Our Privacy Policy

We want to ensure your privacy is protected. Our Privacy Policy sets out details of the information that we may collect from you and how we might use that information. Please read this Policy carefully. When using our website, our Privacy Policy should be read alongside our website terms and conditions.

About Peliwica

Our Privacy Policy any references to "we" or "us" or "Peliwica" are to Peliwica Limited. We are a National insurance intermediary based in the U.K and are Regulated by the Financial Conduct Authority.

In order to provide our services, we will collect and use data about individuals. This means that we are a 'data controller' and we are responsible for complying with data protection laws.

We have appointed a data protection officer to oversee our handling of personal information. If you have any questions about how we collect, store or use your personal information, you may contact our Data Protection Officer by emailing us at [email protected] .

About the insurance market

The personal information that we collect and process will be shared with other participants in the insurance market, some of which you will not have direct contact with. You can identify relevant data controllers through the insurance market in the following ways:

  • Where you took out the insurance policy yourself: Peliwica will be the initial data controller, our insurers will also be a data controller, our Data Protection Officer can advise you of the identities of other insurance market participants that have been provided with your personal data.
  • Where another organisation took out the policy for your benefit: You will need to contact the organisation that took out the policy who should provide you with details of intermediaries such as Peliwica that they provided your personal data to. Peliwica's Data Protection Officer can advise you of the identities of other insurance market participants that have been provided with your personal data.
  • Where you are not a policyholder or an insured party: you should contact the organisation that collected your personal data who should provide you with details of the relevant data protection contact.

Our processing of your personal information

The personal information that we collect will depend on our relationship with you. Please see the section below that best describes your relationship with us. 

Sometimes we will ask for or obtain special categories of information (information relating to your health, genetic or biometric data, criminal convictions, sex life, sexual orientation, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership) because it is relevant to your insurance policy or claim (for example, health information which relates to an accident policy) or information regarding criminal convictions for the purposes of preventing, detecting and investigating fraud.

If you provide personal information to us about other people you must provide them with a copy of this Privacy Policy and obtain any consent where we indicate that it is required for the processing of that person's information in accordance with this Privacy Policy.

3.1 Prospective customers or parties covered under an insurance policy we will be placing

This section will detail what personal information we collect about you and use if you are a prospective customer and have submitted your personal information so that we can provide you with a quote for the placing of an insurance policy or if you are a party and would be covered under an insurance policy we will be placing

3.1.1. What personal information will we collect?

  • General information such as your name, date of birth, gender, relationship to the customer (where are you not the prospective policyholder), identification information such as national insurance number, passport number or driving licence number
  • Contact details including address, telephone number and email address
  • Information about your job including job title, business description, education, employment history and professional certifications
  • Information relating to the advice that you request or the services that we are providing. 
  • Information obtained when we carry out checks of sanction lists
  • Information obtained through our use of cookies. Please see our cookies policy here for more information
  • Information captured during recordings of our telephone calls
  • Your marketing preferences

3.1.2. What special categories of information will we collect?

  • Details of your current or former physical or mental health
  • Information relating to criminal sanctions (including offences and alleged offences and any caution, court sentence or criminal conviction). We may receive this information as a result of carrying out checks of sanctions lists
  • Information relating to any professional disciplinary action that you are or have been the subject of
  • Your political opinions, religious or philosophical beliefs or trade union membership

3.1.3. How will we collect your personal information?

  • We will obtain your personal information directly from you or from someone else on your behalf in a number of ways including where it is submitted in application forms, initial disclosure documents and more generally during any forms of communication such as email and telephone
  • From other third parties who might introduce customers to us such as another broker and insurers
  • Via publically available sources such as internet search engines and social media sites
  • Through customer satisfaction surveys and market research
  • From credit reference agencies
  • Via insurance industry fraud prevention and detection databases and sanctions screening tools
  • From government agencies such as the DVLA or HMRC and from professional regulators

3.1.4. What will we use your personal information for?

We may process your information for a number of different purposes. For each purpose we must have a legal ground for such processing and we will rely on the following legal grounds:

  • We need to use your personal information to enter into or perform our contract with you, for example, in order to fulfil our obligations under our contract and place appropriate insurance cover, we need to use your personal information to provide you with a quote and determine market placement.
  • We have a genuine business need to use your personal information such as maintaining our business records and keeping records of insurance policies we place and analysing and improving our business model and services. When using your personal information for these purposes, we have considered your rights and ensured that our business need does not cause you harm
  • We have a legal or regulatory obligation to use your personal information. For example, our regulators impose certain record-keeping rules which we must adhere to

When the information that we process is classed as a special category of information, we must have one of the following additional legal grounds for such processing:

  • It is necessary for an insurance purpose and it is in the substantial public interest. This will apply where we are advising or arranging an insurance policy, assisting with any claims under a policy, and undertaking any activities to prevent and detect fraud.
  • Where the use of your special categories of information is necessary to establish, exercise or defend our legal rights, for example legal proceedings are being brought against us or we want to bring a legal claim ourselves.

