This is the privacy notice of Find Insurance NI (registration number: 064828) whose registered office is at 42-44 Spencer Road, Derry-Londonderry, BT47 6AA referred to as we, us or our in this privacy notice.
The purpose of this notice
This privacy notice is designed to help you understand what kind of information we collect in connection with our products and services and how we will process and use this information. In the course of providing you with products and services we will collect and process information that is commonly known as personal data.
This Notice describes how we collect, use, share, retain and safeguard personal data and sets out your individual rights; we explain these later in the Notice but in summary these rights include your right to know what data is held about you, how this data is processed and how you can place restrictions on the use of your data. This privacy notice relates to personal information that identifies you as a natural person (whether you are an actual or potential customer, an individual who browses our website or an individual outside our organisation with whom we interact). We refer to this information throughout this privacy notice as personal data or personal information and further detail of what this includes are set out in this privacy notice below. The privacy and security of your personal information is very important to us, so we want to assure you that your information will be properly managed and protected by us at all times. Please read this privacy notice carefully as it explains how we may collect and use your personal data. This privacy notice may vary from time to time so please check it regularly. This privacy notice was last updated December 2018.
What is personal data?
Personal data is information relating to an identified or identifiable natural person. Examples include an individual’s name, age, address, date of birth, their gender and contact details. Personal data may contain information which is known as special categories of personal data. This may be information relating to an individual’s health, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic and biometric data, or data relating to or sexual orientation. Personal data may also contain data relating to criminal convictions and offences.
For the purposes of safeguarding and processing criminal conviction and offence data responsibly, this data is treated in the same manner as special categories of personal data, where we are legally required to comply with specific data processing requirements.
Personal data we collect
In order for us to arrange and administer insurance for you we will collect and process personal data about you. We will also collect your personal data where you request information about our services, customer events, promotions and campaigns. We may also need to collect personal data relating to others in order to arrange and administer insurance. In most circumstances, you will provide us with this information. Where you disclose the personal data of others, you must ensure you are entitled to do so. You may provide us with personal data when completing online quote or contact forms, when you contact us via the telephone, when writing to us directly or where we provide you with paper based forms for completion or we complete a form in conjunction with you.
We will share your personal data within our firm, and with business partners. This is normal practice within the insurance industry where it is necessary to share information in order to place, quantify and underwrite risks, to assess overall risk exposure and to process claims. It is also necessary to determine the premium payable and to administer our business. We also share personal data with authorised third parties, this is necessary where we are required to do so by law, where we need to administer our business, to quote for, source, place and administer your insurances including arranging insurance premium finance, to perform underwriting activities and to process claims. Some examples follow:
• The insurers, other intermediaries and third-party service providers that we use for the purpose of arranging and administering your insurance policy. This may also include risk management assessors, uninsured loss recovery agencies, premium finance providers and other third parties involved (directly or indirectly) in the administration of your insurance and its associated benefits
• Firms that provide administration and processing services to us or on our behalf under contract in order to complete activities such as claims handling, IT systems and administrative services and other activities set out in this privacy notice, as well as support activities such as finance and auditing services
• Organisations that have a specific role laid out in law, such as statutory bodies, regulatory authorities and other authorised bodies
• Other organisations where we have a duty to or are permitted to disclose your personal information by law, for example if we received a valid request from the police or other third party organisation in the interest of preventing and detecting crime
• Fraud prevention agencies and operators of registers available to the insurance industry to check information and prevent fraud
• Credit reference agencies to check your credit history. This check will be recorded on your credit reference file without affecting your ability to apply for credit or other financial products
• Third parties we use to recover money you may owe us or to whom we may sell your debt
• Another company, if our business or part of it is bought or taken over by that company to make sure your insurance policy can continue to be serviced or as part of preliminary discussions with that company about a possible sale or take over
The information you share with us may be transferred by us or any of the types of firms or organisations we have noted above, to other countries in order for processing to take place, including locations outside of the UK and the European Union. We will only do so if there are adequate levels of protection in place as required by applicable data protection laws.
A data ‘controller’ means the individual or organisation which, alone or jointly with others, determines the purposes and means of the processing of personal data.
A data ‘processor’ means the individual or organisation which processes personal data on behalf of the controller.
As a provider of insurance services, we will process the following categories of data:
• Personal data such as an individual’s name, address, date of birth, gender, contact details and details of historic claims
• Special categories of personal data such as health and details on historic claims resulting in injury (physical and physiological)
• Data relating to criminal convictions and offences such as details of driving offences or insurance fraud
If you object to the collection, sharing and use of your personal data we may be unable to provide you with our products and services. For the purposes of meeting the Data Protection Act 2018 territorial scope requirements, the United Kingdom is identified as the named territory where the processing of personal data takes place. If you require more information about our insurance processes or further details on how we collect personal data and with whom we share data with, please contact our ‘data privacy representative’ by post to the above registered office.
Why do we need your personal data?
We will use your personal data for the performance of our contract with you, to quote for and provide you with insurance products and services, to process claims and renewals, to administer your policy and our business, to respond to any requests from you about services we provide and to process complaints. We will also use your personal data to manage your account.
