Skreen Financial Services Ltd (Skreen) – Privacy Notice
This Notice contains details of the basis on which we will process (collect, use, share, transfer) and store your information. You should show this notice to all parties related to this insurance arrangement. If you have given us information about someone else, you are deemed to have their permission to do so.
For further information you can e-mail info@ponsfordinsurance.co.uk or write to Skreen Financial Services Ltd t/a Ponsford Insurance Services, 10 – 12 Queens Road, Portishead, Bristol, BS20 8HT
Use of Information
Skreen is the insurance intermediary with whom you have arranged your insurance; we will treat your personally identifiable information strictly in accordance with The General Data Protection Regulations (GDPR) 2018.
Data Controller and Data Processor
Principally we will ensure data is processed lawfully, fairly and in an open and transparent manner and ensure appropriate security measures are in place against unauthorised or unlawful processing or accidental loss, destruction or damage using appropriate technical or organisational measures. (such as restricting access to key people within our organisation for certain aspects of your information; and periodically checking the level of security we apply to prevent unauthorised use, accidental loss, or misuse of your information)
We are governed by and shall operate strictly in accordance with contracts we have in place with our suppliers (e.g. Insurance Companies, our Software Providers, and similar providers of services to us) which set out our relationship as a processor as required by the GDPR 2018.
Lawful Basis
Collecting information about you
We will collect personal data which will include a variety of information about you (e.g. your name, address of residence, communication and contact details, and your date of birth). We will also collect where relevant to do so information relating to you indirectly by reference to an identifier (e.g. your IP address, which is a unique number identifying your computer, laptop or similar portable device).
Where required and appropriate to do so, we will also collect sensitive personal information (e.g. details about motoring or criminal convictions, your health, your credit history and other similarly sensitive information).
In certain circumstances (e.g. when an Insurance Company or similar provider of services to us requires us to do so) we will collect information from a variety of different sources (e.g. publicly available sources, such as social media and networking sites; third party databases generally available to the financial services sector, or broader commerce industries including, claims management firms, loss adjusters and or other suppliers appointed in the process of handling a claim or credit reference and similar agencies), including information from you regarding your past policies.
Using information about you
We use information, including sensitive information, about you, and other parties related to this insurance, because it is:
- necessary for the performance of or to take steps for you to enter into a contract of insurance; or
- necessary for compliance with a legal obligation
This includes providing you with an insurance quotation, arranging a policy, and providing administration through-out the lifecycle of an insurance arrangement as well helping you make a claim.
In certain circumstances, such as when you request a quotation, make changes to an existing policy or at each renewal of an insurance arrangement, our assessment may involve a decision to determine whether we are able to provide you with an insurance arrangement.
We will also use your information when there is a justifiable reason for doing so, such as compliance with legal obligation (e.g. for the prevention and detection of fraud and financial crime) and for the recording and monitoring of telephone calls for auditing reasons.
Sharing your information
We will share information, including sensitive information, about you, and other parties related to this insurance because it is:
- necessary for the performance of or to take steps for you to enter into a contract of insurance; or
- necessary for compliance with a legal obligation
- necessary to protect your interests; and
- necessary for a task carried out in the public interest or for an exercise of an official authority (e.g. a regulatory body)
This includes sharing your information with carefully selected third parties providing a service to us or on our behalf and or Close Premium Finance Limited or similar.
What we will not do with your information
Unless required to do so by law, or for reasons other than those outlined (see sharing your information) we will never otherwise share your personal information without good reason and without ensuring the appropriate care and necessary safeguards are in place; and we will ask you for your consent to share that information, explaining the reasons.
How long we will keep information
We will only keep and or maintain information about you for as long as is necessary in providing our products and services to you or for compliance with a legal or regulatory obligation, including the legitimate interests of a controller.
This means, we will only keep, information that is necessary to keep, purely for compliance with legal reasons, for a minimum retention period of 7 years after cessation of a product or service we have provided.
This shall be in compliance with the GDPR 2018 and using appropriate technical or organisational measures we will regularly:
- review the length of time we keep and or maintain information about you;
- consider the purpose or purposes why we hold the information about you in deciding whether (and for how long) to retain it;
- securely delete information about you that is no longer needed for this purpose or these purposes; and
- update, archive or securely delete information about you if it goes out of date.
Sensitive Data
In carrying out our duties as Data Processor we will collect sensitive information, about you, and other parties related to this insurance because it is:
- necessary for the performance of or to take steps for you to enter into a contract of insurance; or
- necessary for compliance with a legal obligation
- necessary to protect your interests; and
- necessary for a task carried out in the public interest or for an exercise of an official authority (e.g. a regulatory body)
What we mean by sensitive data includes information such as:
- about your health including medical conditions;
- motoring or other criminal convictions; and
- racial or ethnic origin or religious beliefs.
Use and storage of your information overseas
We will never knowingly transfer, store, or process information about you outside the United Kingdom (UK) or the European Economic Area (EEA). In any event, if we are compelled to transfer your information outside the UK or EEA (e.g. because it is an insurance arrangement with an Insurance Company who is outside the UK or EEA or part of a larger group of companies who pass information outside the UK or EEA) it shall be in compliance with the conditions for transfer set out in the GDPR and or restricted to a country which is considered to have adequate data protection laws, and all reasonable steps shall typically have been undertaken to ensure the firm has suitable standards in place to protect your information.
Using our Website and Cookies
You will be asked to accept a cookie, which is a small file of letters and numbers that is downloaded on to your computer when you visit our website. This will be clearly explained to you when you visit our website and you will typically have to accept the cookie to benefit from the services our website can offer.
Cookies are operated in strict accordance with Privacy and Electronic Communications Regulations 2011 (PECR) and are widely used by many websites and enable our website to remember your preferences, recording information you have entered.
Individual Rights
You have a number of rights relating to the information we hold about you, these rights include but are not limited to:
- a copy of your personal information we hold (we have a maximum of one month to give you this information);
- rectify information, if it is inaccurate or incomplete;
- request the deletion or removal of your personal data where there is no compelling reason for its continued processing;
- suppress processing of your personal data, when processing is restricted, we are permitted to store the personal data, but not further process it. We will retain sufficient information about the individual to ensure that the restriction is respected in future (see Marketing);
- object to certain uses of your personal information (see Marketing);
- withdraw any permission you have previously provided; and
- complain to the Information Commissioner’s Office at any time if you are not satisfied with our use of your information.
You can request a copy of your personally identifiable information we hold by contacting us.
You have a right to data portability so we will normally, not only provide the information free of charge (however we may apply a charge where information requests are excessive) but we will provide that information in a format that is easily accessible, typically in a CSV format, should you require it to allow your information to be exchanged easily with other organisations.
Marketing Section
Separately we will always ask for your permission (consent) to contact you, including the means to contact you (such as by phone, or e-mail, SMS text, or post) to tell you about:
- new products or services we have or are developing;
- trialling products and services which we think may improve our service to you or our business processes;
- offer you rewards;
- enter you into a competition;
We will typically ask for your permission when you first contact us, but you will maintain the right to easily withdraw your consent when-ever you wish (unsubscribe).
We will regularly review your consent to check that your relationship with us and the processing and the purposes have not changed.
We will have processes in place to refresh your consent at appropriate intervals, including any parental consents and act on withdrawals of consent (unsubscribe) as soon as we can and not penalise you if you do not choose to give or later choose to withdraw your consent.