Customer Privacy Notice

CLICK HERE to download a PDF version of our Customer Privacy Policy

Why should you read this document?

During the course of dealing with us, we will ask you to provide us with detailed personal information relating to your business and your employees. This may include information in respect of their existing circumstances, financial situation and, in some cases, their health and family health history (Personal Data). This document is important as it allows us to explain to you what we will need to do with this Personal Data, and the various rights you and your employees have in relation to Your Personal Data.

What do we mean by “Your Personal Data”?

Your Personal Data means any information that describes or relates to you or your employees’ personal circumstances.  The Personal Data may identify each individual directly, for example their name, address, date of birth, National Insurance number. The Personal Data may also identify them indirectly, for example, employment situation, physical and mental health history, or any other information that could be associated with their cultural or social identity.
In the context of providing you with assistance in relation to your insurance requirements the Personal Data may include:

• Title, names, date of birth, gender, nationality, civil/marital status, contact details, addresses and documents that are necessary to verify identity.
• Employment and remuneration information, (including salary/bonus schemes/overtime/sick pay/other benefits) and employment history.
• Bank account details, family circumstances and details of dependents.
• Health status and history, details of treatment and prognosis, medical reports (further details are provided below specifically with regard to the processing we may undertake in relation to this type of information).
• Any pre-existing insurance products and the terms and conditions relating to these.

 

The basis upon which our Firm will deal with the Personal Data

When we speak with you about your insurance requirements, we do so on the basis that both parties are entering a contract for the supply of services.
In order to perform that contract, and to arrange the products you require, we have the right to use the Personal Data for the purposes detailed below.
Alternatively, either in the course of initial discussions with you or when the contract between us has come to an end for whatever reason, we have the right to use the Personal Data provided it is in our legitimate business interest to do so and your rights are not affected.  For example, we may need to respond to requests from insurance providers and our Compliance Service Provider relating to the advice we have given to you, or to make contact with you to seek feedback on the service you received.
On occasion, we will use the Personal data for contractual responsibilities we may owe our regulator; The Financial Conduct Authority, or for wider compliance with any legal or regulatory obligation to which we might be subject.  In such circumstances, we would be processing the Personal Data in order to meet a legal, compliance or other regulatory obligation to which we are subject.

What happens to Your Personal Data when it is disclosed to us?

The basis upon which we will process certain parts of Your Personal Data

Where you ask us to assist you with your insurance requirements, in particular life insurance and insurance that may assist you or your employees in the event of an accident or illness, we will ask you information about ethnic origin, health and medical history (Special Data). We will record and use the Special Data in order to make enquiries of insurance providers in relation to insurance products that may meet your needs and to provide you with advice regarding the suitability of any product that may be available to you.
If your employees have responsibility for children under the age of 13, it is also very likely that we will record information on our systems that relates to those children and potentially, to their Special Data.
The arrangement of certain types of insurance may involve disclosure by you to us of information relating to historic or current criminal convictions or offences (together “Criminal Disclosures”). This is relevant to insurance related activities such as underwriting, claims and fraud management.
We will use Special Data and any Criminal Disclosures in the same way as the Personal Data generally, as set out in this Privacy Notice.
Information on Special Category Data and Criminal Disclosures must be capable of being exchanged freely between insurance intermediaries such as our Firm, and insurance providers, to enable customers to secure the important insurance protection that their needs require.

How do we collect Your Personal Data?

We will collect and record the Personal Data from a variety of sources, but mainly directly from you. You will usually provide information during the course of our initial meetings or conversations with you to establish your circumstances and needs and preferences in relation to insurance. You will provide information to us verbally and in writing, including email.
We may also obtain some information from third parties, for example, credit checks and searches of information in the public domain such as the voters roll.  If we use technology solutions to assist in the collection of Personal Data (for example; software that is able to verify your credit status), we will only do this if we have consent from you for us or our nominated processor to access your information in this manner. With regards to electronic ID checks we would not require your consent but will inform you of how such software operates and the purpose for which it is used.

What happens to Your Personal Data when it is disclosed to us?

In the course of handling the Personal Data, we will:

• Record and store the Personal Data in our paper files, mobile devices and on our computer systems (email, hard drives, and cloud facilities). This information can only be accessed by employees and consultants within our Firm and only when it is necessary to provide our service to you and to perform any administration tasks associated with or incidental to that service
• Submit the Personal Data to insurance providers, both in paper form and on-line via a secure portal. The provision of this information to a third party is essential in allowing us to progress any enquiry or application made on your behalf and to deal with any additional questions or administrative issues that providers may raise.
• Use the Personal Data for the purposes of responding to any queries you may have in relation to any insurance policy you may take out, or to inform you of any developments in relation to those products and/or polices of which we might become aware

Sharing Your Personal Data

From time to time the Personal Data will be shared with:

• Insurance providers and/or product providers
• Third parties who we believe will be able to assist us with your enquiry or application, or who are able to support your needs as identified. These third parties will include but may not be limited to, our Compliance Advisers, Insurance/Product specialists, providers of legal services (in each case where we believe this to be required due to your particular circumstances).

