Privacy Policy
Contents
- Background and Purpose………………………………………………………………………………………………….1
- Policy Statement…………………………………………………………………………………………………………………….1
- Roles and Responsibilities……………………………………………………………………………………………….2
3.1. All Employees ……………………………………………………………………………………………………………………….2
3.2. Managers ……………………………………………………………………………………………………………………………….2
3.3. Senior Managers………………………………………………………………………………………………………………..2
1. Background and Purpose
The purpose of this document is to inform data subjects how and why their personal data will be used during the processing of their insurance policy.
The policy sets out the firm’s responsibilities under the General Data Protection Regulation (GDPR), UK Data Protection Act 2018 and the ICO’s Guidance.
In order to comply with the General Data Protection Regulation (GDPR), it is necessary to provide detailed and accurate information about all aspects of the firm’s data processing for data subjects – in practice; this will require the firm to conduct a review / audit of its processing to capture all of the relevant information needed to tailor the policy.
2. Policy Statement
We will ensure that we:
- tell individuals the ways we collect information from and about them, and what we do with the information, so that they can decide whether or not to provide information to us.
Our Customer Privacy Policy Statement includes this information, and explains that by accessing our website, or purchasing our products or services they agree to our Customer Privacy Policy Statement in addition to any other agreements we might have with them. Our Customer Privacy Policy Statement does not govern the practices of entities that our Company does not own or control, or entities that do not own or control our company or people that our Company does not employ or manage.
We will review the policy at lease annually and updated to reflect any significant changes in how personal data is processed.
3. Roles and Responsibilities
3.1. All Employees
It is the responsibility of all employees to:
- be aware of the compliance requirements with the relevant data protection laws;
- ensure customers are provided with details of the policy and that a copy is provided with sales documentation for all new business and renewals;
- ensure all compulsory training is completed and kept up to date.
3.2. Managers
Managers will:
- be aware of the compliance requirements with the relevant data protection laws;
- monitor staff to ensure that the policy is provided to customers within sales documentation for all new business and renewals;
- ensure all staff training is kept up to date on data protection requirements, inclusive of cookies knowledge.
3.3. Senior Managers
Senior Managers will be responsible for:
- the implementation of the policy within the firm;
- the annual review of the policy and to update this following any changes to internal procedures or regulatory requirements;
- the ongoing monitoring against the requirements of this policy as part of the firm’s data protection risk assessment;
- ensuring that all employees are able to demonstrate compliance with the relevant data protection laws.