Please see below for further details of the different ways we use your personal information and the legal grounds we rely on when doing so.

Purpose for processing Legal grounds for using your personal information Legal grounds for using your special categories of information
To evaluate your insurance needs and risk appetite and obtain quotes for you
  • It is necessary to enter into/perform our contract
  • We have a genuine business need (to determine market placement and place insurance cover for you that is in line with your insurance needs)
  • It is necessary for an insurance purpose
To set you up as a customer including carrying out fraud, credit and anti-money laundering checks
  • It is necessary to enter into/perform our contract
  • We have a genuine business need (to carry out appropriate credit checks and fraud checks)
  • We have a legal or regulatory obligation
  • The prevention and detection of fraud is in the substantial public interest
  • It is necessary for an insurance purpose
  • It is necessary to establish, exercise or defend our legal rights
Communicating with you and responding to any enquiries you have
  • It is necessary to enter into/perform our contract
  • We have a genuine business need (to respond to our prospective customers and keep them updated on any future placing of insurance cover)
  • It is necessary for an insurance purpose
  • It is necessary to establish, exercise or defend our legal rights
Complying with our legal or regulatory obligations (such as our requirements to report to the FCA)
  • We have a legal or regulatory obligation
  • It is necessary to establish, exercise or defend our legal rights
  • It is necessary for an insurance purpose
Providing improved quality, training and security (for example, with respect to recorded or monitored phone calls to our contact numbers)
  • We have a genuine business need (to continually improve our services)
  • It is necessary for an insurance purpose
Managing our business operations such as maintaining accounting records, analysing financial results, complying with internal audit requirements and receiving professional advice (e.g. tax or legal advice)
  • We have a genuine business need (to carry out business operations and activities that are necessary for the everyday running of a business)
 
Monitoring applications, reviewing, assessing, tailoring and improving our products and services and similar products and services offered by Peliwica
  • We have a genuine business need (to market our services)
 

3.1.5. Who will we share your personal information with?

From time to time, we may share your personal information with partner companies or with the following third parties for the purposes set out above:

  • our insurance partners such as other insurance intermediaries, insurers, reinsurers or other companies who act as insurance distributors
  • other brokers who act directly for you and who have approached us to facilitate the placement of an insurance policy for you
  • other third parties who assist in the administration of insurance policies such as accountants, auditors, lawyers and other experts
  • fraud detection agencies and other third parties who operate and maintain fraud detection registers
  • our regulators
  • the police and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime
  • other insurers who provide our own insurance
  • industry bodies
  • debt collection agencies
  • credit reference agencies
  • our third party services providers such as IT suppliers, finance and payment providers, actuaries, auditors, lawyers, marketing agencies, document management providers, tax advisers and insurance software providers
  • selected third parties in connection with the sale, transfer or disposal of our business

If you would like further information regarding the disclosures of your personal information, please email [email protected]

3.2 Customers or parties covered under an insurance policy we place

This section will detail what personal information we collect about you and use if you are a customer or an individual covered by an insurance policy we have placed.

3.2.1. What personal information will we collect?

  • General information such as your name, date of birth, gender, relationship to the customer (where are you not the prospective policyholder), identification information such as national insurance number, passport number or driving license number
  • Contact details including address, telephone number and email address
  • Information about your job including job title, business description, education, employment history and professional certifications
  • Information relating to the advice that you request or the services that we are providing. For example, we might need information relating to your previous insurance policies and claims history
  • Information which is relevant to the insurance policy we have placed or any claims made under it. For example where we have placed property insurance for you, we will hold information about your property and the individuals living there
  • Information obtained from requests for mid-term adjustments which may reveal changes in your personal circumstances which are relevant to the insurance policy we placed
  • Financial information such as your financial history and needs, income, bank details, payment details and information obtained as a result of our credit checks
  • Financial information obtained if you request cancellation of your insurance policy and any information relating to the cancellation
  • Information obtained when we carry out checks of sanction lists
  • • Information obtained through our use of cookies. Please see our cookies policy here for more information
  • Information captured during recordings of our telephone calls
  • Your marketing preferences

