Background and Introduction
In accordance with the General Data Protection Regulation (GDPR) and related UK data protection legislation, we are committed to protecting the confidentiality and security of the information that you provide to us. This Privacy Notice is designed to help you understand how we collect and use your information. If you have any questions or queries about this Notice please contact us. We may amend this Privacy Notice from time to time, in order to, for example, keep it up to date or to comply with legal requirements. The latest version of this Notice can be found at here
or you can contact us for the latest version using any of the methods detailed in the ‘How to contact us’ section.
Who we are
We are Chris Knott Insurance Consultants Ltd (also referred to in this Notice as “we”, “us”, or “our”).
How to contact us
For any questions or concerns relating to this Privacy Notice or our data protection practices, or to make a Subject Access Request or any other request regarding the information we hold, please contact us at:
Chris Knott Insurance Consultants Ltd
5th Floor Cavendish House
Tel: 0800 917 2274
or 01424 200477
Lawfulness and Fairness
Personal data must be processed lawfully, fairly and in a transparent manner in relation to the Data Subject (you). This may arise where:
- you have given your consent
- the processing is necessary for the performance of a contract with you
- to meet our legal compliance obligations
- to protect your vital interests
- to pursue our legitimate interests for purposes where they are not overridden because the processing prejudices your interests or fundamental rights and freedoms.
Nature of personal information
Personal data is any information that may identify a living individual.
We collect personal information such as name, contact details, date of birth, gender, marital status, financial details, employment details and other personal details depending on the nature of the insurance and other services we offer.
We may collect, use and store sensitive personal information such as convictions and medical conditions as necessary in relation to your insurances. This information may be shared with insurers, insurance product providers and our third partyservice providers.
We may collect information from you about other people, for example, family members who may drive your car or who maybe included on a travel or household insurance policy.
If you give us information about another person it is your responsibility to ensure and confirm that:
- you have told the individual who we are and how we use personal information, as set out in this Privacy Notice; and
- you have permission from the individual to provide that personal information to us and for us to use it, as set out in this Privacy Notice.
Why we need and how we use your personal information
If you do not provide the information required or do not accept the terms of this Privacy Notice, we are unlikely to be able to arrange your insurance and may not be able to provide certain services to you.
We only collect, use and store your personal information where we have lawful grounds and legitimate business reasons to do so. We do so in order to fulfil requests for quotes, products and services as part our insurance broking, claims handling and risk management business. It may also be used to verify your identity, to administer payments and to enable us to carry out anti-money laundering and other financial crime checks where required. If you pay by instalments your information may also be used to arrange credit.
The use of your data is essential for us to enable you to enter into an insurance contract and for the insurance to operate (in the event of a claim, for example). We may also use it to keep our records up to date, to notify you about changes to our service and to help us develop new products and services.
We may monitor calls, emails, text messages and other communications with you. When you contact us we may keep a record of that correspondence and any information provided to us during that or any subsequent communication.
We have a legitimate business interest in sending you marketing about our other products and services and making sure our marketing is relevant for you. We believe this processing is in your interests as well.
When we process your personal information based on legitimate interest we make sure to consider and balance any potential impact on you (both positive and negative) and your rights under the data protection laws. Our legitimate business interests do not automatically override your rights and freedoms. We will not use your personal data for activities where our interests are overridden by the impact on you. If we intend to use your data for purposes where consent is required we will only do so with your consent. If you do not wish to receive the information you can opt-out at any time using any of the methods detailed in the ‘How to contact us’ section or by clicking the ‘unsubscribe’ link in one of our marketing emails.
We will only supply your personal information to other parties where such a transfer is a necessary part of the activities that we undertake, or where you give us consent or where we are required to do so by law or regulation (e.g. where the disclosure is necessary for the purposes of the prevention and/or detection of crime).
As an intermediary we must disclose personal information to insurance companies, underwriting agencies, business partners and other parties in order to provide our products and services and to enable you to enter into insurance contracts. Examples of other parties include other insurance intermediaries, loss adjusters, regulatory bodies, legal and accountancy firms involved in the claims handling process and providers of premium payment facilities. We may also share your personal information with fraud prevention agencies such as the Claims and Underwriting Exchange Register and Motor Insurance Anti-Fraud and Theft Register. We may pass information relating to your insurance policy and any incident to the operators of these registers, their agents and suppliers.
