This is a privacy notice for Carbon Insurance Brokers, which is a trading name of Lawshield UK Ltd.
Carbon Insurance Brokers (“we, us”) takes the protection of personal data very seriously. As a result we have put in place many measures to ensure that any personal data we obtain from you is processed and maintained in accordance of the General Data Protection Regulation 2016 (GDPR).
This statement provides you with a clear explanation of when, why and how we collect and use your information which may relate to you (“personal data”).
Lawshield UK Ltd is a Data Controller, which means that we determine the purpose and the means of processing and is registered directly with the Information Commissioners Office (ICO) registration number :- Z5685935.
We may amend this policy from time to time.
Security of Personal Data
Security of personal data is our priority, we protect this information by maintaining physical, electronic and procedural safeguards that meet or exceed applicable law.
We train our employees in the handling of personal information. When we use other companies to provide services to us, we also require them to protect the confidentiality of the personal information that they receive to a similar or increased level.
Collecting Personal Data
Personal details such as name, address, email address, telephone number, date of birth, gender, marital status, occupation, vehicle details including vehicle registration, property details, health information, travel dates and destinations and payment details for direct debit or card payments (This is processed in line with PCI DSS- Payment Card Industry Data Security Standards).
Should you make a claim on your policy, the additional information that we collect is- Incident date and time, incident details, third party details. If there is a personal injury, then we may be required to obtain information on your health or medical records.
Telephone calls are recorded for training and monitoring purposes.
Personal data may contain information which is known as sensitive/special categories of personal data. This may be information relating to your health or criminal convictions and offences. Sensitive/special data may be required by us for the specific purposes of underwriting and fraud detection, or as part of the claims handling process. Such information could also include retrieving medical records.
The provision of such data is conditional for us to be able to provide insurance or manage a claim and, whilst you can withdraw your consent for us to process such data, this may result in us not being able to continue cover, or to process any claims. Where such data is provided to us, it will only be used for the purposes set out above, and will be treated securely and in line with this notice.
How we use your information
The table below explains the reasons we have for using personal data across our business activities and the applicable legal basis.
|We use your personal data||The legal basis for its use|
|Requesting or obtaining a quote of Insurance||In order to pursue our legitimate interests as a business|
|In order to provide you Insurance and administer the policy||To carry out a performance of a contract|
|Registering a claim||To carry out a performance of a contract|
|Competitions||In order to pursue our legitimate interests as a business|
To offer renewal information
To conduct research and testing in order to continually improve our products services and customer service
Where you have provided your personal details for a quote (but not taken up), we will retain this information for 3 years from the date of last contact or engagement and will use your data to re-contact you to provide you with a new quotation
To meet our legal and/or regulatory obligations and to safeguard against fraud and financial crime
To notify you about changes to our service
To provide access to systems and for administration purposes
To demonstrate compliance within regulatory framework
Deal with complaints
In order to pursue our legitimate interests as a business
Legal and regulatory requirement
|Marketing- To provide you with products and services, which we feel you may be interested in from Carbon Insurance/Lawshield UK Ltd||In order to pursue our legitimate interests as a business|
|Marketing- To provide you with information on products and services that you have consented to receive from our group of companies and business partners||Consent|
In the event that we require your consent for processing, we will ensure you are fully informed of the intended processing of your personal data and have signified your acceptance.
Sharing your information
We may disclose your personal information to any of our staff, third parties involved in providing products or services to us, or to service providers who perform services on our behalf where it is reasonable to do so. (If consent is necessary to facilitate this sharing we will ensure it is obtained prior to processing).
- Our Group of Companies
- Third Party Administrators, Insurers- who work with us to administer policies and manage claims.
- Assistance Providers- who can help provide assistance in the event of a claim.
- Credit Reference/ Fraud Detection Agencies and organisations working to prevent fraud in financial services.
- Medical Service Providers- To obtain medical records.
- Loss Adjustors and Claims Experts who help us assess and manage claims
- Solicitors and professional services firms.
- External Auditors
- Regulatory Authorities- FCA, ICO, as well as other regulators and law enforcement agencies in the EU and around the world.
- Service Providers- who help manage our IT and back office systems.
- Finance Houses- where requested to do so, can facilitate monthly finance payments.
We may be legally obliged to disclose your personal information to the extent that we are required to by law in connection with any ongoing prospective legal proceedings in order to establish, exercise or defend our legal rights (including providing information to others for the purpose of fraud prevention and reducing risk).
We may also disclose your personal information:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If the company or substantially all of its assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
- To protect the rights, property, or safety of our customers or others.
What are Cookies?
Cookies are small files saved to the user’s computer’s hard drive that track, save and store information about the user’s interactions and usage of the website. This allows the website, through its server to provide the users with a tailored experience within this website.
Additionally, we may use third party software to better understand your preferences and behaviour while on our website in order to personalise your experience and understand current trends.
This software may include (but is not limited to):
All efforts have been made to ensure that the aforementioned services and links are accurate at the time of writing.
Should users wish to deny the use and saving of cookies from this website onto their computers hard drive, they should take necessary steps within their web browser’s security settings to block all cookies from this website and its external serving vendors.
You can find further information on cookies on this link https://ico.org.uk/for-the-public/online/cookies/.
How long we keep your data
Your data will not be retained for longer than is necessary, and will be managed in accordance with our data retention policy. In most cases the retention period will be for a period of six (6) years following the expiry of the insurance contract, or closure of claim, unless we are required to retain the data for a longer period due to business, legal or regulatory requirements.
Opting out of Marketing
We want to make it easy for you to make your own choices as to what information you receive from us and how we contact you. Therefore, whether you are an existing, former or prospective client we will always remind you of your right to opt out of future marketing related communications each time we send such correspondence to you. You can elect not to receive any marketing related communications from us at all, or request that you only receive certain types of communication.
You have certain rights relating to your information that we process:-
- Right to be informed
- Right of access
- Right to rectification
- Right to erase
- Right to restrict processing
- Right to data portability
- Right to object
- Rights in relation to automated decision making and profiling.
Upon receipt of such request, we will, after confirming identity, provide all relevant data we may hold to you in the most practical format unless otherwise stipulated and reasonably possible within 30 days. We will not charge you to do so, however we may charge you for duplicate copies should this be part of your request.
For any questions or concerns regarding this Privacy Notice or to make a Subject Access Request, then please email firstname.lastname@example.org
If you feel we have not dealt with your request satisfactory you do have the ultimate recourse to refer your complaint to the ICO (Information Commissioner Officer). You can find out more details by visiting https://ico.org.uk.
Updated: February 2019.