3.2.2. What special categories of information will we collect?

  • Details of your current or former physical or mental health – for example details about a medical claim you made under a previous travel policy when you provide details of your claims history or details about your current health because it is relevant to the insurance policy you want Peliwica to place
  • Information relating to criminal sanctions (including offences and alleged offences and any caution, court sentence or criminal conviction). We may receive this information as a result of carrying out checks of sanctions lists
  • Information relating to any professional disciplinary action that you are or have been the subject of
  • Any other special categories of information you offer up when communicating with us. We will only process such information to the extent necessary in connection with the insurance policy or where in connection with legal proceedings. Any further processing will only be with your explicit consent.

3.2.3. How will we collect your personal information?

  • We will obtain your personal information directly from you or from someone else on your behalf in a number of ways including where it is submitted in application forms, initial disclosure documents, proposal forms, renewal terms, requests for mid-term adjustments, when you require assistance in making a claim, and more generally during any forms of communication such as email and telephone.
  • From other third parties who might introduce customers to us such as another broker and insurers
  • From other brokers who act directly for you and who have approached us to facilitate the placement of an insurance policy for you
  • From other third parties involved in the relevant insurance policy or claim such as claimants, witnesses to an incident, loss adjusters, claims handlers and medical experts
  • Via publicly available sources such as internet search engines and social media sites
  • Through customer satisfaction surveys and market research
  • From credit reference agencies
  • Via insurance industry fraud prevention and detection databases and sanctions screening tools
  • From government agencies such as the DVLA or HMRC and from professional regulators

3.2.4. What will we use your personal information for?

We may process your information for a number of different purposes. For each purpose we must have a legal ground for such processing and we will rely on the following legal grounds:

  • We need to use your personal information to enter into or perform our contract with you. For example, in order to fulfill our obligations under our contract and place appropriate insurance cover, we need to use your personal information to provide you with appropriate insurance cover according to your needs.
  • We have a genuine business need to use your personal information such as maintaining our business records and keeping records of insurance policies we place and analysing and improving our business model and services. When using your personal information for these purposes, we have considered your rights and ensured that our business need does not cause you harm
  • We have a legal or regulatory obligation to use your personal information. For example, our regulators impose certain record-keeping rules which we must adhere to

When the information that we process is classed as a special category of information, we must have one of the following additional legal grounds for such processing:

  • It is necessary for an insurance purpose and it is in the substantial public interest. This will apply where we are advising or arranging an insurance policy, assisting with any claims under a policy, and undertaking any activities to prevent and detect fraud.
  • You have provided your consent. There may be some circumstances that without your consent to use your special categories of information we would be unable to arrange your insurance cover. We will notify you when this will be applicable and why your consent is necessary
  • Where the use of your special categories of information is necessary to establish, exercise or defend our legal rights, for example legal proceedings have been brought against us or we want to bring a legal claim ourselves.

Please see below for further details of the different ways we use your personal information and the legal grounds we rely on when doing so.

