Privacy and Fair Processing Notice

The privacy and security of your information is important to Bishopsgate Insurance Brokers Limited. This notice explains who we are, the types of information we hold, how we use it, who we share it with and how long we keep it. It also informs you of certain rights you have regarding your personal information under current data protection law. The terms used in this Privacy and Fair Processing Notice are based on those provided by the Information Commissioner’s Office. You can find out more about the ICO here: https://ico.org.uk/.

Who are we?

Bishopsgate Insurance Brokers Limited (part of The Ardonagh Group of companies) is the Data Controller and Data Processor of the information you provide us and is registered with the Information Commissioner’s Office for the products and services we provide to you: https://ico.org.uk/ESDWebPages/Entry/Z5577227

You can contact us for general data protection queries by email to dataqueries@ardonaghspecialty.com or in writing to the Data Protection Officer, Bishopsgate Insurance Brokers Limited, 2 Minster Court, Mincing Lane, London EC3R 7PD. Please advise us of as much detail as possible to comply with your request.

If required, further information about The Ardonagh Group of companies can be found by visiting http://www.ardonagh.com/.

What information do we collect?

To enable us to provide you with the right product or service to meet your needs (or to handle a claim on your behalf) we will collect and process personal information which may include, but not necessarily be limited to, your name, address, telephone number, email address, postal address, occupation, date of birth, additional details of risks related to your enquiry or product and payment details (including bank account number and sort code). We may need to request, collect and process additional sensitive personal information such as, but not limited to, details of convictions or medical history for us to provide you with the product or service or to process a claim. This information will be collected from you as it is considered necessary for a legitimate insurance purpose and contractual obligations that arise from the provision of insurance products and services to you.

We only collect and process sensitive personal data where it is critical for the delivery of insurance products and services we provide to you and as allowed under UK law.  If you object to use of this information then we will be unable to offer you that product or service.

How do we use your personal information?

We will use your personal information to:

  • Assess and provide the products or services that you have requested.
  • Communicate with you.
  • Develop new products and services.
  • Undertake statistical analysis.

We may also take the opportunity to:

  • Contact you about products that are closely related to those you already hold with us.
  • Provide additional assistance.
  • Notify you of important functionality changes to our websites.

From time to time we will need to call you for a variety of reasons relating to your products or service (for example, to update you on the progress of a claim or to discuss renewal of your insurance contract). To ensure the confidentiality and security of the information we hold, we may need to request personal information and ask security questions to satisfy ourselves that you are who you say you are.

We aim to keep the information we may hold about you as accurate as possible, but we depend on your assistance to update the personal information we may hold when necessary. You can inform us of a change in your details by contacting your account handler or claims contact at any time.

We may aggregate information and statistics on website usage or for developing new and existing products and services, and we may also provide this information to third parties. These statistics will not include information that can be used to identify any individual.

Securing your personal information

We follow strict security procedures in the storage and disclosure of your personal information in line with industry practices, including storage in electronic and paper formats.

We store all the information that you provide to us, including information provided via forms you may complete on our websites, and information which we may collect from your browsing (such as clicks and page views on our websites).

Any new information you provide us may be used to update an existing record we hold for you.

When do we share your information?

The insurance lifecycle involves the sharing of your personal data between insurance market participants – such as insurers or loss adjusters – some of whom you will not have direct contact with. In these instances, while the information you provide will be disclosed to these companies, it will only be disclosed by Bishopsgate to allow for the provision and administration of the service provided (for example verification of any quote given to you, claims processing, underwriting and pricing purposes, or to maintain management information for analysis).

To help us prevent financial crime, your details may be submitted to fraud prevention agencies and other organisations where your records may be searched, including the Claims and Underwriting Exchange (CUE) and the Motor Insurers Anti-Fraud and Theft Register (MIAFTR).

We may also share your information with anyone you have authorised to deal with us on your behalf.

If we provide information to a third party we will require it and any of its agents and/or suppliers to take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy and Fair Processing Notice or an equivalent Notice or Policy.

We will not share your personal information for third party marketing or for any other purposes without your consent unless required by law to pass on your information to the police or other law enforcement body, or statutory or regulatory authority, including but not limited to the Employer’s Liability Tracing Office (ELTO) and the Motor Insurance Bureau (MIB).

The information we collect about you may be transferred to, and stored at, a destination outside of the European Economic Area (EEA). It may also be processed by staff operating outside of the EEA who work for us or for one of our suppliers. Such staff may be engaged in, amongst other things, the provision of information you have requested. Whenever we send information outside of the EEA, we will ensure that we have taken the appropriate steps to do so in a manner compliant with the relevant data protection legislation.

We may also need to pass your personal data to other companies which may include other companies or brands within our group of companies.

How long do we keep your information for?

We will not keep your personal information longer than is necessary for the purpose for which it was originally provided, unless we are required by law or have other legitimate reasons to keep it for longer (for example if necessary for any legal or claims proceedings).

We will normally keep information for no more than 7 years after termination or cancellation of a product, contract or service we provide. In certain cases, we will keep your information for longer, particularly where a product includes liability insurances or types of insurance for which a claim could potentially be made by you or a third party at a future date, even after your contract with us has ended. 

Your rights

Under GDPR you have the right to change or withdraw your consent and your rights also include:

  • Your right of access – You have the right to ask us for copies of your personal information.
  • Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
  • Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
  • Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.

You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.

We may use automated decision making in processing your personal information for some services and products. You can request a manual review of the accuracy of an automated decision if you are unhappy with it.

If you are not satisfied with our use of your personal data or our response to any request made by you to exercise any of your rights, or if you think that we have breached the GDPR, then you have the right to complain to the ICO. Should you wish to review, amend or transfer any of the personal data we hold on you please contact our Data Protection Officer at the earliest opportunity. Further details of your rights and your right to complain to the ICO can be obtained by visiting the ICO website at https://ico.org.uk/.

Updates

We are required by law, to change or update this Privacy and Fair Processing Notice to keep it accurate and current.

Disclaimer

Please note that Bishopsgate Insurance Brokers is also a trading name of Besso Limited (part of The Ardonagh Group of companies) and Besso Limited is the Data Controller. All information and contact details as set out in the above Privacy & Fair Processing Notice applies.

Bishopsgate Insurance Brokers is also a trading name of Oxford Insurance Brokers Ltd (part of The Ardonagh Group of companies) and Oxford Insurance Brokers Ltd is the Data Controller. All information and contact details as set out in the above Privacy & Fair Processing Notice applies.

Bishopsgate Insurance Brokers is also a trading name of Ed Broking LLP (part of The Ardonagh Group of companies) and Ed Broking LLP is the Data Controller. All information and contact details as set out in the above Privacy & Fair Processing Notice applies.