Data Protection – Privacy Notice


The Association of Medical Insurers & Intermediaries (AMII) is a membership organisation. Each member firm is listed alphabetically and their details can be found in the Find-a-Member section.

AMII does not provide regulated advice or engage in the arranging of general insurance policies

We recognise our responsibility to treat your personal information with care and to comply with all relevant legislation, in particular the Data Protection Act 2018 and the EU General Data Protection Regulation (GDPR) – the “legislation”.This notice covers our requirement to provide you with information on how and why we use your personal data and of your rights under the legislation.

Data Controller

We are classed as the “data controller” in relation to the information we hold in respect of our members, which means we process your data. The contact details are shown at the foot of this notice.Your data may be passed to other parties, including Insurers & Intermediaries, for the purposes of arranging your insurance. These parties could also be data controllers and where necessary will issue their own Data Protection Privacy Notices.

Where you provide information to us you do so freely and with your Consent

Personal Information

Information you provide may be sensitive (special category) as defined in the legislation such as information about your medical history. We can collect such information for insurance purposes without your specific consent but it will only be used for the purposes set out above.If you give us information about another person, in doing so you confirm that they have given you permission to provide it to us and that we may use their personal data in the same way as your own as set out in this notice.

For Insurers and Intermediary Members we will use your data for managing our relationship with you as defined in this Privacy Notice.

For Consumers and other Businesses, we may capture personal and sensitive data, given freely by you, for the purposes of one, or several of our members, providing you with advice in relation to health & wellbeing products and services

Legal Basis for processing your Personal Information

We are required to have a lawful basis (as defined) in order to process your personal data and the relevant basis which we use are show in the table below.

Purpose of processing

Lawful Basis

Providing quotations; arranging and administering insurance policies

Necessary for the performance of an insurance contract

Arranging Premium Finance/ Consumer Credit

Necessary for the performance of a consumer credit contract

Provision of information on products and services (Marketing)

Our legitimate interests or your explicit consent

To notify you of changes in our service

Our Legal and Regulatory obligations

To prevent and detect fraud, money laundering and other financial crimes

Our Legal and Regulatory obligations

To meet general legal or regulatory obligations

Our Legal and Regulatory obligations

Statistical analysis

Our legitimate interests – to refine and enhance the products or services we offer


We may contact you by email, text, telephone, mail or other agreed means to keep you up to date about our service and events.The legislation allows us to do this in our own commercial interests for certain communications with previous customers. In other circumstances we can only do so with your explicit consent. In all cases you can opt out from receiving such communications at any time.

Disclosure of your Personal Information

As a necessary part of providing you with the services described above we may need to disclose your personal data to other third parties. These may include:-

Insurers, Insurance Intermediaries, Insurance Industry databases, Government databases, Credit agencies, Regulatory authorities, the Police and other law enforcement bodies.

Fraud prevention and detection

To prevent and detect fraud we may at any time:-

1. Share information about you with other organisations and public bodies including the Police.

2. Check and/or file your details with fraud prevention agencies and databases.

3. Undertake credit searches and additional fraud searches

We can supply on request further details of the databases which we use.

Cookies & Google Analytics

Our website uses tracking Cookies and Google Analytics to enable us to see which pages of our website you view.You can find out further information about Cookies and Google Analytics by viewing our Cookie Policy

Links to Other Websites

Our website may contain links to other websites of interest, including those of our Members. However, once you have used these links to leave our site, you should note that we do not have any control over that other website.  Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy notice.  You should exercise caution and look at the privacy statement applicable to the website in question.

Retention Period

Your data will not be retained for longer than is necessary and will be managed in accordance with our data retention policy. In most cases the period will be for a maximum of 7 years following the expiry of an insurance contract unless we are required to retain the data for a longer period due to business, legal or regulatory requirements.

Your Rights

You have the following rights in relation to our processing of your personal data-

1. The right to be informed about how we use your personal data (This Privacy Notice)

2. The right to see a copy of the personal information we hold about you. (In most cases this will be free of charge)

3. The right to have personal information rectified if inaccurate or incomplete.

4. The right of erasure of your personal information where there is no compelling reason for its continued processing.

5. The right to restrict processing in certain circumstances, e.g. if its accuracy is being contested.

6. The right to data portability which, subject to certain conditions, allows you to obtain and reuse your personal data across different services.

7. The right to object to certain processing including for the purposes of direct marketing.

8. Rights to information in relation to automated decision making and profiling.

Contact us/Complaints

AMII is registered with the Information Commissioner's Office (ICO).  Our Data Protection Registration Number with the ICO is ZA381883.  If you have a complaint about how we use your personal information, please contact us at the address below.  You also have the right to lodge a complaint with the Information Commissioner’s Office at any time.  For further information on this Privacy Notice, to access your personal information or to exercise any of your other rights, please contact Michael Payne, General Secretary, The Association of Medical Insurers & Intermediaries, The Old School House, Whitecross, Penzance, TR20 8BT Telephone 01736 740491.

Privacy Notice.  Amended 240518 SS