Privacy Notice

This privacy notice sets out how we collect and process your personal data. This privacy notice also provides certain information that is legally required and lists your rights in relation to your personal data.

This privacy notice relates to personal information that identifies you as a natural person (whether you are an actual or potential customer, an individual who browses our website or an individual outside our organisation with whom we interact). We refer to this information throughout this privacy notice as personal data or personal information and further detail of what this includes are set out in this privacy notice below.

The privacy and security of your personal information is very important to us so we want to assure you that your information will be properly managed and protected by us at all times.  Please read this privacy notice carefully as it explains how we may collect and use your personal data.

This privacy notice may vary from time to time so please check it regularly.  This privacy notice was last updated on 1st August 2021.

How to contact us (Controller and contact details)

For the purposes of relevant data protection legislation, we are a controller of your personal data.  As a controller, we use (or process) the personal data we hold about you in accordance with this privacy notice.

If you need to contact us in connection with the use or processing of your personal data, then you can do so via compliance@jmginsurance.co.uk

What information we hold about you and where we obtain this from

The personal data that we collect about you may include the following information:

In addition, we may obtain certain special categories of your data (special categories of data) and data about criminal convictions, and this privacy notice specifically sets out how we may process these types of personal data. The special categories of data are data concerning health.

We collect your personal data from you as a controller when we obtain quotations for insurance for you, when we set up your policy for you and when we make changes to your policy for you. This may also involve the collection of data from or about others who are associated with you and your insurance policy such as other persons insured on your policies or your employees or representatives. By giving us information about someone else for the purpose of arranging insurance for them under your policy such as named driver, employee or travel companion etc. you confirm that you have their permission to do so and that you have shared this privacy notice with them.

By asking us to arrange a contract of insurance for you where this involves passing information to us relating to children, you confirm to us that in doing so you are the responsible guardian of the child.

We also collect information from publicly available sources and third party databases made available to the insurance industry for the purposes of reducing fraud and financial crime as well as any other third party databases where your personal data may be held, provided such third parties have lawful bases on which to share such personal data with us.

How we use your personal data and the lawful basis for doing so

Where we are relying on a basis other than consent

We may rely on one or more of the following legal bases when processing your personal data for the following purposes:

Purposes for which we process your personal data The basis on which we can do this (this is what the law allows)
In order to perform our contractual obligations to you. This would include our fulfilling your requests for insurance services (including obtaining insurance for you, fulfilling requests for mid-term adjustments and obtaining renewals) The processing is necessary in connection with any contract that you may enter into with us
To administer your account, including financial transactions for insurance broking The processing is necessary in connection with any contract that you may enter into with us
To assist in the prevention and reduction of fraud and other financial crime The processing is necessary for us to comply with the law and our legal requirements
In the interests of security and to improve our service, telephone calls you make to us may be monitored and/or recorded The processing is necessary to pursue our legitimate interest in the management and operation of our business
To let you know about similar products and services that may be of interest to you The processing is necessary to pursue our legitimate interest in operating our business
To make automated decisions, automated profiling and fraud detection The processing is necessary in connection with some contracts that you may enter into with us

 

Special categories of data and criminal convictions

We may also need to collect special categories of data from you such as information about your health, personal data revealing racial or ethnic origin, religious or philosophical beliefs or trade union membership and generic data.  We may also collect information on criminal convictions which we may share with third parties.  The lawful basis on which we can do this is the processing is necessary for reasons of substantial public interest relating to insurance purposes.

Insurance purposes mean (a) advising on, arranging, underwriting or administering an insurance contract (b) administering a claim under an insurance contract or (c) exercising a right or complying with an obligation, arising in connection with an insurance contract, including a right or obligation arising under an enactment or a rule of law.

Who we pass your personal data to

We may need to pass your personal data to other companies which may include:

The information you share with us may be transferred by us or any of the types of firms or organisations we have noted above, to other countries in order for processing to take place, including locations outside of the UK.  We will only do so if there are adequate levels of protection in place as required by applicable data protection laws.

Accessing our website and cookies

When you visit one of our websites, we may collect information from you such as your email address, IP address and other online identifiers. This helps us to track unique visits and monitor patterns of customer website traffic, such as who visits and why they visit. We may use third parties to collate IP addresses to help us understand our Internet traffic data and data regarding your browser type and computer. We may also use web usage information to create statistical data regarding the use of our website.  We may then use or disclose that statistical data to others for marketing and strategic development purposes, but no individuals will be identified in such statistical data.

