This Privacy Notice explains how we use any personal information we collect about our customers (“you” or “your”) to enable us to provide you with appropriate insurance products and services, settle any valid claims and deal with any concerns you may have.
Depending on which services you use, this may involve us using your personal data (information that can identify you such as your name, contact details, employment details and or financial payments) and special personal data (information such as health details, race or ethnic origin).
You can visit this website [www.profileunderwritingco.uk] (the Site) without revealing who you are or providing any personal information about yourself. We operate the Site for the purpose of providing information concerning our business.
1. Who are we?
Profile Underwriting (a trading style of) Profile Risk Solutions Ltd, (“we” or “us” or “our”) are registered with the Information Commissioners Office, registration number ZA135137.
We act as the underwriters of your insurance policy.
2. What information do we collect about you?
- In order to deliver our Insurance services to you, we may collect the following information;
- contact details such as your name, address, date of birth, email & telephone contact details, details of additional people who you are including on the proposal or policy and your relationship with them.
- financial information such as bank details, details of insured items or cover required including the location of those items where applicable
- personal injury details or medical conditions if relevant to your product or claim.
- details of previous insurance cover.
- previous details in order to purchase the insurance.
- details about any claim submitted under the insurance.
- criminal convictions and offences information such as fraud, credit and anti-money laundering and sanctions checks, County Court judgements or issues with any previous insurance policy.
- details of any complaints you raise.
3. How and why we use your information
We may use your data for;
Quotation and inception purposes
- to set you up as a client, including fraud, credit and anti-money laundering and sanctions checks
- evaluating the risks to be covered & matching to appropriate policy / premium
- collection and refund of premiums
- general client care, including communicating with you regarding administration and requested changes to your policy
- sending your policy documentation
- managing insurance claims
- defending or prosecuting legal claims
- investigating and prosecuting fraud
- contacting you in order to renew the insurance policy
- Insurance lifecycle
- general risk modelling and underwriting
- complying with our legal or regulatory obligations
- transferring books of business, company sales and reorganisations
- When calculating insurance premiums we may compare your personal data against industry averages and use it to create the industry averages going forwards.
We may process your personal data because;
- it is necessary for the performance of a contract: Where we have a contract with you or a third party on your behalf, we will process your information in order to fulfil that contract and provide you with our services.
- it is necessary for compliance with a legal obligation.
- it is necessary for the performance of a task carried out in the public interest: for example claims analysis in order to calculate insurance risk ratings and premiums.
- It is in our or a third parties’ legitimate interests: For example for the prevention and detection of fraud, claims analysis and profiling to calculate insurance risk ratings and premiums, and any sale, merger or acquisition of all or part of Profile Risk Solutions Ltd.
- we have your consent. If we require your consent, it will be made clear at the time your information is collected
We may process your sensitive personal data in relation to your insurance policy because;
· it is necessary for the provision of insurance.
· it is necessary for reasons of substantial public interest.
· it is necessary for the defence of legal claims against us.
4. How we collect your information
Depending on which of our services you use, we may collect information about you from various sources, including:
- directly from you;
- your family members, employer or representative such as an insurance broker;
- other insurance companies;
- credit reference agencies;
- anti-fraud databases, sanctions lists, court judgements and other publicly available databases;
- government agencies such as the DVLA and HMRC;
- open electoral register; or
- in the event of a claim, third parties including the other party to the claim (claimant / defendant), witnesses, experts (including medical experts), loss adjustors, solicitors, and claim handlers
5. Who do we share your information with and why
We may share your information with;
- our insurance providers and third parties suppliers who help deliver products and services on our behalf, such as payment card providers, claim handlers, data storage providers.
- within our Group of companies to administer your policy and any related claims.
- national anti-fraud databases.
- auditors, regulators and ombudsman when required by a legal obligations.
- third parties where any or all of our assets are acquired by a third party, in which case personal data held by us may be transferred to the new party.
Outsourcing our services to other suppliers does not mean we outsource our accountability for data protection and we ensure the confidentiality and security of your personal information is protected by contractual restrictions and service monitoring.
