We Gill Insurance and Finance Consultants Ltd (also referred to as “we”, “us”, or “our”) are a registered company in England (Company no. 3936940). Our registered address is 78 Tavistock Street, Bedford MK40 2RP.
This Notice is designed to help you understand what kind of information we collect in connection with our products and services and how we will process and use this information. In the course of providing you with products and services we will collect and process information that is commonly known as personal data.
This Notice describes how wecollect, use, share, retain and safeguard personal data.
This Notice sets out your individual rights; we explain these later in the Notice but in summary these rights include your right to know what data is held about you, how this data is processed and how you can place restrictions on the use of your data.
Personal data is information relating to an identified or identifiable natural person. Examples include an individual’s name, age, address, date of birth, their gender and contact details.
Personal data may contain information which is known as special categories of personal data. This may be information relating to an individual’s health, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic and biometric data, or data relating to or sexual orientation.
Personal data may also contain data relating to criminal convictions and offences.
For the purposes of safeguarding and processing criminal conviction and offence data responsibly, this data is treated in the same manner as special categories of personal data, where we are legally required to comply with specific data processing requirements.
In order for us to arrange and administer insurance for you we will collect and process personal data about you. We will also collect your personal data where you request information about our services, customer events, promotions and campaigns.
We may also need to collect personal data relating to others in order to arrange and administer insurance. In most circumstances, you will provide us with this information. Where you disclose the personal data of others, you must ensure you are entitled to do so.
You may provide us with personal data when completing online quote or contact forms, when you contact us via the telephone, when writing to us directly or where we provide you with paper based forms for completion or we complete a form in conjunction with you.
We will share your personal data within our [firm, group of companies, business, including affiliates, subsidiariesand with business partners. This is normal practice within the insurance industry where it is necessary to share information in order to place, quantify and underwrite risks, to assess overall risk exposure and to process claims. It is also necessary to determine the premium payable and to administer our business.
We also share personal data with authorised third parties, this is necessary where we are required to do so by law, where we need to administer our business, to quote for, source, place and administer your insurances including arranging insurance premium finance, to perform underwriting activities and to process claims. Some examples follow:
We may record your communications with us when contacting our customer care, complaints and other customer focused functions. We also collect personal data through the use of telematics or similar locational tracking services, where you have agreed to the use of this particular service.
A data ‘controller’ means the individual or organisation which, alone or jointly with others, determines the purposes and means of the processing of personal data.
A data ‘processor’ means the individual or organisation which processes personal data on behalf of the controller.
As a provider of insurance services, we will process the following categories of data:
If you object to the collection, sharing and use of your personal data we may be unable to provide you with our products and services.
For the purposes of meeting the Data Protection Act 2018 territorial scope requirements, the United Kingdom is identified as the named territory where the processing of personal data takes place.
If you require more information about our insurance processes or further details on how we collect personal data and with whom we share data with, please contact our (‘data privacy representative’) by e-mailing email@example.com
Wewill use your personal data for the performance of our contract with you, to quote for and provide you with insurance products and services, to process claims and renewals, to administer your policy and our business, to respond to any requests from you about services we provide and to process complaints. We will also use your personal data to manage your account, perform statistical analysis on the data we collect, for financial planning and business forecasting purposes and to develop new and market existing products and services – personalise as appropriate
We will use the special category and criminal conviction data we collect about you for the performance of our contract with you which is deemed to be necessary for reasons of substantial public interest. This allows us to quote for and provide you with insurance products and services, to process claims and renewals and to administer your policy.
In purchasing our products and services you should understand that you are forming a contract with us. If you contact us for a quote or request details on the services we provide, we consider ourselves as having a legitimate business interest to provide you with further information about our services.
In some situations, we may request your consent to market our products and services to you, to share your data or to transfer your data outside the European Economic Area. Where we require consent, your rights and what you are consenting to will be clearly communicated to you. Where you provide consent, you can withdraw this at any time by contacting our data protection officer.
Wewillretain your personal data at the end of any contractual agreement for a period of Five years. We will retain special category and criminal conviction data for a period of Ten years. Where you have submitted a claim, we will retain your data for a period of Three year if it is a non-injury claim; where an individual has been injured (physical and physiological), we will retain your data for Five Years. Where you have requested a quote, we will retain your personal data for Three Years where you have contacted us for details of our services and products, we will retain your personal data for Three Years. Where you make a complaint, we will retain the data for Five Years. Where you or law enforcement agencies inform us about any active investigation or potential criminal prosecution, we will comply with legal requirements when retaining this data – personalise as appropriate]
The retaining of data is necessary where required for contractual, legal or regulatory purposes or for our legitimate business interestsfor statistical analysis (profiling) and product development and marketing purposes.
Sometimes we may need to retain your data for longer, for example if we are representing you or defending ourselves in a legal dispute or as required by law or where evidence exists that a future claim may occur.
You should be aware that we use automated decision making (services/tools and techniques) to check for customer suitability to our products, for example we might perform a credit search to check an individual’s solvency and credit rating. We also analyse data to identify products and services that customers may be interested in, this is commonly known as profiling. You have the right to object to the use of profiling activities and the use of automated decision making (services/tools and techniques).
