SEIB Insurance Brokers Ltd is a broking business which provides advice and offers special insurance products including equestrian insurance. We are part of the Ecclesiastical group of companies.
Providing broking services means that we need to collect and process data so that we can arrange the insurance cover you have asked for, provide you with a quote, assist with any claims made under an insurance policy we have placed and where relevant, handle any complaints that might arise. This makes us a “data controller”
If you are unsure about who the data controller of your personal information is, you can also contact us at any time by e-mailing us at dataprotection@seib.co.uk or by writing to Data Protection Officer at South Essex House, North Road, South Ockendon, Essex, RM15 5BE.
Insurance involves the use and disclosure of your personal data by various insurance market participants such as intermediaries, insurers and reinsurers.
The London Insurance Market Core Uses Information Notice which can be accessed here sets out those core necessary personal data uses and disclosures.
Our core uses and disclosures are consistent with the London Market Core Uses Information Notice. We recommend you review this notice.
Depending on our relationship with you for example prospective customers/parties covered under an insurance policy or individuals covered under an insurance policy we place including consumers and commercial customers (and third party claims where applicable) and the nature of services we are providing you with such as broking services, we will collect different types of personal information about you and use it for different purposes.
From time to time we may ask you to provide or we may receive your “sensitive personal information” otherwise known in data protection laws as “special categories of personal information” (which is information relating to your health, criminal convictions, sex life, sexual orientation, racial or ethnic origin, political opinions, religious or philosophical beliefs, and trade union membership). for example where we arrange travel insurance for you, we may need information about your pre-existing health conditions. In these circumstances we would use your special category data to provide a quote and arrange the placing of your insurance and to assist with any claims you make. We may also need details of any unspent criminal convictions you have for fraud prevention purposes.
Where you provide personal information to us about other individuals for example members of your household or other persons to be named on your insurance policy we will also be data controller of and responsible for their personal information. You should refer them to this notice.
We have structured this notice so that you only have to click on the section below that is relevant to you and reflects your relationship with us.
• Where you are not the person applying for insurance, your relationship or connection to the prospective policyholder.
• Identity documents such as passport, driving licence and national insurance number.
• Employment status and related information such as job title, employment history and education.
• Information which is related to your insurance application including:
• details about previous insurance policies you have held and any previous claims you have made;
• details about your family such as dependants or spouses; and
• policy specific information. For example, if we will be placing equestrian insurance for you, we will need information about your horse and the riding events you participate in.
• Financial information including:
• your bank account and payment details;
• details about your income; and
• information obtained from checking sanctions lists and credit checks such as bankruptcy orders, individual voluntary arrangements, office disqualifications or county court judgments.
• Information which is available publically such as internet search engines.
• Information about any criminal offences you have been convicted for and any related information including about any offences or alleged offences you have committed or any court sentences which you are subject to.
• We may also collect information because it is relevant to your application, which reveals or is likely to reveal your race or ethnicity, religious or philosophical beliefs; political opinions; trade union membership; or data concerning your sex life or sexual orientation. For example motor insurance will require you to disclose any motoring convictions.
• when you have approached us because you want to apply for an insurance policy;
• from your application form;
• when we provide you with a quotation for an insurance policy we will be placing; and
• during any communications we have, such as by telephone or email or when you make a general enquiry.We will also collect your personal information from:
• The prospective policyholder where you are a beneficiary.
• Third parties who we rely on to administer the placing of your insurance policy such as insurers and our own business partners.
• Third parties who provide sanctions checking services.
• Financial crime and fraud detection agencies and other third parties who operate and maintain fraud detection registers and third parties we use to carry out credit checks.
• Other companies in the Ecclesiastical Group.
• Public sources such as court judgments, insolvency registers, internet search engines, and directories of Anglican ministers.
• Other insurance intermediaries.
• Appointed representatives.
• Introducers.
