This is the privacy notice of Sydney Packett & Sons Limited (registration number: 00371448) whose registered office is at Salts Wharf, Ashley Lane, Shipley BD17 7DB referred to as we, us or our in this privacy notice.
This privacy notice sets out how we collect and process your personal data. This privacy notice also provides certain information that is legally required and lists your rights in relation to your personal data.
This privacy notice relates to personal information that identifies you as a natural person (whether you are an actual or potential customer, an individual who browses our website or an individual outside our organisation with whom we interact). We refer to this information throughout this privacy notice as personal data or personal information and further detail of what this includes are set out in this privacy notice below.
The privacy and security of your personal information is very important to us so we want to assure you that your information will be properly managed and protected by us at all times. Please read this privacy notice carefully as it explains how we may collect and use your personal data.
For the purposes of relevant data protection legislation, we are a controller of your personal data. As a controller we use (or process) the personal data we hold about you in accordance with this privacy notice.
This privacy notice may vary from time to time so please check it regularly. This privacy notice was last updated on 16 May 2018.
If you need to contact us in connection with the use or processing of your personal data, then you can contact our data protection representative, Robert Marshall, who you can contact at firstname.lastname@example.org.
Our processing activities
To find out more please go to the section that is relevant to you:
- Sourcing, placing and administering insurance for clients
- Visitors to our website
- Business Contacts
Sourcing, placing and administering insurance for clients
Collection of personal data
The personal data that we collect about you may include the following information:
- Personal data you provide to us in person, by email, via our website or by telephone
- Personal data you provide when you enquire about insurance, or when you purchase a policy, through us, including information about what and/or who you want to insure, such as vehicle details, business activities, your home or travel details
- General information about you, such as your name, address, contact details and date of birth
- Personal data you provide if you subscribe to any of our mailing or newsletter services
- Your claims and credit history
- Financial details, such as your bank account and card details
- Criminal convictions
- Information about your use of our website such as your IP address, which is a unique number identifying your computer, including personal data gathered using cookies
In addition, we may obtain certain special categories of your data (special categories of data) and data about criminal convictions, and this privacy notice specifically sets out how we may process these types of personal data. The special categories of data are data concerning health.
We collect your personal data from you as a controller when we obtain quotations for insurance for you, when we set up your policy for you and when we make changes to your policy for you. This may also involve the collection of data from or about others who are associated with you and your insurance policy such as other persons insured on your policies or your employees or representatives. By giving us information about someone else for the purpose of arranging insurance for them under your policy such as named driver, employee or travel companion etc. you confirm that you have their permission to do so and that you have shared this privacy notice with them.
By asking us to arrange a contract of insurance for you where this involves passing information to us relating to children, you confirm to us that in doing so you are the responsible guardian of the child.
We also collect information from publicly available sources and third-party databases made available to the insurance industry for the purposes of reducing fraud and financial crime as well as any other third-party databases where your personal data may be held, provided such third parties have lawful bases on which to share such personal data with us.
Use of personal data
We may rely on one or more of the following legal bases when processing your personal data for the following purposes:
Purposes for which we process your personal data and the basis on which we can do this (this is what the law allows)
- In order to perform our contractual obligations to you. This would include our fulfilling your requests for insurance services (including obtaining insurance for you, fulfilling requests for mid-term adjustments, obtaining renewals and administering claims). The basis on which we can do this processing is that it is necessary in connection with any contract that you may enter into with us
- To administer your account, including financial transactions for insurance broking. The basis on which we can do this processing is that it is necessary in connection with any contract that you may enter into with us
- To assist in the prevention and reduction of fraud and other financial crime. The basis on which we can do this processing is that it is necessary for us to comply with the law and our legal requirements
- To let you know about similar products and services that may be of interest to you. The basis on which we can do this processing is that it is necessary to pursue our legitimate interest in operating our business
Special categories of data and criminal convictions
We may also need to collect special categories of data from you, such as information about health, in order to perform our contractual obligations to you. The lawful basis on which we can do this is that the processing is necessary for reasons of substantial public interest relating to insurance. We may also collect information on criminal convictions which we may share with third parties. The lawful basis on which we can do this is that the processing is necessary for reasons of substantial public interest relating to insurance.
