Frank Glennon (Life & Pensions) Limited
Data Protection Privacy Notice
1. This privacy notice tells you how we use your information and confirms that your Data Controller is Frank Glennon Limited (“we”, “us”, “our”), Charlemont House, Charlemont Place, Dublin 2. Email: email@example.com.
2. Our Data Protection Officer is contactable by email at: firstname.lastname@example.org or write to The Data Protection Officer, Frank Glennon Limited, Charlemont House, Charlemont Place, Dublin 2.
3. This Data Privacy Notice (Notice) is an important document. Please read it carefully. It is also available on our website at www.glennons.ie/terms-and-conditions/. If you would like a printed copy, please contact email@example.com and we will send you a copy.
4. “Data Controller” and “Personal Data” have the meaning given in the General Data Protection Regulations 2016.
5. How and Why We Use Your Personal Information
5.1. Personal data provided by you or by others will be used by us, and your insurance company (where applicable), for the provision and administration of insurance products, related services and for statistical analysis.
5.2. Should you be unable to provide us with the required personal data, we will be unable to provide you with insurance or process a claim.
5.3. Legislation and various codes of conduct require us to gather additional information from and about you. For example, we gather documentation to prove your identity and validate your address to comply with Anti-Money Laundering Legislation.
5.4. We will use and share certain personal data for the performance of the contract or to take steps prior to entering into the contract of insurance. The following processing activities are used for this legal purpose:
(a). Providing a quotation,
(b). Arranging and administering a policy,
(c). Handling a claim,
(d). Handling a third party claim,
(e). Sharing details with or seeking personal information from your Insurer (if applicable) and anyone authorised by you to act on your behalf,
(f). Sharing details with or seeking personal information from loss adjusters, repairers and other claims handling agents, medical practitioners, engineers and legal practitioners.
5.5. We will use and share certain personal data so as to comply with certain legal obligations and regulatory requirements. The following processing activities are used for this legal purpose:
(a). To verify your identity and verify the accuracy of the information we receive,
(b). To process any payments whether in relation to your policy or a claim,
(c). To manage and investigate any complaints,
(d). To comply with laws and regulations,
(e). To make back-ups of your data in case of emergencies and for disaster recovery purposes.
5.6. We will use and share certain personal data for legitimate business interests. The following processing activities are used for this legal purpose:
(a). Risk management, auditing and the provision of legal advice which are key governance functions to protect our business,
(b). Checking information provided ensures accuracy which contributes to effective administration of insurance products and services,
(c). Prevention and detection of fraud to help protect the business and the insurance market,
(d). Direct marketing of our other products and services by post, telephone (including mobile), e-mail or other means of communication which might be of interest to you.
(e). Market research, competitions, customer satisfaction surveys, and data analytics, including profiling, to develop and enhance the customer relationship and journey as part of our business strategy,
(f). We may record or monitor calls for regulatory, training and quality purposes,
(g). We may also share with or seek information from a number of external parties in order to administer your policy and to prevent and detect fraud. For example:
5.6.g.1. Other insurance companies and intermediaries to confirm information provided and to safeguard against non-disclosure and help prevent insurance fraud,
5.6.g.2. Anyone authorised to act on your behalf,
5.6.g.3. Our Third Party Service Providers such as technology suppliers, hosting/storage providers, payment providers and document providers,
5.6.g.4. As a result of our legal and regulatory obligations. This can include with An Garda Siochana, other official agencies and on foot of a Court Order or Subpoena,
5.6.g.5. Our subsidiary companies to deliver our products and services and fulfil our operating entity responsibilities.
5.6.g.6. Loss adjusters, claims investigators, repairers, medical practitioners, solicitors and other firms as part of the claims handling process,
5.6.g.7. With prospective sellers or buyers in the event that we decide to sell or buy any business or assets.
5.7. Where we obtain data from the above sources, the categories we obtain will be personal data or claims information relating to insurance profiling, claims handling and fraud prevention.
5.8. We may need your consent for the processing of certain data and in these cases, we will inform you of such processing and the reason for this at the time consent is captured.
5.9. In order to provide you with the insurance policy, we may share your information with our service providers and on occasions, some of your personal information may be sent to other parties outside of the European Economic Area (EEA). We would only do this in compliance with the appropriate legal and technical safeguards such as the standard data protection clauses adopted by the European Commission, Binding Corporate Rules or as a result of an adequacy decision of the European Commission.
