Menu

Close

Vessel search

About

Solutions

Shipowners P&I

Claims

Services

Contact

Wave
  • Home -  
  • Data Privacy Notice
Intro Image
  • Home -  
  • Data Privacy Notice
MSIG Specialty Marine Data Privacy Notice

Data Privacy Notice

MSIG Specialty Marine is committed to protecting and respecting your privacy.

This Privacy Notice explains how we, MSIG Specialty Marine and its branches, handle any personal data we collect or receive about you, whether you are a broker, agent, other insurance intermediary, insured party, claimant or insurer or whether you are in another (business) relation with us. It also covers how we use information of individuals whose data we process in connection with our products and services, even if you are not a current or prospective customer or beneficiary of our products and services, such as witnesses. We refer to personal data as any information relating to you or another living individual who is identifiable by us.

For information about what cookies are and how we use them, please read our Cookie Policy.

Where you provide us with personal data about other individuals, you must provide this Privacy Notice to them.

Who we are

We are MSIG Specialty Marine NV, a company incorporated under Belgian law having its registered office at Koning Albert-II laan 37, 1030 Brussels, Belgium, and registered in the Crossroads Bank for Enterprises under number 0670.726.393 (“we”). We have branches in the Netherlands, France, the UK and Germany.

We comply with the principle of data minimisation: we avoid collecting or processing data beyond what is required for the purposes set out in this Privacy Notice. We use a combination of technical and organisational measures to protect information in line with data protection laws. Our staff receive training to help us comply with those laws and safeguard your privacy.

How to contact us

We can be contacted via post or email:

Post

The Data Protection Officer MSIG Specialty Marine NV Koning Albert-II laan 37 1030 Brussels BELGIUM

Email

privacy@msig-europe.com

Our Data Protection Officer will handle any questions you may have about the use of your personal data and your rights.

Your rights

  • To be informed about the processing of personal data related to you.
  • To obtain a copy of your personal data held by us.
  • To have any incorrect personal data updated.
  • To request the erasure of any of your personal data.
  • To restrict the use of your personal data.
  • To object to the use of your personal data.
  • To request the personal data you provided to us to be moved to another organisation (data portability).
  • Not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects concerning you or similarly significantly affects you (see “Automated decision making and profiling” below).

How to exercise your rights

If you wish to exercise any of these rights, please contact the Data Protection Officer using the details above. State your request, verify your identity and provide your contact details. To help us respond effectively, we may ask for more detail about what you want to receive or are concerned about.

We aim to respond to all valid requests within one month. It may take longer if the request is particularly complex or you have made several requests; if so, we will let you know. Your rights may not always apply—for example, if responding would impact the duty of confidentiality we owe to others, or where the law allows us to deal with your request differently. We will always explain how we are dealing with your request. In some cases (such as erasure or withdrawal of consent), exercising a right may mean we can no longer provide our products to you.

Complaints about our use of your personal data

We take complaints seriously and encourage you to contact us first. If you prefer, you also have the right to complain directly to the relevant supervisory authority. The competent authority depends on your situation.

Country Authority
UK Information Commissioner’s Office (ico.org.uk)
France CNIL (cnil.fr)
Germany BfDI (bfdi.bund.de)
Belgium Data Protection Authority (dataprotectionauthority.be)
Netherlands Autoriteit Persoonsgegevens (autoriteitpersoonsgegevens.nl)
Singapore PDPC (pdpc.gov.sg)

Updates to this Notice

This Privacy Notice is updated from time to time to reflect changes in our business activities or legal requirements and to ensure transparency.

Information about you and how we use it

Types of personal data we hold

We capture and process different types of personal data depending on the services involved. This may include:

Type of personal data Examples
Individual details Name, address, email address, telephone numbers, date and place of birth, nationality, employer, job title and employment history, family details (including relationship to you), details related to your status as an ultimate beneficial owner.
Official identification details Identification numbers issued by government bodies or agencies, including national insurance number, passport number, enterprise number, tax identification number, driving licence number.
Financial information Bank account number, income or other financial information.
Risk details Information required to assess the risk to be insured and provide a quote, including data related to the crew (with individual details) and criminal convictions.
Policy information Information about quotes you receive and policies you take out.
Anti-fraud data Sanctions, criminal offences and information from anti-fraud databases (including claims history, trustworthiness and morality).
Previous and current claims Information about previous and current claims (including other unrelated insurances), which may include health data, crew data (with individual details) and criminal convictions.

