One Direct (Ireland) Limited trading as An Post Insurance (“An Post Insurance, we, us, our”) is committed to respecting and protecting your privacy and would like you to feel safe when you give us your personal details. We will always clearly identify ourselves in correspondence and on our website. Prior to you entering into a contract of Insurance with one of our underwriters (as listed on our Terms of Business), and for marketing purposes, An Post Insurance is a controller of your data along with, if you become a customer, the underwriter of your policy.

Controller details: An Post Insurance, Athlone Business Park, Athlone, Co. Westmeath, N37 EF40
Data Protection Officer details: If you have any queries on your personal data being processed by

An Post Insurance, please contact our Compliance Team at the above address, or email [email protected]

This Privacy Notice explains how we will manage your Personal Data, how and why we use it, and how you may contact us if you have a query about Personal Data that we hold about you.

Data Protection Law and Principles

Data Protection in Ireland is governed by the EU regulation (EU) 2016/679 (known as the GDPR) and the Data Protection Act, 2018 (as amended).  The GDPR lays down Principles that must be followed by a controller or processor when processing personal data.

Definitions

References to “We” “Us” “Our” means One Direct (Ireland) Limited trading as An Post Insurance.

Personal data means any information which An Post Insurance has or obtains or which you provide to us, such as your name, address, email address, telephone number(s) and date of birth, from which you can be directly or indirectly personally identified, and may include information such as identification, policy and reference numbers, IP addresses and online identifiers, depending on the manner in which we interact.  Some of this Personal Data may be sensitive or “Special Category” Personal Data, the definition of which includes data revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation. We may also process personal data including data relating to criminal convictions where we have been made aware of these. Where we do so, this will be for the purpose of the Insurance contract and will be in accordance with the Data Protection Act 2018.

Where we need to process your Personal Data in connection with your application for an insurance product provided by An Post Insurance, or where we have a legal obligation to collect certain Personal Data relating to you, we will not be able to provide you with the insurance product which you have requested if you do not provide this information to us.

We may also collect certain statistical and other analytical information collected on an aggregate basis relating to all visitors to our Website. This Non-Personal Data comprises information that cannot be used to identify or contact you, such as demographic information regarding browser types, mobile device equipment, mobile network and other anonymous statistical data involving the use of our Website. We collect this information to help us monitor traffic and enhance your experience of our Website.

Collection of Personal Data and Purposes of Processing

An Post Insurance may collect information and will keep the information you provide about yourself and about third parties when you apply for our products, request a call back or quotation, or enter our promotions.

We will obtain some of your Personal Data directly from you, such as when you complete an Insurance quotation, or where you choose to give us Personal Data through online feedback forms. 

We may also obtain some of your information indirectly, from a variety of sources, for example, if you provide your details to a third party for the purpose of that third party providing your details to An Post Insurance in order for us to contact you in relation to an insurance quotation.  We also obtain information relating to you from other sources, such as our Insurers, address and industry databases, law enforcement, regulatory bodies and authorities, other insurance and distribution parties, financial services companies, and governmental authorities.

We may process your data for the purpose of performing a contract you have entered into or may wish to enter into with An Post Insurance, and for compliance with our legal obligations relating to same, as follows:

• In relation to a service you have requested;
• In order to provide you with an insurance quotation that meets your needs;
• In order to facilitate an insurance contract between you, the data subject, and the underwriter of your insurance policy, including the ongoing administration and renewal of the policy;
• to contact you if required in connection with, or to deal with queries, including queries that you make through our website or social media, complaints, or suggestions in relation to, the services we provide to you, and your insurance quotation and/or policies; and
• To process refunds and payments;
• To compile and process your information for audit, statistical or research purposes;
• For compliance with regulatory and legal requirements;
• In relation to a promotion you have entered;
• For internal record keeping;
• To protect your vital interests.

If you have given your explicit consent for a type of processing, such as for direct marketing purposes or sharing your data with a third party, we may process your data for this purpose.  You are entitled to withdraw this consent at any time.

• We may also process your personal data where we have a legitimate interest to do so, subject to those interests not over-riding your fundamental rights and freedoms. This includes:
• for day to day operational and business purposes, including board and group reporting and management purposes;
• taking advice from our external legal and other advisors;
• to help us improve our services and systems, and to improve your experience on our web and online services;
• to provide you with information in relation to An Post Insurance and certain selected third parties, where we are permitted to do so;
• in deciding what marketing information to send to you and to make it more relevant to you;
• where necessary to establish, exercise or defend An Post Insurance legal rights or for the purpose of legal proceedings;
• to notify you about certain benefits you can avail of;
• to conduct marketing research and statistical analysis to improve our services and products;
• to protect our business, reputation, resources, and equipment, manage network and information security and prevent and detect fraud, dishonesty, and other crimes;
• for quality assurance, verification, training and monitoring staff; and
• for such other purposes as were notified to you at the time you provide the information to us.

