Privacy Policy
At Accelerant, we collect, use and process Personal Information on individuals, including the following individuals who are covered by this Privacy Notice (“Notice”):
- (prospective) insured persons, insurance applicants and policyholders (“Insureds”);
- beneficiaries and other persons named in the insurance policy (“Beneficiaries”);
- persons filing a claim under an insurance policy (“Claimants”);
- persons who serve as a witness in light of an insurance claim (“Witness”);
- collectively (“Insurance Contacts”);
- individuals working for one of our business partners (“Business Contacts”);
- individuals who otherwise interact with us online or offline, for instance by visiting our offices
- or filing a general request for information via our website (“General Contacts”);
- individuals who use and visit our website (“Website Visitors”).
This Notice does not apply to Accelerant employees, job applicants, insurance brokers and agents or our Members (as defined below).
Accelerant takes its responsibility to protect your Personal Information. In that respect, we are committed to handle your Personal Information in accordance with all applicable data protection laws and be transparent as to how we collect, process and share that information.
This Privacy Notice is designed to inform you how Accelerant, its subsidiaries and affiliates collect and use Personal Information when providing services as an insurance business. It explains how, why and when we collect, use, retain and disclose your Personal Information, as well as your own rights in relation to that information.
Accelerant consists of different legal entities pertaining to Accelerant Holdings Group, the details of which may be found here.
Accelerant is an insurance underwriting group. As part of our core activities, we underwrite insurance business via delegated authority. For this purpose, we work through a network of business relationships established with Insurance Market Participants (our Members) who we may rely upon to underwrite, administer policies, and adjudicate claims on our behalf.
For the purpose of this Privacy Notice and the applicable data protection laws the following Accelerant entities act as controller and are responsible for the processing of your Personal Information:
- If you are an Insurance Contact, the relevant Accelerant entity that underwrites the insurance policy that relates to you;
- If you are a Business Contact or General Contact, the relevant Accelerant entity who you are in contact with acts as controller of your Personal Information.
- If you are a Website Visitor, Accelerant Insurance Ltd. acts as controller for your Personal Information.
To consult these Accelerant entities’ contact details, please click here.
In a number of instances, we do not collect the data from you directly (see Section 6: Where Do We Get Your Personal Information From?).
The Personal Information we process depends on your relationship with Accelerant as set out above and whether collection is permitted by applicable law. We collect and process the following categories of Personal Information from you:
Categories of Personal Information | Relationship with Accelerant |
|---|---|
Website usage data and related identifiers such as technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, and operating system and platform. Personal Information collected by us also may automatically include information about your visit, including the full Uniform Resource Locators (URLs); clickstream to, through and from our site (including date and time); what you viewed or searched for; page response times; download errors; length of visits to certain pages; page interaction information (such as scrolling, clicks and mouse-overs); and methods used to browse away from the page. Please refer to our Cookies Policy for more information about how we use cookies. | Website Visitors |
Individual details – name, address, gender, marital status, date of birth, nationality, marketing preferences, vehicle details, penalty points, and family details, including their relationship to you. Contact details, as well as further individual information about you in relation to a claim being made under a policy of insurance such including special categories data – such as medical / health information or criminal history – if the nature of the claim necessitates this. Identification details – identification numbers issued by government bodies or agencies, such as your social security number, passport number, tax identification number and driving licence number. Employment history – including information on your previous and current employer, job title, salary, employment benefit option, professional licences and educational/professional qualifications. Financial information – such as bank account or payment card details, income, investment or other financial information including home valuation and household income. Policy/Contractual information – such as details about quotes you receive and policies you hold and with whom you hold them. Fraud and credit related data – such as credit history, credit score, sanctions and criminal offences, and information received from various anti-fraud databases relating to you. Risk coverage details – information necessary to assess the risk to be insured and provide a quote. This may include data relating to your health, criminal convictions, or other special categories of Personal Information. For certain types of policies, this could also include telematics data. Previous and current claims – information about previous and current claims (including other related insurances), which may include data relating to your health, criminal convictions, or other special categories of Personal Information and, in some cases, surveillance reports. Special categories of Personal Information and criminal convictions data – data concerning your health and criminal offences and convictions data. | Insureds Beneficiaries Claimants |
Contact details, as well as further individual information about you in relation to a claim being made under a policy of insurance such including special categories data – such as medical / health information or criminal history – if the nature of the claim necessitates this. | Witnesses |
Professional information and contact details such as information about your employer, your position/title and your professional contact details. | Business Contacts |
Visual information such as images collected from security cameras in our offices and basic contact details for visitor registration purposes such as your name, relevant professional information and contact details. | General Contacts |
Your marketing preferences. | Website Visitors Business Contacts General Contacts |
Inferences drawn from the above-referenced categories of information to assess risk. | All Insurance Contacts |
Any other information you voluntarily share with us e.g. when you contact our customer service or otherwise engage with us. | Website Visitors All Insurance Contacts Business Contacts General Contacts |
We only process your special category and/or criminal Personal Information where strictly necessary. When we do, we (or our Members) will ask for your explicit consent where such is required in accordance with applicable data protection law, or we rely on a specific authorization in law that allows us to process this information.
