Privacy Policy
At Andrew Copeland, we routinely collect and use personal information about individuals, including insured persons, claimants or brokers. We take our responsibilities to handle your personal data with care very seriously, and protecting the privacy of your personal data is of great importance to us. In this Privacy Policy, we want you to understand when, why and how we collect and use personal information about you, your rights regarding this information, the conditions under which we may disclose it to others and how we keep it secure.
Important:This Privacy Policy does not supersede the terms of any insurance policy or contract you have with Andrew Copeland, nor does it limit or affect any rights you have under applicable data protection regulations.
WHO COLLECTS YOUR PERSONAL INFORMATION?
Andrew Copeland is a group of companies that operate in the UK and EEA. The Andrew Copeland entity that originally collected information from you will be principally responsible for managing your personal information. If you have an insurance policy with us, this will be the Andrew Copeland entity named on that policy.
WHAT TYPE OF PERSONAL INFORMATION DO WE COLLECT ABOUT YOU?
The types of personal information we collect about you depends upon your relationship with Andrew Copeland.
If you are an Insured Person or Potential Insured, we collect personal information of the policyholder, prospective insured, and related individuals in order to determine eligibility for, underwrite and administer insurance policies. In some instances, we may need to collect sensitive personal information, such as information about your medical or criminal history.
If you are a claimant making a claim under an Andrew Copeland policy, we may need to collect your contact information, as well as information about your claim and previous claims. We may also need to collect sensitive personal information, depending on the nature of your claim.
If you are a broker, we will collect your business contact details and financial information.
The types of personal and sensitive personal information we may collect include:
- Name, Address, Phone Number, Email
- Gender
- Marital Status
- Date and Place of Birth
- Government identification numbers, National Insurance, Passport, Tax, Driver’s Licence
- Family Information
- Banking Information
- Health Information / Medical History
- Criminal History
- Claims / Policy Numbers
HOW DO WE COLLECT INFORMATION ABOUT YOU?
If you are an insured or potential insured, we collect information from you or your representative through the policy application process. We may also collect information about you from your family members or employer, anti-fraud databases, sanctions lists, and relevant government agencies, including public registers or databases.
If you are a claimant, we will collect information about you when you notify us of a claim, or if the claim is made by someone with a close relationship to you or who otherwise has authority to make a claim on your behalf. We may also collect personal information about you from others who are involved in the claim, including lawyers, witnesses, experts, and adjusters. Finally, we may consult other public sources to validate the claim or protect against fraud or other financial crime.
If you are a broker, we will collect information about you when you or your company provides that information to us as part of the business relationship.
WHY DO WE COLLECT YOUR PERSONAL INFORMATION?
We may collect your personal information for the following purposes:
If you are an insured or potential insured:
- Account setup, including background checks
- Evaluating risks to be covered
- Risk modelling and underwriting
- Customer service communications
- Payments to / from individuals
- Direct marketing
- Complying with legal or regulatory obligations
If you are a claimant:
- Managing insurance or reinsurance claims
- Defending or prosecuting legal claims
- Investigating or prosecuting fraud
- Complying with legal or regulatory obligations
If you are a broker:
- Managing our business relationship with you
HOW DO WE PROTECT YOUR PERSONAL INFORMATION?
We will only use your personal information where we are satisfied that:
- Where required, you have provided your consent to use your data in the appropriate manner
- We must use your personal information to perform a contract – for example, to manage your insurance policy with us
- We have a legitimate interest as a business to use your personal information – for example, to improve our products
If we are required to collect sensitive personal information about you, we will make sure we have the right to do so. Typically, the right will arise from:
- Your explicit consent to collect and use the information
- An insurance-specific exemption provided by regulations enacted by specific European Union (EU) member states, permitting the collection and use of such sensitive personal information
- Our need to establish, exercise, or defend your legal rights as an insured or claimant, or the rights of Andrew Copeland.
Please note: If you provide explicit consent to our collect of sensitive personal information, you may withdraw this consent to this collection and use at any time. However, your withdrawal of consent may prevent us from providing you with appropriate insurance services, and in certain circumstances it may not be possible for insurance coverage to continue. If you chose to withdraw your consent, we will inform you of the possible consequences and effects, including cancellation of your policy.
