General Data Privacy Notice

Legal framework for protecting your personal data

This data privacy notice is written to comply with the European Union General data Protection Regulation (GDPR) which comes into force on the 25th May 2018 and gives control to citizens and residents over their personal data.

Who Are We?

This is the privacy notice and data policy for Blackford & Company Insurance Brokers Ltd including the trading name of ManxCover. We are the ‘data Controller’ of the information you provide us with. This term is a legal phrase used to describe the person or entity that controls the way information is used and processed. We are registered under the Data Protection Act with the information commissioner's Office in the Isle of Man. Our notification number is N00142.

Data Protection Officer is Robin Blackford, Contact number: 01624 832042, Email address: [email protected], he can be contacted at our Registered Office: The Old Bank, 19 Station Road, Port Erin, Isle of Man IM9 6AE

General Data Protection Regulation (GDPR)

The Board of Blackford & Company Insurance Brokers Ltd has considered and adopted the following procedure across the Company and trading names. The responsibility of updating the Board on developments within GDPR rests with the Data Protection Officer.

Note, this procedure replaces any previous versions.

Blackford & Company Insurance Brokers Ltd officers and staff will treat all information received from clients and third parties in accordance with The GDPR Regulations.

What Personal Data Do We Collect:

We collect the following data, if you have agreed:

  • Name, address, telephone numbers, email address's in order to communicate with you.
  • Date of birth, gender, nationality, employment details, banking details.
  • Insurance requirement details, including claims and conviction details.
  • Details about the items and persons you wish to be insured and any other data required for the provision of your required insurance product.

We collect data for the purposes of:

  • Providing Insurance quotations.
  • Underwriting insurance policies.
  • Managing insurance policies.
  • Assisting with insurance claims.
  • To maintain records in order that both Regulatory and Legal responsibilities can be met without undue delay.

The nature and depth of this data varies from case-to-case but constitutes the data required to ascertain risk and provide you with the service you have asked for, shaped by insurance industry best practice. By providing this information you are giving us consent to hold this data.

What Do We Do With Your Data

We use your data to determine the type of policy, the premium and the terms applicable to your insurance proposal- producing a quotation or range of quotations for the insurance you have asked us to provide. The data will probably come to us via our website, email, phone, post or calling into the office, so our systems are designed to ensure that only people directly involved in your insurance chain have access to your data. In order to complete your proposal, create and maintain your policy or process and assist with a claim from you, we may need to share certain parts of your data with other secure data controllers within the insurance industry. We keep such transactions to an absolute minimum and all parties are authorised and regulated to the same standard as ourselves. We will never pass on your details to other organisations for the purposes of sales or marketing.

Cookies

"Cookies" are pieces of information that are placed on an individual's computer hard drive to enable the individual to more easily communicate and interact with the Site. We may use cookies to customize your experience on the Site. We may also use cookies to record how many times a user has visited our Site and what pages the user has accessed. You may, however, disallow receiving cookies at any time through your web browser. It is not our intention to use cookies to retrieve information that is unrelated to our Site or your interaction with our Site.

IP Address

We may collect your IP (Internet Protocol) address to help diagnose problems with our server, and to administer our Site. An IP address is a number that is assigned to your computer when you use the Internet. This information does not contain any personally identifiable information about you. Your IP address is also used to help identify you during a particular session and to gather broad demographic data.

Consent To Hold Data

Consent must be freely given, specific, informed, unambiguous and must be verifiable.

This means that some form of record must be kept of how and when consent was given.

Individuals have a right to withdraw consent at any time.

Blackford & Company Insurance Brokers Ltd including the trading names of ManxCover will ensure consent is provided by the following means:

Online Applications — the applicant will be directed to our “Terms of Business’ & ‘Privacy Notice and Data Policy’ information sections. You will then be asked to confirm your permission to continue based upon the conditions set out in the document by your completion of tick box's.

On acceptance of the conditions, the data will be forwarded from your browser and processed in accordance with the type of application in question. Should you be unwilling to share the data at this point, the application will not be forwarded from your browser and you are free to discard without further interaction with Blackford & Company Insurance Brokers Ltd including the trading name of ManxCover.

Your Rights Under The Law

The Right Of Access

  • Individuals have the right to access all the personal data stored on them.
  • There will be no fee for the first copy of the information. A fee may be charged if the individual asks for a copy to be sent to another interested party.
  • A request for personal data must be responded to within one month.

The Right To Rectification

If individuals find inaccuracies in their personal data they can ask for this to be rectified.

The Right To Erasure

Individuals have the right to request their personal data to be erased without undue delay.

Instance where erasure of data would be appropriate:

  • If the personal data is no longer necessary in relation to the purposes for which they were collected.

Instance where erasure of data would not be appropriate:

  • Where the erasure of the data may be in breach of regulatory or legal obligations of the controller.

The Right To Prevent Direct Marketing

Individuals have the right to be excluded from any direct marketing.

The Right To Data Portability

Individuals have the right to personal data concerning him or her which he or she has provided to a controller and transmitted to another controller, i.e. To another financial services provider.