5.10. In all of these processing activities, your interests are considered and we ensure that necessary safeguards are in place to protect your privacy, such as contracts in place with third parties, restricted access to data, regular testing and evaluation of technical and organisational security measures, retention limitations etc.
6.1. The accuracy of the personal data you provide to us is paramount to the provision of valid insurance and administration services.
6.2. Accordingly, when you provide us with personal data, you warrant and represent to us that in respect of any personal data of any data subject which you provide to us you have the authority of the relevant data subject(s) to disclose such personal data to us and that all such data is accurate, complete and up to date.
6.3. You also warrant that you will make them aware of this Data Protection Notice and the terms of the insurance (including changes to the terms or processing activities).
7. How Long We Keep Your Personal Information
7.1. Information submitted for a quotation, which does not result in the issue of a quotation pack, may be retained by us for a period of up to 2 years from the date of the quotation.
7.2. All information in respect of a quotation, which does result in the issue of a quotation pack, and in respect of a policy arranged and administered by us (to include all call recordings and claims on the policy) will be held for 8 years after the ending of our Client/Broker relationship to ensure we meet our regulatory obligations.
7.3. There are certain policies where we need to keep data for longer than the normal periods where we may receive claims where the claimant was not aware of the injuries until a long time after it was caused.
8. Your Rights In Relation To Your Personal Information
8.1. You have the right to request a copy of your personal data, and to have incorrect personal data about you corrected.
8.2. Where we required your consent to process your personal data you have the right to withdraw your consent for such processing.
8.3. You also have the right to have your personal data erased, object to certain processing activities, or to have the processing restricted.
8.4. You have the right to data portability for insurance purposes.
8.5. If you would like to exercise any of these rights, please email a request to firstname.lastname@example.org or write to us at the address contained in Section 2 of this notice. To ensure that we do not disclose your personal information to a party who is not entitled to it, when you are making the request please provide us with:
(a). Your name;
(c). Date of birth;
(d). Any policy IDs or reference numbers that you have along with a copy of your photo identification and proof of address.
8.6. All requests are free of charge although we reserve the right to charge an administrative fee for subsequent requests (such as when the request is part of a series of repeated requests over a short period of time).
8.7. We endeavour to respond within one month from receipt of the request. If we do not meet this time frame, we will explain why this was in our response.
8.8. Please note that simply submitting a request does not mean we will be able to fulfil it – we are often bound by legal and legislative obligations which can prevent us fulfilling some requests in their entirety, but when this is the case we will explain this to you in our response.
8.9. Please note also that exercising some of the above rights may lead to us being unable to continue to service your policy and therefore lead to cancellation of your policy, but when this is the case we will explain this to you in our response.
9. Automated Decision Making
9.1. Certain processing activities may involve the use of automated (computer based) decision making; for example; before we can arrange an insurance product or service for you we must obtain a quotation from an Insurer’s Rating Engine which calculates the insurance risks based on the information that you have supplied. This will be used to determine if the Insurer can provide you with a policy and to calculate the premium you will have to pay to arrange cover with them.
9.2. The results of these automated decision-making processes will limit the products and services we may be able to provide you. If you do not agree with the result, you have the right to request human intervention to allow you to express your point of view and contest the decision.
10. How can you lodge a complaint?
10.1. If you wish to raise a complaint on how we have handled your personal information, please send an email to email@example.com or write to us using the address provided in Section 10. Our Data Protection Officer will investigate your complaint and will give you additional information about how it will be handled. We aim to respond in a reasonable time, normally 30 days.
10.2. If you are not satisfied with our response you can lodge a complaint to the Office of the Data Protection Commissioner, Canal House, Station Road, Portarlington, Co. Laois.
11. Up To Date Information
11.1. In order for us to keep your information accurate and up to date, please contact us if any of your details change.
12. Changes to our Data Protection Notice
12.1. This notice will be updated from time to time so please check it each time you submit personal information to us or renew your insurance policy.
13. How do you ask a question about this Data Protection Notice?
13.1. If you any questions or comments about this privacy notice please contact The Data Protection Officer, Frank Glennon Limited, Charlemont House, Charlemont Place, Dublin 2.
13.2. You may also email us at firstname.lastname@example.org.
14. Direct Marketing
14.1. Under Data Protection legislation we believe that we can demonstrate that we have a legitimate interest in using your data for marketing purposes but you always have a choice.
14.2. If you no longer wish your information to be used for marketing purposes please write to us at Frank Glennon Limited, Charlemont House, Charlemont Place, Dublin 2 or e-mail us at email@example.com.