How we contact you about other products and services
We may from time to time process your personal data to let you know about similar products and services that may be of interest to you. This is because we value your custom and we pride ourselves in offering professional and tailored advice which meets your specific insurance needs. This includes keeping you informed on the latest insurance and industry information and details of any offers or promotions relating to the insurance services we provide to you. Our lawful basis for processing your personal data in this way is as is necessary to pursue the legitimate interests of our business, unless we have otherwise obtained your consent to do so. We may contact you by post, telephone or e-mail. You will be given the option to stop receiving any communications from us in this regard at any time however please note that this will not affect us contacting you about the servicing of products that you have specifically requested from us.
When and how we share personal data and locations of processing
We may need to pass your personal data to other companies which may include
- The insurers, intermediaries and third-party service providers that we use for the purpose of arranging and administering your insurance policy. This may also include risk management assessors, uninsured loss recovery agencies, premium finance providers and other third parties involved (directly or indirectly) in the administration of your insurance and its associated benefits
- Firms that provide administration and processing services to us or on our behalf under contract in order to complete activities such as claims handling, IT systems and administrative services and other activities set out in this privacy notice, as well as support activities such as finance and auditing services
- Organisations that have a specific role laid out in law, such as statutory bodies, regulatory authorities and other authorised bodies
- Other organisations where we have a duty to or are permitted to disclose your personal information by law, for example if we received a valid request from the police or other third-party organisation in the interest of preventing and detecting crime
- Fraud prevention agencies and operators of registers available to the insurance industry to check information and prevent fraud
- Credit reference agencies to check your credit history. This check will be recorded on your credit reference file without affecting your ability to apply for credit or other financial products
- Third parties we use to recover money you may owe us or to whom we may sell your debt
- Another company, if our business or part of it is bought or taken over by that company to make sure your insurance policy can continue to be serviced or as part of preliminary discussions with that company about a possible sale or take over
The information you share with us may be transferred by us or any of the types of firms or organisations we have noted above, to other countries in order for processing to take place, including locations outside of the UK and the European Union. We will only do so if there are adequate levels of protection in place as required by applicable data protection laws.
Collection of personal data
We collect and process personal data about our suppliers in order to manage the relationship, contract, to receive services from our suppliers and, where relevant, to provide professional services to our clients.
Use of personal data
We use personal data for the following purposes:
- We process personal data in relation to our suppliers and their staff as necessary to receive the services.
- We process personal data in order to run our business, including:
– managing our relationship with suppliers
– developing our businesses and services (such as identifying client needs and improvements in service delivery)
– maintaining and using IT systems
– hosting or facilitating the hosting of events
– administering and managing our website and systems and applications
- Unless we are asked not to, we use business contact details to provide information that we think will be of interest about us and our services. For example, industry updates and insights, other services that may be relevant and invites to events.
We collect personal data concerning our own personnel as part of the administration, management and promotion of our business activities.
Staff should refer to the Staff Notice Board for information on why and how personal data is collected and processed.
Visitors to our website
Collection of personal data
When you visit one of our websites we may collect information from you, such as your email address, IP address and other online identifiers. This helps us to track unique visits and monitor patterns of customer website traffic, such as who visits and why they visit. We use third parties to collate IP addresses to help us understand our Internet traffic data and data regarding your browser type and computer. We may also use web usage information to create statistical data regarding the use of our website. We may then use for marketing and strategic development purposes, but no individuals will be identified in such statistical data.
Visitors are also able to send an email to us through the website. Users are warned that any personal data provided is submitted over a connection that may be insecure. Alternative contact details are provided if the user is unsure. We ask that you do not provide sensitive information (such as race or ethnic origin; political opinions; religious or philosophical beliefs; trade union membership; physical or mental health; genetic data; biometric data; sexual life or sexual orientation; and, criminal records) to us when using our website; if you choose to provide sensitive information to us for any reason, the act of doing so constitutes your explicit consent for us to collect and use that information in the ways described in this privacy statement or as described at the point where you choose to disclose this information.