Please contact our data protection officer if you object to the use of, or you have any questions relating to the use of, your data, the retention of your personal data or the use of profiling and automated decision making services/tools and techniques. You can opt out of receiving marketing services by e-mailing firstname.lastname@example.org.
Wewill transfer your data to third parties based outside the European Economic Area. This is necessary for the purposes of administering out business and underwriting and claims processing purposes. Such parties are not permitted to use your personal data for any other purpose than for what has been agreed with us. These parties are also required to safeguard your personal data through the use of appropriate technical and organisational data security measures and are prohibited from disclosing or sharing your data with other third parties without our prior authorisation, or unless as required by law.
Please contactour data protection officer for a list of countries and organisations your personal data is transferred to and/or for further information on the measures undertaken to safeguard your data – delete or amend as appropriate
Individuals are provided with legal rights governing the use of their personal data. These grant individuals the right to understand what personal data relating to them is held, for what purpose, how it is collected and used, with whom it is shared, where it is located, to object to its processing, to have the data corrected if inaccurate, to take copies of the data and to place restrictions on its processing. Individuals can also request the deletion of their personal data.
These rights are known as Individual Rights under the Data Protection Act 2018. The following list details these rights:
Individuals can exercise their Individual Rights at any time. As mandated by law we will not charge a fee to process these requests, however if your request is considered to be repetitive, wholly unfounded and/or excessive, we are entitled to charge a reasonable administration fee.
In exercising your Individual Rights, you should understand that in some situations we may be unable to fully meet your request, for example if you make a request for us to delete all your personal data, we may be required to retain some data for taxation, prevention of crime and for regulatory and other statutory purposes.
You should understand that when exercising your rights, a substantial public or vital interest may take precedence over any request you make. In addition, where these interests apply, we are required by law to grant access to this data for law enforcement, legal and/or health related matters.
The flow of data within the insurance sector is complex and we ask you to keep this in mind when exercising your ‘rights of access’ to your information. Where we may be reliant on other organisations to help satisfy your request this may impact on timescales.
If you require further information on your Individual Rights or you wish to exercise your Individual Rights, please contact our data protection officer by e-mailing email@example.com or by writing to 78 Tavistock Street, Bedford MK40 2RP
We will take all appropriate technical and organisational steps to protect the confidentiality, integrity, availability and authenticity of your data, including when sharing your data within our firm, group of companies, business, including affiliates, subsidiariesand authorised third parties.
To comply with our legal obligations and to ensure data privacy and protection has appropriate focus within our organisation we have a Data Protection Officer who reports to our senior management team. The Data Protection Officer’s contact details are as follows:
Mr S Gill, 78 Tavistock Street, Bedford MK40 2RP
If you are dissatisfied with any aspect of the way in which we process your personal data please contact data protection officer. You also have the right to complain to the UK’s data protection supervisory authority, the Information Commissioner’s Office(ICO). The ICO may be contacted via its website which is https://ico.org.uk/concerns/, by live chat or by calling their helpline on 0303 123 1113.
If you have any questions regarding this Notice, the use of your data or your Individual Rights please contact our data protection officer at 78 Tavistock Street, Bedford MK40 2RP or by e-mailing firstname.lastname@example.org or by telephoning 01234 353168
What are cookies?
Cookies are small digital signature files that are stored by your web browser that allow your preferences to be recorded when visiting the website. Also they may be used to track your return visits to the website.
Where registration is required, the visitor's email and a username will be stored on the server.
Cookies may be used to enhance the visitor's experience when using the website and/or to enable a shopping basket system or features such as expanding menus. These session cookies expire after a browser session so would not be stored longer term. For this reason session cookies may sometimes be considered less privacy intrusive than persistent cookies. They are sometimes known as benign cookies.
We do not sell, trade, or rent Users personal identification information to others. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above. We may use third party service providers to help us operate our business and the website or administer activities on our behalf, such as sending out newsletters or surveys. We may share your information with these third parties for those limited purposes provided that you have given us your permission.
E-mail may be sent to inform you of news of our services or offers. You will always be given the chance to opt out of any periodic mailings.
If you have subscribed to one of our email services, you may unsubscribe by following the instructions which are included in e-mail that you receive.
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our website.
Our website operates on a secure linux server which is updated on a daily basis with any operating system updates or security patches that need applying.
Users may find advertising or other content on our website that links to the websites and services of our partners, suppliers, advertisers, sponsors, licensors and other third parties. We do not control the content or links that appear on these websites and are not responsible for the practices employed by websites linked to or from our website. In addition, these websites or services, including their content and links, may be constantly changing. These websites and services may have their own privacy policies and customer service policies. Browsing and interaction on any other website, including websites which have a link to our website, is subject to that website's own terms and policies.
You may be able to block cookies via your browser settings but this may prevent you from access to certain features of the website.
If a page of our website contains a link to the Google Analytics tracking code we are using Google, as a third party vendor of visitor logging.
These cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The cookies collect information in an anonymous form, including the number of visitors to the website, where visitors have come to the website from and the pages they visited.
We do not share personal data with Google.
By using this website, you signify your acceptance of this policy and terms of service. If you do not agree to this policy, please do not use our website. Your continued use of the website following the posting of changes to this policy will be deemed your acceptance of those changes.