Purpose for processing Legal grounds for using your personal information Legal grounds for using your special categories of information
To evaluate your insurance needs and risk appetite and obtain quotes for you
  • It is necessary to enter into/perform our contract
  • We have a genuine business need (to determine market placement and place insurance cover for you that is in line with your insurance needs)
  • It is necessary for an insurance purpose
To arrange appropriate insurance cover and provide policy documentation
  • It is necessary to enter into/perform our contract
  • We have a genuine need (to ensure that you have the appropriate policy documentation)
  • It is necessary for an insurance purpose
To assist in any claims made under an insurance policy we have placed
  • It is necessary to enter into/perform our contract
  • We have a genuine business need (to assist customers in any claims they have)
  • It is necessary for an insurance purpose
To assist with any renewals, mid-term adjustments of your insurance policy or cancellations
  • It is necessary to enter into/perform our contract
  • We have a genuine business need (to provide you with appropriate broking services where you request a renewal, mid-term adjustment or cancellation of the insurance policy we have placed)
  • It is necessary for an insurance purpose
To set you up as a customer including carrying out fraud, credit and anti-money laundering checks
  • It is necessary to enter into/perform our contract
  • We have a genuine business need (to carry out appropriate credit checks and fraud checks)
  • We have a legal or regulatory obligation
  • The prevention and detection of fraud is in the substantial public interest.
  • It is necessary for an insurance purpose.
  • It is necessary to establish, exercise or defend our legal rights.
Communicating with you and responding to any enquiries you have
  • It is necessary to enter into/perform our contract
  • We have a genuine business need (to generally respond to our customers)
  • It is necessary for an insurance purpose
  • It is necessary to establish, exercise or defend our legal rights
Complying with our legal or regulatory obligations (such as our requirements to report to the FCA)
  • We have a legal or regulatory obligation
  • It is necessary to establish, exercise or defend our legal rights
  • It is necessary for an insurance purpose.
Prevention and detection of and investigating and prosecuting fraud. This might include sharing your personal information with third parties such as the police, and other insurance and financial services providers.
  • It is necessary to enter into/perform our contract
  • We have a genuine business need (to ensure that we take all necessary precautions to prevent fraud)
  • The prevention and detection of fraud is in the substantial public interest.
  • It is necessary for an insurance purpose.
  • It is necessary to establish, exercise or defend our legal rights.
Providing improved quality, training and security (for example, with respect to recorded or monitored phone calls to our contact numbers)
  • We have a genuine business need (to continually improve our services)
  • It is necessary for an insurance purpose.
Managing our business operations such as maintaining accounting records, analysing financial results, complying with internal audit requirements and receiving professional advice (e.g. tax or legal advice)
  • We have a genuine business need (to carry out business operations and activities that are necessary for the everyday running of a business)
 
Monitoring applications, reviewing, assessing, tailoring and improving our products and services and similar products and services offered by Pen
  • We have a genuine business need (to market out services)
 
Tracing and recovering debt
  • We have a genuine business (to trace and receive any debt which is owed to us)
  • It is necessary to establish, exercise or defend our legal rights
To apply for and claim on our own insurance
  • We have a genuine business need (to have our own insurance)
  • We have your explicit consent
  • It is necessary to establish, exercise or defend our legal rights

3.2.5. Who will we share your personal information with?

From time to time, we may share your personal information with Partner companies or with the following third parties for the purposes set out above:

  • our insurance partners such as other insurance intermediaries, insurers, reinsurers or other companies who act as insurance distributors
  • other brokers who act directly for you and who have approached us to facilitate the placement of an insurance policy for you
  • other third parties who assist in the administration of insurance policies such as accountants, auditors, lawyers and other experts
  • fraud detection agencies and other third parties who operate and maintain fraud detection registers
  • investigative firms we ask to look into claims on our behalf in relation to suspected fraud
  • our regulators
  • the police and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime
  • other insurers who provide our own insurance
  • industry bodies
  • debt collection agencies
  • credit reference agencies
  • our third party services providers such as IT suppliers, finance and payment providers, actuaries, auditors, lawyers, marketing agencies, document management providers, tax advisers and insurance software providers
  • selected third parties in connection with the sale, transfer or disposal of our business

If you would like further information regarding the disclosures of your personal information, please email [email protected] 

3.3 Third party claimant

This section will detail what personal information we and our Claims Management Comany will collect about you and use if you have made a claim against a customer for whom we have placed insurance cover.

3.3.1. What personal information will we collect?

  • General information such as your name, date of birth, gender, relationship to the customer (where are you not the prospective policyholder), identification information such as national insurance number, passport number or driving licence number
  • Contact details including address, telephone number and email address
  • If relevant to your claim, we may collect the following information about you:
    • information about your job including job title, business description, education, employment history and professional certifications
    • your financial information such as your financial history and needs, income, bank details, payment details and information obtained as a result of our credit checks
  • Information obtained when we carry out checks of sanction lists
  • Information obtained through our use of cookies. Please see our cookies policy for more information
  • Information captured during recordings of our telephone calls

3.3.2. What special categories of information will we collect?

  • Details of your current or former physical or mental health if it is relevant to your claim – for example where you have been injured in a motor accident and the driver is insured under a policy we placed
  • Information relating to criminal sanctions (including offences and alleged offences and any caution, court sentence or criminal conviction). We may receive this information if it is relevant to your claim or as a result of carrying out sanctions lists
  • We may also collect information because it is relevant to your claim, which reveals or is likely to reveal your race or ethnicity, religious or philosophical beliefs; political opinions; trade union membership; or data concerning your sex life or sexual orientation, for example where we seek to validate or investigate a claim we may receive files containing any of the above information. We may also need to collect this information to assess the value of your claim
  • Any other special categories of information you offer up when communicating with us about your claim. We will only process such information to the extent necessary in connection with your claim or where in connection with legal proceedings. Any further processing will only be with your explicit consent.

