Common use of Policy Format Clause in Contracts

Policy Format. Upon request we can provide Braille, audio or large print versions of the policy and the associated documentation including the Insurance Product Information document. If you require an alternative format you should contact your broker through whom this policy was arranged. This is the short form version of “AXIS UK-EU Privacy Notice”. This Notice applies to all individuals purchasing an insurance policy with a firm of the AXIS Capital Group (“AXIS”) or benefitting from an insurance policy purchased by an employer or third party on their behalf (“you”). In this Notice, we provide you with a summary of when, why and how we collect and use your personal data, the conditions under which we may disclose it to others, how we keep it secure and your rights under UK and EU data protection laws. The AXIS entity that originally collected your personal data is responsible for managing your personal data (“Data Controller”) and is responsible for deciding how your personal data is held and used. To find out the identity of the Data Controller, you can contact the AXIS company you contracted with, your broker or your employer. We process personal data you provide us and personal data which is provided to us by third parties. We process personal data you provide to us, which may include the following categories of information: • Anti-fraud information • Banking information • Claims/Policy numbers • Credit History and Credit Score • Date and Place of birth • Gender • Family information • Government identification numbers • Marital Status • Name, Address, phone number, email • Risk information And the following categories of special category personal data: • Criminal history • Health data/Medical History • Racial or ethnic origin Where we will process special category personal data about you, we will apply safeguards in accordance with the applicable data protection legislation. If you are an insured or potential insured, we collect data from you or your representative through the policy application process. We may also collect data about you from your family members or employer, credit reference agencies, anti-fraud databases, sanctions lists, and relevant government agencies, including public registers or databases. If you are a claimant, we collect data about you when you notify us of a claim, or if the claim is made by someone with a close relationship to you or who otherwise has authority to make a claim on your behalf. We may also collect personal data about you from others who are involved in the claim, including lawyers, witnesses, experts, and adjusters. Finally, we may consult other public sources to validate the claim or protect against fraud or other financial crime. If you decide not to supply personal data that we have requested and as a result we are unable to comply with our professional, legal or regulatory obligations, then we may be unable to enter into a relevant contract with you. Where we already have a contractual relationship with you, a decision by you not to provide the requested personal data may cause delay in fulfilment of our contractual obligations or may result in our being unable to continue the relationship. We collect your personal data for the following purposes: • Account setup, including background checks [Legitimate interest, legal obligation, performance of a contract] • Complying with legal or regulatory obligations [Legal obligation] • Customer service communications [Performance of a contract] • Defending or prosecuting legal claims [Establish, exercise, or defend legal claims] • Direct marketing activities [Consent, legitimate interest] • Evaluating risks to be covered [Legitimate interest, performance of a contract] • Investigating or prosecuting fraud [Establish, exercise, or defend legal claims, Legitimate interest] • Managing insurance or reinsurance claims [Legitimate interest, performance of a contract] • Payments to/from individuals [Performance of a contract] • Risk modelling and underwriting [Legitimate interest, performance of a contract] We will retain your personal data in accordance with our retention policies and, in any case, for no longer than necessary to provide the services agreed in your contract with us or to comply with legal or regulatory requirements. Retention periods for personal data are reviewed periodically. We may need to transfer your personal data to third parties or to other AXIS group companies. We may transfer your personal data to other companies in AXIS and to our agents and contractors in the United States, Bermuda, India, Singapore, Dubai, and the Philippines. Whenever we transfer your personal data outside the UK or EEA, we take appropriate steps to ensure your personal data and your privacy rights are adequately protected.

Policy Format. Upon request we can provide Braille, audio or large print versions of the policy and the associated documentation including the Insurance Product Information document. If you require an alternative format you should contact your broker the Coverholder through whom this policy was arranged. This is the short form version of “AXIS UK-EU Privacy Notice”. This Notice applies to all individuals purchasing an insurance policy with a firm of the AXIS Capital Group (“AXIS”) or benefitting from an insurance policy purchased by an employer or third party on their behalf (“you”). In this Notice, we provide you with a summary of when, why and how we collect and use your personal data, the conditions under which we may disclose it to others, how we keep it secure and your rights under UK and EU data protection laws. The AXIS entity that originally collected your personal data is responsible for managing your personal data (“Data Controller”) and is responsible for deciding how your personal data is held and used. To find out the identity of the Data Controller, you can contact the AXIS company you contracted with, your broker the Coverholder or your employer. We process personal data you provide us and personal data which is provided to us by third parties. We process personal data you provide to us, which may include the following categories of information: • Anti-fraud information • Banking information • Claims/Policy numbers • Credit History and Credit Score • Date and Place of birth • Gender • Family information • Government identification numbers • Marital Status • Name, Address, phone number, email • Risk information And the following categories of special category personal data: • Criminal history • Health data/Medical History • Racial or ethnic origin Where we will process special category personal data about you, we will apply safeguards in accordance with the applicable data protection legislation. If you are an insured or potential insured, we collect data from you or your representative through the policy application process. We may also collect data about you from your family members or employer, credit reference agencies, anti-fraud databases, sanctions lists, and relevant government agencies, including public registers or databases. If you are a claimant, we collect data about you when you notify us of a claim, or if the claim is made by someone with a close relationship to you or who otherwise has authority to make a claim on your behalf. We may also collect personal data about you from others who are involved in the claim, including lawyers, witnesses, experts, and adjusters. Finally, we may consult other public sources to validate the claim or protect against fraud or other financial crime. If you decide not to supply personal data that we have requested and as a result we are unable to comply with our professional, legal or regulatory obligations, then we may be unable to enter into a relevant contract with you. Where we already have a contractual relationship with you, a decision by you not to provide the requested personal data may cause delay in fulfilment of our contractual obligations or may result in our being unable to continue the relationship. We collect your personal data for the following purposes: • Account setup, including background checks [Legitimate interest, legal obligation, performance of a contract] • Complying with legal or regulatory obligations [Legal obligation] • Customer service communications [Performance of a contract] • Defending or prosecuting legal claims [Establish, exercise, or defend legal claims] • Direct marketing activities [Consent, legitimate interest] • Evaluating risks to be covered [Legitimate interest, performance of a contract] • Investigating or prosecuting fraud [Establish, exercise, or defend legal claims, Legitimate interest] • Managing insurance or reinsurance claims [Legitimate interest, performance of a contract] • Payments to/from individuals [Performance of a contract] • Risk modelling and underwriting [Legitimate interest, performance of a contract] We will retain your personal data in accordance with our retention policies and, in any case, for no longer than necessary to provide the services agreed in your contract with us or to comply with legal or regulatory requirements. Retention periods for personal data are reviewed periodically. We may need to transfer your personal data to third parties or to other AXIS group companies. We may transfer your personal data to other companies in AXIS and to our agents and contractors in the United States, Bermuda, India, Singapore, Dubai, and the Philippines. Whenever we transfer your personal data outside the UK or EEA, we take appropriate steps to ensure your personal data and your privacy rights are adequately protected.