WHERE DOES YOUR PERSONAL INFORMATION GO?
We may need to transfer your personal information to third parties, to help manage our business and delivery of services to you. The third parties may include:
For insureds or potential insureds:
- Brokers
- Other insurers or reinsurers
- Services providers who supply back office support
- Regulators, including the Financial Conduct Authority (FCA), Information Commissioners’ Office (ICO), or Prudential Regulation Authority (PRA)
- Foreign law enforcement agencies
For claimants:
- Third-Party Administrators
- Adjusters and other claims experts
- Outside legal counsel
- Foreign law enforcement agencies
For claimants:
- Third-Party Administrators
- Adjusters and other claims experts
- Service providers who supply back-office support
- Outside legal counsel
- Foreign law enforcement agencies
Whenever it is necessary to transfer your personal information to our affiliates, agents or contractors located outside of the UK or EEA, we will take appropriate steps to ensure that such transfer adequately protects your rights and interests.
We will only transfer your personal information to countries recognised as providing an adequate level of legal protection, or where we are satisfied that protections are in place to properly protect your privacy rights.
Transfers to our service providers and brokers are protected by contractual agreements that also require an adequate level of data protection. These include implementing the European Commission’s Standard Contractual Clauses and the UK Addendum to the EU Standard Contractual Clauses.
HOW LONG DO WE KEEP YOUR INFORMATION?
We will keep your personal information only so long as is necessary to provide service to you under your policy, or for the purposes described above. Specifically, we will keep your information for so long as a claim may be brought under the policy, or where we are required to keep your personal information to satisfy legal or regulatory obligations.
In some cases, we may keep your personal information for longer periods of time, in order to maintain accurate records in the event of future complaints, challenges, or litigation regarding your policy, claims, or other issues that may arise.
Once your personal information is no longer required, it will be securely deleted.
YOUR RIGHTS
You have certain rights in relation to how Andrew Copelands collects and uses your personal information. To exercise any of these rights, please contact us as set forth below. Your rights include:
Right to Access – you may
- Confirm whether we are collecting and using your personal information
- Obtain a copy of your personal information from Andrew Copelands
- Obtain additional information about your personal information, including:
- What information we have
- How we collect your information
- How we use it
- To whom we disclose it
- Whether we transfer it outside the EEA, and how we protect it
- How long we keep it
- Your rights
- How you can make a complaint
Right to Rectify – you may ask us to correct personal information that is inaccurate.
Right to Erasure – you can ask us to erase your personal information only where:
- It is no longer needed for the purposes for which it was collected
- You have withdrawn consent that you explicitly provided
- It was unlawfully processed
- You have an appropriate Right to Object (see below)
- Andrew Copeland must comply with a legal obligation to erase the personal information
Andrew Copeland is not required to erase your personal information if continued collection and use of it is necessary:
- To comply with a legal obligation
- To establish, exercise or defend legal claims of the company or our insureds
Right to Restrict Use – you can ask us to restrict the use of your personal data only where:
- You contest its accuracy, in order to give us the opportunity to verify and correct it
- Its collection and use is unlawful, but you do not want it erased
- It is no longer need for the purposes for which it was collected, but is still needed to establish, exercise, or defend legal claims
- You have exercised the right to object and that decision is pending
We may continue to use your personal information where:
- You consented to its use, and have not withdrawn that consent
- We must use it to establish, exercise, or defend legal claims
- We must use it to protect the rights of another person
Right to Data Portability – you can ask that we provide your personal information to you in a structured, portable format, or that your personal information be directly transferred to another company, but only if our collection and use of that information:
- Is based on your consent, or on the performance of a contract with you
- Is carried out by automated means
Right to Object – you can object to the collection and use of your personal information for which Andrew Copelands uses “legitimate interest” as its basis for collection, if you believe your fundamental rights and freedoms outweigh our legitimate interests. Once you object, we have the opportunity to demonstrate that our legitimate interests are compelling enough to override your rights and freedoms.
