PRIVACY NOTICE

PRIVACY NOTICE FOR ROBERTSON LOW

PROTECTION AND PRIVACY STATEMENT

About Us

Robertson Low Insurances Ltd (‘we’, ‘us’, ‘our’), a wholly owned subsidiary of Silex Group Ltd, is committed to protecting the privacy and the confidentiality of Personal Data that the company processes in connection with the services it provides to clients and individuals’ use of the Robertson Low Insurances Ltd websites. Our services consist primarily of insurance broking and risk consulting, including quotation of, arrangement of, administration of, and making of claims on, insurance.

During the insurance or quotation lifecycle, and to arrange insurance cover and handle insurance claims, we receive Personal Data relating to potential or actual policyholders, beneficiaries under a policy, their family members, claimants and other parties involved in a claim. Therefore, references to “individuals” in this notice include any living person from the preceding list, whose Personal Data we receive in connection with the services we provide. This notice sets out our uses of this personal data and the disclosures it makes to other insurance market participants and other third parties. For the purposes of General Data Protection Regulations (GDPR) the data controller is:

Robertson Low Insurances Ltd, 10 The Courtyard, Kilcarbery Park, Nangor Road, Dublin 22

Telephone: +353 (0)1 461 1500

Email: dataprotection@robertsonlow.com

 

Information we collect and from whom

We will process the information you provide in compliance with GDPR.

Data subject details Name, address (including proof of address), other contact details (e.g. email and telephone numbers), gender, marital status, date and place of birth, nationality, employer, job title and employment history, and family details, relationship to the policyholder, insured, beneficiary or claimant.

Identification details Identification numbers issued by government bodies or agencies, e.g. PPSN, passport number, tax identification number and driving licence number.

Financial information Bank account or payment card details, income and other financial information.

Risk details Information about the insured risk (and others insured under the policy) which we need to collect to assess the risk to be insured and provide a quotation. This may include, only to the extent relevant to the risk being insured, data relating to:

  1. Health: current or former physical or mental medical conditions, health status, injury or disability information, medical procedures performed, relevant personal habits (e.g. smoking or consumption of alcohol), prescription information, medical history;
  2. Criminal records: criminal convictions, including driving offences; and
  • Special categories of personal data: racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data, data concerning an individual’s sex life or sexual orientation

For certain types of policy, this could also include telematics data.

Policy information Information about the quotations you receive and policies you arrange.

Credit and anti-fraud data Credit history, credit score, sanctions and criminal offences, and information received from various anti-fraud databases relating to you.

Previous and current claims Information about previous and current claims, (including other unrelated insurances), which may include data relating to your health, criminal convictions, or other special categories of personal data and in some cases, surveillance reports.

Marketing data Where legitimate interest has been identified or if the individual has consented to receive marketing of our products and services and other companies’ products and services that may interest you.

Website usage Details of your visits to our websites and information collected through cookies and other tracking technologies, including, but not limited to, your IP address and domain name, your browser version and operating system, traffic data, location data, web logs and other communication data, and the resources that you access

We collect and receive personal data from various sources, including (depending on the service provided):

  • Data subjects, their family members, employer, representative or trade or professional associations of which they are a member.
  • Other insurance market participants, such as insurers, reinsurers and other intermediaries.
  • Credit reference agencies.
  • Anti-fraud databases, sanctions lists, court judgements and other judicial databases
  • Government agencies such as the vehicle registration authorities and tax authorities.
  • Open electoral register and any other publicly available data sources.
  • In the event of a claim, we will get information from third parties including the other party to the claim (claimant / defendant), witnesses, experts (including medical experts), loss adjustors, solicitors, and claims handlers.
  • Claim forms.
  • Business information and research tools
  • Third Parties who introduce business to us and;
  • Forms on our websites and data subjects’ interactions with same.

 

Note: If you are providing information about another data subject to us, you warrant and represent to us that you have the authority of the relevant data subject(s) to disclose such personal data to us and that all such data is accurate, complete and up to date. You also warrant that you will make them aware of this Data Protection Notice and the terms of the insurance (including changes to the terms or processing activities). If they have any concerns please ask them to contact The GDPR Owner as per contact details above.  The accuracy of the personal data you provide to us is paramount to the provision of valid insurance and administration services.