Depending on the capacity in which you interact with us as set out above, i.e. as a Website Visitor, Insurance Contact, Business Contact or General Contact, we need to process your Personal Information for different purposes (see Section 5: Why and on what legal grounds do we process your Personal Information?) including to respond to your inquiry, communicate with you, handle claims, assess risk and make decision in regard to your insurance policy application.
If we are not provided with your Personal Information, we are unable to undertake these activities and this may result in, e.g., us being unable to communicate with you or your insurance application being denied because we are unable to assess the risk involved.
We will only use and process your Personal Information where we have a purpose and a legal ground to do so (where this is required under applicable data protection law). We use and process your Personal Information for the purposes and legal grounds set out below, depending on your relationship with us and whether the processing is permitted under applicable law:
Purpose | Relationship with Accelerant | Legal Ground |
|---|---|---|
To consider an application for an insurance policy, assess and evaluate risk, determine the scope, risk coverage and premium of the policy and where applicable, provide you with insurance cover and any associated services.
To manage and administer contracts including or with regard to insurance policies (including dealing with your queries) with you, your employer, our service providers, and our Members.
To manage and administer claims under an insurance policy, including assessing and evaluating the merits of a claim and, where relevant to pay a settlement.
To monitor risks and claims by performing spot checks.
To perform data analysis, draw up insurance-specific statistics and risk qualifications, and to otherwise improve our insurance and underwriting products and services and carry out market research and risk modelling.
To comply with our legal and regulatory obligations as an insurance company, including responding to requests from public authorities and fraud and money laundering prevention. | Insureds Beneficiaries Claimants | The processing of your Personal Information is necessary to perform a contract to which you are a party (the insurance policy) or to take steps prior to entering into a contract with you.
The processing of your Personal Information is necessary for us to comply with legal and regulatory obligations.
The processing of your Personal Information is necessary to support our legitimate interests in managing our business (or those of a third party), in particular to administer insurance policies and applications, claims and assess risk. |
To manage and administer claims under an insurance policy, including assessing and evaluating the merits of a claim and, where relevant to pay a settlement. | Witnesses | The processing of your Personal Information is necessary to support our legitimate interests in managing our business (or those of a third party), including to administer claims. |
Communicating with you and responding to your queries and complaints, providing you with information about our business upon your request, offering you customer service, and operating, securing and improving our website. | Website Visitors | We have a legitimate interest to operate our website and communicate with you upon your request. |
Contact you with respect to products and/or services offered by us which we believe may interest you (including direct marketing). | Insureds Claimants Website Visitors General Contacts | We have a legitimate interest to communicate with you upon your request and send you direct marketing for related products or services. Depending on your location, we may also ask for your consent prior to sending you direct marketing |
Carrying out audits and investigations, and to investigate and resolve complaints, grievances or misconduct | Website Visitors Insurance Contacts Business Contacts General Contacts | We have a legitimate interest to manage our business and to ensure that all investigations and proceedings are managed efficiently and effectively. We have a legal obligation to do so. |
Preparing for and acting in relation to enquiries, investigations or proceedings, by governmental, administrative, judicial or regulatory authorities, including civil litigation. | Website Visitors Insurance Contacts | We have a legitimate interest to manage our business and to ensure that all investigations and proceedings are managed efficiently and effectively. |
Complying with our legal and regulatory obligations including the prevention and detection of fraud, money laundering and other crimes. | Business Contacts General Contacts | We have a legal obligation to do so. |
In connection with a potential asset or stock acquisition of Accelerant, or the outsourcing or insourcing of services provided by employees, providing reasonable diligence material to a third party or meeting any disclosure obligations as required by law. | Website Visitors Insurance Contacts Business Contacts General Contacts | We have a legitimate interest to manage our business. |
Securing our offices and workplace environment. | General Contacts | We have a legitimate interest to secure and protect our offices and business by taking measures such as visitor registration and CCTV security. We have a legal obligation to do so. |
Debugging to identify and repair errors that impair existing intended functionality. | General Contacts | We have a legitimate interest to debug to identify and repair errors that impair existing intended functionality. |
If you are in the European Economic Area (“EEA”) or the UK, You have a right to object to the processing of your Personal Information where that processing is carried out for our legitimate interests. Please note however that we may not be able to fulfil this request in all instances.
