your information with Admiral Law where their involvement is necessary for them to perform their role. For more information, please visit the Admiral Law website.

We will share your personal information with FCE Bank plc for complaints handling, reporting and audit purposes. FCE Bank plc will also become a data controller in respect of your personal data provided to EUI in the event that the provider of Ford Insure changes. FCE Bank plc will instruct the new provider to contact you before your policy renewal date. Further information about how FCE Bank plc uses your personal data can be accessed here.

We are subject to various legislative requirements concerning retention of data, and also have our own legitimate interests in retaining your data for a period of time beyond your policy or finance agreement lifecycle. These include defence of any late or delayed claims and improving our products and pricing.

We will not process your personal data for longer than is necessary nor will we process it for purposes beyond what it was collected for.