The GDPR came into effect on 25th of May 2018 and replaced previous Data Protection Laws in the European Union.
The reason for this change is to give people more control over how their personal data is being used.
At Liberty Insurance, we take Data Protection seriously and recognise that as a prospective or existing customer, you may have some queries on what the GDPR is and how it impacts your relationship with us.
We are committed to ensuring you have all the information you need to further understand how and why we process and store your personal data.
Please read our General Data Protection Notice and frequently asked questions below.
Liberty Insurance has a Data Protection Officer available to answer any data queries, concerns and data subject right requests. You can submit a request here.
1. Identification and contact details of the Data Controller.
Liberty Insurance has a Data Protection Officer appointed before the Data Protection Commission, who can be contacted at the following address DataProtectionOfficer@libertyinsurance.ie. If you have any questions regarding the processing of your personal data, please contact the Data Protection Officer at the aforementioned address.
These informative tables will detail:
The purposes of the processing of your personal data, i.e. the reason why Liberty Insurance processes your personal data.
The legal basis that allow the processing of data by the Insurer for each of the purposes indicated.
The possible communication of your data to third parties, as well as the reason for such communication. For these purposes, we do not transfer your personal data to third parties except when there is a legal obligation to do so (Tax Authorities, Judges and Courts, Security Forces and Bodies...), or when we expressly indicate it in the table that appears below. On the other hand, Liberty Insurance data processors may have access to your personal data, i.e. service providers that have access to your personal data for the performance of their services. Service providers who access your personal data are generally providing services relating to information systems, technology, telecommunications, cloud computing and network security, profiling for statistical-actuarial purposes, private investigation, anti-fraud, finance and billing, professional services where necessary (including experts, lawyers, garages or doctors), or customer services. The table below will indicate those other areas where Liberty Insurance service providers may have access to your data from time to time. You can request more detailed information about the recipients of your data by sending an e-mail to the address DataProtectionOfficer@libertyinsurance.ie, indicating the specific processing activity about whose recipients you would like information.
The existence of potential international data transfers. For these purposes, many of our processing activities require the transfer of data internationally to technological service providers or entities of the group to which Liberty Insurance belongs, located in the United States, United Kingdom and India, for which the pertinent Standard Contractual Clauses apply. You can request more detailed information regarding the international transfers of your data or the guarantees applied by sending an e-mail to DataProtectionOfficer@libertyinsurance.ie indicating the specific processing activity about which you would like to receive information about the guarantees applying.
The retention period of the data you provide us with. For this purpose, we keep your personal data for the duration of the contractual relationship, or for a longer period if you have given us your consent. Subsequently, your data will remain blocked to deal with judicial, administrative or tax claims, during the statute of limitations period determined by the applicable regulations.
3. Necessary, up-to-date and accurate information
You are required to provide us with the data we request through various means of collection, including the digital portals of Liberty Insurance, email, webchat, telephone or paper. If you do not provide us with all information requested, we may not be able to send you communications or provide you with the insurance related services you have requested. Likewise, by fulfilling and sending the required information, you declare that the information and data you have provided is accurate and true.
So that the information provided is always up to date and contains no errors, you must inform Liberty Insurance, as soon as possible, about the changes to and rectifications of your personal data, using the form you will find at the following link
4. Exercising your rights
You can exercise the following rights:
right of access to your personal data to find out if it is being processed, and if so, what exactly is being processed and the specific processing activity that is being carried out, including the purposes, categories of data processed and recipients, among other information;
right of rectification of any inaccurate personal data;
right of erasure of your personal data when, among other reasons, it is no longer necessary for the purposes for which it was collected, and provided that the legitimate basis that enables us to process it, from among those indicated in the second column of the table included in section 5, is not a legal obligation;
right to object to the processing of your personal data, provided that the legitimate basis that enables us to process it, from among those indicated in the second column of the table included in section 5, is the legitimate interest of Liberty Insurance or a third party. Liberty Insurance will stop processing your data unless a compelling or higher legitimate interest for the processing is proven, or in case we may retain the data in blocked form for the exercise or defence of claims;
the right to request the restriction of the processing of your personal data where the accuracy, lawfulness or necessity of the data processing is in question, in which case we may retain the blocked data for the exercise or defence of claims;
the right to portability of your data, i.e. to receive your personal data in a structured, commonly used and machine-readable format, in order to transmit it to you or to another data controller, provided that the legitimate basis that enables us to process it, from among those indicated in the second column of the table in section 5, is the existence of a contractual relationship or your consent;
the right not to be subject to automated decisions that may effect on your legal rights, or that significantly affect you and when such decisions are being made
right to revoke your consent given to Liberty for the processing of your data, provided that the legitimate basis that enables us to process your data, from among those indicated in the second column of the table included in in section 5, is your consent.