Controlling Your Personal Information

You may choose to restrict the collection or use of your personal information in the following ways:

  • We will only collect your data on our website contact form where you specifically agree to our terms of business.
  • Blackford & Company Insurance Brokers Ltd including the trading name of ManxCover utilise email and SMS marketing and credit control tools for the purposes of client communications, and where used, we always include an ability to unsubscribe your email address from any ongoing marketing communications.
  • If you believe Blackford & Company Insurance Brokers Ltd including the trading name of ManxCover hold any personal data about you, you are welcome to send us a written "Subject Access Request" to request details of this data. We will require you provide comprehensive proof of your identity before releasing any information.
  • If you require this personal data to be Deleted / Anonymised / Archived / Updated or Altered in any other way, you should include this in your written request. Blackford & Company Insurance Brokers Ltd including the trading name of ManxCover will be happy to comply where our regulatory, statutory and commercial rights and responsibilities will not be compromised.
  • We are only able to respond to "Subject Access Requests" where these are received in writing and sent to our postal contact address on our Contact Page, or by email address to [email protected].

We will not distribute your personal information to third parties unless we are explicitly required to do so under our Insurance providers arrangements, IT Hosting arrangements, by law, or for accounting or regulatory purposes or with your explicit consent.

Data Types Held

Data collected and retained comes under the following categories:

  • Personal data.
  • Banking data.
  • Financial History.
  • Credit history, for the purpose of proving instalment facilities.
  • Insurable risk data, an example is: date of birth, type of vehicle, all drivers details, medical conditions etc.
  • Insurance claims history such as accidents and convictions details for all drivers.
  • Underwriting notes.
  • Insurance notes.
  • Credit control notes.
  • Conversations between clients and personnel.
  • Public data.
  • Telephone recording data.

It is considered that each of these data categories are required to fulfil the contractual obligations of both the client and the company.

Data Recipients

  • The client
  • Financial Organisations, your insurers
  • Motor insurance database (MID)
  • Claims handling companies
  • Insurance Premium Funding Company
  • Group Companies
  • IT Hosting Platforms
  • Credit Reference Agencies
  • Payment Gateway Providers
  • Regulatory Authorities (including Police, Customs, FSA)
  • Ombudsman
  • Auditors
  • Suppliers of services
  • Debt Collecting, Tracing and Private Investigators
  • An organisation processing data on behalf of the company

Data Retention Periods

  • Personal data shall be kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed.
  • It should be noted that records linked to Insurance and financial transactions are subject to retention rules published from time to time by regulatory authorities and under accounting standards rules. Currently the minimum retention period under these requirements is six years.
  • In addition, application records are required to be retained in order to ensure Anti Money Laundering / Combatting the Funding of Terrorism (AML/CFT) reporting can be maintained.
  • The retention period should be measured from the date of application where there is no corresponding business written or where business is written, from the date of the completion of the product.
  • Customer Information — 6 years after the completion of the last product provided.
  • Loan Application Data — 6 years after the completion of the agreement.
  • Insurance Application Data — 6 years after the completion of the policy.
  • Applications not leading to the sale of a product — 6 years.

At the completion of the retention period, all data will be purged.

Sensitive Personal Data

Personal data consisting of the following information is deemed to be of a sensitive nature and Blackford & Company Insurance Brokers Ltd including the trading name of ManxCover will not enquire or retain information relating to these:

  1. the racial or ethnic origin of the data subject;
  2. his/her political opinions;
  3. his/her religious beliefs or other beliefs of a similar nature;
  4. whether he/she is a member of a trade union;
  5. his/her sexual life.

Note, it is necessary in some cases to record medical history in relation to Motor, Van, Motorcycle, Property, Travel, Business and Medical insurance plans. Where this is the case, records will be retained in accordance with the above retention policies.

Data Relating To Children

Whilst it may be necessary to collect data relating to children, i.e. in the case of additional drivers on a motor policy or a family travel insurance policy, information must be provided by the parent or guardian. Under no circumstance may a member of staff enter into direct dialogue with a child or minor.

For the avoidance of any doubt, in this context we treat any persons under the age of 16 years as a child.

Security

We are committed to using our best endeavours to ensure that your information is secure. All information transferred between your browser and our website or third party applications are encrypted using HTTPS protocol, using Digital Certificates with secure TLS Cyphers. This can be verified by looking for the secure padlock symbol in the browser address bar.

In order to prevent unauthorised access or disclosure, we have put in place further physical, electronic and managerial procedures to safeguard and secure the information we collect. These policies and procedures are company confidential, to avoid exposure of this data security.

Registration

It is the responsibility of the Board of Directors of the Company to ensure that registration is maintained with the Data Protection/Information Commissioner, declaring the purposes for which the information is being held or processed, to whom it will be disclosed and the security to be applied.

It is the responsibility of all staff members to ensure that any use of personal data in the course of their work is treated in accordance with the Data Protection Principles.

Consent To Processing

By providing any personal information to this Site, you confirm that you fully understand and unambiguously consent to the transfer of such personal information to, and the collection and processing of such personal information in, the Isle of Man, United Kingdom other countries or territories.

Links

This Site may contain links or references to other Web sites outside of our control. Please be aware that we have no control over these sites and our privacy policy does not apply to these sites.

Access

If you would like to review and/or update the information that you have provided to the Site, please send an e-mail to [email protected] requesting such access or change.

Choice / Opt-out

You may choose to have your name taken off Blackford & Companies e-mail marketing list by sending an e-mail to [email protected] with the subject line "Unsubscribe" with your full name and address and Blackfords reference number.

Your Acceptance Of This Policy

By using this Site, you signify your acceptance of our Privacy and Data Policy. If you do not agree to this policy, please do not use our Site. We reserve the right, at our discretion, to change, modify, add, or remove portions from this policy at any time so visitors are encouraged to review this policy from time to time. Your continued use of our Site following the posting of changes to these terms means you accept these changes.