This data collection notice describes how the ABI collects and uses personal information about you, in accordance with the UK General Data Protection Regulation (UK GDPR) and other data protection laws.
This notice relates to the ABI's members, associate members, other stakeholders and business contacts (including suppliers) and members of the public (who may attend our events, buy our statistical services, ask us questions or simply visit our website). Separate notices apply to employees, workers, contractors and consultants, and to job applicants.
We may update this notice at any time.
The personal information we hold about you
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). There are "special categories" of more sensitive personal data which require a higher level of protection.
We may hold your personal information because you supplied it to us, or because we learned it from someone else, either in the context of providing our services to you or in the context of our business more generally, or because it is publicly available. The personal information will generally consist of your name, contact information and your job title (for business contacts), but may from time to time include further information such as information about your attendance at ABI meetings including (depending on context) and CCTV footage, food allergy and access information in respect of visitors to our offices.
Occasionally we may learn personal information about you which you volunteer to us, or ask someone else to raise with us, in connection with a query about insurance or long terms savings or about one of our members, or in connection with our role as a trade association. In rare cases this might include, for example, information about criminal convictions, or offences you are alleged to have committed.
We may record meetings that we have with you through Microsoft Teams. The reason for this would be to have a record of any discussions that have taken place during that meeting. There will be a notification at the start of the meeting if we intend to do this. This would mean that the personal information that we record and hold about you may include images of you or anyone else who may be in the background if you choose to enable your video, and any opinions that you share during that meeting (whether onscreen or in the chat function).
We may record our events and publish the recording on our website, on social media and incorporate into other marketing and promotional materials. The recording may also be sent to registered participants, irrespective of their attendance of this event. We record our events and publish the recording in accordance with our legitimate interests to share our expertise and knowledge with our members, sponsors, partners, stakeholders and the public.
We may also collect information about you as a result of our use of website cookies and tracking beacons/tracked clickable links or similar server technologies which help us to track responses to and subscriber activity in relation to marketing communication emails, electronic event invitations and other direct mailings we may send to you.
Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on website activity.
For further information visit www.aboutcookies.org or www.allaboutcookies.org
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However in a few cases some of our website features may not function as a result.
The data controller in respect of personal information we may hold about you is the Association of British Insurers.
Generally, you have no obligation to provide us with your personal information, but if you do not provide information we ask for we may not be able to assist you.
How we use your personal information
We process your personal information for the purposes of:
- Operating our business day to day, including responding to queries;
- Sending you information about what we do, and what is happening in the insurance sector;
- Organising events in connection with our business and/or the insurance sector;
- Monitoring equality of opportunity and diversity in our business;
- Ensuring compliance with our IT policies and network and information security, and any other relevant policies;
- Protecting our business with security and entry systems.
In most cases, we process your personal information for the purpose of pursuing our legitimate interests as a business. Those interests include the efficient operation of our business; maintaining standards of service for our members; the protection of our business; and improving equality and diversity.
In some instances we may rely on your express consent to use your personal information, but we will let you know (and give you the chance to withdraw consent) if we do. An exception is where you send us information, either directly or through a third party, and ask us to take further action. In this case we will use the information for the purpose requested without further reference to you. In some instances we may use your personal information in order to enable us to perform a contract which we have in place with you.
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Who we share your information with
We share your information with third-party service providers, where they reasonably require it to perform their obligations or in order to enable us to achieve the objective of our processing. The service providers include:
- our event organisers;
- our event sponsors.
We may also share your contact details in respect of limited attendance meetings and other events you are present at, for example in connection with minutes of such meetings and events, and generally provide attendee details to speakers at our events.
We may share your information with our members, if it is necessary to do so to respond to any matter you raise with us.
We may share your personal information with other third parties as required by law.
Transferring information outside the UK or European Economic Area
Where needed in order to enable us to achieve the objective of our processing the data as described above we may transfer your personal information to third parties outside of the UK or European Economic Area. Where we do so we will only transfer your personal information to third parties outside the UK or EEA if that third party (a) is situated in a country that has been confirmed by the European Commission to provide adequate protection to personal information, or (b) has agreed (by way of written contract) to provide all protections to your personal information as required by data protection legislation. Any query concerning this should be addressed to our Legal team, whose details are set out in the final paragraph of this notice.
How long we keep personal information
We will retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements and for as long as we have a business reason for doing so.
Your rights and responsibilities
Under certain circumstances, by law you have the right to:
- access to your personal information (commonly known as a "data subject access request");
- rectification of your personal information if it is inaccurate;
- object to us processing your personal information where we are relying on a legitimate interest and you believe that your interests override this;
- temporarily restrict our processing of your personal information, for example where you believe the information may be inaccurate or we may not have grounds for processing it;
- erasure of your personal information, if we do not have grounds for continuing to process it;
- ask us to send you, or another organisation, certain types of personal information about you in a format that can be read by computer;
- withdraw your consent to our processing your personal information, where our processing is based on your consent.
Please contact the ABI’s Legal team ([email protected]) in writing for further information about these rights.
No fee usually required
You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
ABI Contact List Scam
We are aware of at least one company (Data Group Leads) that is falsely claiming to sell the ABI’s list of contacts. This is a scam and we recommend that you do not purchase from or engage with this company or any other company offering the same or similar. The ABI does not provide its full list of contacts to third party vendors.
At least one company with no link to authorisation from the ABI is offering to sell a contact list for an unknown cost. Please do not purchase this list from this company or any other company or individual offering the same. We suggest you do not respond and mark the email as spam.
If you receive an email from a company other than Data Group Leads, please forward the email to [email protected] so that we can take appropriate action.
We take action against these rogue companies and individuals, including reporting them to the Suspicious Email Reporting Service (SERS).
We do provide our trusted event partners with limited contact details of delegates at our events where those delegates have agreed for us to do so.
For more information about how we use personal data, please see above.
Further information
If you have any questions about how we process your personal information please contact the ABI’s Legal team ([email protected]). We hope that we will be able to address any questions or concerns you may have. However, you also have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues, at www.ico.org.uk.
Version updated: February 2024