You can exercise your rights at any time and free of charge through the form you will find at the following link
In addition, you have the right to lodge a complaint with Liberty Insurance or the Data Protection Commission if you believe that there has been a breach of data protection legislation in relation to the processing of your personal data.
5. Detailed information of the processing carried out by service.
|Purpose of the processing||Legitimate basis||Recipients||International transfers|
|To detect and resolve possible incidents and failures in the webs and digital channels that affect web users, preventing them, among others, from completing online transactions, as well as monitoring and hosting web traffic in order to limit the transmission of documents, links or malicious access
||Legitimate interest of Liberty Insurance in ensuring the safe and efficient operation of its websites and in improving the user experience||Your data may be communicated within the framework of this processing to the parent company of the group to which Liberty Insurance belongs. The categories of service providers that may have access to your information are those listed in section 2.||To the US and India by means of the respective Standard Contractual Clauses approved by the European Commission.|
|Management of published content and interactions with customers and users through Liberty Insurance social networks.||Liberty Insurance legitimate interest in interacting with its customers and users through social networks.||Your personal data will not be transferred on the basis of this processing. The categories of service providers that may have access to your information are those listed in section 2.||To the US by means of the respective Standard Contractual Clauses approved by the European Commission, as well as to the United Kingdom by virtue of the applicable Adequacy Decision.|
|To assist and reply to the requests received through the different contact channels.||Performance of a contract or pre-contract.|
The personal data that we may collect through our websites, portals, forms, contact mailboxes, as well as through the various electronic or telephone communications that we maintain with you or your representative will be processed confidentially by Liberty Insurance, with Liberty Insurance pledging to keep these confidential in accordance with the provisions of applicable law.
7. Safe environment.
In order to comply with the legal requirements on the protection of personal data, access to some of the areas of Liberty Insurance websites is done in a secure environment (i.e. SSL, Secure Socket Layer, TLS- Transport Layer Security or similar), which implies that all operations and transactions are carried out on a secure server whose access is restricted to certain users, and that all information exchanged is encrypted, which ensures the authenticity of Liberty Insurance websites from where personal data is collected, as well as the integrity and confidentiality of personal data during its transmission.
Users can verify that they are in a secure environment when they see a symbol representing a closed padlock at the bottom of the browser and the internet protocol changes from http: // to https: //. Additionally, certain configurations of some browsers inform the user by means of a message on the screen when they are going to enter and leave a secure server.
The website is designed to provide our customers and prospects information about our company, as well as our products and services. Liberty Insurance does not sell or provide third parties with any information for mailing lists or direct marketing companies, nor does it send communications that have not been previously requested or accepted by users.
It is understood that the user who submits a request by email wants it to be addressed and answered by Liberty Insurance in the same way, including, where appropriate, the sending of promotional information requested by the user.
8. Recommendations against fraud.
If you have been the victim of an attack, fraud or attempted fraud, and have provided information, report it to the Garda.
The regulations on Telecommunications and Information Society Services attribute to the Data Protection Commission the protection of the rights and guarantees of users in the field of electronic communications. Among them, the defense of the privacy of Internet users against Spam.
Data Privacy Notice Documents
Do you want to learn more about GDPR?