3.3.3. How will we collect your personal information?

  • Directly from you
  • From our customer who is the policyholder
  • From other third parties involved in the insurance process such as another broker and insurers
  • From other third parties involved in the relevant insurance policy or claim such as other claimants, witnesses to an incident, loss adjusters, claims handlers and medical experts
  • Via publically available sources such as internet search engines and social media sites
  • Via insurance industry fraud prevention and detection databases and sanctions screening tools
  • From government agencies such as the DVLA or HMRC and from professional regulators

3.3.4. What will we use your personal information for?

We may process your information for a number of different purposes. For each purpose we must have a legal ground for such processing and we will rely on the following legal grounds:

  • We have a genuine business need to use your personal information such as maintaining our business records, keeping records of insurance policies we place and claims made under such policies and analysing and improving our business model and services. When using your personal information for these purposes, we have considered your rights and ensured that our business need does not cause you harm.
  • We have a legal or regulatory obligation to use your personal information. For example, our regulators impose certain record-keeping rules which we must adhere to.

When the information that we process is classed as a special category of information, we must have one of the following additional legal grounds for such processing:

  • It is necessary for an insurance purpose and it is in the substantial public interest. This will apply where we are assisting with any claims under a policy, and undertaking activities to prevent and detect fraud.
  • Where the use of your special categories of information is necessary to establish, exercise or defend our legal rights, for example legal proceedings are being brought against us or we want to bring a legal claim ourselves.

Please see below for further details of the different ways we use your personal information and the legal grounds we rely on when doing so.

Purpose for processing Legal grounds for using your personal information Legal grounds for using your special categories of information
To assist in any claims made under an insurance policy we placed
  • We have a genuine business need (to assist in any claims which have been made under an insurance policy we placed)
  • It is necessary for an insurance purpose
Complying with our legal or regulatory obligations (such as our requirements to report to the FCA)
  • We have a legal or regulatory obligation.
  • It is necessary to establish, exercise or defend our legal rights
  • It is necessary for an insurance purpose
Prevention and detection of and investigating and prosecuting fraud. This might include sharing your personal information with third parties such as the police, and other insurance and financial services providers.
  • We have a genuine business need (to ensure that we take all necessary precautions to prevent fraud)
  • The prevention and detection of fraud is in the substantial public interest
  • It is necessary for an insurance purpose
  • It is necessary to establish, exercise or defend our legal rights
Providing improved quality, training and security (for example, with respect to recorded or monitored phone calls to our contact numbers)
  • We have a genuine business need (to continually improve our services)
  • It is necessary for an insurance purpose
Managing our business operations such as maintaining accounting records, analysing financial results, complying with internal audit requirements and receiving professional advice (e.g. tax or legal advice)
  • We have a genuine business need (to carry out business operations and activities that are necessary for the everyday running of a business)
 

3.3.5. Who will we share your personal information with?

From time to time, we may share your personal information with Partner companies or with the following third parties for the purposes set out above:

  • our insurance partners such as other insurance intermediaries, insurers, reinsurers or other companies who act as insurance distributors
  • other brokers who act directly for you and who have approached us to facilitate the placement of an insurance policy for you
  • other third parties who assist in the administration of insurance policies such as loss adjusters, claims handlers, accountants, auditors, lawyers and other experts
  • fraud detection agencies and other third parties who operate and maintain fraud detection registers
  • investigative firms we ask to look into claims on our behalf in relation to suspected fraud
  • our regulators
  • the police and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime
  • other insurers who provide our own insurance
  • industry bodies
  • debt collection agencies
  • credit reference agencies
  • our third party services providers such as IT suppliers, finance and payment providers, actuaries, auditors, lawyers, marketing agencies, document management providers, tax advisers and insurance software providers
  • selected third parties in connection with the sale, transfer or disposal of our business

If you would like further information regarding the disclosures of your personal information, please email [email protected] 

Experts instructed in relation to claims

This section will detail what personal information we collect about you and use if you are an expert instructed in relation to a claim which has been made under an insurance policy we placed.