Call Recordings

An Post Insurance may record telephone calls to and from us to process applications, and for training, verification, quality, and financial service transaction monitoring purposes. Call recordings will generally be retained for a period of 10 years.

CCTV Capture

An Post Insurance records CCTV footage to monitor the internal and external environs of the An Post Insurance premises in Athlone Business Park, Athlone, Co Westmeath (the “Premises”). Any personal data which is obtained by An Post Insurance as a result of the operation of the CCTV system is treated in accordance with Data Protection Legislation.  

CCTV systems are installed both internally and externally at the Premises for the following legitimate business purposes of An Post Insurance:

• Security and prevention of crime. For the purpose of ensuring the health and safety of staff and customers, enhancing security of the Premises and the associated equipment and for the detection and investigation of crime, the apprehension and prosecution of offenders and the protection of property.
• Promotion of safety and customer service.
• Ensuring public and staff safety, investigating accidents and near misses and dealing with customer complaints about service.

CCTV Retention

Typically, data will be retained for no longer than is necessary for the purpose for which it is collected, or as required or permitted for legal, regulatory, fraud prevention and/or legitimate business purposes. In general, data recorded on CCTV is retained for no longer than 31 days. It will be retained for longer periods where required in connection with criminal investigations, or where An Post Insurance requires the data in connection with legal proceedings or has a legal obligation to retain the data for a longer period.  

Recipients or categories of recipients of your personal data:

We will use the personal data you provide us to administer the products and services we supply to you and any future agreements we may have with you. For this purpose, information may be shared in confidence with employees, agents, service providers, regulatory bodies and authorities, underwriters who quote and provide your policy, other insurance and distribution parties, financial services companies, governmental authorities, third parties involved in court action, and as required by law. To assist in preventing, detecting and/or protecting our customers and ourselves from theft and fraud, if we suspect fraud we will record this and may share your information with other insurance and distribution parties. For the purpose of providing you with the most competitive and suitable quotation, we may share your personal information with our product providers, as outlined in our Terms of Business.

If you have an insurance policy with us, are a joint proposer or a named driver of an An Post Insurance policy, your personal data may be shared with the policyholder, joint proposer, and in certain circumstances, a named driver on the policy. This will be to assist in the administration of the policy. 

In addition, where you have given us your explicit consent for us to do so, we may also share your data with a third party, for example, in order for that party to contact you as agreed with you. When we are obtaining your consent for this, we will make it clear to you who the third party is on each occasion.

In any case where we are acting on our own behalf and we share your Personal Data with a third party data controller, the use by that third party of your Personal Data will be subject to the third party’s own privacy policies.

When you visit our website, you are accepting this Privacy Notice.  We are not responsible for the content or privacy practices of other websites that may link to or be linked to from the An Post Insurance website.  Any external links to other websites are clearly identified as such. 

In cases where we are acting on behalf of a different data controller, we will act only on their instructions in relation to processing your Personal Data.  In these cases, it is that third party which is responsible to you for complying with your rights in relation to your Personal Data.  If you send any request to us to exercise your rights, we will send it on to the data controller as soon as possible.

International transfers

Personal Data may be transferred outside of Ireland in connection with your use of An Post Insurance where you have explicitly consented, and / or as otherwise required or permitted by law. 

Many of the countries will be within the European Economic Area (the “EEA”) or will be countries which the European Commission has approved and will have data protection laws which are the same as or broadly equivalent to those in Ireland. 

However, some transfers may be to countries which do not have equivalent protections, and in that case, we will use reasonable efforts to implement contractual protections for the Personal Data. While this will not always be possible where we are required to transfer the Information in order to comply with and perform our contract with you or where we have a legal obligation to transfer the Personal Data, any transfers will be done in accordance with applicable data protection laws, including through the implementation of appropriate or suitable safeguards in accordance with such applicable data protection laws.

Retention of your personal data:

The Underwriter of your policy (insurance company) is also a Data Controller in relation to your personal information. You should also read their Data Protection Notice to determine how long they will keep your personal information.