For motor insurance we share it with the Motor Insurance Database (MID) which may be used to establish whether a driver is insured to drive a vehicle and/or for preventing or detecting crime. If you are involved in an accident in the UK or abroad, the MID may be searched to obtain relevant policy information. You can find out more at www.mib.org.uk
We may also disclose your information to service providers engaged to perform services on our behalf. Such service providers are contractually restricted from using or disclosing the information we give them except as necessary to perform those services or to comply with legal requirements.
We only share your information if we are satisfied that our partners or suppliers have sufficient measures in place to protect your information in the same way that we do.
We may also disclose personal information to new owners of our business in the event that we are subject to a merger or acquisition. Disclosure may also be made to enable company audits, regulatory inspections or to investigate a complaint, suspicion of fraud or a security threat.
We never share your information outside our organisation for marketing purposes.
You understand and accept that we may disclose the information you provide to relevant other parties for the purposes
described in this Notice.
Transfer of personal data outside the UK
Certain personal information held on our Information Technology systems may be transferred across geographical borders in accordance with applicable law.
By providing us with your information, you consent to the collection, international transfer, storage, and processing of your information. These transfers are governed by European Union (EU) standard contractual clauses or equivalent data transfer agreements to protect the security and confidentiality of personal information.
How long we keep information about you
We will keep information for as long as it is required to enable us to provide quotations, administer insurances, offer renewal and respond to any claims or complaints, which may arise after the period of insurance has expired, or otherwise as determined by law or regulation set out by the Financial Conduct Authority, the Companies Act or other legislation. Once we decide that we no longer need your information it will be securely and confidentially destroyed. This will usually be a minimum period of seven years. Any request from you to have your data erased will be processed taking into account these requirements.
Your data protection rights
You have certain legal rights under UK data protection law and regulations, summarised as follows:
- The right to be informed about our data processing activities, including through Privacy Notices such as this.
- The right of access to the personal information we hold about you. To request a copy of this information you must make a Subject Access Request in writing to us.
- The right of rectification. You may ask us to correct any inaccurate or incomplete data and we will do so within 30 days.
- The right to erasure and to restrict processing. You have the right to have your personal data erased and to prevent processing except where we have a legal or other obligation to process your personal information. You should bear in mind that by exercising this right you may hinder or prevent our ability to provide products and services.
- The right to data portability. On your request, we will provide you with your personal data in a structured format.
- The right to object. You have particular rights in relation to automated decision making and profiling to reduce the risk that a potentially damaging decision is taken without human intervention. You can object to your personal data being used for profiling, direct marketing or research purposes.If you want to invoke any of these rights please contact us using any of the methods detailed in the ‘How to contact us’
Withdrawal of consent
Where you have provided your specific consent to the use of personal data, you may withdraw that consent using any of the methods detailed in the ‘How to contact us’ section.
How to make a complaint
If you wish to make a complaint about how we hold or use your data, please contact us using any of the methods detailed in the ‘How to contact us’ section.
If you are dissatisfied with how we deal with your complaint, you may contact the Information Commissioner’s Office as follows:
The Information Commissioner
Tel: 08456 30 60 60
Information from other sources
We may use legal public sources such as the electoral roll and other third party sources such as credit reference agencies to obtain information about you, for example to verify your identity or check your credit history.
We also obtain information about you from credit reference agencies and similar third parties. Some personal information may be provided to us by third parties such as insurance companies, other insurance intermediaries and motor vehicle licensing authorities. In some cases you will have previously submitted your personal information to them and given them approval to pass this information on for certain purposes.
Such information will only be obtained from reputable sources which operate in accordance with the General Data Protection Regulation.
We and/or other parties may use your information for purposes such as statistical and trend research and analysis which may include computerised processes which profile you. Automatic profiling helps us understand, predict and forecast customer preferences and to improve the products and services we offer and to assess which products might be most suitable for you.