Right to File Complaint – you can file a complaint with your local supervisory authority regarding our collection and use of your personal information.
International Transfers-- ur personal information will not be transferred outside the UK or EEA by Andrew Copelands. However, where your personal information has been passed to third parties they in-turn may require that information to be transferred outside of the UK/EEA. In such circumstances we will ensure that those third parties have adequate policies in place to ensure your privacy rights are protected. These include implementing the European Commission’s Standard Contractual Clauses and the UK Addendum.
Subject Access Requests Administration: the following may apply to your request regarding your personal information:
- We will respond to all valid requests within thirty days
- You will not be charged a fee when we process your request. We reserve the right to charge a reasonable fee if your request is unfounded, repetitive or excessive
HOW TO CONTACT US
Please address all enquiries, requests, and other communications regarding your personal information or this Privacy Policy to:
Data Protection Officer
info@acopeland.com
224 High Street
Beckenham
BR3 1EN
0208 656 2544
WHY DO WE PROCESS YOUR PERSONAL INFORMATION?
The following describes the types of personal information we may process about you, the legal basis for which we process it, and those with whom we may share or disclose your personal information.
| Purpose for Processing | Types of Personal Information | Legal Basis for Processing | We May Disclose to or Share With |
|---|---|---|---|
| Insureds and Potential Insureds | |||
| Account setup, quotation and policy inception | Contact Details Risk Information Policy Information Criminal History | Performance of a contract Legitimate Interest (to ensure we keep accurate information about you, ensure you are within our acceptable risk profile, and prevent crime/fraud) Consent Legal Obligation | Brokers, other insurers, reinsurers Anti-fraud agencies Foreign law enforcement authorities |
| Evaluating covered risks, risk modelling and underwriting | Risk Information Health Information Criminal History | Legitimate Interests (to determine risk profile and appropriate type/cost of cover) Consent Performance of a Contract | Brokers Other insurers Third Party Administrators |
| Customer Service Communications | Contact Details Policy Information | Performance of a Contract Consent | Customer Service Providers |
| Payments to/from individuals | Contact Details Financial Information | Performance of a Contract | Banks/Financial Services Providers |
| Direct Marketing | Contact Details | Legitimate Interest (to provide insureds with information on products/services of interest) Consent | Services Providers |
| Complying with legal or regulatory obligations | Contact Details Policy Information Risk Information Financial Information | Legal obligations | Regulators, including FCA, PRA, ICO Law enforcement authorities (domestic or foreign) Legal Counsel Courts Other insurers |
| Claimants | |||
| Managing insurance claims | Contact Details Policy Information Claim Information Health Information Criminal History Financial Information | Performance of a Contract Legitimate Interest (to maintain accurate records of all claims, to assess circumstances of a claim) Consent Establish, exercise or defend legal claims Statutory provision | Third-Party Administrators Adjustors / claims experts Back-office service providers Outside legal counsel Foreign law enforcement authorities |
| Defending or prosecuting legal claims | Contact Details Policy Information Claim Information Health Information Criminal History Financial Information | Establish, exercise or defend legal claims | Outside legal counsel Law enforcement authorities (domestic or foreign) Courts Regulators including FCA, PRA, ICO |
| Investigating or prosecuting fraud | Claim Information Anti-Fraud Information | Performance of a Contract Legitimate Interest (to monitor, detect, and prevent fraud) Consent Establish, exercise or defend legal claims | Anti-fraud agencies Law enforcement authorities (domestic or foreign) |
| Complying with legal or regulatory obligations | Claim Information Health Information Criminal History Financial Information Anti-Fraud Information | Legal obligation Establish, exercise or defend legal claims Statutory provision | Regulators, including CBI, Data Protection Commissioner, PRA, FCA, ICO Ombudsmen, including FSPO and FOS Law enforcement authorities (domestic or foreign) Legal counsel Courts Other insurers |
| Brokers | |||
| Managing our business relationship with you | Contact Details Financial Information | Legitimate Interest (to maintain accurate information on brokers) Consent Performance of a Contract | Back-office service providers |