This Privacy Notice covers the information practices of The Read Shepley group companies and all its subsidiaries and associated companies, collectively referred to in this document as “The Company” (“us”, “we”, or “our”). Each group company is a Data Controller in its own right:
- RS Risk Solutions Limited. Registered in the UK: No. 11899365. Registered Office: Blackgrove, Tandridge Lane, Lingfield, Surrey, RH7 6LW.
- RS Support Services Limited. Registered in the UK: No. 9409787. Registered Office: Blackgrove, Tandridge Lane, Lingfield, Surrey, RH7 6LW.
- Read Shepley Limited. Registered in the UK: No. 4886649. Registered Office: Blackgrove, Tandridge Lane, Lingfield, Surrey, RH7 6LW.
The Company collects personal information when you register with us or place your insurance or other services through our Company. We will use this information to provide the services requested and maintain our operational and financial records. We will not share your information for any other reason because we take the protection of your privacy and the confidentiality of your personal information (“Personal Data”) seriously. We will ensure that all Personal Data processed is kept secure and protected against unauthorised or unlawful processing and against accidental loss, destruction or damage.
2) Personal Data
The Regulation defines Personal Data as any information relating to an identified or identifiable Data Subject, which means a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or by one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
3) Information Collection , Processing and Your Rights to Access
The Personal Data that we collect about you will have been provided by you, your employer or employees, your representatives or agents (as appropriate), and/or insurers or their agents. We may also collect general information about you and/or your company which is available in the public domain (for example information on directors held at Companies House), online and from third party data processors (provided that it is fair to do so); and searches that we undertake in relation to sanctions, money laundering, and credit checks.
The information we collect about you may include:
- Date of Birth.
- Telephone number(s), email address and other contact details.
- Marital status.
- Financial Information and bank account details.
- Passport, driving licence or similar identity-related information to ensure our compliance with anti-money laundering or similar regulations.
- Employment and details of benefits that may relate to employment.
In addition, we may collect Personal Data classified as being one within the ‘Special Categories’ noted in the General Data Protection Regulation (please refer to this Regulation for a full list of Special Categories of Personal Data). For our purposes, this may include the collection of information about your health, ethnic or racial origin or trade union membership, criminal convictions, as well as information about your family including children.
Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your insurance cover and the provision of any risk management services. Our processing of your Personal Data will include:
- Assessing insurance needs.
- Providing information to potential or existing insurers, their agents or other service providers for the purpose of obtaining quotations and placing cover or obtaining services and arranging premium finance arrangements.
- Management and processing of claims.
- Undertaking checks to guard against fraud, money laundering, bribery and other illegal activities.
- Handling complaints.
- Reviewing our service through analysis of data and feedback surveys.
The processing of your Personal Data will only be undertaken if:
- It is necessary for the performance of a contract to which you are, or will be, a party; or
- You have given your consent; or
- You confirm that any personal information you give to us about another person is given with their informed consent.
- Processing is necessary for compliance with a legal obligation to which we are subject; or
- Processing is necessary to protect your vital interests; or
- To perform a task carried out in the public interest or in the exercise of official authority vested in us; or
- Processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your fundamental rights and freedoms which require protection of Personal Data, in particular where the Data Subject is a child.
You have the right to:
- Find out how we process your Personal Data.
- Access your personal information which will be provided to you free of charge within one month of your request. We reserve the right to charge a fee if we believe that your request is excessive.
- Rectification of Personal Data which is inaccurate.
- Request the erasure of the Personal Data and there is no compelling reason for its continued processing. Where you object to The Company processing your Personal Data based on our legitimate interests, we shall cease such processing forthwith unless we have another lawful basis for such processing that overrides your interests, rights and freedoms; or the processing is necessary for the conduct of legal claims.
- Request the restriction blocking or otherwise suppression of the processing of Personal Data. In these circumstances, we will still be permitted to store it where we have a legitimate interest in doing so.
- Request a copy of your Personal Data so that you can reuse it for your own purposes or across different services.
This will include data that you input into our webpages, whether this is in relation to raising an enquiry with us, obtaining a quotation (even if this process is discontinued before being finished), requesting or reviewing documentation.
If you would like to exercise any of your rights above or discuss how we process your Personal Data, contact us firstname.lastname@example.org or telephone us on 01342 580106.
4) How We Share Your Information
The Company may share Personal Data with each of our other group companies should we believe this is of benefit to you or for legal reporting purposes. We will only share limited Personal Data to enable this. Where we use third parties to undertake functions on our behalf, we will only share relevant information with such third parties as is strictly necessary to enable them to perform those functions. Typically the categories of third parties we may share your Personal Data with to provide our services to you are:
- Support companies for the delivery of the products and services we offer to you in the course of our insurance broking and risk management services.
- Any nominated adviser, representative or employer (as specified by you).
- The Financial Conduct Authority (FCA) and the Information Commissioner’s Office for the UK (the ICO), HM Revenue & Customs (HMRC) and any other legitimate supervisory, professional body, external auditor or law enforcement authority.
It is our policy to retain documents and information about you, including insurances placed on your behalf, in electronic or paper format for a minimum of seven years or such longer period as appropriate having regard to when a claim or complaint may arise in connection with our processing of your information. The legal basis for this processing is that it is necessary to meet contractual, legal or regulatory obligations. After seven years, these may be destroyed or erased without notice to you. You should therefore retain all documentation issued to you.
The Company may need to transfer (‘transfer’ includes making available remotely) Personal Data to countries outside of the UK where this is necessary for us to provide our services to you. This will take place if it is necessary to conduct our services on your behalf and/or if there is legal or legitimate need to do so and/or only if the country ensures the adequate level of protection for Personal Data and/or with the informed consent of the relevant Data Subject(s).
5) Knowledge Sharing and Marketing Activities
As part of our commitment to sharing relevant risk knowledge and information with our customers and prospects, the Company may contact its customers about relevant business and regulatory information, as well as products and services which we hope will be of interest and useful to you.
Once a relationship has ceased to exist with the Company, we will only retain any Personal Data for a period not exceeding 3 years from the date of our last contact or engagement. During this period, we may use this data to contact you to provide relevant business and regulatory information, as well as products and services which we hope will be of interest and useful to you.
You can decide what, if any, information your wish to receive from The Company. Just let us know your preferences by contacting us at email@example.com or telephone 01342 580106.
6) Accessing your Personal Data or Making a Complaint
The Company will continuously strive to safeguard your Personal Data. If you wish to obtain details of the personal information held by us or make a complaint about how your personal information is being processed, please contact us on 01342 580106 or email: firstname.lastname@example.org and we take all necessary steps to resolve any issues you may have.
If you remain unhappy about any data protection matters, you also have the right to complain to the Information Commissioner’s Office, whose details may be found at www.ico.org.uk.
7) Contact us
We would be happy to supply further information or clarification on our Privacy Notice, please contact us on:
- Telephone: 01342 580106
- Email: Compliance@rsrisk.solutions
Or contact your usual RS Risk Solutions representative.