What is our approach to sending your personal information overseas?
Sometimes we (or third parties acting on our behalf) will transfer personal information that we collect about you to countries outside of the European Economic Area ("EEA").
Where a transfer occurs, we will take steps to ensure that your personal information is protected. We will do this using a number of different methods, including:
- Putting in place appropriate contracts. We will use a set of contract wording known as the "standard contractual clauses" which has been approved by the data protection authorities.
- Transferring personal data only to those companies in the United States who are certified under the "Privacy Shield". The Privacy Shield is a scheme under which companies certify that they provide an adequate level of data protection. You can find out more about the Privacy Shield here.
Depending on our relationship and your particular circumstances, we might transfer personal information anywhere in the world. A summary of our regular data transfers outside the EEA is set out below:
|Country of transfer||Reason for the transfer||Method we use to protect your information|
|US||Reporting to our parent company.||Standard contractual clauses Binding corporate rules|
|US||The third party that hosts our policy administration system is located in the US.||Standard contractual clauses|
|US||The third party that hosts our sanctions checking system is located in the US.||Standard contractual clauses Privacy Shield|
|Worldwide (the country in which the insured risk is located)||To obtain advice from solicitors regarding the handling of your insurance claim in the country where the risk is located. To engage Loss Adjustors to assess your insurance claim in the country where the risk is located.||Standard contractual clauses|