• We need to use your personal information to enter into or perform our contract with you. We will rely on this legal ground for all activities that we undertake in order to fulfil our contractual obligations and without using your personal information we would be unable to do, such as placing insurance cover for you, administering your application, assessing your application against market offerings and providing you with a quote.
• We have a legal or regulatory obligation to use your personal information. For example, we have legal obligations to carry out anti-money laundering checks and our regulators require us to maintain records of all dealings with you and to carry out sanctions checks and to comply with our regulatory reporting requirements we may need to send your personal information to our regulators.
• We have a business need to use your personal information. Such needs will include keeping business and accounting records, maintaining management information, statistical analysis, developing and testing our systems, analysing our business and improving the services and products we offer, carrying out strategic reviews of our business models and will cover all activities which are needed to carry out everyday business activities. When relying on this legal ground, we are under a duty to assess your rights and to ensure that we do not use your information unless we can demonstrate a legitimate business need.When we use your “special categories of personal information” (such as information about your health, religion or criminal offences), we need to have an additional “legal ground”. When using your ” special categories of personal information “, we will rely on the “legal grounds” set out below:
• We have an insurance purpose to use your special categories of personal information and there is a substantial public interest such as assessing your insurance application, arranging or administering a policy.
• It is in the substantial public interest to prevent or detect unlawful acts and the processing of special categories of personal information is necessary for the purposes of prevention or detection of an unlawful act, for example where we suspect fraud.
• It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty – such as carrying out fraud, credit and anti-money laundering checks.
• You have clearly made your special categories of personal information public. For example where you are a Bishop of an Anglican Church and you have made your religious beliefs common knowledge.
• We need to use your special categories of personal information to establish, exercise or defend legal rights. This will be applicable where we are involved in legal proceedings, either against us or where we want to instigate them ourselves.
• You have given your consent. There may be some instances where we may need your consent to process special categories of personal information (e.g. health information) and without it we could not place your insurance policy. We will make it clear when these circumstances are and why your consent is necessary.
What is the purpose for using your personal information | Legal grounds for using your personal information | Legal grounds for using your special categories of personal information |
---|---|---|
To assess your insurance application and obtain appropriate quotes for you | • It is necessary to enter into or perform our contract • We have a business need (to assess all insurance applications against market placement) |
• It is necessary for the insurance purpose of placing an insurance policy. • We have your explicit consent. In some circumstances, we will need to obtain your consent before we can place your policy. |
To carry out fraud, credit and anti-money laundering checks on you | • It is necessary to enter into or perform our contract. • We have a legal obligation. • We have a business need (to prevent fraud and other financial crime). |
• It is in the substantial public interest to prevent or detect unlawful acts (where we suspect fraud). • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty. • We have your explicit consent. • We need to establish, exercise or defend legal rights. |
To comply with our legal or regulatory obligations. | • We have a legal obligation. | • We need to establish, exercise or defend legal rights. • We have your explicit consent. • It is in the substantial public interest to comply with regulatory requirements relating to unlawful acts and dishonesty. |
To generally communicate with you and handle any queries about your application. | • It is necessary to enter into or perform our contract. • We have a business need (to respond to all communications). |
• We need to establish, exercise or defend legal rights. |
For business purposes such as systems development, migration of systems and live testing, diagnosing any problems with our servers and website. | • We have a business need (to run an efficient business) | • It is necessary for the insurance purpose of placing and administering an insurance policy. |
For business purposes such as maintaining management information, internal audits, and carrying out statistical and strategic analysis. | • We have a business need (to run an efficient business and improve our business) | • It is necessary for the insurance purpose of placing and administering an insurance policy. |
To provide improved quality, training and security (for example, through recorded or monitored phone calls to our contact numbers, or carrying out customer satisfaction surveys). | • We have a business need (to develop and improve the services we offer). | • It is necessary for the insurance purpose of placing and administering an insurance policy. |
• The policyholder where you are a beneficiary.
