The privacy and security of your information is important to us. This notice explains who we are, the types of information we hold, how we use it, who we share it with and how long we keep it. It also informs you of certain rights you have regarding your personal data under current data protection law. We will update this notice as required and at least annually . Therefore, we suggest you revisit this notice periodically to keep yourself informed.
The terms used in this Fair Processing Notice are based on those used by the Information Commissioner’s Office. You can find out more about the ICO here: https://ico.org.uk/.
Thames Underwriting, part of Ardonagh Advisory, is the Data Controller of the information you provide us and is registered with the Information Commissioner’s Office for the products and services we offer.
You can contact us for general data protection queries by email to email@example.com or in writing to The Ardonagh Advisory Data Protection Officer, Suite P The Octagon, Colchester, CO1 1TG. Please advise us of as much detail as possible to comply with your request.
For further information about the Ardonagh Group of companies please visit http://www.ardonagh.com/about-us/business-portfolio. Please note that different parts of the group may have different data protection officers.
To enable us to provide you with the products or services to meet your needs we will collect personal information which may include your name, telephone number, email address, postal address, occupation, date of birth, additional details of risks related to your enquiry or product and payment details (including bank account number and sort code). Some of these details may also be required about other individuals who will benefit from the product or services we provide. In some of our call centre operations we may routinely record telephone conversations.
We may need to request and collect sensitive personal information such as details of convictions or medical history for us to provide you with the product or service or to process a claim.
Depending on the policy provided we may require:
|Individual details||Name, address (and proof of address), other contact details (e.g. email and telephone details), gender, marital status, family details, date and place of birth, employer, job title and employment history, relationship to the policyholder, insured, beneficiary or claimant.|
|Identification details||Identification numbers issued by government bodies or agencies, for example social security or national insurance number, passport number, tax identification number, and driver’s licence number.|
|Financial information||Payment card number, bank account number and account details, income and other financial information.|
|Insured risk||Information about the insured risk, which may contain Personal Data.|
|Health data||Current or former physical or mental medical conditions, health status, injury or disability information, medical procedures performed, relevant personal habits (e.g. smoking or consumption of alcohol), prescription information, medical history.|
|Criminal records data||Criminal convictions, including driving offences.|
|Other Special Categories of Personal Data||Racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning an individual’s sex life or sexual orientation.|
|Policy information||Information about the quotes individuals receive and the policies they obtain.|
|Credit and anti-fraud data||Credit history and credit score, information about fraud convictions, allegations of crimes and sanctions details received from various anti-fraud and sanctions databases, or regulators or law enforcement agencies.|
|Previous claims||Information about previous claims, which may include photographs, video, health data, criminal records data and other special categories of Personal Data.|
|Current claims||Information about current claims, which may include photographs, video, health data, criminal records data and other special categories of Personal Data.|
|Marketing data||This may be based on our legitimate interests or consent. You can object or withdraw consent by contacting us.|
|Website and communication usage||Details of your visits to our websites and information collected through cookies and other tracking technologies, including, but not limited to, your IP address and domain name, your browser version and operating system, traffic data, location data, web logs and other communication data, and the resources that you access.|
We only collect and process sensitive personal data where it is critical for the delivery of a product or service and without which the product or service cannot be provided. We will therefore not seek your explicit consent to process this information as it is required by us to provide the product or service you have requested and is legitimised by its criticality to the service provision. If you object to the processing of this information, then we will be unable to offer you that product or service. Where you have given consent for the processing of your data, you may withdraw that consent at any time.
Please note that typically we process data on the legal basis that it relates to a contract of insurance, or a contract to provide you with risk advice, so the right to erasure, which does not apply to personal information processed for a contractual purpose, will not be applicable in many instances.
However, we may also collect personal data for marketing purposes from publicly available sources or product development purposes where it is in our legitimate interests to do so.
All policies arranged by us are administered through other regulated insurance intermediaries. Most of your personal information is provided by you to these intermediaries who pass the information on to us. We may collect your personal information from 3rd party sources, for example credit reference agencies, sanctions search tools, due diligence providers, claims handlers, publicly available information, social media, survey companies who have visited your business, law enforcement, and other insurance market participants.
