This privacy notice sets out how we use any information we collect about our customers (including policyholders and policy beneficiaries, brokers, claimants, and other users of our (re)insurance services) and their personnel for the purpose of providing our insurance services to our customers and about people browsing our website].
We are AEGIS Managing Agency Limited, a limited company registered in England and Wales under number 03413859 with registered office address at 33 Gracechurch Street, London EC3V 0BT (“AEGIS London”).
AEGIS London is part of a Group of companies of which AEGIS (Associated Electric & Gas Insurance Services Limited) is the ultimate parent company. AEGIS is a mutual insurance company registered in Bermuda.
AEGIS London acts as the Lloyd’s managing agent for AEGIS Syndicate 1225 and is registered with the Information Commissioner’s Office (“ICO”) under registration number Z5328746.
If you have any questions about this privacy notice or your information, or to exercise any of your rights described in this notice, you can contact our Data Protection Officer at:
Data Protection Officer
AEGIS Managing Agency Limited
33 Gracechurch Street
London EC3V 0BT
By email: email@example.com
By telephone: 020 7265 2100
THE INSURANCE MARKET AND PERSONAL INFORMATION
We provide services as an underwriter in the Lloyd’s insurance market across a range of insurance and reinsurance classes of business.
In order for the Lloyd’s insurance market to operate efficiently and effectively, information, including personal data, needs to be shared between different participants in the insurance market.
The London Insurance Market Core Uses Information Notice has been prepared to help explain how we and other participants in the Lloyd’s insurance market process personal data through the insurance lifecycle. The Insurance Market Notice can be found at https://www.londonmarketgroup.co.uk/gdpr
INFORMATION WE MAY COLLECT
We may collect the following information about you in order to provide insurance services to you:
When browsing our website, you are not required to provide any personal information. However, you may choose to provide us with personal data about yourself by corresponding with us by phone, email or through enquiry forms on our website.
We may also automatically collect, store and use technical information about your visits to our website and about your computer, tablet, mobile or other device through which you access our website (including the Internet protocol (IP) address).
FROM WHERE DO WE COLLECT YOUR INFORMATION
We may collect information about you from:
WHAT WE DO WITH YOUR INFORMATION
We use your information for:
We use your information for one or more of the following reasons:
SENSITIVE PERSONAL DATA
We will only use your sensitive personal information if:
SHARING YOUR INFORMATION WITH THIRD PARTIES
We may share your personal data:
We may also disclose your personal information to third parties where there is a legitimate reason to do so including for the following reasons:
AEGIS London’s offices are in the UK but as part of an international organisation we have other offices of our Group outside the UK. Authorised personnel may access your information in any country in which we operate. Therefore, it may be necessary to transfer your details to members of our group located in countries that may not offer equivalent data protection or privacy laws to those in the UK or the EU.
Regardless of where your information is transferred, we shall ensure that your information is safe and shall take all steps reasonably necessary to put in place appropriate safeguards to ensure that your information is treated securely and in accordance with this policy and applicable law. Details regarding these safeguards can be obtained from our Data Protection Officer whose details are given above.
SECURITY OF YOUR INFORMATION
We use industry standard physical, electronic and procedural security measures to protect your information from the point of collection to the point of destruction. Hard copy information files are restricted to authorised individuals. We use, as appropriate, firewalls, access controls, policies and other procedures such as pseudonymisation and/or encryption to protect your information from unauthorised access.
HOW LONG WE KEEP YOUR INFORMATION
Personal information received by us will be retained for as long as necessary to fulfil the purposes described in this notice or for the maximum period of time as required by law, after which time it will be destroyed in a secure manner.
Access to your information and updating your information:
You have the right to access information which we hold about you. If you so request, we shall provide you with a copy of your personal information which we are processing (“subject access request”).
You also have the right to receive your personal information in a structured and commonly used format so that it can be transferred to another data controller ("data portability").
We want to make sure that your personal information is accurate and up to date. You may ask us to correct or remove information you think is inaccurate.
Right to object:
You have the right to object at any time to our processing of your personal information for direct marketing purposes.
Where we process your information based on our legitimate interests:
You also have the right to object, on grounds relating to your particular situation, at any time to processing of your personal information which is based on our legitimate interests. Where you object on this ground, we shall no longer process your personal information unless we can demonstrate legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Your other rights:
You also have the following rights under data protection laws to request that we rectify your personal information which is inaccurate or incomplete.
In certain circumstances, you have the right to:
Please note that the above rights are not absolute. We may be entitled to refuse requests, wholly or partly, where exceptions under applicable law apply.
EXERCISING YOUR RIGHTS
You can exercise any of your rights as described in this policy and under data protection laws by contacting the Data Protection Officer.
Save as provided under applicable data protection laws, there is no charge for the exercise of your legal rights. However, if your requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may either: (a) charge a reasonable fee (subject to any limits imposed by applicable law) taking into account the administrative costs of providing the information or taking the action requested; or (b) refuse to act on the request.
Where we have reasonable doubts concerning the identity of the person making the request, we may request additional information necessary to confirm your identity.
We hope that our DPO can resolve any query or concern you may have about our use of your information.
You also have the right to complain to the Information Commissioner’s Office (https://ico.org.uk/) about our data processing activities in relation to your personal information if you think they infringe applicable data protection laws (ICO helpline on 0303 123 1113).
UPDATES TO THIS POLICY
We may review and, if appropriate, update this policy from time to time. We will place notice of any such amendments on our website. Please visit our website for the most recent version of this policy.
This policy was last reviewed and updated on 21 May 2018.