Privacy Notice
Introduction:
We are committed to ensuring your privacy is protected. Please take time to read this document carefully as it contains details of the basis on which we will process (collect, use, share, transfer) and store your information. You should show this notice to all parties related to any service or related insurance arrangement. If you have given us information about someone else, you are deemed to have their permission to do so.
If you have any questions or need further information you can e-mail DPO@jensten.co.uk or write to our Data Protection Officer, Jensten Group Limited, Coversure House, Washingley Road, Huntingdon, Cambridgeshire, PE29 6SR.
Who we are
How we collect your personal data
We usually use direct interaction to collect data from and about you through telephone, email, letter, or face to face communication. We also use online forms and quotation facilities for certain policy types. These may be websites administered by Jensten Group or by a third-party provider on our behalf.
What information we collect and how we use this information
Identity data: Full name, previous names, title, date of birth, gender, NI number, passport number, driving licence number.
Contact data: Email address, residential address, telephone numbers.
Financial data: Bank details, payment card details.
Insurance data: Claims history, occupation. We may also request special categories of personal information in relation to medical history, any offences, or alleged offences.
Where we need to collect personal data under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case we may have to cancel the insurance that you have in place, and we will notify you if this is the case.
Lawful basis
If you are providing personal data on behalf of a third party, you must provide them with a copy of this privacy notice and obtain any consent where we require it for the processing of their data.
Automated decision making and profiling
a) processing is fair and transparent and provides meaningful information about the logic involved; as well as the significance and the envisaged consequences;
b) use appropriate mathematical or statistical procedures for the profiling;
c) appropriate technical and organisational measures are in place to enable inaccuracies to be corrected and minimise the risk of errors; and
d) secure your personal data in a way that is proportionate to the risk to your interests and rights and prevents discriminatory effects.
Marketing
Should we need to use your information for any other purpose we shall request your consent to do so.
Data Controller & Data Processor
The contractual arrangements we have in place with our suppliers (e.g. insurance companies, our client database software providers, lead generation, and similar providers of services to us, including other third-party companies who use our services), are governed by and shall be deemed to operate strictly in accordance with the terms of such contracts. Importantly, from your perspective, these contracts set out to define how data will be processed between us, including circumstances when we act as a processor or controller as is required by the UK GDPR.
Use & Storage of your Information Overseas
We will never knowingly transfer, store, or process information about you or an individual, outside the Europe an Economic Area (EEA). In the event that we are compelled to transfer your information outside the EEA (e.g. because it is an insurance arrangement with an Insurance Company who is outside the EEA or part of a larger group of companies who pass information outside the EEA) it shall be in compliance with the conditions for transfer set out in the GDPR and or restricted to a country which is considered to have adequate data protection laws. All reasonable steps shall typically have been undertaken to ensure the firm to which information is being transferred has suitable standards in place to protect such information.
What we will not do with your information
Unless required to do so by law, or for other similar reasons, other than those outlined (see sharing your information) we will never otherwise share personal information without legal basis or without ensuring the appropriate care and necessary safeguards are in place; we will in any other event ask for your consent to share that information and explain the reasons.
How long we will keep personal data
This means, we will only keep information that is necessary so that we can sufficiently deal with administrative issues, queries, claims and / or for compliance with legal reasons; usually we will keep information for a minimum retention period of 7 years after cessation of a product or service we have provided. For Employer’s Liability and certain other specific classes of business that require it, we will retain data indefinitely.
Changes to the Privacy Notice and Your Duty to inform us of changes
This Privacy Notice will be updated from time to time and was last updated on 9 January 2023
It is important that personal data we hold about you is accurate and current. Please ensure that you keep us informed if your personal data changes during your relationship with us.
Your data protection rights
Your right of access – You have the right to ask us for copies of your personal information that we hold about you.
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing – You have the right to object to the processing of your personal information in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not usually required to pay any charge for exercising your rights, but we do reserve the right to make an administrative charge for Subject Access Requests if requests are deemed manifestly unfounded or excessive. If you make a request, we have one month to respond to you, but we are permitted by the UK GDPR to extend this by a further two months if the request is sufficiently complex or if you submit a number of requests.
Data Protection Officer contact details:
If you have any cause for concern about our handling of personal information, please contact us using the details below:
Data Protection Officer, Jensten Group Limited, Coversure House Vantage Park, Washingley Road, Huntingdon, Cambridgeshire, PE29 6SR
Or email: DPO@jensten.co.uk
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, Helpline number: 0303 123 1113 and ICO website: https://www.ico.org.uk