Website Data Protection Statement

AXA recognises that protecting personal information, including sensitive personal information, is very important and that you have an interest in how we collect, use and share such information. This Website Data Protection Statement sets out how we will use the information we gather from visitors using our websites. However, this document does not deal with the information gathered in the online quote pages, which are explained in our Customer Data Protection Statement.

This Website Data Protection Statement provides information on the following topics:

  1. Contact information
  2. How we use your information and the legal basis we rely on to process it
  3. Who we share your information with
  4. What personal data we collect
  5. How long we hold your personal data
  6. Your rights in relation to your personal data
  7. How to withdraw consent

1. General

References to “AXA”, “us”, “our” and “we” mean AXA Holdings Ireland Limited and its subsidiaries, including AXA Insurance dac, and any associated companies from time to time. AXA is the data controller for the personal data we gather via our websites.

References to “our websites” mean the websites operated by AXA, including all webpages that exist on the domain names axa.ie, axani.co.uk & axacommunitybikerides.com and all subdomains of these sites with the naming structure ‘example.axa.ie’ and any other website that AXA creates in the future.

Queries and Complaints

If you would like to contact us in relation to any aspect of our use of your personal data, please contact our Data Protection Officer (or ‘DPO’) at +353 (0)1 471 1812 or compliance@axa.ie or write to: DPO, AXA Insurance dac, Wolfe Tone House, Wolfe Tone Street, Dublin 1.

Alternatively you have the right to lodge a complaint with a data protection regulator, such as the Data Protection Commission (in Republic of Ireland) or the Information Commissioner’s Office (in Northern Ireland). Their contact details are available at www.dataprotection.ie and www.ico.org.uk.

2. Use of Information

We use your personal information the following purposes:

PurposesLegal basis
  • Preventing misuse of the websites;
  • Ensuring the websites operate as expected;
  • Managing the cookie preferences of our website visitors;
  • Staff training, management and discipline;
  • Customer service and complaint handling.
The processing is necessary for the legitimate interests of AXA:

It is necessary for the purposes of our legitimate interest in the safe and proper running of our business; and to manage, protect against and investigate fraud, risk exposure, claims and other liabilities, including but not limited to violation of our contract terms or laws or regulations.
  • Review and improve the website.
The processing is necessary for the legitimate interests of AXA:

It is necessary for the purposes of our legitimate interest in improving and adapting our websites and to ensure that they are effective and efficient, and to operate, evaluate and maintain the website (including by monitoring and analysing trends, access to, and use of the website for advertising and marketing).
  • Personalising adverts displayed to users while browsing other websites.
  • Reporting and attribution of digital advertising spend.
The processing is necessary for the legitimate interests of AXA:

It is necessary for the purposes of our legitimate interest in ensuring that the advertising you receive is targeted based on an interest you have exhibited in one of our products & ensuring our digital advertising investment is effective.
  • The placement of cookies on your device.
The processing is carried out with your consent

3. Sharing of Information

In processing your personal data we may share it with various third parties, including:

  • You or your representatives, such as a relative, a friend or your lawyers (where we handle a query or complaint from you or on your behalf);
  • Our representatives/partners: companies that provide the services we require for the above purposes (including for example cookie preference management, data storage, IT support, data analysis and complaints handling);
  • Other AXA Group companies; and
  • Our regulators and other authorities who require us to provide them with information on our processing activities.

International Transfers

On occasion we or a service provider may transmit certain aspects of your personal data outside the European Economic Area (“EEA”) to other members of the AXA Group or to other recipients. In such circumstances, we will ensure that such transmissions are carried out securely and in accordance with data protection law.

The non-EEA countries/companies to which personal data is sent include the United States of America, India, Costa Rica, Malaysia and AXA Group companies based outside the EEA.

AXA complies with its legal requirements regarding international transfers of data by various means, including by entering into standard data protection clauses adopted by the European Commission, by entering Binding Corporate Rules with the AXA Group or under adequacy decisions of the European Commission that establish certain countries as ensuring an adequate levels of data protection.

If you would like more information about the relevant safeguards involved in the transfer of personal data to countries or companies outside the European Economic Area, please visit the European Commission’s website on data transfers outside the EU or contact the Data Protection Officer using the details in Section 1 'General' above.

4. Data Collected

The data we gather is as follows:

  • Technical Data: for example, the log file records the time and date of your visit, the pages that were requested, the referring website (if provided), your internet browser type and version, your operating system and platform and other technical aspects of the devices you use to access our websites (including device make & model, screen resolution, pixel density, colour depth, input types (touch, mouse, keyboard), language, java/flash support and so on);
  • Usage Data: this includes information about how you use our website, for example the pages of our Websites that you viewed;
  • Analytics and Attribution Data: this includes advertising campaign data, data extracted from the web page source code and unique user IDs randomly generated by analytics software;
  • Cookie Preferences: the acceptance or rejection of cookies being placed on your device;
  • Cookies: information about cookies and how we use them can be found in our Cookie policy;

All data AXA obtains through the use of websites (other than when you enter it yourself manually) is gathered from the device you use to access our websites.

5. Retention of Data

We keep personal data only for as long as required to fulfil the purposes for which it was collected. We retain your personal data for a period of time corresponding to a statute of limitation setting out the period during which legal claims may be filed in court. In some circumstances we may retain personal data for other periods of time, for instance where we are required to do so in accordance with legal, tax and accounting requirements, or if required to do so by a legal process, legal authority, or other governmental entity having authority to make the request, for so long as required.

6. Your Rights

As a ‘data subject’, you have the right:

  1. to withdraw consent at any time where the processing activity is based on your consent (see below).
  2. of access to the personal data concerning you that we hold and to be informed why and how we process that data.
  3. to require us to correct any inaccurate information about you (including missing details). In certain cases, you are required by the terms of your insurance policy to make such corrections.
  4. of erasure/right to be forgotten, which means you have a right to have personal data concerning you erased. However, you may only request the deletion of your data in specific situations.
  5. to data portability, which means you may request from us all personal data that you provided to us. You may also request that we send this data to another company or person.
  6. to object to the processing of your personal data, where we do so on the basis of a ‘legitimate interest’ (see the Legal Basis section above). We will then stop processing the personal data in question unless we can demonstrate compelling legitimate grounds for the processing that override your right or unless we need to use it in a legal claim.
  7. to restrict processing of your personal data where you feel that it is inaccurate, that we are processing it unlawfully or that we no longer need it or where you have invoked your right to object (as set out in Section 5 (e) above).

Please send all requests to us (details in Section 1 ‘General’ above) in writing (by post or email).

If we are processing your information on the legal basis of consent, you are entitled to withdraw your consent at any time. Therefore, if you withdraw your consent, we would not be allowed to use your personal data for that activity from that point forward. However, it would not invalidate any processing we carried out prior to your withdrawal of consent. More details on the legal bases on which we rely are set out in Section 2 ‘Use of Information’ above.

To withdraw your consent to the use of any categories of cookies, please click here.