 

How and Why We Use Your Personal Information
Personal data provided by you or by others will be used by us, and your insurance company or other relevant Third Party (where applicable), for the provision and administration of insurance products, related services and for statistical analysis. Should you be unable to provide us with the required personal data, we will be unable to provide you with insurance or process a claim. We will endeavour to keep your information accurate and whenever you inform us about any changes we will update this information at the earliest opportunity. Please help us to do this by letting us know whenever there are changes to your personal data. If you are providing information about someone else you confirm that they have appointed you to act for them, to consent to the processing of their personal data including special categories of personal data and that you have informed them of our identity and the purposes (as set out in this Privacy Policy) for which their personal data will be processed. We will process the information you provide in compliance with GDPR under one or more of the following bases:

 

Performance of a Contract: the processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.

Compliance with a Legal obligation: the processing is necessary for us to comply with a legal obligation to which we are subject.

Our legitimate business interests: the processing is necessary for our legitimate interests pursued by us. In such cases our legitimate interests are as follows:

  • Risk management, auditing and the provision of legal advice which are key governance functions to protect our business.
  • Checking information provided ensures accuracy which contributes to effective administration of insurance products and services,
  • Investigation, prevention and detection of fraud to help protect the business and the insurance market.
  • Direct marketing of our other products and services by post, telephone (including mobile), e-mail or other means of communication which might be of interest to you.
  • Market research, competitions, customer satisfaction surveys, and data analytics, including profiling, to develop and enhance the customer relationship and journey as part of our business strategy.
  • Recording and/or monitoring calls for regulatory, training, verification and quality purposes.
  • The establishment, exercise or defence by us or third parties of legal claims;
  • Defending or prosecuting legal claims.
  • To make back-ups of your data in case of emergencies and for disaster recovery purposes.
  • We may also share with or seek information from a number of external parties in order to administer your policy and to prevent and detect fraud. For example:
    • Other insurance companies and intermediaries to confirm information provided and to safeguard against non-disclosure and help prevent insurance fraud.
    • Anyone authorised to act on your behalf.
    • Our Third-Party Service Providers such as technology suppliers, hosting/storage providers, payment providers and document providers.
    • As a result of our legal and regulatory obligations. This can include with An Garda Siochana, other official agencies and on foot of a Court Order or Subpoena.
    • Our subsidiary companies to deliver our products and services and fulfil our operating entity responsibilities.
    • Loss adjusters, claims investigators, repairers, medical practitioners, solicitors and other firms as part of the claims handling process.
    • With prospective sellers or buyers if we decide to sell or buy any business or assets.

 

In limited circumstances, we may need your consent for the processing of certain data and in these cases, we will inform you of such processing and the reason for this at the time consent is captured.

Before collecting and/or using any special categories of data, or criminal record data, we will establish a lawful exemption which will allow us to use that information. This exemption will typically be:

  • your explicit consent;
  • the establishment, exercise or defence by us or third parties of legal claims; or
  • a context specific exemption provided for under local laws of EU Member States and other countries implementing the GDPR, such as in relation to the processing of special category data for insurance purposes, or for determining benefits under an occupational pension scheme.

 

How we share this information

We will disclose personal data to third parties including insurers / underwriters, reinsurers, intermediaries or other brokers; outsourcers, sub-contractors, agents and service providers; claim handlers; premium finance providers; professional advisers and auditors.  Third parties to whom we disclose personal data are required by law and contractual undertakings to keep personal data confidential and secure, and to use and disclose it for purposes that a reasonable person would consider appropriate in the circumstances, in compliance with all applicable legislation.

Robertson Low Insurances Ltd is a wholly owned subsidiary of Silex Group Ltd. We may share and aggregate information about Data Subjects from across Silex Group Ltd (‘the Group’), including personal information held within the Group relating to other policies held with us, quotes or claims details and, we may use this information to:

  • help us identify products and services that could be of interest to you, to tailor and package our products and services; to determine pricing and/or offer available discounts; and
  • conduct customer research and develop marketing campaigns.

We and/or other parties to whom we disclose personal data, may use your information for purposes such as statistical and trend research and analysis which might include computerised processes which profile you. Automatic profiling helps firms to understand, predict and forecast customer preferences and to improve the products and services they offer and to assess which products might be most suitable for you.

 

Data Transfers

We may need to transfer your data to other organisations which are located outside of the European Economic Area (EEA). These countries’ data protection laws may not offer the same level of protection for personal data as offered in the EEA. Those transfers would always be made in compliance with relevant data protection legislation and we would ensure that the recipient (processor or another controller) has provided the appropriate safeguards and on condition that enforceable data subject rights and effective legal remedies for you the data subject are available from them.