We may transfer your information to a country outside of the European Economic Area (“EEA”) in order to deliver our services. We ensure this transfer and processing is carried out with the appropriate safeguards and in compliance with Data Protection Law, such as being protected by the necessary contractual terms.
We will share your information if we are required to by law. We may share your information to enforcement authorities if they ask us to, or to a third party in the context of actual or threatened legal proceedings, provided we can do so in compliance Data Protection Laws.
6. How long do we keep your information
We will retain your personal information for as long as is necessary for the purposes for which it was originally collected and allowed by Data Protection Law. The length of time we keep your personal information is determined in accordance with the following criteria:
- your relationship with us and the types of products of service you have with us;
- the length of time it is reasonable to keep records to demonstrate that we have fulfilled our obligations to you under the law
- any limitations periods within which claims might be made;
- any retention periods prescribed by law, by regulators, professional bodies or associations; and
- the existence of any relevant proceedings.
7. How do we keep your information secure
We are committed to keeping your personal information secure. We have put in place physical, electronic and operational procedures intended to safeguard and secure the information we collect. All our staff have a legal duty to respect the confidentiality of information, and access to confidential information is restricted to only those who have a reasonable need to access it
8. Your rights relating to your information
You have the following rights, subject to certain exceptions:
Right of subject access:
The right to make a written request for details of your personal information and receive a copy of that personal information.
Right of rectification
The right to have inaccurate information about you correct or removed
Right to erasure (‘right to be forgotten’)
The right to have certain personal information about you erased.
Right to restriction of processing
The right to request that your personal information is only used for restricted purposes.
Right to object
The right to object to processing of your personal information which we justify on our legitimate interests.
Right to data portability
The right to ask for the personal information you have directly given to us and is stored electronically, to be transferred to you or a third party in a machine-readable format.
These rights are not absolute and we will let you know in our correspondence with you whether we think they apply to you.
We may, in response to a request, ask you to verify your identity and to provide information that helps us to understand your request better. Once we have the necessary information from you and your request is valid, we will respond to you within one month of the receipt of a request unless the number and complexity of the requests made is deemed sufficiently high, in which case we may extend this time by a maximum of further two months. We will inform you if we need to make use of this additional time and why we need to do so.
If you wish to use any of your rights, please make your request in writing to our Data Protection Team whose contact details can be found below in the ‘How to contact us’ section.
If you are unhappy with our response to your request, or you believe the way we have processed your information is not in keeping with Data Protection Law, we would like to hear from you so we can either fix the problem or further explain our decision. Alternatively, you may contact our Data Protection Regulator, the Information Commissioner’s Office (ICO) for guidance and advice, or to lodge a compliant. The ICO may be contacted at:
Post: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113 (local rate)
9. How to contact us
If you have any questions, comments, complaints or wish to use your data protection rights, please contact the Group Data Protection Officer
Post: Group Data Protection Officer, Profile Risk Solutions Ltd, 250 Avenue West, Skyline 120, Great Notley, Essex, CM77 7AA.
10. Changes to our Privacy Notice
We keep our Privacy Notice under regular review and the latest version will always be available on this website. This Privacy Notice was last updated on 25 May 2018
The Site may use “cookies” to enhance your viewing experience. A cookie is a tiny computer file that is sent to your browser to be stored on your hard drive. Cookies can help track and assist your navigation through a website.
We do not use “persistent cookies”, which are cookies which would remain on your hard drive after you have closed down your web browser, and could track and report on your subsequent browsing patterns.
This Site contains general information about us and our products in the UK. The information contained in the Site is for general guidance on matters of interest only. Although every effort has been made to ensure the accuracy of the information on the Site, we cannot accept responsibility for any loss suffered as result of persons relying thereon.
We advise all clients and prospective clients to consult their own professional advisers on all matters as necessary. The application and impact of laws in different countries can vary widely dependent on the specific facts involved. The content of the Site does not constitute advice and should not be relied upon in making or refraining from making, any decision.
The Site is owned and operated by us. All content within the Site (other than certain licensed images) and its design are the property of us; all content, design and images included on the Site are protected by international copyright laws.