Before relying on legitimate interests as a legal basis, Accelerant performed a legal assessment to confirm that your rights do not override its legitimate interests. You can request further details on this assessment by contacting us using the contact details listed in Section 14: Contact details.
The source from which we get your Personal Information will always depend on your specific circumstances.
In most cases, we obtain your Personal Information from Insurance Market Participants (i.e. our Members) and other third parties such as your insurance agent or broker.
On occasion, we may also receive/collect your Personal Information directly from you, such as when you are a Website Visitor or where you are otherwise in direct contact with us. We may also receive your Personal Information from the following sources:
- Persons and companies you are affiliated with or related to including your family members, employer or representative;
- We automatically collect certain information when you visit or use our Website;
- Credit reference agencies;
- Reinsurance companies and other third party insurance companies with whom you have, had, are applying for, or have filed a claim under an insurance policy;
- Anti-fraud databases, CLUE reports, sanctions lists, court judgements and other public databases;
- Government agencies;
- Open electoral registers and other publicly available registers such as company registers;
- Supervisory, regulatory and other public authorities;
- In the event of a claim, third parties including the other party to the claim (claimant/defendant), witnesses, experts (including medical experts), loss adjustors, external counsel, and claims handlers;
- Service providers such as organizations operating our website; and
- Other public and non-public sources including information that is publicly available online.
Automated decision-making is a process whereby decisions, with effect on an individual, are made using automated computing means (i.e., without involvement of a human). Profiling is an automated process whereby Personal Information is processed to evaluate certain personal aspects of an individual to analyse or predict behaviour or aspects.
As explained above in Section 5: Why and on what legal grounds do we process your Personal Information? Accelerant performs data analytics to establish risk patterns and categories using its InsightFull platform. Accelerant offers this platform to our Insurance Market Participants, who, when calculating risk and insurance premiums and where such is permitted by applicable law, compare your Personal Information against these industry averages and patterns. This insurance specific exercise is considered profiling and/or automated decision-making and is necessary to enter into a contract with you – to confirm that the premium amount reflects and adequately matches the associated risk – and/or authorized under applicable law. As a result of these profiling activities, you may be offered a different insurance policy and/or premium, or even be refused insurance.
Profiling may also be used by our Insurance Market Participants to assess information relating to you, to identify and have a good understanding of fraud patterns. Where special categories of Personal Information are relevant, such as medical history or past criminal convictions for certain types of insurance, such special categories of Personal Information may also be used for profiling. However in this case, and where relevant, your prior consent will be requested unless reliance on another legal basis to process this data for profiling purposes applies.
Please reach out to us using the contact details in Section 14: Contact Details below if you want to receive more information.
We will retain your Personal Information only for as long as is necessary for the purpose for which it was originally obtained, to comply with our legal and regulatory obligations, and to defend our rights, and always in line with the data retention periods set forth in the laws and regulations applicable to us.