Personal data is any information that can identify a living individual person, directly or indirectly. It can be anything from a name, a photo, a registration number, an email address, bank details, post’s on social networking websites, medical information, or a computer IP address.
Sensitive personal data consists of information on an individual which is of private nature and may lead to discrimination. GDPR provides stringent protections for sensitive data compared to other types of personal data. Sensitive data includes health and conviction, genetic and biometric data.
The GDPR stands for General Data Protection Regulation and is the new European Union Regulation that applies across the EU. It comes into effect on the 25th May 2018 and will bring in significant changes to current data protection laws in the European Union.
It applies to all companies processing and controlling the personal data of data subjects residing in the European Union, regardless of the company’s location.
GDPR will replace the existing data protection act, as data is now used very differently, for examples the use of the internet and social media has transformed how we interact with data. GDPR seeks to improve trust in this emerging digital age by giving people greater control and rights over their personal data.
Organizations can be fined up to 4% of annual global turnover for breaching GDPR or €20 Million. This is the maximum fine that can be imposed for the most serious infringements.
There are a number of reasons why Liberty collect and use personal information including:
- To process your applications
- To help administer your products and services
- To ensure we provide you with the best service possible
- To prevent unauthorised access to your accounts
- To meet our legal and regulatory obligations
- You can find out more about how Liberty uses your personal data in Section 3, 4 and 5 of the Data Protection Notice.
A “Data Controller” is the individual or the legal person who controls and is responsible for the keeping and use of personal data on computer or on structure manual files. If you hold or process personal data, but do not exercise responsibility for or control over the personal data then you are a “Data Processor”.
Parental consent will be required to process the personal data of children under the age of 13 for online services.
The new law will give individuals greater control over their data by setting out additional and more clearly defined rights for individuals whose personal data is collected and processed by Liberty.
There are eight fundamental rights of individuals under GDPR. These are:
- The right to be informed - Liberty must be completely transparent in how they are using personal data.
- The right of access - Individuals will have the right to know exactly what information is held about them and how it is processed.
- The right of rectification - Individuals will be entitled to have personal data rectified if it is inaccurate or incomplete.
- The right to erasure - Also known as "the right to be forgotten", this refers to an individual's right to have their personal data deleted or removed without the need for a specific reason as to why they wish to discontinue.
- The right to restrict processing - Refers to an individual's right to block or suppress the processing of their personal data.
- The right to data portability allows individuals to retain and reuse their personal data for their purpose.
- The right to object - In certain circumstances, individuals are entitled to object to their personal data being used. This includes if a company uses personal data for the purpose of direct marketing, scientific and historical research, or the performance of a task in the public interest.
- Rights of automated decision making and profiling - The GDPR has put safeguards to protect individuals against the risk that a potentially damaging decision is made without human intervention. For example, individuals can choose not to be the subject of a decision where the consequence has a legal bearing on them or is based on automated processing.
You can find out more about your privacy rights, please see Section 9 of the Data Protection Notice.
At times, we need to share your personal data with trusted third parties who perform important functions for us. For example, we use third parties to help us address fraud and security issues. We also are required to cooperate with Irish, EU regulatory and enforcement bodies.
You can find out more about why we share personal data in Section 5 of the Data Protection Notice.
The protection and security of your personal data is of the highest importance to us. We use a variety of technologies and procedures to help secure your personal data from unauthorised access, use or disclosure. Our Data Protection Notice outlines how we do this in more detail.
You can download our Data Protection Notice or request a copy by email or calling 1890 89 1890. A Data Protection Notice is a document that every company who processes personal data must produce and make available and explains how we manage your personal data. We have appointed a Data Protection Officer ('DPO') who can answer any of your data queries or concerns. You can contact our DPO by post: Data Protection Officer, Liberty Insurance, Dublin Road, Cavan, Co. Cavan by telephone: 01 553 4229.: or by submitting a request.
If you would like to learn more about GDPR please visit the Data Protection Comission.