3.4.1. What personal information will we collect?

  • General information such as your name, identification information such as national insurance number, passport number or driving licence number
  • Contact details including address, telephone number and email address
  • Information about your job including job title, business description, education, employment history and professional certifications

3.4.2. How will we collect your personal information?

  • Directly from you
  • From other third parties involved in the insurance process and claims process such as another broker and insurers
  • Via publically available sources such as internet search engines and social media sites

3.4.3. What will we use your personal information for?

We may process your information for a number of different purposes. For each purpose we must have a legal ground for such processing and we will rely on the following legal grounds:

  • We have a genuine business need to use your personal information such as maintaining our business records and keeping records of insurance policies we place and business entities we interact with and analysing and improving our business model and services. When using your personal information for these purposes, we have considered your rights and ensured that our business need does not cause you harm.
  • We have a legal or regulatory obligation to use your personal information.

Please click below for further details of the different ways we use your personal information and the legal grounds we rely on when doing so.

Purpose for processing Legal grounds for using your personal information Legal grounds for using your special categories of information
To assist in any claims made under an insurance policy we have placed
  • It is necessary to enter into/perform our contract
  • We have a genuine business need (to assist customers in any claims they have)
 
Managing our business operations such as maintaining accounting records, analysing of financial results, complying with internal audit requirements and receiving professional advice (e.g. tax or legal advice)
  • We have a genuine business need (to carry out business operations and activities that are necessary for the everyday running of a business)
 

3.4.4. Who will we share your personal information with?

From time to time, we may share your personal information with Partner companies or with the following third parties for the purposes set out above:

  • our insurance partners such as other insurance intermediaries, insurers, reinsurers or other companies who act as insurance distributors
  • other third parties who assist in the administration of claims such as loss adjusters, claims handlers, accountants, auditors, lawyers and other experts
  • investigative firms we ask to look into claims on our behalf in relation to suspected fraud
  • our regulators
  • our third party services providers such as IT suppliers, finance and payment providers, actuaries, auditors, lawyers, marketing agencies, document management providers, tax advisers and insurance software providers

If you would like further information regarding the disclosures of your personal information, please email [email protected] 

3.5 Witnesses to an accident

This section will detail what personal information we collect about you and use if you are a witness to an incident which is the subject of a claim made under an insurance policy we have placed.

3.5.1. What personal information will we collect?

  • General information such as your name, date of birth, gender and occupation
  • Contact details including address, telephone number and email address
  • Information which is relevant to the incident you witnessed

3.5.2. What special categories of information will we collect?

  • Special categories of information will only be collected where it is relevant to an incident, for example a particular health condition that is of relevance to your statement

3.5.3. How will we collect your personal information?

  • Directly from you
  • From our customer who is the policyholder
  • From other third parties involved in the claims process such as another broker and insurers
  • From other third parties involved in the relevant claim such as claimants, other witnesses, loss adjusters, claims handlers and medical experts
  • Via publically available sources such as internet search engines and social media sites

3.5.4. What will we use your personal information for?

We may process your information for a number of different purposes. For each purpose we must have a legal ground for such processing and we will rely on the following legal grounds:

  • We have a genuine business need to use your personal information such as maintaining our business records and keeping records claims made under insurance policies we have arranged and analysing and improving our business model and services. When using your personal information for these purposes, we have considered your rights and ensured that our business need does not cause you harm.
  • We have a legal or regulatory obligation to use your personal information. For example, our regulators impose certain record-keeping rules which we must adhere to.

When the information that we process is classed as a special category of information, we must have one of the following additional legal grounds for such processing:

  • It is necessary for an insurance purpose and it is in the substantial public interest. This will apply where we are assisting with any claims under a policy, and undertaking any activities to prevent and detect fraud.
  • You have provided your consent.
  • Where the use of your special categories of information is necessary to establish, exercise or defend our legal rights, for example legal proceedings have been brought against us or we want to bring a legal claim ourselves.

Please see below for further details of the different ways we use your personal information and the legal grounds we rely on when doing so.

Purpose for processing Legal grounds for using your personal information Legal grounds for using your special categories of information
To assist in any claims made under an insurance policy we placed
  • We have a genuine business need (to assist in any claims made under an insurance policy we have arranged)
  • It is necessary for an insurance purpose
  • We have your explicit consent and where we have notified you, we will need this consent before we can assist with any claims you have
Complying with our legal or regulatory obligations (such as our requirements to report to the FCA)
  • We have a legal or regulatory obligation
  • It is necessary to establish, exercise or defend our legal rights
  • It is necessary for an insurance purpose
Prevention and detection of and investigating and prosecuting fraud. This might include sharing your personal information with third parties such as the police, and other insurance and financial services providers.
  • We have a genuine business need (to ensure that we take all necessary precautions to prevent fraud)
  • The prevention and detection of fraud is in the substantial public interest.
  • It is necessary for an insurance purpose
  • It is necessary to establish, exercise or defend our legal rights
Managing our business operations such as maintaining accounting records, analysing of financial results, complying with internal audit requirements and receiving professional advice (e.g. tax or legal advice)
  • We have a genuine business need (to carry out business operations and activities that are necessary for the everyday running of a business)
 