Sometimes we process special categories of personal data (e.g., biometric data and health data), where needed to provide a quote, underwrite your policy or consider your claim (for example, to handle injury claims). We may also collect data about children in some circumstances, e.g., where a child is a claimant.

Sources of personal data

We may obtain data:

  • Directly from you — e.g., applications and claims forms, communications with us, participation in market research, use of our website and (where relevant) device details.
  • From our policyholders, for example where:
    • you are a joint policyholder or a beneficiary under a policy;
    • you are a witness to an incident;
    • you are claiming against one of our policyholders, or a policyholder is claiming against you;
    • you provide professional services (e.g., as a medical expert).
  • From third parties, including:
    • Service providers relating to your product or claim;
    • Vendors providing services to us or another relevant insurer (e.g., loss adjusters, claims handlers, legal advisers, banks, private investigators);
    • Other parties involved in your product or claim (other insurers, brokers, claimants, defendants, witnesses);
    • Healthcare providers;
    • Financial crime, fraud or uninsured detection agencies, databases and sanctions lists (e.g., CUE, No Claims Discount Database, IFB);
    • Government agencies and regulatory bodies (e.g., police, courts, CBE, FSMA, KBIS, ORIAS, Companies House, HMRC);
    • Providers of marketing and advertising services or leads;
    • Services checking no claims discounts;
    • Data accuracy services (e.g., deceased checks, address updates);
    • Publicly available sources (e.g., ONS data, open government data, internet searches, news, online marketplaces, social media/apps such as Twitter/X, Facebook, Instagram).

Why we use your personal data

  • Advising on, arranging and underwriting your policy
    • Understanding your insurance requirements to offer a product that matches your needs and circumstances;
    • Gaining a reasonable understanding of the nature of the risk to be covered;
    • Providing competitive and appropriate pricing;
    • Contacting you to renew your policy for another year;
    • Processing payments and refunds.
  • Administering your policy
    • Managing changes to your policy;
    • Providing and improving client services (including recording/monitoring telephone calls);
    • Maintaining contact with you and relevant third parties.
  • Administering your claims
    • Registering and assessing claims (including liaison with relevant third parties such as repairers or healthcare providers);
    • Running due diligence checks (e.g., AML, claims history, trustworthiness, morality);
    • Investigating fraudulent claims;
    • Defending or prosecuting valid and legal claims.
  • Compliance with legal requirements
    • Preparing and retaining contract documents within statutory periods;
    • Preventing and uncovering money laundering and reporting to authorities;
    • Screening customers/parties against sanctions lists;
    • Checks, investigations and opinions in compliance areas (e.g., AML, fraud, investor/consumer protection, data protection);
    • Responding to your data protection rights and authorities’ questions;
    • Submitting reports to and responding to financial regulators (e.g., FSMA);
    • Responding to enquiries from law enforcement and judicial authorities;
    • Processing data for whistleblowing obligations while protecting confidentiality/anonymity.
  • Marketing
    • Sending direct marketing about products/services we believe may interest you (promotions, trainings, seminars, activities) by email, post and push notifications;
    • Display advertising on websites, apps, social media or search results;
    • You can opt out or change preferences at any time by emailing the Data Protection Officer at. privacy@msig-europe.com
  • Operating effectively as a company (legitimate interests)
    • Administration, risk management and oversight (legal, dispute management, risk calculations, compliance, audits), including secure storage for evidential purposes;
    • Complaint management (including training/monitoring and reporting to authorities such as the relevant ombudsman);
    • Analytics and statistics (fraud analysis, risk analysis, security and non-commercial purposes);
    • Internal and regulatory reporting, organisation of internal controls, defending rights and corporate communications;
    • Processing related to terminating a customer relationship in cases of serious breach of trust (e.g., fraud-related issues);
    • System and process testing where synthetic data is unavailable (with safeguards);
    • Supporting and simplifying onboarding/servicing/offboarding processes (avoiding re-submission of information);
    • Determining, exercising, defending and preserving our rights or those we may represent;
    • Creating synergy, efficiency and other organisational benefits.

