Apollo Syndicate Management Limited (“Apollo”) is a Lloyd’s Managing Agency. Our managed syndicates underwrite insurance and reinsurance business in the Lloyd’s building in London.
The underwriting process will frequently involve the collection and processing of assureds’ Personal Data. Apollo uses Personal Data primarily in order to evaluate risk, monitor exposures and to manage claims. Further information about how we use your personal data can be found in section 2 below.
The London insurance market is a complex network of insurers, brokers, reinsurers and professional services firms. Your data will often be shared by market participants through the market lifecycle in order for appropriate insurance coverage to be secured and for claims to be managed and settled. Further information about who we share your personal data with can be found in section 5 below.
The contact details of our Head of Compliance are shown below. Please contact the Head of Compliance should you have any queries about how we handle your personal data, or wish to exercise any of your rights, as detailed in section 9 below.
The purposes that Apollo might use your personal data for are listed below:
Other purposes outside of the insurance lifecycle but necessary for the provision of insurance throughout the insurance lifecycle period:
The lawful basis that we normally rely on for the collection and processing of personal data is that it is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
Occasionally we may rely on your consent as the lawful basis for processing special categories of personal data, such as medical and criminal convictions records. For this to apply, we must obtain your clear consent for us to process your personal data for a specific purpose.
You may withdraw your consent to such processing at any time. However, if you withdraw your consent this may impact our ability to provide insurance or pay claims.
The full list of the legal grounds that we might rely on for the purpose of processing Personal Data under the General Data Protection Regulation (GDPR) is shown below:
Performance of our contract with you
Processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering into a contract.
Compliance with a legal obligation
Processing is necessary for compliance with a legal obligation to which we are subject.
Protection of vital interests of you or another person
Processing is necessary in order to protect the vital interests of you or of another natural person.
In the public interest
Processing is necessary for the performance of a task carried out in the public interest.
For processing special categories of personal data
Your explicit consent (optional)
You have given your explicit consent to the processing of those personal data for one or more specified purposes.
You are free to withdraw your consent, by contacting our Head of Compliance.
Your explicit consent (necessary)
You have given your explicit consent to the processing of those personal data for one or more specified purposes, where we are unable to procure, provide or administer insurance cover without this consent.
You are free to withdraw your consent by contacting our Head of Compliance. However withdrawal of this consent will impact our ability to provide insurance or pay claims.
For legal claims
Processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity.
In the substantial public interest
Processing is necessary for reasons of substantial public interest, on the basis of EU or UK law.
For health services
Processing is necessary for the purposes of preventive or occupational medicine, for medical diagnosis, the provision of health or social care or treatment on the basis of EU or UK law or pursuant to contract with a health professional who is under legal or professional obligations of secrecy
In order for us to provide insurance quotes, insurance policies, and/or deal with any claims or complaints, we need to collect and process personal data about you. The types of personal data that are processed may include:
Types of Personal Data
Name, address (including proof of address), other contact details (e.g. email and telephone numbers), gender, marital status, date and place of birth, nationality, employer, job title and employment history, and family details, including their relationship to you
Identification numbers issued by government bodies or agencies, including your national insurance number, passport number, tax identification number and driving licence number
Bank account or payment card details, income or other financial information
Information about you which we need to collect in order to assess the risk to be insured and provide a quote. This may include data relating to your health, criminal convictions, or other special categories of personal data. For certain types of policy, this could also include telematics data.
Information about the quotes you receive and policies you take out
Credit and anti-fraud data
Credit history, credit score, sanctions and criminal offences, and information received from various anti-fraud databases relating to you
Previous and current claims
Information about previous and current claims, (including other unrelated insurances),which may include data relating to your health, criminal convictions, or other special categories of personal data and in some cases, surveillance reports
Special categories of personal data
Certain categories of personal data which have additional protection under the GDPR. The categories are health, criminal convictions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric, or data concerning sex life or sexual orientation
We collect your personal data from various sources, which may include:
Which of the above sources apply will depend on your particular circumstances
The parties with whom we may share your Personal Data, and the reasons for sharing it, are listed in the table below:
Affiliates of Apollo
Exposure modelling companies
London market data management companies
Auditors and actuaries
Credit reference agencies
Solicitors / attorneys
Third parties involved in a claims
Police / law enforcement agencies
PRA, FCA and other regulators
To obtain credit reports of counterparties
To check bona fides of counterparties
Company sales / reorganisations
We may need to transfer your data to insurance market participants or their affiliates or sub-contractors which are located outside of the European Economic Area (EEA). Those transfers would always be made in compliance with the GDPR.
If you would like further details of how your personal data would be protected if transferred outside the EEA, please contact Apollo’s Head of Compliance.
When calculating insurance premiums Apollo may compare your personal data against industry averages. Your personal data may also be used to create the industry averages going forwards. This is known as profiling and is used to ensure premiums reflect risk.
Profiling may also be used by Apollo to assess information you provide to understand fraud patterns.
Where special categories of personal data are relevant, such as medical history for life insurance or past motoring convictions for motor insurance, your special categories of personal data may also be used for profiling.
We will keep your personal data only for so long as is necessary and for the purpose for which it was originally collected. In particular, for so long as there is any possibility that either you or we may wish to bring a legal claim under this insurance, or where we are required to keep your personal data due to legal or regulatory reasons.
If you have any questions in relation to our use of your personal data, you should contact Apollo’s Head of Compliance. Under certain conditions, you may have the right to require us to:
If you are not satisfied with our use of your personal data or our response to any request by you to exercise any of your rights, or if you think that we have breached the GDPR, then you have the right to complain to the ICO. Please see below for contact details of the ICO.
Information Commissioner's Office
Wycliffe House, Water Lane
Tel: +44 (0)303 123 1113 (local rate)
or +44 (0)1625 545 745 (national rate)
Information Commissioner's Office
2nd floor Churchill House
Churchill Way, Cardiff
Tel:+44 (0)29 2067 8400
Information Commissioner's Office
45 Melville Street
Tel: +44 (0)131 244 9001
Information Commissioner's Office
14 Cromac Place
Tel: +44 (0)303 123 1114 (local rate) or +44 (0)28 9027 8757 (national rate)
Apollo Syndicate Management Ltd
1 Bishopsgate, London, EC2N 3AQ
+44 (0)20 3169 1970
Head of Compliance:
Who the personal data is shared with
Reason for sharing your personal data
For our legitimate business interests
Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data, in particular where you are a child. These legitimate interests are set out next to each purpose.
Protection of vital interests of you or another person, where you are unable to consent
Processing is necessary to protect the vital interests of you or of another natural person where you are physically or legally incapable of giving consent.
Further information about how Personal Data is collected and shared in the London Insurance Market (including a glossary of kety insurance terms) can be found in the insurance Market Core Uses Information Notice viewable here
Further information about how Personal Data is collected and shared in the London Insurance Market (including a glossary of key insurance terms) can be found in the insurance Market Core Uses Information Notice viewable here