In each case, the Personal Data will only be shared for the purposes set out in this Privacy Notice, i.e. to progress your insurance enquiry and to provide you with our professional services.
Please note that this sharing of Personal Data does not entitle such third parties to send you marketing or promotional messages: it is shared to ensure we can adequately fulfil our responsibilities to you, and as otherwise set out in this Privacy Notice.
Depending on the Insurance product and Insurer chosen, it may involve the Personal Data being transferred outside of the European Economic Area.

Security and retention of Your Personal Data

Your privacy, and the privacy of your employees is important to us and we will keep the Personal Data secure in accordance with our legal responsibilities. We will take reasonable steps to safeguard the Personal Data against it being accessed unlawfully or maliciously by a third party.
We also expect you to take reasonable steps to safeguard your own privacy when transferring information to us, such as not sending confidential information over unprotected email, ensuring email attachments are password protected or encrypted and only using secure methods of postage when original documentation is being sent to us.
The Personal Data will be retained by us either electronically or in paper format for a minimum of six years, or in instances whereby we have  legal right to such information we will retain records indefinitely.

Sharing Your Personal Data

From time to time the Personal Data will be shared with:

• Insurance providers and/or product providers
• Third parties who we believe will be able to assist us with your enquiry or application, or who are able to support your needs as identified. These third parties will include but may not be limited to, our Compliance Advisers, Insurance/Product specialists, providers of legal services (in each case where we believe this to be required due to your particular circumstances).

In each case, the Personal Data will only be shared for the purposes set out in this Privacy Notice, i.e. to progress your insurance enquiry and to provide you with our professional services.
Please note that this sharing of Personal Data does not entitle such third parties to send you marketing or promotional messages: it is shared to ensure we can adequately fulfil our responsibilities to you, and as otherwise set out in this Privacy Notice.
Depending on the Insurance product and Insurer chosen, it may involve the Personal Data being transferred outside of the European Economic Area.

Security and retention of Your Personal Data

Your privacy, and the privacy of your employees is important to us and we will keep the Personal Data secure in accordance with our legal responsibilities. We will take reasonable steps to safeguard the Personal Data against it being accessed unlawfully or maliciously by a third party.

We also expect you to take reasonable steps to safeguard your own privacy when transferring information to us, such as not sending confidential information over unprotected email, ensuring email attachments are password protected or encrypted and only using secure methods of postage when original documentation is being sent to us.
The Personal Data will be retained by us either electronically or in paper format for a minimum of six years, or in instances whereby we have  legal right to such information we will retain records indefinitely.

Your rights in relation to the Personal Data

You can:

• Request copies of the Personal Data that is under our control.
• Ask us to further explain how we use the Personal Data.
• Ask us to correct, delete or require us to restrict or stop using the Personal Data (details as to the extent to which we can do this will be provided at the time of any such request).
• Ask us to send an electronic copy of the Personal Data to another organisation should you wish.
• Change the basis of any consent you may have provided to enable us to market to you in the future (including withdrawing any consent in its entirety).

How to make contact with our Firm in relation to the use of the Personal Data

If you have any questions or comments about this document, or wish to make contact in order to exercise any of your rights set out within it please contact:
Engage Health Group Limited,  Lees House, 21-23 Dyke Road, Brighton, BN1 3FE.
[email protected]
If we feel we have a legal right not to deal with your request, or to action, it in different way to how you have requested, we will inform you of this at the time.
You should also make contact with us as soon as possible on you becoming aware of any unauthorised disclosure of the Personal Data, so that we may investigate and fulfil our own regulatory obligations.
If you have any concerns or complaints as to how we have handled the Personal Data you may lodge a complaint with the UK’s data protection regulator, the ICO, who can be contacted through their website at https://ico.org.uk/global/contact-us/ or by writing to Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

Third Party Processors

Our carefully selected partners and service providers may process personal information about you on our behalf as described below:

“Digital Marketing Service Providers

We periodically appoint digital marketing agents to conduct marketing activity on our behalf, such activity may result in the compliant processing of personal information.  Our appointed data processors include:

(i)Prospect Global Ltd (trading as Sopro) Reg. UK Co. 09648733. You can contact Sopro and view their privacy policy here: http://sopro.io. Sopro are registered with the ICO Reg: ZA346877 their Data Protection Officer can be emailed at: [email protected].”

Data Subject Consent Form

I hereby grant Engage Health Group Limited permission to process the personal data for the purpose stated in the Privacy statement above.

Signed:

Print Name:

Date:

Marketing Consent

I hereby grant Engage Health Group Limited permission to process the personal data for the purpose of Marketing. By providing your consent, you agree that you have given your express permission for us to market you regarding products and services that we think may be of interest to you and by any means of communication that is suitable at the time.

IMPORTANT NOTES: Marketing by our Firm

If you do not indicate your agreement for us to make contact with you, we may be unable to provide you with details of products and/or services that may suit your needs and circumstances.
We would like to maintain a record of your express consent for us to contact you by post, telephone, SMS, email and instant messaging for marketing our products or services that we think may be of interest to you. Please indicate your consent to us contacting you by any of the means specified below:

Post c                        Phone c                   SMS  c                           Email c