We will use your personal data for the purposes set out in the table below.
|Purpose for which we may process your data||Legal basis for processing this data|
|Assess and provide the products or services that you have requested; this may include a search with a credit reference bureau, or data enrichment services||Processing in connection with a contract|
|Communicate with you to provide our services, including risk advice||Processing in connection with a contract|
|Develop new products, systems and services||Legitimate interests|
|Undertake statistical and risk analysis||This will be on a legitimate interested basis unless we conduct specific work for you on a contractual basis|
|Marketing and self-promotional activity||Legitimate interests|
|Support monitoring and quality management of our employees and processes||Processing in connection with a contract|
Your personal data is required at various stages of the insurance lifecycle as detailed below:
|Stage||How the data is used|
|Quotation||Setting you up as a client, including possible fraud, sanctions, credit and anti-money laundering checks; evaluating the risks to be covered and matching to the appropriate policy and premium.|
|Policy administration||Client care, including communicating with you and sending you updates; payment of premium; and when arranging surveys.|
|Claims handling||Managing claims; defending or prosecuting legal claims; investigation or prosecuting fraud|
|Renewals||Contacting the insured, or their intermediary to renew the insurance policy; evaluating the risks to be covered and matching to appropriate policies; payment of premium.|
|Other||Complying with our legal or regulatory obligations; general risk modelling; transferring books of business, company sales & reorganisations|
The above is a summary of the uses of your information. Detailed guidance can be obtained from the London Insurance Market Core Uses Information Notice accessible here which includes details on how this information is shared between market participants. We recommend you review this notice.
During the course of our processing we may also take the opportunity to:
From time to time we may use your information to provide you with details of marketing or promotional opportunities and offers relating to other products and services from other companies in the Ardonagh Group, subject to relevant marketing regulations and permissions.
From time to time we will need to call you for a variety of reasons relating to your products or service (for example, to update you on the progress of a claim or to discuss renewal of your insurance contract). We are fully committed to Ofcom regulations and have strict processes to ensure we comply with them.
To ensure the confidentiality and security of the information we hold, we may need to request personal information and ask security questions to satisfy ourselves that you are who you say you are.
We may aggregate information and statistics for developing new and existing products and services, and we may also provide this information to third parties. These statistics will not include information that can be used to identify any individual. Any new information you provide us may be used to update an existing record we hold for you.
We have implemented mandatory security procedures in the storage and disclosure of your personal information in line with industry practices, including storage in electronic and paper formats.
We store all the information that you provide to us, including information provided via forms you may complete on our websites, and information which we may collect from your browsing (such as clicks and page views on our websites).
We also require our business partners, suppliers, and third parties to implement mandatory security procedures that are equivalent to our own, to protect your information from unauthorised access, use, and disclosure.
To help us prevent financial crime, your details may be submitted to fraud prevention agencies and other organisations where your records may be searched, including the Claims and Underwriting Exchange (CUE) and the Motor Insurers Anti-Fraud and Theft Register (MIAFTR).
In addition to companies within the Ardonagh Group, third parties (for example insurers, loss adjustors or data enrichment services, credit lenders or claims management companies) deliver some of our products or provide all or part of the service requested by you. In these instances, while the information you provide will be disclosed to these companies, it will only be used for the provision and administration of the service provided (for example verification of any quote given to you or claims processing, underwriting and pricing purposes or to maintain management information for analysis).
We, or our partners, may make searches of your credit history.
We may use firms involved in financial management regarding payment.
We may also share your data with other companies who carry out market research on our behalf and who may contact you for the purpose of obtaining feedback on the products and services we offer.
We may share contact information within The Ardonagh Group of companies to assist in providing you with risk advice and keeping you informed about additional products and services. For more information on the companies within the Ardonagh Group, please click here http://www.ardonagh.com/about-us/business-portfolio.
The data we collect about you may be transferred to, and stored at, a destination outside of the European Economic Area (“EEA”). It may also be processed by staff operating outside of the EEA who work for us or for one of our suppliers. Such staff may be engaged in, amongst other things, the provision of information you have requested. Whenever we send information outside of the EEA, we will ensure that we have taken the appropriate steps to do so in a manner compliant with the relevant data protection legislation.
We may of course be obliged by law to pass on your information to the police or other law enforcement body, or statutory or regulatory authority including but not limited to the Employer’s Liability Tracing Office (ELTO) and the Motor Insurance Bureau (MIB).
We may also share your information with anyone you have authorised to deal with us on your behalf.
If we provide information to a third party, we will require it and any of its agents and/or suppliers to take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Fair Processing Notice.
We will not keep your personal information longer than is necessary for the purpose for which it was provided unless we are required by law or have other legitimate reasons to keep it for longer (for example if necessary to meet legal and regulatory obligations).
We will typically keep information for 6 years after termination or cancellation of a product, contract, or service we provide, or the closure of a claim or complaint. In certain cases, we will keep your information for longer, particularly where a product includes liability insurances or types of insurance for which a claim could potentially be made by you or a third party at a future date, even after your contract with us has ended.
There are a number of rights that you have under data protection law. Commonly exercised rights are:
Further details on the rights of the data subject can are available on the ICO website.
If you have any concerns about our use of your personal information, you can make a complaint to us by email to firstname.lastname@example.org or in writing to The Ardonagh Advisory Data Protection Officer, Suite P The Octagon, Colchester, CO1 1TG
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
Talk through an enquiry with an Underwriter
Email your presentation
Don’t miss out on our product updates, exclusive promotional offers and industry insights from Thames Underwriting.
Find us on linkedin