3.5.5. Who will we share your personal information with?

From time to time, we may share your personal information with Partner companies or with the following third parties for the purposes set out above:

  • our insurance partners such as other insurance intermediaries, insurers, reinsurers or other companies who act as insurance distributors
  • other third parties who assist in the administration of insurance policies and claims such as loss adjusters, claims handlers, accountants, auditors, lawyers and other experts
  • fraud detection agencies and other third parties who operate and maintain fraud detection registers
  • investigative firms we ask to look into claims on our behalf in relation to suspected fraud
  • our regulators
  • the police and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime
  • other insurers who provide our own insurance
  • industry bodies
  • debt collection agencies
  • our third party services providers such as IT suppliers, finance and payment providers, actuaries, auditors, lawyers, marketing agencies, document management providers, tax advisers and insurance software providers
  • selected third parties in connection with the sale, transfer or disposal of our business

If you would like further information regarding the disclosures of your personal information, please email [email protected].

Brokers, insurers and reinsurers 

This section will detail what personal information we collect about you and use if you are a wholesale broker, third party producing broker, an appointed representative, an insurer or reinsurer.

3.6.1. What personal information will we collect?

  • General information such as your name, identification information such as national insurance number, passport number or driving licence number
  • Contact details including address, telephone number and email address
  • Information about your job including job title, business description, education, employment history and professional certifications
  • Information obtained when we carry out checks of sanction lists
  • Information obtained as a result of carrying out due diligence
  • Any information we record about your preferences when doing business with us

3.6.2. What special categories of information will we collect?

  • Information relating to criminal sanctions (including offences and alleged offences and any caution, court sentence or criminal conviction). We may receive this information as a result of carrying out checks of sanctions lists
  • Any information we record that is relevant to you doing business with us

3.6.3. How will we collect your personal information?

  • Directly from you
  • From other third parties involved in the insurance process such as another broker and insurers
  • Via publically available sources such as internet search engines and social media sites
  • Via insurance industry fraud prevention and detection databases and sanctions screening tools

3.6.4. What will we use your personal information for?

We may process your information for a number of different purposes. For each purpose we must have a legal ground for such processing and we will rely on the following legal grounds:

  • We need to use your personal information to enter into or perform our contract with you.
  • We have a genuine business need to use your personal information such as maintaining our business records and keeping records of insurance policies we place and analysing and improving our business model and services. When using your personal information for these purposes, we have considered your rights and ensured that our business need does not cause you harm
  • We have a legal or regulatory obligation to use your personal information.

When the information that we process is classed as a special category of information, we must have one of the following additional legal grounds for such processing:

  • It is necessary for an insurance purpose and it is in the substantial public interest. This will apply where we undertake activities to prevent and detect fraud.
  • You have provided your consent.
  • Where the use of your special categories of information is necessary to establish, exercise or defend our legal rights, for example legal proceedings are being brought against us or we want to bring a legal claim ourselves.

Please see below for further details of the different ways we use your personal information and the legal grounds we rely on when doing so.

Purpose for processing Legal grounds for using your personal information Legal grounds for using your special categories of information
To enter into business relationships which facilitate and enable us to place insurance policies for our customers
  • It is necessary to enter into/perform our contract
  • We have a genuine business need (to enter into arrangements with other insurance partners so that we can provide services to our customers)
  • It is necessary for an insurance purpose
To carrying out fraud and anti-money laundering checks
  • It is necessary to enter into/perform our contract
  • We have a genuine business need (to ensure that we take all necessary precautions to prevent fraud)
  • The prevention and detection of fraud is in the substantial public interest.
  • It is necessary to establish, exercise or defend our legal rights.
Managing our business operations such as maintaining accounting records, analysing of financial results, complying with internal audit requirements and receiving professional advice (e.g. tax or legal advice)
  • We have a genuine business need (to carry out business operations and activities that are necessary for the everyday running of a business)
 
To apply for and claim on our own insurance.
  • We have a genuine business need (to have our own insurance)
  • We have your explicit consent
  • It is necessary to establish, exercise or defend our legal rights

