PRIVACY NOTICE (HOW WE USE PERSONAL INFORMATION)
This notice explains how we collect, use and store personal information. Your privacy and personal information are important to us and we are committed to keeping it protected. We've tried to make this notice as clear and transparent as possible, so you are confident about how we use your information. As data controller, we are responsible for decisions about how your information will be processed and managed. You will also find details below regarding your rights under data protection laws and how to contact us.
1. Who we are and whose personal information we collect
When we refer to “we”, “us” and “our” in this notice it means Home and Legacy Insurance Services Limited. When we say, “you” and “yours” in this notice, we mean anyone whose personal information we may collect, including:
- anyone seeking an insurance quote from us or whose details are provided during the quotation process
- policyholders and anyone named on or covered by the policy
- anyone who may benefit from or be directly involved in the policy or a claim, including; claimants and witnesses
- anyone who has a business relationship or transacts business with us or provides us with a service, such as the insurers who underwrite your cover, insurance brokers and intermediaries.
2. How we use personal information
We use personal information in the following ways:
- to provide quotes, administer policies and policyholder claims to fulfil our contract
- to administer third party claims, deal with complaints and prevent financial crime to meet our legal obligations
- to manage our business, conduct market research and manage our relationships with insurers and other business partners to meet the legitimate needs of our business
- to send marketing information about our products and services if we have received your specific consent.
|Anyone whose personal information we hold has the right to object to us using it. They can do this at any time by telling us and we will consider the request and either stop using their personal information or explain why we are not able to. Further details can be found below.|
3. Automated decision making, including profiling
We may use automated decision making, including profiling, to assess insurance risks, detect fraud, and administer your policy. This helps us decide whether to offer insurance, determine prices and validate claims.
Anyone subject to an automated decision has the right to object to it. To do so please contact us using the details in Section 9: Know Your Rights, and we will review the decision.
4. The personal information we collect
The information we collect will depend on our relationship with you. We collect the following types of personal information about you so we can complete the activities in Section 2: How we use personal information:
- basic personal details such as name, age, contact details and gender
- family, lifestyle and social circumstances, such as marital status, dependents and employment type
- financial details such as direct debit or payment card information
- photographs and/or video, including surveillance to help us manage policies and assess claims
- tracking and location information if it is relevant to the insurance policy or claim
- identification checks and background insurance risk details including previous claims information
- accessibility details if we need to make reasonable adjustments to help business activities if it is relevant to your insurance policy or claim
- your current or former physical or mental health
- criminal offences, including alleged offences, criminal proceedings, outcomes and sentences (previous criminal convictions, bankruptcies and other financial sanctions such as County Court Judgements).
5. Where we collect personal information
We collect personal information direct from individuals, their representatives or from information they have made public, for example, on social media.
We also collect personal information from other persons or organisations, for example:
- credit reference and/or fraud prevention agencies
- emergency services, law enforcement agencies, medical and legal practices
- insurance industry registers and databases used to detect and prevent insurance fraud, for example the Motor Insurance Database (MID), the Motor Insurers Anti-Fraud and Theft Register (MIAFTR) and the Claims and Underwriting Exchange (CUE)
- insurance investigators and claims service providers
- insurers or service providers who underwrite insurance or provide the services for our products
- other involved parties, for example claimants or witnesses.
6. Sharing personal information
We only share your information when necessary for the purposes stated in Section 2: How We Use Personal Information.
We may share personal information with:
- other companies within the global Allianz Group - www.allianz.com
- credit reference, fraud prevention and other agencies that carry out
certain activities on our behalf, for example; the Motor Insurance Database (MID) and the Insurance Fraud Bureau (IFB)
- our approved suppliers to help deal with claims or to provide and manage our services, for example; vehicle repairers, legal advisors, loss adjusters, premium finance companies and risk surveyors
- insurers, third party underwriters, reinsurers, insurance intermediaries, regulators, law enforcement and the Financial Ombudsman Service (FOS);
and other organisations that provide services to us or you, for example, the Claims and Underwriting Exchange (CUE)
- external agencies for market research purposes
- prospective buyers in the event Allianz Holdings plc wishes to sell all or part of our business.
7. Transferring personal information outside the UK
We use servers located in the European Union (EU) to store personal information where it is protected by laws equivalent to those in the UK. We may transfer personal information to other members of the global Allianz Group to manage the insurance policy or claim; this could be inside or outside the EU. We have Binding Corporate Rules (BCRs) which are our commitment to the same high level of protection for personal information regardless of where it is processed. These rules align with those required by the European Information Protection authorities. See Section 12: Allianz Privacy Standards (APS) for more information about BCRs or contact our Data Protection Officer.
Some of the organisations personal information is shared with have servers outside the EU. Our contracts with these organisations require them to provide equivalent levels of protection for personal information.
8. How long we keep personal information
We keep information only for as long as we need it to administer the policy, manage our business or as required by law or contract.
9. Know your rights
Any individual whose personal information we hold has the following rights (data subject rights) in relation to how that information is held or processed by us:
- The right to object - individuals can object to us processing their data and we will either agree to stop processing ot explain why we are unable to
- The right of access - individuals can request a copy of their personal information we hold, subject to certain exemptions (a subject access request)
- The right of rectification - individuals can ask us to update or correct their personal information to ensure its accuracy
- The right to be forgotten- individuals can ask us to delete their personal information from our records if it is no longer needed for the original purpose
- The right of restriction - individuals can ask us to restrict the processing of their personal information in certain circumstances
- The right to data portability - individuals can ask for a copy of their personal information, so it can be used for their own purposes
- The right to withdraw consent - individuals can ask us, at any time, to stop processing their personal information, if the processing is based only on individual consent
- The right to make a complaint - individuals can complain if they feel their personal information has been mishandled. We encourage individuals to come to us in the first instance but they are entitled to complain directly to the Information Commissioner's Office (ICO) www.ico.org.uk
If you wish to exercise any of these rights you can do so by contacting our Operations Director:
Address: Home & Legacy Insurance Services Limited
500 Avebury Boulevard
Phone: 0344 893 8360
10. Allianz (UK) Group Data Protection Officer contact details
Home and Legacy Insurance Services Limited is a wholly owned subsidiary of Allianz Holdings plc . Any queries about how we use personal information should be addressed to our Data Protection Officer:
Address: Data Protection Officer
Phone: 0330 102 1837
11. Changes to our Privacy Notice
This Privacy Notice was last updated in September 2020.
Occasionally it may be necessary to make changes to this notice. When that happens we will provide an updated version at the earliest opportunity. The most recent version will always be available on our website www,homeandlegacy.co.uk
12. Allianz Privacy Standards (APS)
The Allianz Privacy Standard constitutes Allianz' Binding Corporate Rules (BCRs) and provides you with information on the rules governing the international transfer of personal data between Allianz Group companies operating in the European Economic Area (EEA) and Allianz Group companies outside that area. The Allianz Privacy Standard also describes your rights in respect of such transfers, what to do if you want to exercise your rights or complain about such transfers, and how to contact us. The latest Allianz Privacy Standard can be found at https://www.allianz.com/en/privacy-statement.html