You acknowledge that by providing your personal data to us, you consent to its processing in the manners outlined below.
Admiral, Diamond, Bell, Elephant, Veygo, and First Car Quote are trading names of the data controller EUI Limited (Registered Number 02686904).
Gladiator and Admiral are trading names of the data controller Able Insurance Services Limited (Registered Number 02890075).
Admiral Law is a trading name of the data controller Admiral Law Limited (Registered Number 08023665).
EUI Law, Diamond Law, and Elephant Law are trading names of the data controller BDE Law Limited (Registered Number 08023674).
Admiral Loans and Admiral Car Finance are trading names of the data controller Admiral Financial Services Limited (Registered Number 10255225)
Confused.com is a trading name of the data controller Inspop.com Limited (Registered Number 03857130).
EUI Limited, Able Insurance Services Limited, Admiral Law Limited, BDE Law Limited, Admiral Financial Services Limited, and Inspop.com Limited, are each part of Admiral Group plc (Registered Number 03849958).
As part of our candidate application and recruitment process we will collect, process and store your personal data. We process this data for a range of purposes relating to the recruitment process and employment, and this may include your application, assessment, pre-employment screening, and your worker permissions. This document sets out to explain:
In order to manage your application and employment, we need to process certain personal data about you. We only process your data as necessary for the purposes of progressing your application, employment, or as required by law or regulatory requirements.
We may process your personal data in order to conduct pre-employment screening including: qualifications and professional membership checks, Solicitors Regulation Authority (SRA) checking for those applying for employment in our Law firms or in a legal role, adverse information checks including open source searches, county court judgements, financial checks, anti-fraud checks, financial sanctions checks, criminal background checks, penalties for tax evasion.
Here are some examples of the type of personal data we may process. There’s a full list in the schedule at the end of this notice.
During the process we also capture some sensitive personal data about you (e.g. disability information). We do this in order to make reasonable adjustments to enable our candidates to apply for jobs with us, to be able to take online/telephone assessments, to attend interviews/assessment days, to prepare for starting with us (if successful) and to ensure that we comply with regulatory obligations placed on us with regard to our hiring. We may also indirectly collect other special category personal data during the course of any fraud investigations
Examples of special category personal data we may collect include:
We will need to share your personal data internally (in the country where you may work, and also in other countries in which we have central operations where you are applying for a role based outside the UK) and may be required to share it with some external parties or associates of the company. Your data will only be shared if it is necessary or required (for example in order to carry out pre-employment screening).
The recruitment process will involve:
To enable these processes your personal data may be shared internally, but the data shared is limited to what is required by each individual to perform their role in the recruitment process.
Your personal data may be shared internally with the following people:
We may also need to share your information with certain external third parties including:
We would like to bring to your attention our obligations to disclose data in the following four exceptional cases permitted by law:
Our HR and Recruitment systems are protected to ensure that unauthorised or unlawful processing of personal data, accidental loss or destruction of, or damage to, personal data does not occur. This is done in accordance with the Group Security Policy.
It may be necessary to transfer your personal data to other Group companies or service providers located outside of the European Economic Area. The data protection and other laws of these countries may not be as comprehensive as those in the UK or the EEA - in these instances we will take steps to ensure that your data is given an equivalent level of protection as it is in the EEA.
Your personal data will be retained in accordance with the Group Records Management Policy.
Your cookie preferences
Managing, Disabling And Enabling Cookies
You have the ability to accept or decline cookies from any website by modifying the settings in your browser. If you wish to restrict or block the cookies which are set by our website, you can do this through your browser settings. For information about how to manage and disable cookies you can use the 'Help' function within your browser or please visit www.aboutcookies.org or www.allaboutcookies.org. However, please note that by deleting or disabling cookies this could affect the functionality of our website and you may not be able to access certain areas or features of our site.
To opt out of being tracked by Google Analytics across all websites click here.
You have a number of rights as a data subject. Please note that these rights do not apply in all circumstances.
Request your data
In order to access the data we hold about you, you need to make a ‘Subject Access Request’, or SAR. To make a SAR please email us at:
or write to us at:
People Services – Governance Team
Subject Access Request
Cardiff CF10 2AA
Please note that if your SAR involves the personal data of other people, or you are making a request on behalf of someone else (such as a parent on behalf of their child), we may need identification from these individuals, as well as a signed letter of authority from them confirming that they are happy for you to act on their behalf and for us to release their data to you.
Once we have received your written request and confirmed your identity, we will have 30 calendar days to fulfil your request. Where for some reason this will not be possible, for instance due to large volumes of data being involved, we are permitted by law to take up to an additional 30 days to fulfil your request. Where any such delay is anticipated we will inform of you this as soon as possible along with details of when we expect to be able to provide you with the requested documentation.
For more details on these rights and how to exercise them, please contact:
PSGovernanceteam@admiralgroup.co.uk If you have any queries about your rights, or believe that they have not been met by Admiral Group plc or any of the companies within the group, please contact our Data Protection Officer at:
or by writing to:
Data Protection Officer
Admiral Group plc
Cardiff CF10 2AA
If you have any complaints relating to the processing of your personal data, you also have the right to complain to the relevant Supervisor Authority. In the UK this is the Information Commissioner’s Office (ICO). They can be contacted at:
Information Commissioner’s Office
It is your responsibility to keep your personal data up to date so that accurate application records can be maintained. You can manage all of your applicant data by accessing and updating your profile on the applicant tracking system, Harbour / Onboarding.
