Javascript is required
logo-dastralogo-dastra

GDPR Data processing modelProcessing of Criminal Convictions and Offence Data for Insurance Purposes

PrivateInsurance
This processing covers the collection and use of offence and conviction data necessary for the conclusion, performance and management of insurance contracts, and for litigation and legal defence purposes.

Purposes (2)

A purpose is the objective pursued by the setting up of your file. It indicates what the processing of personal data will be used for, its purpose. This purpose must be clear and understandable

1
Collect and process data relating to offences, convictions or security measures
Only for the processing of personal data relating to the conclusion, management and performance of insurance, capitalization, reinsurance and assistance contracts.
Contract
Contractual necessity (Art. 6(1)(b) UK GDPR) + DPA 2018 Schedule 1, Part 2 (Insurance). Essential for underwriting and risk assessment.
2
Allow the insurance company to collect this information for litigation purposes
The collection will enable the company to ensure the establishment, exercise or defense of its legal rights or the defense of the persons concerned.
Legitimate interest
Legitimate Interests (Art. 6(1)(f) UK GDPR) + DPA 2018 Schedule 1, Part 2 (Legal claims). Processing required for legal claim management and defence.

Data categories (2)

Personal data is any information relating to an identified or identifiable natural person. A natural person can be identified either directly (eg surname and first name) or indirectly (eg phone number, social security number, email or postal address, but also voice or image)

Personal data

Data details

Language(s) spokenrequired
Interestsrequired
Situation and family composition of the household and, the identification of children taken into care within the framework of child protectionrequired

Data conservation rules

Active base:

For the duration strictly necessary for contract performance.

Intermediate archiving:

Up to 6 years post-contract or last contact

Aligned with UK statutory limitation periods for contract/tort.

Destruction

Follow-up to infringement report

Data details

Sentence requiredsensitive data
Prosecution required
Seizure or absence of seizurerequired

Data conservation rules

Active base:

For the duration of legal proceedings.

Intermediate archiving:

Retained up to 6 years after closure of proceedings

Destruction

Data subject (5)

A data subject is any person whose data is collected, retained or processed by the data processing. e.g. In a recruitement process, any candidate for a position proposed in recruitement management process

  • Witnesses
  • Insured persons
  • Policyholders and claimants
  • Beneficiaries
  • Other
Created at:07/08/2023
Updated on:07/25/2025
License: © Creative commons :
Attribution / Pas d'utilisation commerciale
CC-BY-NC AttributionPas d'utilisation commerciale
Nb using:0

Access the full processing template

Try Dastra now to access all of our data processing templates that you can customize for your organization.It's free and there's no obligation for the first 30 days (no credit card required)

Add to my data processings record
Subscribe to our newsletter

We'll send you occasional emails to keep you informed about our latest news and updates to our solution

* You can unsubscribe at any time using the link provided in each newsletter.