Our legal bases for processing your personal data

Depending on the purpose, our lawful basis will be one of the following:

  • Performance of a contract — to arrange, underwrite or manage our products, or handle claims.
  • Compliance with a legal obligation — to meet responsibilities to regulators, tax officials, law enforcement, or other legal duties.
  • Legitimate interests — to operate and improve products/services and keep people informed, or for other appropriate business needs (ours or a third party’s).
  • Consent — where we have obtained appropriate consent for a particular purpose.
Purpose Lawful basis
Communicating with you and others (including complaints handling) Performance of a contract; Compliance with a legal obligation; Legitimate interests
Evaluating your application/renewal or providing a quote Performance of a contract; Legitimate interests
Provision of services and policy administration (including taking payment) Performance of a contract; Compliance with a legal obligation; Legitimate interests
Managing third-party relationships Performance of a contract; Legitimate interests
Management of claims Performance of a contract; Compliance with a legal obligation; Legitimate interests
Financial or other crime/fraud checks Performance of a contract; Compliance with a legal obligation; Legitimate interests
Improving quality, training and security Legitimate interests
Business operations (accounts, financial analysis, IT decommissioning, internal audit) Compliance with a legal obligation; Legitimate interests
Marketing preferences Legitimate interests; Consent

Special categories of personal data — additional legal bases

Where required, we rely on one or more of the following:

  • Reasons of substantial public interest:
    • Insurance purposes (advising on, arranging, underwriting and administering contracts; administering claims; exercising rights/complying with obligations connected to insurance);
    • Complying with regulatory requirements relating to unlawful acts/dishonesty (e.g., AML checks);
    • Preventing or detecting unlawful acts (including disclosures to competent authorities);
    • Preventing fraud (including investigating alleged fraud);
    • Safeguarding the economic well-being of certain individuals (e.g., additional customer support);
    • Equality of opportunity or treatment (e.g., reviewing equality of treatment of customers with additional support needs).
  • Necessary to establish, exercise or defend a legal claim.
  • Information has been clearly or obviously made public by you.
  • Where none of the above apply, we will seek your explicit consent.

Who we share personal data with

We may share data within the MS Amlin group and with external parties where necessary to meet our obligations and provide services, including:

  • Anti-fraud databases; Reinsurers; Other insurers (under court order or to prevent/detect fraud);
  • Claims handlers; Loss adjusters; External parties involved in a claim; Private investigators; Lawyers and solicitors; Industry bodies;
  • Police and law enforcement; Regulatory authorities (e.g., Financial Conduct Authority, ICO, Data Protection Authority and other regulators);
  • The statutory auditor; External parties involved in investigation/defence/prosecution of claims;
  • Our suppliers and sub-contractors for performing contracts with them.

Your data will be shared securely and only when necessary. It will never be sold to external parties for marketing purposes. If you provide false or inaccurate information and we suspect fraud, we will record this to prevent further fraud and money laundering, and we may share it between insurers and with fraud prevention agencies and databases.

Ongoing storage and use of your personal data

We will not keep personal data longer than necessary for the purpose for which it is processed, in line with our Data Retention Policy. Laws/regulations may require retention for specific periods. We may also need records to administer the insurance relationship, fulfil contractual or statutory obligations, or resolve queries/disputes.

Retention is based on:

  • Whether the data is actively required for the purposes in this Notice;
  • Whether there is a legal or regulatory reason to continue retention.

International data transfers

In principle we do not transfer or share your data outside the EEA, the United Kingdom or Switzerland. Where personal data are transferred outside the EU, we transfer only to countries deemed to provide an adequate level of protection or, otherwise, where appropriate safeguards are in place (e.g., Standard Contractual Clauses per Commission Implementing Decision (EU) 2021/914 and other suitable measures), available on request.

Automated decision making and profiling

In some cases, we use automated decision making to generate quotes and to make decisions throughout the life of your policy (e.g., renewals, claims). The process uses information you provide, records we hold, and data from third parties to make predictions (e.g., likelihood and value of a claim, likelihood of purchase, likelihood of fraud) and assess your application.

We also use profiling and data analysis to build, train, market and audit our services. These processes are regularly tested for fairness, effectiveness and to reduce bias. If you object to automated decision making, or want information about the logic involved, to challenge a decision, or to request human intervention, please call the number on the quote page or contact our Data Protection Officer at privacy@msig-europe.com