About us Cramlington Insurance Services LLP
We Cramlington Insurance LLP (also referred to as “we”, “us”, or “our”) are a registered company in England (company no.OC316291). Our registered address is Megstone, Christon Bank, Alnwick, Northumberland, NE66 3EU.
The Purpose of This Notice
This Notice is designed to help you understand what kind of information we collect in connection with our products and services and how we will process and use this information. In the course of providing you with products and services we will collect and process information that is commonly known as personal data.
This Notice describes how we collect, use, share, retain and safeguard personal data.
This this Notice sets out your individual rights; we explain these later in the Notice but in summary these rights include your to know what is held about you, how this data is processed and how you can place restrictions on the use of your data.
What is personal data?
Personal data is information relating to an identified or identifiable natural person. Examples include an individual’s name, age, address, date of birth, gender and contact details.
Personal data may contain information that is known as special categories of personal data. This may be information relating to an individual’s health, racial or ethnic, political opinions, religious or philosophical beliefs, trade union membership, genetic and biometric data, or data relating to or sexual orientation.
Personal data may also contain relating to criminal convictions and offences.
For the purposes of safeguarding and processing criminal conviction and offence data responsibly, this data is treated in the same manner as special categories of personal date, where we are legally required to comply with special data processing requirements.
Personal data we collect
In order for us to provide and administer insurance for you we will collect and process personal about you. We will also collect your personal data where you request information about our services, customer events, promotion and campaigns.
We may also need to collect personal data relating to others in order to provide and administer insurance. In most circumstances, you will provide us with information. Where you disclose the personal data of others, you must ensure you are entitled to do so.
You may provide us with personal data when completing online quote or contact forms, when you contact us via the telephone, when writing to us directly or where we provide you with paper-based forms for completion or we complete a form in conjunction with you.
We will share your personal data with authorised third data parties. This is necessary where we are required to do so by law, where we need to administer our business, to quote for, source, place and administer your insurance, to perform underwriting activities and to process claims. Some examples follow:
- Dept recovery agencies
- Claims handling companies
- Loss adjusters
We may record your communications with us when contacting us.
Where we collect data directly from you, we are considered to be the controller of that data i.e. we are the data controller.
Where we use third parties to process your data, these parties are known as processors of your personal data. Where there are other parties involved in underwriting or administering your insurance, they may also process your data in which circumstance we will be a joint data controller of your personal data.
A data ‘controller’ means the individual or organisation which, alone or jointly with others, determines the purposes and means or personal data.
A data ‘processor’ means the individual or organisation which processes personal data on behalf of the controller.
As a provider of insurance services, we will process the following categories of data:
- Personal data such as individual’s name, address, date of birth, gender, contact details and details of historic claims
- Special categories of personal data such as health and details of historic claims resulting in injury (physical and physiological)
- Data relating to criminal convictions and offences such as details of driving offences or insurance fraud.
If you object to the collection, sharing and use of your personal data we may be unable to provide you with our products and services.
For the purpose of meeting the Data Protection Act 2018 territorial scope requirements, the United Kingdom is identified as the named territory where the processing of personal data takes place.
If you require more information about our insurance or further details about how we collect personal data and with whom we share data with, please contact our data protection representatives by e-mailing email@example.com.
Why do we need your personal data?
We will use your personal data for the performance of our contract with you, to quote for and provide you with insurance products and services, to process claims and renewals, to administer your policy and our business, to respond to any requests from you about services we provide and to process complaints. we will also use your personal data to manage your account, perform statistical analysis on the data we collect, for financial planning and business forecasting purposes and to develop new and market existing products and services.
We will use the special category and criminal conviction date we collect about you for the performance of our contract with you which is deemed to be necessary for reasons of substantial public interest. This allows us to quote for and provide you with insurance products and services, to process claims and renewals and to administer your policy.
In purchasing our products and services you should understand that you are forming a contract with us. If you contact us for a quote or request details on the services we provide, we consider ourselves as having a legitimate business interest to provide you with further information about our services.