• Third parties who we rely on to administer your application such as insurers, other insurance intermediaries and insurance distributors and our own business partners.
• Medical screening service providers in relation to travel insurance.
• Third parties who provide sanctions checking services.
• Insurance industry bodies.
• Financial crime and fraud detection agencies and other third parties who operate and maintain fraud detection registers and third parties we use to carry out credit checks.
• Other companies in the Ecclesiastical Group.
• Service providers we have contracted with including our subcontractors and agents, auditors, our solicitors, actuaries, IT providers and database providers, marketing mailing providers and business suppliers.
• Any third parties in the event of a sale, merger, reorganisation, transfer or dissolution of our business.
• The Financial Conduct Authority and the Prudential Regulation who are our regulators.
• Law enforcement agencies such as the police, HMRC and taxation authorities.
• Our own insurers and companies who we have appointed to assist with arranging our insurance.
We may use your personal information to provide you with information about our services which may be of interest to you where you are an existing client or where you have provided your consent for us to do so.
We are committed to only sending you marketing communications that you have clearly expressed an interest in receiving. If you no longer wish to receive information from us and want to be removed from our standard mailing list you can “unsubscribe” by clicking the link that appears in all emails or post by contacting using the details set out in section 8. Please note that by stopping these communications you may not hear about a new product or services such as a new insurance product or additions to our insurance that may save you money. This includes products and services from the Ecclesiastical group of companies.
Please note that, even if you opt out of receiving marketing messages, we may still send you communications which are relevant to the type of services we provide you with.
We make some decisions automatically inputting your personal information into a system and computer and the decision is reached using certain processes and algorithms, rather than our employees making the decisions themselves. This is called ‘automated decision making’ and we will use this at the underwriting stage. We use your personal information (Name, Address, Date of Birth etc.) to determine eligibility for particular cover under an insurance policy we can place and your insurance premium.
You have a right not to be subject to the automated decision-making described above and you can contact us, using the details set out in section 10, to request that any declined decision is reconsidered. If you want to opt out of automatic decision-making, let us know, although in some circumstances it may mean we can’t place your insurance policy or offer you a quote or as some automated decisions are necessary to place your insurance policy.
We will only keep your personal information for as long as reasonably necessary to fulfill the purposes set out in section 3 above and to comply with our legal and regulatory obligations.
If you would like further information about how long we will keep your personal information for, please contact us using the details set out in section 10.
There may be some instances where your personal information is transferred to countries outside of the European Economic Area (“EEA”) such as when we transfer information to our other companies in the Ecclesiastical group or to third party suppliers who are based outside the EEA or when third parties who act on our behalf transfer your personal information to countries outside the EEA.
Where such a transfer takes place, we will take the appropriate safeguarding measures to ensure that your personal information is adequately protected. We will do so in a number of ways including:
• Entering into data transfer contracts and using specific contractual provisions that has been approved by European data protection authorities otherwise known as the “standard contractual clauses”;
• Transferring personal data only to companies in the United States who are certified under the “Privacy Shield”. The Privacy Shield is a scheme whereby companies certify that they provide an adequate level of data protection. You can find out more about the Privacy Shield here; or
• We will only transfer personal data to companies in non-EEA countries who have been deemed by European data protection authorities to have adequate levels of data protection for the protection of personal information. You can find out more about this here.
We are also entitled under European data protection laws to transfer your personal information to countries outside the EEA where it is necessary for the performance of the contract we have with you.
Depending on our relationship and your particular circumstances, we might transfer personal information anywhere in the world. A summary of our regular data transfers outside the EEA is set out below:
Country of transferReason for the transferMethod we use to protect your information
At present no personal information is sent overseas.
If you would like further information regarding our data transfers and the steps we take to safeguard your personal information, please contact us using the details set out in section 10.