We share your Personal Information with other Accelerant affiliates. Accelerant employees only have access and process your Personal Information on a “need to know” basis, i.e. only where such access and processing is necessary for such employees to performs the tasks and responsibilities allocated to them.
We also share your Personal Information with the following categories of third-parties:
- Our service providers (e.g. IT vendors supporting our information security and technology, external counsel and other legal advisors, consultants, auditors, website and data hosting providers, marketing agencies, accountants, etc.);
- Governmental authorities including our supervisory regulatory authorities and law enforcement agencies;
- Our Insurance Market Participants (Members);
- Contractors, brokers or financial institutions; and
- Other third parties (i) upon your request; (ii) to protect and defend our rights and properties; (iii) to detect and/or prevent fraud or money laundering; (iv) in the event of a sale, merger or reorganization of our assets or other restructuring; and/or (v) where we are, or believe in good faith that we are, under a legal obligation to share your data.
The categories of personal information we collect about you and the third parties to whom we disclose that Personal Information for a business purpose are as follows:
Categories of Personal Information | Categories of third-parties to whom we disclose Personal Information |
|---|---|
Website usage data and related identifiers | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
Individual details | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
Contact details | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
Identification details | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
Employment history | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
Financial information | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
Policy/Contractual information | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
Fraud and credit related data | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
Risk coverage details | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
Previous and current claims | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
Special categories of Personal Information and criminal convictions data | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
Professional information | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
Visual information | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
Your marketing preferences. | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
Inferences drawn from the above-referenced categories of information to assess risk. | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
Any other information | Intra-group Accelerant entities, service providers and other interested third-parties (in connection to the purpose for which data was collected) as reflected above. |
In the preceding twelve (12) months, we may have disclosed the above listed categories for a business purpose. We do not sell Personal Information, and in the preceding twelve (12) months, we have not sold Personal Information.
The recipients who we share your Personal Information with, as mentioned in Section 9: Who do we share your Personal Information with? may be located in countries that may have data protection laws that are different to the laws of your country, and in some cases, may not have an adequate level of data protection , which means that local laws may provide for a lower standard of protection for Personal Information than the one that applies within your jurisdiction.
We only transfer your Personal Information to these jurisdictions in compliance with applicable data protection law and transfer restrictions, and we implement appropriate safeguards where required.
If you are located in the EEA/UK and we transfer your Personal Information to other Accelerant group companies located outside the EEA/UK, we rely on the EU Commission Standard Contractual Clauses (“SCCs” – link here) (amended for use in the UK as appropriate with the application of the international transfer addendum (“Addendum” – link here) to the EU SCCs) (Art. 46(2)(c) GDPR) or the UK standalone international data transfer agreement (“IDTA” – link here). Where your Personal Information is transferred to another recipient outside of the EEA/UK we will seek to enter into SCCs or international data transfer agreement with the recipient, seek assurances from the recipient that they have Binding Corporate Rules in place (Art. 46(2)(b) GDPR) or, in exceptional circumstances, rely on a derogation under applicable data protection law (Art. 49 GDPR) (e.g., where the transfer is necessary for the defence of legal claims). Further, where there is a direct transfer of Personal Information from you as an individual to us or one of these recipients outside the EEA/UK we rely on the household exemption where this is available under applicable data protection law. Furthermore, Accelerant relies on the recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data from the European Data Protection Board.
If you are in the EEA/UK, you may obtain more information with regards to the transfer mechanism used by contacting us using the contact details below.
If you are in the EEA/UK and would like to receive further details on the safeguards implemented for the transfer of your Personal Information, you may contact our Data Protection Team using the contact details reflected under Section 14: Contact Details below.
As a data subject, you may have rights with respect to the processing of your Personal Information under our control as follows:
- Access your Personal Information – You may ask us what Personal Information we process and request copies of such Personal Information;
- Rectification of Personal Information – You may ask us to rectify or update Personal Information that is inaccurate or incomplete;
- Erasure of Personal Information – You may ask us to delete your Personal Information in certain instances;
- Restriction of processing – Under certain circumstance (such as when you question the accuracy of the Personal Information we hold on you or the lawfulness of its processing) you may request us to stop processing such data until your request is resolved;
- Data portability – In certain cases, you may ask us to send an electronic copy of your Personal Information directly to you or to another organization;
- Object – You may object to any processing of your Personal Information, including profiling, based on the ground of legitimate interest, as well as the share of your Personal Information for cross-context behavioural advertising;
- Withdraw – Where processing of your Personal Information is based on your consent – you may at any time withdraw your consent however this will not affect any processing we did before withdrawal.
