Collecting information about you
When we collect information about you, we may collect personal data which may include a variety of information about an individual (e.g. their name, address of residence, communication and contact details, and other personal information such as a date of birth). Where relevant to do so we may also collect information relating to an individual, indirectly by reference to an identifier (e.g. an IP address, which is a unique number identifying your computer, laptop or similar portable device).
Where required and appropriate to so, we will also collect more sensitive personal information such as details about an individual’s motoring or criminal convictions, details of health and other similarly sensitive information (see the section headed Sensitive Data below for more details).
In certain circumstances, for example when an Insurance Company or similar provider of services to us requires us to do so, we will collect information from a variety of different sources (e.g. publicly available sources, such as social media and networking sites; third party databases generally available to the financial services sector, and the wider commerce and industry including, MGA’s, Lloyd’s, claims management firms, loss adjusters and or other suppliers appointed in the process of handling a claim or credit reference and similar agencies), this may include information from you regarding your past
insurance policies and arrangements.
If you are providing personal data on behalf of a third party, you must provide them with a copy of this privacy notice and obtain any consent where we require it for the processing of their data.
Using information about you
We will use information, including sensitive information, about individuals, and other parties related to our group companies’ insurance activities, because it
is principally:
a) necessary for the performance of or to take steps for an individual to enter into a contract of insurance; or
b) it is necessary for compliance with a legal obligation; or
c) it is necessary to protect the vital interests of a data subject or another person; and
d) necessary for our own legitimate interests or those of other controllers or third parties (e.g. to search anti-fraud databases and sanctions lists, monitor e- mails, calls and other communications or for market research, analysis and developing statistics) except where such interests are overridden by the interests, rights or freedoms of the data subject.
These bases include, providing an insurance quotation, arranging and placement of a policy or underwriting facility, and providing administration through-out the lifecycle of an insurance arrangement as well assisting with making a claim.
In certain circumstances, such as when a quotation is requested, or changes are made to an existing policy or at each renewal of an insurance arrangement, any or all of our group companies assessment may involve an automated decision to determine whether we are able to provide an insurance arrangement. Individuals can object to us using an automated decision (see the individual rights section) however in those situations it may prevent us
from being able to provide you with insurance.
When processing personal data for profiling purposes, we will ensure appropriate safeguards are in place, ensuring:
a) processing is fair and transparent and provides meaningful information about the logic involved; as well as the significance and the envisaged consequences;
b) use appropriate mathematical or statistical procedures for the profiling;
c) appropriate technical and organisational measures are in place to enable inaccuracies to be corrected and minimise the risk of errors; and
d) secure your personal data in a way that is proportionate to the risk to
your interests and rights and prevents discriminatory effects.
We will also use your information when there is a justifiable reason for doing so, such as compliance with legal obligation (e.g. for the prevention and detection of fraud and financial crime, which may include processes which profile you); and for the recording and monitoring of telephone calls for auditing reasons.
Sharing your information
We will share information, including sensitive information, about you, and other parties related to this insurance because where it is:
a) necessary for the performance of or to take steps for you to enter into a contract of insurance; or
b) necessary for compliance with a legal obligation; or c) necessary to protect your vital interests; or
d) necessary for our own legitimate interests or those of other controllers or third parties; and
e) necessary for a task carried out in the public interest or for an exercise of an official authority (e.g. a regulatory body).
This includes sharing your information within the Tasker Group companies and carefully selected third parties providing a service to us or on our behalf, which include, our Insurance Providers, (you can write to our Compliance Department should you wish to view a list of all the insurance companies with which we have arrangements), and or Premium Credit Limited (which is our selected finance provider governed by consumer credit legislations).
What we will not do with your information
Unless required to do so by law, or for other similar reasons, other than those outlined (see sharing your information) we will never otherwise share personal information without legal basis or without ensuring the appropriate care
and necessary safeguards are in place; we will in any other event ask for your consent to share that information and explain the reasons.
How long we will keep information
We will only keep and or maintain information about an individual for as long as is necessary in providing our products and services or for compliance with a legal or regulatory obligation, including our legitimate interests or of a controller where we are the processor.
This means, we will only keep information that is necessary so that we can sufficiently deal with administrative issues, queries, claims and / or for compliance with legal reasons; usually we will keep information for a minimum retention period of 7 years and or maximum period of 40 years, after
cessation of a product or service we have provided.
However, we will keep information for much shorter periods if that information related merely to a quotation which did not then result in a contract of insurance being arranged; in these circumstances we will keep information for a minimum retention period of 12 months and or maximum period of 18
months unless such information becomes manifestly out-of-date in which case we may keep quotation information for shorter periods.
In any event all information shall be stored in strict compliance with the GDPR legislation at all times; and using appropriate technical or organisational measures we will regularly:
a) review the length of time we keep and or maintain information about you;
b) consider the purpose or purposes why we hold the information about you in deciding whether (and for how long) to retain it;
c) securely delete information about you that is no longer needed for this purpose or these purposes; and
d) update, archive or securely delete information about you if it goes out of date.