Privacy Policy

Insurance Compliance Services Limited

This Privacy Notice is to provide you, whether you are a client, a partner or employee of a client or other individual about whom we control data, with helpful information about the types of data we process and what we do with that data. If you have any questions, or if you want any further information, please contact us using the contact details below.
 

Contact details

Insurance Compliance Services Limited (referred to as we or us)

Address: 22 Mount Ephraim, Tunbridge Wells, Kent. TN4 8AS
Website: https://insurancecompliance.co.uk
Telephone: 01892 539600
Email: admin(at)insurancecompliance.co.uk
 

The data we handle

We are data controllers. The data we process concerns people with whom we have business relationships, including the directors, partners and employees of our clients and potential clients and other third parties who interact with us. In the course of providing our compliance consultancy services we may also process some personal data in respect of the customers of our clients.

We may obtain personal data directly from the individuals concerned, from our clients, potential clients, from third parties involved in matters we act on for our clients, and from other third parties (including publicly available information).

The types of data we process are varied and will include detailed data about our clients’ businesses, including personal data about directors, partners, employees and affiliates. We may record full names, contact details, and associated personal data. The data may include information that is supplied to the UK government and/or regulatory authorities such as the Financial Conduct Authority, in relation to the authorisation and on-going supervision of our clients’ businesses. This is likely to include the education, employment, financial and social background of their senior personnel.

We may also handle data concerning our clients’ employees and other individuals associated with our client firms, including the personnel of their Appointed Representatives. This data would include names, roles, and any training, appraisal and CPD records.

We may occasionally handle data relating to customers of our clients or other individuals with whom our clients interact; for instance when we conduct file reviews, advise on complaints or offer advice on specific cases. If we do so, and we cannot avoid processing such personal data, this Privacy Notice will apply to the individuals concerned.

In some circumstances we may handle special category personal data and information about criminal convictions, in which case we take particular care to only process such data in accordance with legal constraints. Where necessary, will obtain the express consent of the data subject to process such data. Special category data can include information about the health, racial or ethnic origin, religious or political beliefs, trade union membership, sex life or sexual orientation; genetic or biometric data; or philosophical beliefs of an individual.
 

What we do with data

We process personal data for the purpose of providing compliance consultancy services to our clients and also for our own general business purposes which may include:

  • administering our clients’ accounts, billing and tracing and collecting any debts
  • managing our business performance, assessing client satisfaction (such as asking for client feedback, monitoring client records including audit reports and meeting notes, testing and updating our systems, networks, applications or software, and general improvement of our services)
  • advertising, marketing and public relations, including sending direct marketing communications (subject to the restrictions of UK law and regulation)
  • ensuring the safety and security of our people and premises
  • disclosures to our auditors and our own legal and other professional advisors
  • fraud prevention, anti-money laundering, anti-bribery and for the prevention or detection of crime.
     
Our basis for processing

We will only process personal data where we have a lawful basis for doing so. In general, our lawful basis will be one or more of the following:

  • the processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering a contract
  • the processing is necessary for compliance with our legal obligations
  • the processing is necessary for the purposes of pursuing our legitimate interests (this includes carrying out our business of providing compliance consultancy services to firms and pursuing our general business interests)
  • the processing is necessary for the establishment, exercise or defence of legal claims.

In addition, in some circumstances we may process personal data on the basis that an individual has provided their express consent, for example, for marketing to an individual by email or SMS or for the processing of special category data. Please note that the individual concerned may withdraw their consent at any time by contacting us using the contact details above.
 

Direct Marketing

We may send marketing materials to you on the basis of our legitimate interests or, where necessary, having obtained the consent of the individual concerned, provided we are otherwise permitted to do so by law. Individuals always have the right to unsubscribe from any marketing. Instructions on how to opt-out will be included within the communication concerned. Alternatively, please use the contact details above.
 

Who we share data with

In providing our services and in complying with our legal obligations, we may share the personal data that we obtain, insofar as we are required or permitted by law to do so, with the following third parties:

  • suppliers and service providers used by us in providing services, details of which can be made available on request, including document storage facilities, IT service providers such as cloud providers of software, data room providers and providers of our IT servers
  • our auditors, our own legal and other professional advisors, our insurers and insurance brokers
  • government agencies, regulators, the police/law enforcement agencies and other authorities (including the Information Commissioner and Ombudsmen)
  • financial organisations, debt collection, credit reference and tracing agencies

We may also share your personal data with anyone you have authorised to deal with us on your behalf.
 

Where data may be sent

The data we collect may be transferred to, and stored at, a destination outside of the UK. It may also be processed by staff operating outside of the UK who work for one of our suppliers. If we provide information to a third party we will ensure that it and any of its agents and/or suppliers take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Notice.
 

How long we keep data

We will keep personal information no longer than is necessary for the purpose for which it was provided unless we are required by law or have other legitimate reasons to keep it for longer (for example if necessary for any legal proceedings). These retention periods depend on the nature of our relationship with the individual and the information involved. For instance, we generally retain relevant personal data for the duration of our business relationship and for up to one year after that relationship has concluded.
 

Complaints

All persons about whom we hold or process personal data (data subjects) have the right to lodge a complaint with the Information Commissioner in respect of our processing of their personal data. Information can be found at www.ico.org.uk/for-the-public/

To raise a complaint with us in the first instance, please contact us using the contact details above.
 

Individuals’ rights under UK Data Protection law and regulation

All persons about whom we hold or process personal data (data subjects) have rights under data protection laws to request from us access to or rectification of your personal data. We will erase any or all of your personal data upon your specific request where we have no legitimate reason to continue to hold your information. You also have the right to request the restriction of any processing or to object to our processing of your personal data. You also have the right to data portability. Please use the contact details above to exercise your rights. You can find more information about your rights at www.ico.org.uk/for-the-public/  

This Privacy Notice was last updated on 13th December 2023