 

Retention of personal data

Retention periods for personal data are based on business needs and legal requirements. We retain personal data for as long as is necessary for the processing purpose(s) for which the information was collected, and any other permissible, related purpose. For example, we retain certain transaction details and correspondence until the time limit for claims arising from the transaction has expired, or to comply with regulatory requirements regarding the retention of such data. If we require Personal Data for a purpose inconsistent with the purposes we identified in this Privacy Notice, we will notify the Data Subject of the new purpose and, where required, seek individuals’ consent (or ask other parties to do so on our behalf) to process Personal Data for the new purposes.

 

Rights of Data Subjects

Right of access you have the right to request a copy of the information that we hold about you.

Right of rectification you have a right to correct data that we hold about you that is inaccurate or incomplete.

Right to be forgotten in certain circumstances you can ask for the data we hold about you to be erased from our records.

Right to restriction of processing where certain conditions apply you have a right to restrict the processing.

Right of portability you have the right to have the personal data you have provided to us transferred to another organisation, in a structured, commonly used and machine-readable format.

Right to object you have the right to object to certain types of processing such as direct marketing.

Right to object to automated processing, including profiling you also have the right not to be subjected to automated processing including profiling.

Right to judicial review in the event that we refuse your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined in the complaints section.

To exercise any of the above rights, please contact us using the contact details set out in the ‘About Us’ section.

To ensure that we do not disclose your personal information to a party who is not entitled to it, when you are making the request please provide us with your name, address(es), date of birth, any policy reference numbers that you have along with a copy of your photo identification and proof of address. All requests are free of charge although we reserve the right to charge an administrative fee for subsequent requests (such as when the request is part of a series of repeated requests over a short period of time).

Please note also that exercising some of the above rights may result in an inability on our part to fulfil a contract, and/or may lead to cancellation of your policy, but when this is the case we will explain this to you in our response.

 

Complaints

If you have any questions or complaints in relation to our use of your personal data or you wish to withdraw your consent to processing, please contact the data protection contact named in the About Us section of this Notice. If you are not satisfied with our response you can lodge a complaint to the Office of the Data Protection Commissioner

Data Protection Commissioner, Canal House, Station Road, Portarlington, Co. Laois

Telephone: 076 1104 800

Lo Call Number: 1890 252 231

Email: info@dataprotection.ie

 

Marketing

We use your data for legitimate business interests including marketing of our products and

services by post, telephone (including mobile), email or other means of communication including social media. At any time, you may opt out from receiving marketing communications from us by clicking on the unsubscribe link or other instructions in our marketing e-mails, via written request to by post to our office, via email to subscriptions@robertsonlow.com , or by visiting our website.

Automated Decision Making
We currently do not use automated decision making (including automated decision making using profiling) when processing your personal information. If we ever use an automated decision-making solution, you have a right to request that a decision based off your personal information cannot be solely decided via an automated process

Up to Date Information
The accuracy of the personal data you provide to us is paramount to the provision of valid insurance and administration services. For us to keep your information accurate and up to date, please contact us if any of your details change.

Changes to our Data Protection Notice
We may update this Statement from time to time. When we do, we will revise the version number and date located at the bottom of this page. We encourage you to periodically review this Statement so that you will be aware of our privacy practices.

Queries this Data Protection Notice
Any queries, questions or comments you may have relating to this Data Protection Privacy Notice should be addressed to the GDPR Owner at dataprotection@robertsonlow.com or at Robertson Low Insurances Ltd, 10 The Courtyard, Kilcarbery Park, Nangor Road, Dublin 22.

PROTECTION AND PRIVACY STATEMENT

Robertson Low Insurances Limited respects your right to privacy. Visitors are advised that each time they visit a website two general levels of information about their visit can be retained. The first level comprises statistical and other analytical information collected on an aggregate and non-individual specific basis of all browsers who visit the site. The second is information which is personal or particular to a specific visitor who knowingly chooses to provide that information.

The statistical and analytical information provides general and not individually specific information about the number of people who visit this website; the number of people who return to this site; the pages that they visit; where they were before they came to this site and the page in the site at which they exited. This information helps us monitor traffic on our website so that we can manage the site’s capacity and efficiency. It also helps us to understand which parts of this site are most popular and generally to assess user behaviour and characteristics in order to measure interest in and use of the various areas of the site.

Through this website you may have an opportunity to send us information, such as through the ‘contact us’ pages or any other area where you may send e-mails, provide details of you or your business, or by completing insurance related submission forms. By choosing to participate in these, you will be providing us with some level of personal or commercial information relating to you or your business. This information will only be used by Robertson Low Insurances Limited for (i) the purposes for which it was provided by you; (ii) verification purposes and statistical analysis; and (iii) marketing and administration purposes.