Information submitted for a quotation may be retained for up to 18 months on our systems. By obtaining a quotation from us, you are consenting to your personal data being held for this period. However, if you would like us to delete your quotation which you have not proceeded to purchase, you can contact us to do so, and where your quotation is not linked to an active policy you hold with us, we will delete your quotation at your request.

The period we retain your personal data for may be extended where you have consented to future contact for marketing purposes, where you hold or have previously held another policy and/or where you contact us in relation to your client profile or where there is recent activity in relation to any product on your client profile.

Where you purchase a product from us, information will be held for the duration of your insurance cover and for at least six years after our relationship ends in order to comply with applicable laws and regulations and for use in connection with any claims.

Call recordings are generally retained for 10 years, and CCTV footage is generally retained for no more than 31 days. 

Your rights:

You have various rights in relation to your personal information, including:

• the right to request access to your personal information;
• the right to correct any mistakes on our records (rectification);
• the right to erase or restrict records where they are no longer required;
• the right to ask not to be subject to automated decision making if the decision produces legal or other significant effects on you;
• the right to object to processing;
• the right to opt out of any profiling we conduct on you;
• the right to move certain data to other providers (data portability); and
• where we rely on your explicit consent as our legal basis for processing your personal data you have a right to withdraw this consent at any time.

If you wish to exercise any of your rights listed above, please contact us.

If you have a complaint or concern about how we use your personal information, please contact us and we will attempt to resolve the issue as soon as possible. You also have the right to lodge a complaint with the Office of the Data Protection Commission, 6 Pembroke Row, Dublin 2, D02 X963, Telephone 01 765 01 00 or 1800 437 737, or at www.dataprotection.ie.

If you give us personal data about someone else, you are confirming that you will explain to them that you have given us their personal data. You are also confirming that they understand their data will be processed in the ways set out in this statement.

Use of Cookies

A cookie is a small piece of information which is transferred to your computer’s hard disk from a website.  Cookies can store information about your preferences and other information which you need when you visit a website.

We use cookies to help us to improve our online services and our website and to deliver a better and more personalised service to you.  Please read our cookies policy for further information on our use of cookies.

Data we collect using non-essential cookies is used on the basis of your consent. We utilise Google Consent Mode to preserve and respect user choices around privacy and cookies. This receives users' consent choices from our cookie banner and dynamically adapts the behaviour of Analytics, Ads, and third-party tags that create or read cookies.

Profiling

Profiling means: “any form of automated process to evaluate certain personal aspects relating to a natural person, in particular to analyse or predict aspects concerning performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements”.

Any proposed analysis of information which An Post Insurance uses in relation to you, be that age, profession, socio-economic group etc., to determine what marketing should be targeted at you, may fall within this definition. 

There are two lawful bases which allow a data controller to profile your personal data.  One is where you give your consent to this profiling and the other where it is in the legitimate interest of the data controller to do so.

Where An Post Insurance acts as a data controller and wish to use its legitimate interest as a lawful basis to profile your data we will always carry out a Legitimate Interest Assessment (LIA) prior to using your data for profiling purposes.  This LIA will balance your rights against the rights of An Post Insurance and will always check that such profiling does not have a significant adverse effect on you.

Marketing

Where you have agreed to receive marketing material from An Post Insurance and the An Post Group of companies, we will use this information to contact you with news and special offers from An Post Insurance and the An Post Group of companies.

You will always be asked for your consent to receive marketing communications from An Post Insurance.  This consent will generally be in the form of a tick-box on our website, or we will ask for your consent over the phone.  This consent is in addition to any consent for Profiling purposes or in addition to profiling where it is in our legitimate interest to do so.

Each time we send you direct marketing information, we will give you the option to change your mind about receipt of marketing.  If at any time you’d like to withdraw consent to receive information from us about our products/services or those of the An Post Group of Companies please let us know by phone, letter, email or through our website.

Where you choose to give us Personal Data, such as where you enter your details into our website forms, we may use this information to send you an acknowledgement e-mail and to provide you with the information you have requested.

We may also send you subsequent emails, SMS messages or contact you by phone to follow up on your initial query.

An Post - Post Office Referrals:

Where you provide Personal Data at the counter in a Post Office in order to receive information about any An Post Insurance products, we will use these details to send you e-mails, SMS messages or contact you by phone in relation to the initial data collection.

Automated Decision Making

Our underwriters carry out automated decision-making to decide whether we can provide insurance to you and on what terms. In particular they use an automated underwriting engine and algorithms to provide or assist with providing, quotes including the premium that will apply to your policy of insurance, using the information we have collected. They use automated decision making as it is necessary for entering into, or performance of your policy between you as the data subject and the underwriter of your policy as data controller, and other uses such as authorised by law.