In some situations, we may request you consent to market our products and services to you, to share your data or transfer your data outside the European Economic Area. Where we require consent, your rights and what you are consenting to will be clearly communicated to you. Where you provide consent, you can withdraw this at any time by contacting our data protection representatives.
We will retain your personal data at the end of any contractual for a minimum period of 7 years. We will retain special category and criminal conviction data for a minimal period of 7 years. Where you have submitted a claim, we will retain your data for a minimum period of 7 years if it is a non-injury claim; where an individual has been injured (physical and physiological), we will retain your data for minimal of 7 years. Where you have requested a quote, we will retain your data for 2 years. Where you have contacted us for details of our services and products; we will retain your data for 2 years. Where you make a complaint, we will retain the data for a minimum of 3 years. Where you or law enforcement agencies inform us about any active investigation or potential criminal prosecution, we will comply with legal requirements when retaining data.
The retaining of data is necessary where required for contractual, legal our regulatory purposes or for our legitimate business interests for statistical analysis (profiling) and product development and marketing purposes.
Sometimes we may need to retain your data for longer, for example if we are representing or defending ourselves in a legal dispute or as required by law or where evidence exists that a future claim may occur.
You should be aware that we use automated decision-making services/tools and techniques to check for customer suitability to our products, for example we may perform a credit search to check an individual’s solvency and credit rating. You have the right to object to the use of the automated decision-making services/tools and techniques.
Please contact our data protection representatives if you object to the use of, or you have any questions relating to the use of, your data or the retention of your personal data.
Individuals are provided with legal rights governing the use of their private data. These grant individuals the right to what personal data relating to them is held, for what purpose, how it is collected and used, with whom it is shared, where it is located, to object to its processing, to have the data corrected if inaccurate, to take copies of the data and to place restrictions on its processing. Individuals can also request the deletion of their personal data.
These rights are known as Individual Rights under the Data Protection Act 2018. The following list details these rights:
- The right to be informed about the personal data being processed
- The right of access to your personal data
- The right to object to the processing of your personal data
- The right to restrict the processing of your personal data
- The right to rectification of your personal data
- The right to erasure of your personal data
- The right to portability (to receive an electronic copy of your personal data)
- Rights relating to automated decision-making including profiling.
Individuals can exercise their Individual rights at any time. As mandated by law we will not charge a fee to process these requests, however if your request is considered to be repetitive, wholly unfounded and/or excessive, we are entitled to charge a reasonable administration fee.
In exercising your Individual Rights, you should understand in some situations we may be unable to fully meet your request, for example if you make a request for us to delete all your personal data, we may be required to retain some data for taxation, prevention of crime and for regulatory and other statutory purposes.
You should understand that when exercising your rights, a substantial public or vital interest may take precedence over any request you make. In addition, where these interests apply, we are required by law to grant access to this data for law enforcement, legal and/or health related matters.
The flow of data within the insurance sector is complex and we ask that you keep this in mind when exercising your ‘rights of access’ to your information. Where we may be reliant on other organisations to help satisfy your request this may impact on timescale.
If you require further information on your Individual Rights or you wish to exercise your Individual Rights, please contact firstname.lastname@example.org or by writing to Cramlington Insurance Services, 38 Queen Street, Amble, Northumberland, NE65 0BZ.
Protecting your data
We will take all appropriate technical and organisational steps to protect the confidentiality, integrity, availability and authenticity of your data, including when sharing your data within our business and authorised third parties.
If you are dissatisfied with any aspect of the way in which we process your personal data please contact data protection representative. You also have the right to complain to the UK’s data protection supervisory authority, the Information Commissioner’s Office (ICO). The ICO may be contacted via its website which is https://ico.org.uk/concerns/, by live chat or by calling their helpline on 03031231113.
How to contact us
If you have any questions regarding this notice, the use of your data and your Individual Rights please contact Cramlington Insurance Services, 38 Queen Street, Amble, Northumberland, NE65 0BZ, or by e-mailing email@example.com.