Please note that in addition to the abovementioned limitations to your rights, other limitations to the above rights may apply, for instance to safeguard the public interest (e.g., the prevention or detection of crime).
You also have the right to lodge a complaint about the processing of your Personal Information with the competent data protection authority which typically would be the supervisory authority of the country you are located in. Please find below the competent authorities depending on your location:
- To consult a full list of all EU data protection authorities, please click here.
- To consult the UK data protection authority’s contact details please click here.
- To consult the United States authorities’ contact details, please click here (California users), here (Colorado users) and here (Virginia users).
- To consult the Canadian authority’s contact details please click here.
Accelerant will verify that the information you submit (which may include your first name, last name, email address, company, and country/state) matches our records before we fulfil the request. You may use an authorized agent to submit a consumer rights request on your behalf using the methods above, however, Accelerant will require the authorized agent to provide signed permission to submit the request on your behalf and may still contact you to confirm your identity and that this request was submitted with your permission.
Accelerant does not discriminate against you for exercising your rights or offer you financial incentives related to the use of your personal information.
In order to exercise the above listed rights, please contact our Data Protection Team using the contact details reflected under Section 14: Contact Details below. Please note that we may ask you to verify your identity.
The Personal Information collected by Accelerant is secure and maintained in a manner consistent with current industry standards, laws, and regulations. Your Personal Information is protected in several ways:
- It resides on a secure server that only selected personnel and contractors can access using a unique logon and password. Access is provided based upon the principle of least privilege;
- We encrypt your Personal Information in transit in order to prevent unauthorized parties from viewing that information when it is transmitted;
- We use internet firewalls, intrusion detection and network monitoring depending on the nature of the information and the scope of processing.
Our services are not directed to or intended for individuals under 18 years of age. We do not knowingly collect information from individuals under the age of 18 years without parental consent. If we become aware that an individual under 18 years has provided us with personal information without parental consent, we will take steps to remove the data as permitted by law.
We do not knowingly sell or share information of individuals under the age of 16 years.
For all details regarding compliance with data protection/Personal Information laws, please contact our Group Data Protection Officer (“DPO”) by using the following contact details:
Postal Address:
Group Data Protection Officer
Bastion Tower – Floor 12
Place du Champ de Mars 5,
1050 Elsene,
Belgium
Email: [email protected]
For the Californian users, you might use the following phone number for exercising your rights: 833-284-9200
We may change this Privacy Notice from time to time. If such changes are material in nature, we will provide you with additional notice (such as adding a statement to the Website page or sending you an email notification). The most current version of the Privacy Notice in effect at the time of your use of the Website will govern your use of it. Changes to the Privacy Notice will not be applied retroactively to Personal Information that was collected before the effective date of any change, unless required by applicable law.
Term | Meaning |
|---|---|
Insurance Market Participants | Managing General Agents and Third Party Administrators or our “Members”. |
Personal Information | Any information relating to an identified or identifiable person i.e. who can be directly or indirectly identified |
Special categories of information | Certain categories of Personal Information, which have additional protection under certain data protection laws due to their sensitivity. The categories are health, criminal convictions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric, or data concerning sex life or sexual orientation. |
We, us | Accelerant Group companies |
You, your | Website Visitors, Insurance Contacts, Business Contacts and General Contacts. |
Data protection law | Local regulation and legislation that is offering the protection on Personal Information to ensure that natural persons can trust Accelerant to use their Personal Information fairly and responsibly. Such texts include (but are not limited to) the EEA/UK General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the California Consumer Privacy Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA), the Colorado Privacy Act or the Personal Information Protection and Electronic Document Act (PIPEDA). |
Last Update: July 2023