Online Information

When you browse through our website our web servers collect data which relates to your visit such as:

• What pages you have viewed;
• Certain interactions you have had on those pages;
• The number of times you may have visited a particular page; or
• The amount of time you may have spent on certain pages.

In some cases, the data we collect will be anonymous and it will simply tell us what pages have received the most activity and are of particular interest to our customers in general.

We will mostly do this work ourselves however sometimes we will use Google Analytics or other third-party Analytics specialists to assist us. This work will always be carried out responsibly. The data we collect from all our distribution channels enables us to provide you with a better customer experience by developing a wider understanding and appreciation of our customer base. Where we have identified you specifically we can offer you a more bespoke user experience and assist you with any customer service issue you may have.

We analyse the information that we collect and hold on you from all our distribution channels in order to better understand your behaviour, our relationship with you and our market position. Our analysis helps us to offer you products and services we believe will appeal to you.

We may provide third-party partners with trend reports. We compile these reports at an aggregated and anonymised level. An Post Insurance will never share data at an individual personal level or any information that personally identifies you as a customer (such as your name) in these reports unless we have an appropriate legal basis to do so and have appropriate contractual terms in place with the provider.

Data security

An Post Insurance’s intent is to strictly protect the security of your personal information; honour your choice for its intended use; and carefully protect your data from loss, misuse, unauthorised access or disclosure, alteration, or destruction. We have taken appropriate steps to safeguard and secure information we collect online, including the use of encryption when collecting or transferring sensitive data.

However, you should always take into consideration that the internet is an open forum, and that data may flow across networks with little or no security measures, and therefore such information may be accessed by people other than those you intended to access it.

Privacy Notice Review and Update

This Privacy Notice will be reviewed and updated annually by the An Post Insurance or more frequently if necessary to ensure that any changes to An Post Insurance’s organisation structure and business practices are properly reflected in this Privacy Notice.

Last Updated: January 2026

Some of the below are redirected links to third-party websites. These are websites operated by our underwriters. When you click on these links you are subject to the terms and conditions of that site.

• AIG Privacy Notice
• Aviva Privacy Notice
• FBD Privacy Notice
• Allianz Privacy Notice
• ARAG Privacy Notice
• Keycare Privacy Notice
• Cover-More Blue Privacy Notice
• New Ireland Privacy Notice
• Chubb Ireland Privacy Notice

Your Rights in Relation to Your Personal Data

You have a right to request a copy of the personal data we hold about you. 

How Do I Request a Copy of My Personal Data?

There is no particular form that you must use for your request. However, we recommend that you provide as much detail as possible in your correspondence with us so that we can deal with your query promptly and efficiently.  

When you’re making the request please provide us with your name, address, date of birth and any policy numbers that you have. If there is something in particular you are looking for, please specify this. 

You may be asked to provide proof of identification and / or additional information in order to validate your identity when making such a request. Please note that we have the right to require that you identify yourself before we will respond to any access request. 

If you make a request by email, the information requested will be provided to you in electronic form (where possible), unless you request otherwise. If you wish to receive the information in a particular format (e.g. paper copy or electronic where possible) this should be stated in your request.

Article 15 (4) of the GDPR states that the right to obtain a copy of your personal data undergoing processing should not negatively impact the rights and freedoms of others.  This means that An Post Insurance will remove all references to other parties and only provide you with a copy of your own personal data.
 
All requests are free, unless we think your request is manifestly unfounded or excessive in nature. 

Who Do I Send My Request to

You can send your request to our Compliance Department:

• by email at [email protected]; or

• by post at An Post Insurance Athlone Business Park, Athlone, Co. Westmeath, N37 EF40

Ensuring to provide us with your name, address, date of birth, any policy numbers that you have and if there is something in particular you are looking for, please specify this. 

How Long Will It Take for An Post Insurance to Respond to My Access Request?

Once we have received your request and are satisfied as to your identity, address and / or email address (as relevant) we will respond to you within one month.

This period may be extended in exceptional circumstances, and we will inform you within one month where the extended period applies to you, along with an explanation of the reasons for the extension.  

Please note that if we receive an additional request within 12 months, we will issue you with any updated personal data held since your most recent request. 

Your Other Rights

For information in relation to your other rights under applicable data protection laws see our Privacy Notice.

If you are not satisfied with the outcome of your access request, you have the right to lodge a complaint with the office of the Data Protection Commission at www.dataprotection.ie or Telephone (01) 765 01 00 

Last Updated: August 2025