Our Privacy Notice
This privacy notice of Randell Dorling Limited, (Company Registration Number 03688419) whose registered address and business address is 7th Floor, 77 Cornhill, London, EC3V 3QQ, covers our requirement to provide you with information on how and why we use your personal data.
This privacy notice also provides certain information that is legally required and provides information regarding your rights in relation to your personal data.
A Little Background
The Data Protection Act 2018 (the UK GDPR) controls how your personal information is used and protected by organisations, businesses or the government.
Personal Information
Personal information identifies you as a natural person.
This privacy notice tells you what to expect when Randell Dorling Limited collects personal information about you. Personal information may also be referred to as personal data.
Personal Information denotes:
- Information you provide us with by filling in online forms or online questionnaires via our website
- Information you provide us with by completing a manual proposal form
- Information that you provide us with over the telephone or via email
- Information that you provide us with when enquiring about insurance, or when you purchase insurance such as business activities, your name, address, contact details
- Financial details such as bank account and payment card details
- Information about how you use our website such as your IP address, which is a unique number identifying your computer, including personal data gathered using cookies.
By providing us with information about yourself, you are considered to be a Data Subject.
The Data Protection Principals As we are responsible for gathering and using your personal information, we have to follow strict rules called the data protection principles. As such, we must make sure that your information is:
- Used fairly and lawfully in a transparent manner
- Used for explicit and legitimate grounds only
- Used in a way that is adequate, relevant and not excessive
- Accurate and kept up to date
- Kept for no longer than is absolutely necessary
- Handled according to your rights
- Kept safe and secure
- Not transferred outside the United Kingdom without adequate protection
- Not sold by Randell Dorling Limited or by any companies who provide a service to us
Who Is Responsible For Your Personal Information
Randell Dorling Limited, our associated insurers and our associated credit facility provider, all act as Data Controllers in their own right, determining the purposes for which and the manner in which any personal data is, or is to be, processed once your personal data has been provided or passed to them.
Data Controllers must ensure that any processing of personal data for which they are responsible complies with the Act.
The person responsible for Data Protection at Randell Dorling Limited is Peter Blackmore.
Why We Gather Personal Information About You
Randell Dorling Limited provide a range of insurance products such as Professional Indemnity, Employer’s Liability etc. We process data provided by you (the Data Subject) and other sources in order to deliver the appropriate products and services to you.
The reasons for processing your data is mainly to:
- Provide you with a quotation for insurance policy
- Arrange and administer your insurance policy if you purchase this through us Help arrange credit if required
- Inform you about our products and services
We do not collect more information than we need to meet our obligations to you and will not retain it for longer than is necessary.
We will only ever use your personal information for the purposes of providing you with quotations for insurance, progressing your application or administering your insurance policy, arranging credit, or fulfilling our legal or regulatory requirements such as fraud prevention, help preventing financial crime and audit purposes, or to keep you updated in relation to our products and services.
Who Do We Share Your Details With and Why
To meet our regulatory obligations and our obligations to you we may therefore need to share your personal information with product and service providers such as:
- Our associated insurers
- Our associated credit /finance provider
- Our IT security firm
- Our website and digital solutions firm
- Our consulting and auditing firms
- Our back office customer relationship provider
Government / Judicial bodies such as:
- Financial Conduct Authority
- HM Revenue and Customs
- Financial Ombudsman Service
- Information Commissioners Office
- UK Financial Services Compensation Scheme
- The Employers Liability Tracing Office – ELTO
Fraud and Financial Crime Prevention agencies such as:
- National Crime Agency
- Action Fraud
- Office of Financial Sanctions Implementation
- Police
To provide you with other types of insurance not provided by Randell Dorling Limited, we may need to share your personal information with our associated company of Blackmore Borley Limited but we will only do so after gaining your consent.
To help provide you with more specialist types of insurance, we may need to share your personal information with one or more of our carefully selected external specialist providers. This will be limited to your name and contact details. Any such specialist provider will also be required to abide by the rules of UK GDPR and as such will have their own privacy notice which you will be provided with / given access to by them at the time. Again, we will only share your name and contact details after gaining your consent.