We implement and maintain appropriate technical and organisational measures to ensure the ongoing confidentiality, integrity, availability and resilience of processing systems and services. These include but are not limited to the following key activities:
– We adopt a framework of information security controls operating at different levels within the company to restrict access and safeguard systems, in accordance with a ‘defense in depth’ methodology (which is the coordinated use of multiple security controls to protect the integrity of the information and assets in the company’s IT network);
– We have an established documented information security and data protection policy framework which is regularly reviewed to consider changes in technology, regulations and threats;
– We maintain encryption technologies to encrypt data stored on portable computers and portable media, and ensure security when data is transferred;
– We maintain awareness and education on information security and data protection in all areas of our business;
– We conduct risk based due diligence on our suppliers;
You have several data protection rights which entitle you to request information about your personal information, to dictate what we do with it or to stop us using it in certain ways.
If you wish to exercise the rights set out below, please contact us at any time using the details set out in section 8. There will not normally be a charge for this.
We respect your rights in relation to personal information we hold about you, however we cannot always comply with your requests, for example:
• we may not be able to delete your information if we are required by law to keep it for a longer period of time; or
• if we delete your information we would not have the necessary information we need to arrange the placing of your insurance policy or assist you with a claim.
In some circumstances, complying with your request may result in your insurance policy being cancelled or your claim being discontinued. Please refer to your policy terms and conditions which will explain what will happen in the event your insurance policy is cancelled. However we will always inform you why we cannot comply with your request.
You can request a copy of the personal information we hold about you and certain details of how we use it.
Your personal information will normally be provided to you in writing unless you request otherwise or where you have made a request by electronic means such as email, we will provide such information in electronic form where possible.
Where we rely on consent as the legal ground to use your personal information, you are entitled to withdraw that original consent.
Please note that for certain uses of your personal information, we need your consent in order to place your policy. [If you exercise this right and withdraw your consent, we may not be able to place your insurance policy or assist you in the event you have a claim.] We will inform you of these consequences when you withdraw your consent.
We make reasonable efforts to keep your personal information where necessary up to date, complete and accurate. We encourage you to ensure that your personal information is accurate so please regularly let us know if you believe that the information we hold about you may be inaccurate or not complete. We will correct and amend any such personal information and notify any third party recipients of necessary changes.
Subject to the circumstances in which you exercise this right, you can request that we stop using your personal information, such as where you believe that we no longer need to use your personal information.
Subject to the circumstances in which you exercise this right, you can request that we port across personal information you have provided to us to a third party in a commonly used and machine-readable format.
You can request that we delete your personal information. For example, where we no longer need your personal information for the original purpose we collected it for or where you have exercised your right to withdrawn consent.
Whilst we will assess every request, this request is subject to legal and regulatory requirements that we are required to comply with.
You can request that we stop sending you marketing messages at any time by clicking on the “unsubscribe” button in any emails that we send to you or by contacting us using the details set out in section 9.
Please note that even if you exercise this right because you do not want to receive marketing messages, we may still send you service related communications where necessary.
If you have been subject to an automated decision and do not agree with the outcome, you can contact us using the details set out in section 10 and ask us to review the decision.
Where you believe that we have breached data protection laws when using your personal information, you can complain to the Information Commissioner’s Office (ICO). For more information visit the ICO’s website at https://ico.org.uk/. Please note that exercising this right and lodging a complaint will not affect any other legal rights or remedies that you have.
If you would like further information about the ways we use your personal information, further clarity on how we use your personal information or anything referred to in this notice, please contact our Data Protection Officer at dataprotection@seib.co.uk or by writing to Data Protection Officer at South Essex House, North Road, South Ockendon, Essex, RM15 5BE.
We are continually improving our methods of communication and alongside with changes in the law and the changing nature of technology, our data practices and how we use your data will change from time to time. If and when our data practices change, we will notify you and we will provide you with the most up-to-date notice. You can view it by checking our website here.
This notice was last updated on 01/03/2021