We will use the special category and criminal conviction data we collect about you for the performance of our contract with you which is deemed to be necessary for reasons of substantial public interest. This allows us to quote for and provide you with insurance products and services, to process claims and renewals and to administer your policy.
In purchasing our products and services you should understand that you are forming a contract with us. If you contact us for a quote or request details on the services we provide, we consider ourselves as having a legitimate business interest to provide you with further information about our services.
In some situations, we may request your consent to market our products and services to you, to share your data or to transfer your data outside the European Economic Area. Where we require consent, your rights and what you are consenting to will be clearly communicated to you. Where you provide consent, you can withdraw this at any time by contacting our data privacy representative.
We will only store your data for as long as is necessary to comply with the requirements of your insurance contract(s) and any legal obligations or lawful processing conditions that may exist as a result. You have a number of rights concerning the personal information we use, which you may ask us to observe. In some cases, even when you make a request concerning your personal information, we may not be required, or be able to carry out your request as this may result in us not being able to fulfil our legal and regulatory obligations under the lawful processing conditions under which we hold your data or because there is a minimum statutory period of time for which we have to keep you information. If this is the case, we’ll let you know our reasons.
How we use your personal data and the lawful basis for doing so
|We may rely on one or more of the following legal bases when processing your personal data for the following purposes: Purposes for which we process your personal data||The basis on which we can do this (this is what the law allows)|
|In order to perform our contractual obligations to you. This would include our fulfilling your requests for insurance services (including obtaining insurance for you, fulfilling requests for mid-term adjustments and obtaining renewals)||The processing is necessary in connection with any contract that you may enter into with us|
|To administer your account, including financial transactions for insurance broking||The processing is necessary in connection with any contract that you may enter into with us|
|To assist in the prevention and reduction of fraud and other financial crime||The processing is necessary for us to comply with the law and our legal requirements|
|In the interests of security and to improve our service, telephone calls you make to us may be monitored and/or recorded||The processing is necessary to pursue our legitimate interest in the management and operation of our business|
|To let you know about similar products and services that may be of interest to you||The processing is necessary to pursue our legitimate interest in operating our business|
Special categories of data and criminal convictions
We may also need to collect special categories of data from you, such as information about health, in order to perform our contractual obligations to you. The lawful basis on which we can do this is that the processing is necessary for reasons of substantial public interest relating to insurance. We may also collect information on criminal convictions which we may share with third parties. The lawful basis on which we can do this is that the processing is necessary for reasons of substantial public interest relating to insurance.
Individuals are provided with legal rights governing the use of their personal data. These grant individuals the right to understand what personal data relating to them is held, for what purpose, how it is collected and used, with whom it is shared, where it is located, to object to this processing, to have the data corrected if accurate, to take copies of the data and to place restrictions on its processing. Individuals can also request the deletion of their personal data.
These rights are known as Individual Rights under the Data Protection Act 2018. The following list details these rights:
− The right to be informed about the personal data being processed;
− The right of access to your personal data;
− The right to object to the processing of your personal data;
− The right to restrict the processing of your personal data;
− The right to rectification of your personal data;
− The right to erasure of your personal data;
− The right to data portability (to receive an electronic copy of your personal data);
− Rights relating to automated decision making including profiling.
Individuals can exercise their Individual Rights at any time. As mandated by law we will not charge a fee to process these requests, however if your request is considered to be repetitive, wholly unfounded and/or excessive, we are entitled to charge a reasonable administration fee.
In exercising your Individual Rights, you should understand that in some situations we may be unable to fully meet your request, for example if you make a request for us to delete all your personal data, we may be required to retain some data for taxation, prevention of crime and for regulatory and other statutory purposes.
You should understand that when exercising your rights, a substantial public or vital interest may take precedence over any request you make. In addition, where these interests apply, we are required by law to grant access to this data for law enforcement, legal and/or health related matters.
The flow of data within the insurance sector is complex and we ask you to keep this in mind when exercising your ‘rights of access’ to your information. Where we may be reliant on other organisations to help satisfy your request this may impact on timescales.
If you require further information on your Individual Rights or you wish to exercise your Individual Rights, please contact our data privacy representative by writing to the above registered office.
Protecting your data
We will take all appropriate technical and organisational steps to protect the confidentiality, integrity, availability and authenticity of your data, including when sharing your data within our firm and authorised third parties.
Data Privacy Representative
To ensure data privacy and protection has appropriate focus within our organisation we have a Data Privacy Representative who reports to our senior management team. The Data Privacy Representative’s contact details are as follows: Colin Mullan, Managing Director.
If you have any questions or concerns about this privacy notice or your data protection rights, please contact us using our details set out at the beginning of this privacy notice.
If you are dissatisfied with any aspect of the way in which we process your personal data please contact the data privacy representative. You also have the right to complain to the UK’s data protection supervisory authority, the Information Commissioner’s Office (ICO). The ICO may be contacted via its website which is https://ico.org.uk/concerns/, by live chat or by calling their helpline on 0303 123 1113.
How to contact us
If you have any questions regarding this Notice, the use of your data or your Individual Rights please contact our data privacy representative using the details at the beginning of this privacy