As part of the selection process, we perform a number of screening checks on candidates who have been selected for a role. These checks are an important component of the Group’s overall approach to minimising the risk of criminal or terrorist activity and are a requirement under the Insurance Distribution Directive (IDD). The IDD is EU legislation which sets regulatory requirements for firms designing and selling insurance products. It aims to enhance customer protection when buying insurance. The IDD requires us to check the ‘good repute’ of employees ahead of them becoming involved in insurance distribution. It also states that checks should be undertaken on a periodic basis. The purpose of vetting is to verify the identity of the worker; to confirm that they have the requisite skills and experience to carry out their roles, and to establish that there are no legal issues or other matters that indicate that the Group may be unduly exposed to risk.
During the recruitment and application process, you will be asked to provide various information and supporting documents to enable us to complete these checks both prior to employment and on an ongoing basis during employment.
If you are recruited into what we consider a 'High Risk' role, or transfer into one during the course of your employment, then you will be subject to an enhanced level of background checking. If a professional qualification or Membership is required for your role this will also be checked.
We have legal and regulatory obligations to ensure that the people we employ can be relied upon to undertake their duties and handle information responsibly. We, therefore, ask questions about any prior civil or criminal proceedings you may have been subject to and conduct criminal record checks for all roles. Enhanced checks will be required for those candidates who are appointed to Regulated roles or roles considered by the organisation to be 'High Risk'.
We will undertake searches about you at credit reference agencies who will supply us with information that we may use in support of our recruitment decision. They supply us with both public information (including the electoral register), and shared credit and fraud prevention information. The agencies will record details of the search but will not make them available for use by lenders to assess your ability to obtain credit.
You can contact the CRAs currently operating in the UK; the information they hold may not be the same so it is worth contacting them all. They will charge you a small statutory fee.
The identities of the CRAs, and the ways in which they use and share personal information, are explained in more detail at:
In order to prevent and detect unlawful acts, fraud cases or dishonest conduct, all new employees are required as a term of their offer to agree to being checked against an anti-fraud database. This is currently CIFAS. The personal data you have provided / collected from you will be used to prevent fraud and other relevant conduct and to verify your identity. This is in order to protect ourselves, customers and to comply with laws that apply to CIFAS.
These checks will be carried out against both the Internal Fraud database and the National Fraud Database. All applicants are checked against these databases upon receipt of a job offer, and the checks are repeated on an annual basis for all employees. Any matches against the fraud databases will be reviewed by the People Services Department in conjunction with the recruiting manager (for new applicants) or the line manager (for employees) to assess potential risk according to the role applied for / being undertaken and could lead to engagement being refused or your existing engagement may be terminated or other disciplinary action taken. We may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime. CIFAS will hold your personal data for up to six years if you are considered to pose a fraud or relevant conduct risk.
A record of any fraudulent or other relevant conduct by you will be retained by CIFAS and may result in others refusing to employ you. Should CIFAS decide to transfer your personal data outside of the European Economic Area, they will impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the European Economic Area. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.
Your personal data is protected by legal rights, which include your rights to object to our processing of your personal data, request that your personal data is erased or corrected, and request access to your personal data. You also have a right to complain to the Information Commissioner’s Office which regulates the processing of personal data.
In order to comply with our legal and regulatory obligations in relation to anti-money laundering and financial sanctions restrictions, we will screen your name against global sanctions lists. The screening will simply involve searching our internal and third party databases to ensure you are not on a sanctioned list. We are not able to employ anyone on a sanctions list. In addition, in order to comply with our legal obligations relating to anti-bribery and corruption, we will also perform searches and ask questions to assess whether there is a potential bribery or corruption risk to the role based on your personal and political associations. If there is a risk we will look to assess what additional internal controls we need to put in place to reduce that risk.
All employees joining our Law firms or a legal role are required as a term of their offer to agree to being checked against SRA records to ensure that there are no findings against the individual that would prevent them working in a legal environment. A further SRA search will be performed annually against all current employees in one of our Law firms or a legal role.
Admiral Group owns and has a right to review all system usage and communications in accordance with compliance regulation and any other relevant legislation.
Email, phone calls and screen capture details may all be recorded, monitored and reviewed for compliance with Group policies. If you use the Group’s systems for personal use we cannot guarantee the privacy of your correspondence as it may be monitored.
CCTV is in operation across all Group sites. It is used for site security, staff monitoring purposes, and may be used in connection with disciplinary matters.
The Group’s entitlement to process your personal data is governed by a number of processing conditions. This means that we may rely on more than one of these conditions in order to process elements of your personal data throughout the recruitment process.
Employee Background Checking Policy
Acceptable Use Policy
Corporate Film and Photography Policy and Procedure
Sickness and Absence Policy
Phone Calls, Mobile Phones and other Electronic Devices
Social Media Policy
Group Records Management Policy
Employee Information Guide
* These categories of information might potentially include some special category personal data.
From time to time we may need to change the way we use your personal data. Where we believe you may not reasonably expect such a change we will inform you of the change(s) being made.