We may use cookies and/or pixel tags on some pages of our website.  A cookie is a small text file sent to your computer, mobile phone or tablet depending on the device used to access our website. A pixel tag is an invisible tag placed on certain pages of our website, but not on your computer. Pixel tags usually work together with cookies to help us to give you a more tailored service. We may also use cookies and pixel tags in our email communication to personalise the email and track whether the email has been opened and whether the recipient has used any website links contained in the email communication. This allows us to monitor and improve our email communications and website. Useful information about cookies, including how to remove them, can be found at http://allaboutcookies.org.

Internet browsers normally accept cookies by default, although it’s possible to set a browser to reject cookies. However, refusing to accept cookies may restrict your use of our website and/or delay or affect the way in which our website operates. You can find more information on cookies when you visit our website.

The open nature of the internet is such that data may flow over networks without security measures and may be accessed and used by people other than those for whom the data is intended. While this is outside of our control, we do take the protection of your information very seriously and aim to apply appropriate levels of security at all times.

Sanctions List Checks

We are required to confirm that our customers are not on the Sanctions List maintained by HM Treasury and other overseas authorities. We use SanctionsSearch provided by Professional Office Ltd to perform these checks both on initial appointment and on an ongoing basis whilst we act on your behalf.

Remote Working/Working from Home

Certain members of the business may be authorised by the company to work remotely, usually from home, and we have specific rules and controls to which those members of the business must adhere. Failure to comply with these requirements must be reported to the company’s data protection officer without delay so that alternative arrangements can be considered and, where appropriate, agreed and put into place.

Closed circuit television (CCTV)

Where CCTV is used, we have identified and documented the potential impact on individuals’ privacy and have taken this into account when installing and operating the CCTV system. We regularly review whether CCTV is still the best security solution.

We will clearly inform individuals of our use of CCTV and we only retain recorded CCTV images for long enough to allow for any incident to come to light (e.g. for a theft to be noticed) and to investigate it.  We will respond to individuals or organisations making requests for copies of their images on our CCTV footage and will seek prompt advice from the Information Commissioner where there is any uncertainty. We securely store CCTV images, limit access to authorised individuals and regularly check that the CCTV system is working correctly.  We have a nominated individual who is responsible for the operation of the CCTV system.

Telephone Recording

Where telephone conversations are recorded, we will inform you of this at the beginning of the call together with our reasons for doing so and any objections should be raised immediately. Telephone recordings will be stored securely for no longer than necessary and you have the right to request a copy where this is still available.  The call recordings will only be passed to third parties where we have a legal right or legal obligation to do so.  Payment card data is protected in accordance with the Payment Card Industry Data Security Standard (PCI DSS) and our system prevents us from recording Sensitive Authentication Data (SAD) or where this is not possible, is immediately deleted after card authorisation.

Your rights

We will only store your data for as long as is necessary to comply with the requirements of your insurance contract(s) and any legal obligations or lawful processing conditions that may exist as a result.  You have a number of rights concerning the personal information we use, which you may ask us to observe. In some cases, even when you make a request concerning your personal information, we may not be required, or be able to carry out your request as this may result in us not being able to fulfil our legal and regulatory obligations under the lawful processing conditions under which we hold your data or because there is a minimum statutory period of time for which we have to keep your information. If this is the case, we’ll let you know our reasons.

You can ask us to:

If you have any questions or concerns about this privacy notice or your data protection rights, please contact us using our details set out at the beginning of this privacy notice.

You also have the right to make an enquiry or to complain to the Information Commissioner’s Office (ICO) if you are unhappy with our use of your data, or if you think we have breached a legal requirement.  Further details about the ICO are available at:  www.ico.org.uk.

How we contact you about other products and services 

We may from time to time process your personal data to let you know about similar products and services that may be of interest to you. This is because we value your custom and we pride ourselves in offering professional and tailored advice which meets your specific insurance needs.  This includes keeping you informed on the latest insurance and industry information and details of any offers or promotions relating to the insurance services we provide to you.  Our lawful basis for processing your personal data in this way is as is necessary to pursue the legitimate interests of our business, unless we have otherwise obtained your consent to do so.  We may contact you by post, telephone or e-mail. You will be given the option to stop receiving any communications from us in this regard at any time however please note that this will not affect us contacting you about the servicing of products that you have specifically requested from us.