Internet browsers normally accept cookies by default, although it’s possible to set a browser to reject cookies. However, refusing to accept cookies may restrict your use of our website and/or delay or affect the way in which our website operates. You can find more information on cookies when you visit our website.
The open nature of the internet is such that data may flow over networks without security measures and may be accessed and used by people other than those for whom the data is intended. While this is outside of our control, we do take the protection of your information very seriously and aim to apply appropriate levels of security at all times.
Use of personal data
When a visitor provides personal data to us, we will use it for the purposes for which it was provided to us as stated at point of collection (or as obvious from the context of the collection). Typically, personal data is collected to:
- Enquire for further information
- Distribute requested reference materials
- Aggregate data for website analytics and improvements
Our websites do not collect or compile personal data for the dissemination or sale to outside parties for consumer marketing purposes or host mailings on behalf of third parties. If there is an instance where such information may be shared with a 3rd party the visitor will be asked for their consent beforehand.
Collection of personal data
We process personal data about contacts (existing and potential clients and/or individuals associated with them) using a customer relationship management system (CRM).
The collection of personal data about contacts and the addition of that personal data to the CRM is initiated by us and will include name, employer name, contact title, phone, email and other business contact details.
Use of personal data
Personal data relating to business contacts may be visible to and used by us to learn more about an account, client or opportunity we have an interest in, and may be used for the following purposes:
- Administering, managing and developing our businesses and services
- Providing information about us and our range of services
- Making contact information available to our staff
- Identifying clients/contacts with similar needs
- Describing the nature of a contact’s relationship with us
Unless we are asked not to, we use business contact details to provide information that we think will be of interest about us and our services. For example, industry updates and insights, other services that may be relevant and invites to events.
Packetts do not sell or otherwise release personal data contained in the CRM to third parties for the purpose of allowing them to market their products and services without consent from individuals to do so
We take the security of all the data we hold very seriously. We have a framework of policies, procedures and training in place covering data protection, confidentiality and security and regularly review the appropriateness of the measures we have in place to keep the data we hold secure.
We use third parties to support us in providing our services and to help provide, run and manage our internal IT systems e.g. our insurance broking platform, website hosting and management, data back-up and IT security.
We will only store your data for as long as is considered necessary for the purpose for which it was collected (including as required by applicable law or regulation). You have a number of rights concerning the personal information we use, which you may ask us to observe. In some cases, even when you make a request concerning your personal information, we may not be required, or be able to carry out your request as this may result in us not being able to fulfil our legal and regulatory obligations under the lawful processing conditions under which we hold your data or because there is a minimum statutory period of time for which we have to keep your information. If this is the case, we’ll let you know our reasons.
You can ask us to:
- Provide a copy of your personal information
- Correct or delete unnecessary or inaccurate personal information
- Restrict or to object to the use of your personal information at any time
- Object to any automated decision, including profiling which may have been used by insurers when underwriting your quotation. Where an automated decision has been made we will advise you of this and of your rights
- Provide your personal data in a structured, commonly used and machine-readable format and to have your personal data transferred to another controller. This right only applies where our processing of your personal data is automated and the processing took place initially with your consent or for the performance of a contract with you
- Where we process personal data based on consent, individuals have a right to withdraw consent at any time. We do not generally process personal data based on consent (as we can usually rely on another legal basis). To withdraw consent to our processing of your personal data or, to stop receiving an email from one of our marketing lists please email us at email@example.com.
If you have any questions or concerns about this privacy notice or your data protection rights please contact us using our details set out at the beginning of this privacy notice.
You also have the right to make an enquiry or to complain to the Information Commissioner’s Office (ICO) if you are unhappy with our use of your data, or if you think we have breached a legal requirement. Further details about the ICO are available at: www.ico.org.uk.