Privacy and legal

Privacy policy

This is a summary of our full data privacy policy, which you can find at axa.co.uk/privacy-policy.

The privacy policy relating to our Health Services (psychological, musculoskeletal and wellbeing services) is at axahealth.co.uk/health-services-privacy-policy

Data Collection:

We get information when you, another family member, or your employer apply for, or buy, products or services, when you claim or use our services, when you fill out surveys or feedback forms or when we do customer research / analysis. We gather this information from various sources, including:

  • Directly from you or a family member through applications, claims forms, and other interactions.
  • Your employer (if you are a member of a company scheme), your insurance broker if you have one and third-party suppliers of information, such as credit reference agencies.
  • Healthcare providers and other third parties involved in your care.

Personal Information we Process

This includes:

  • Contact details (name, email, postal address).
  • Health-related information including medical history and conditions.
  • Financial information relevant to insurance policies and claims.

Purpose of Data Use:

The primary purposes for the collection and processing of personal information include:

  • Underwriting, providing and managing healthcare plans and related benefits.
  • Assessing eligibility for benefits and processing claims.
  • Communicating with you about your plan.
  • Reclaiming costs from third parties if a claim relates to an injury caused by a third party
  • Ensuring compliance with legal and regulatory obligations.
  • Enhancing customer service, understanding more about you and developing new products.
  • Preventing and detecting crime and medical malpractice

Data Sharing:

We may share personal information with others including:

  • AXA Group companies to allow them to contact you if you have agreed.
  • Your (or if you are part of a group scheme your employer’s) insurance broker
  • Healthcare providers, to facilitate the delivery of services or manage claims.
  • Our professional advisers such as law firms.
  • Regulatory bodies and law enforcement, when required by law, or to prevent or detect medical malpractice, or for fraud prevention.

Data Retention:

AXA Health retains personal information for a period determined by our need for the information and legal and regulatory requirements: typically between three and thirteen years. This retention period ensures compliance with laws while allowing for necessary data usage for analysis, claims and service management.

Individuals' Rights:

You have several rights concerning your personal information, including:

  • The right to obtain copies of personal data about you.
  • The right to rectification of inaccurate data.
  • The right to request deletion of your personal information under certain conditions.
  • The right to restrict processing
  • The right to data portability.
  • The right to object to marketing communications and other processing activities.

Contact Information:

If you want to exercise any of your rights, please contact the Data Protection Officer at:

The Data Protection Officer, AXA Health, International House, Forest Road, Tunbridge Wells, Kent, TN2 5FE or email: data.protection@axahealth.co.uk

Compliance and Security:

AXA Health is committed to protecting personal information through adequate security measures and compliance with data protection laws.

Errors & Omissions

If you believe that there is an error in any of the information that you have submitted via this website, please email: webmaster@axahealth.co.uk. We will review your records as soon as possible.

Information about Children

We do not intentionally collect any information via this website from children under 16 years of age. We will delete the details when a parent or guardian notifies us that details have been provided by their child, unless the information was collected in connection with a membership claim.

Additional Information

We’ll amend this summary from time to time. For this reason, it is valid for a period of 1 day from the date you viewed it. We recommend that you read this statement and the full privacy policy regularly.