3.6.5. Who will we share your personal information with?

From time to time, we may share your personal information with companies in the Arthur J. Gallagher group or with the following third parties for the purposes set out above:

  • our insurance partners such as other insurance intermediaries, insurers, reinsurers or other companies who act as insurance distributors
  • other third parties who assist in the administration of insurance policies and claims such as loss adjusters, claims handlers, accountants, auditors, lawyers and other experts
  • fraud detection agencies and other third parties who operate and maintain fraud detection registers
  • our regulators
  • the police and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime
  • other insurers who provide our own insurance
  • industry bodies
  • our third party services providers such as IT suppliers, finance and payment providers, actuaries, auditors, lawyers, marketing agencies, document management providers, tax advisers and insurance software providers
  • selected third parties in connection with the sale, transfer or disposal of our business

If you would like further information regarding the disclosures of your personal information, please email [email protected]

Users of our website

This section will detail what personal information we collect about you and use if you access our website

3.7.1. What personal information will we collect?

  • General information collected via the website such as your name
  • Contact details including telephone number and email address
  • Your marketing preferences
  • Information obtained through our use of cookies. Please see our cookies policy for more information

3.7.2. How will we collect your personal information?

  • Directly from our website you use

3.7.3. What will we use your personal information for?

We may process your information for a number of different purposes. For each purpose we must have a legal ground for such processing and we will rely on the following legal grounds:

  • We have a genuine business need to use your personal information such as maintaining our business records, monitoring usage of our website and marketing our services and improving our business model and services. When using your personal information for these purposes, we have considered your rights and ensured that our business need does not cause you harm.
  • We have a legal or regulatory obligation to use your personal information. For example, our regulators impose certain record-keeping rules which we must adhere to.

Please see below for further details of the different ways we use your personal information and the legal grounds we rely on when doing so.

Purpose for processing Legal grounds for using your personal information Legal grounds for using your special categories of information
Communicating with you and responding to any enquiries you have
  • We have a genuine business need (to respond to any enquiries)
 
Monitoring usage of any of the various Pen websites
  • We have a genuine business need (to assess usage of our website
 

What marketing activities do we carry out?

If you have provided your consent for marketing, we may from time to time provide you with information about our products or services or those of our partners.

We will send you marketing communications where we think you will be interested in receiving them. An "unsubscribe" link appears in all our marketing emails. To unsubscribe from emails sent by us, simply click on the link at any time. 

How long do we keep personal information for?

We will only store your personal information for as long as reasonably necessary to fulfil the purposes set out in this Privacy Policy and to comply with our regulatory and/ or legal obligations.

We have a detailed retention policy in place which governs how long we will hold different types of information for. The exact time period will depend on the purpose for which we collected that information, for example:

Purpose Retention period
Providing a quote 15 months from date of collection
Providing or administering an insurance policy Depending on the type of policy this would be between 10 and 40 years from date of policy inception
Handling a claim 6 years from first date of claim notification
Dealing with a complaint 5 years from first date of complaint notification

Automated processing

Where a decision is necessary in relation to your insurance policy sometimes we may make decisions using automated means. The automated process will consider the information that you provide us (for example, details of the property that you wish to insure), as well as other information such as postcode and local crime rate, to determine whether your application for insurance can be accepted and the premium price. Where we make automated decisions about you may request that decision is reviewed by an individual decision-maker.

Your rights

Under data protection law you have the right to make certain requests in relation to the personal information that we hold about you. We will not usually make a charge for dealing with these requests. If you wish to exercise these rights at any time please email [email protected].

There may be cases where we may not be able to comply with your request (such as where this would conflict with our obligation to comply with other regulatory and/ or legal requirements). However, if we can't comply with your request, we will tell you the reason, and we will always respond to any request you make.

There may also be circumstances where exercising some of these rights (such as the right to erasure, the right to restriction of processing and the right to withdraw consent) will mean your insurance can no longer be provided and it may therefore result in cancellation of your policy. You will therefore lose the right to bring any claim or receive any benefit, including in relation to any event that occurred before you exercised your right of erasure, if our ability to handle the claim has been prejudiced. Your policy terms and conditions set out what will happen in the event your policy is cancelled.

Your rights include:

The right to access your personal information

You are entitled to a copy of the personal information we hold about you and certain details of how we use it.

We will usually provide you with your information in writing, unless you request otherwise, or where you have made the request using electronic means, in which