This Privacy Notice describes the way AXIS Capital Holdings Limited (“AXIS”) collects and uses information about individuals in all locations where AXIS conducts business in Canada.
Privacy laws in Canada generally define “Personal Information” as information about an identifiable individual or by which an individual’s identity can be deduced. We will only use your Personal Information for the purposes we collected it for. If we need to use your Personal Information for an unrelated purpose, we will provide notice to you and, if required by law, seek your consent. We may use or disclose your personal information without your knowledge or consent where required by applicable law or regulation.
What type of personal information do we collect about you?
The types of Personal Information we collect about you depends on your relationship with AXIS.
If you are an insured person or potential insured, we collect personal information of the policyholder, prospective insured, and related individuals in order to determine eligibility for, underwrite, and administer insurance policies. In some instances, we may need to collect sensitive personal information, such as information about your medical and criminal history.
If you are a claimant making a claim under an AXIS policy, we may need to collect your contact information, as well as information about your claim and previous claims. We may also need to collect sensitive personal information, depending on the nature of your claim.
If you are a business partner, we will collect your business contact details.
The types of Personal Information we may collect include:
How do we collect information about you?
If you are an insured or potential insured, we collect information from you or your representative through the policy application process. We may also collect information about you from your family members or employer, credit reference agencies, anti-fraud databases, sanctions lists, and relevant government agencies, including public registers or databases as well as credit reference organizations.
If you are a claimant, we will collect information about you when you notify us of a claim, or if the claim is made by someone with a close relationship to you or who otherwise has authority to make a claim on your behalf. We may also collect personal information about you from others who are involved in the claim, including lawyers, witnesses, experts, and adjusters. Finally, we may consult other public sources to validate the claim or protect against fraud or other financial crime.
If you are a business partner, we will collect information about you when you or your company provides that information to us as part of the business relationship.
We may also collect information about anyone who contacts us for any other purpose using the contact form on our website. By using our website, you consent to the collection and use of your Personal Information for the purposes and terms set out in this Notice. If you have any objections to the terms in this Privacy Notice, you should not provide us with any of your Personal Information, as by providing your Personal Information to us, you will be deemed to have consented to the processing of such data. If you have any hesitations or are unsure about any of the terms contained herein, we invite you to connect with us at the contact details provided below.
Why do we collect information about you?
We may collect your Personal Information for the following purposes:
If you are an insured or potential insured:
If you are a claimant:
Information collected automatically online
Sometimes we may be required to share Personal Information for legal reasons. For example, if we are required to do so by a regulation, court order, subpoena, or other legal process. We may also share information when we believe it's necessary to comply with the law or to respond to a government request, or when we believe disclosure is necessary or appropriate to protect AXIS, our clients and business partners, or others.
We may share personal information in the event of a corporate sale, merger, acquisition, dissolution, or similar event. If such an event takes place, we'll post a prominent notice on our applicable website(s) of any change in ownership, as well as any choices you may have regarding your personal information.
We may also disclose your personal information for the purposes described in this Privacy Notice to authorized employees, administrators, affiliates, vendors, service providers and other third parties in the insurance sector, such as consultants, program administrators, managing general agencies, coverholders, claims administrators, brokers, reinsurers, law enforcement, regulators and governmental entities.
Some third parties to whom we can disclose your personal information may be located outside your province of residence. Whenever we disclose your personal information, we see to the implementation of adequate risk controls and data protection measures.
Links to other websites
Our website may offer links to other websites that are not maintained by AXIS. When visiting one of these linked websites, you are subject to the other organization’s privacy notice and other policies. We are not responsible for, or able to monitor or control, the policies and practices of other organizations.
Your Access to and Control Over Information
You may opt out of any future contact from us at any time. Except as required by law, we will cease the use or disclosure of your Personal Information in accordance with your instructions as soon as practicable. You can do the following at any time by contacting our Privacy Officer (details below):
In each of the foregoing cases, we will make all reasonable efforts to promptly honour your request.
We may request specific information from you to help us confirm your identity and your right to access, and to provide you with the Personal Information that we hold about you or make your requested changes. Applicable law may allow or require us to refuse to provide you with access to some or all of the Personal Information that we hold about you, or we may have destroyed, erased, or made your Personal Information anonymous in accordance with our record retention obligations and practices. If we cannot provide you with access to your Personal Information, we will inform you of the reasons why, subject to any legal or regulatory restrictions.
We take reasonable precautions to protect your information. When you submit sensitive information via the website, your information is protected both online and offline.
We take the following specific steps to protect your information:
All access safeguards described above are in place to prevent unauthorized access to and/or use of information stored on or transmitted by our systems.
Retention of Information
We will only retain Personal Information for as long as necessary to fulfil the purposes for which the data is collected, or as required by law. We will make reasonable efforts to remove Personal Information that is no longer relevant for the purposes for which it was collected. Information will be destroyed in a manner such that information is no longer identifiable.
Changes to this Privacy Notice
How to Contact Us
Please address all inquiries, requests, and other communications regarding your personal information or this Privacy Notice to:
Contact: Data Protection Officer
Published: 25 October 2023 v2.0