If Randell Dorling Limited is bought or taken over, or if we merge parts of our business, your personal data may be shared with or transferred to a third party to ensure that your insurance policy / policies can continue to be serviced. Or, we may need to share your personal data as part of the preliminary discussions about the possible sale, take over or merger.
If you provide us with information about another person included in your policy, in doing so, you confirm that they have given you permission to provide it to us and that we may use their personal data in the same way as your own as set out in this Privacy Notice.
Legal Basis For Processing Your Personal Information
We are required to have a lawful basis in order to process your personal data and the relevant bases which apply:
| Purpose of Processing | Lawful Basis |
|---|---|
| Providing quotations, arranging and administering insurance policies | Necessary for the performance of an insurance contract |
| Arranging credit | Necessary for the performance of an insurance contract |
| Provision of information on products and services that may be of interest to you | Our legitimate interests or your explicit consent |
| To notify you of changes to our service | Our legal and regulatory obligations |
| To prevent and detect fraud, money laundering and other financial crimes | Our legal and regulatory obligations |
| To meet general legal or regulatory obligations | Our legal and regulatory obligations |
| To make automated decisions, automated profiling and fraud detection | Necessary for the performance of an insurance contract |
| Statistical analysis | Our legitimate interests – to refine and enhance the products and pricing which we can offer |
Automated Decision Making And Profiling
By using our online Quote and Buy system you will be subject to an automated decision making process to decide whether we can provide insurance to you and at what price.
This may be classed as ‘profiling’ under the current legislation.
We are required to have safeguards in the event that this may have a legal or significant effect on individuals. We do not consider that our Quote and Buy systems pose such risks but you are able to request further information should you wish.
Data Retention
The type of insurance we arrange for you dictates the amount of time we retain your personal information for. For the majority of insurance products, we retain records for a period of 7 years after your insurance contract with us expires. For insurance which includes Employers Liability then we retain records indefinitely and for other liability related insurance products, we retain records for a period of 12 years after your insurance contract with us expires.
Marketing
If you are an existing customer, we may contact you by email, text, telephone, mail or by other agreed means to keep you up to date about our products or services that we feel may be of interest to you. In other circumstances, we can only do so with your explicit consent.
In either case, you are able to opt out of receiving such communications at any time.
Security
We are committed to protecting the security and privacy of all personal information which we obtain and hold about you.
We employ appropriate technical security measures to protect your personal information and ensure that it is not accessed by unauthorised persons. Information is stored on secure computers, in a locked information centre, and information is encrypted wherever possible.
Randell Dorling Limited use a third party service, to help maintain the security and performance of our website. To deliver this service it processes the IP addresses of visitors to our website.
Where Your Information Is Stored
Information which you provide us with is stored on a computer located in the United Kingdom.
If You Send Us An Email
Any email you send to us, including any attachments, may be monitored and used by us for reasons of security and for monitoring compliance with office policy. Email monitoring or blocking software may also be used. Please be aware that you have a responsibility to ensure that any email you send to us is within the bounds of the law.
If You Make A Complaint to Us
If we receive a complaint, we make up a file containing the details of the complaint. The file is likely to contain the identity of the complainant and any other individuals involved in the complaint.
We will only use the personal information we collect to investigate and process the complaint.
We usually have to disclose the complainant’s identity to whomever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute.
We also usually have to disclose details of the complaint to our professional Indemnity Insurance Broker and Insurer.
We may also be required to provide a copy of the file to the Financial Ombudsman Service should an adjudicator be required to consider the complaint.
We are required to disclose high-level analytics to the Financial Conduct Authority (FCA) concerning the number and nature of any complaints we receive. This data does not include names or details that identify the specific data subject.
We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for 3 years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
Use of Data Processors
Data processors are third parties who provide elements of our service for us. We use Acturis Limited as our back office customer relationship provider and therefore they would be classed as a Data Processor. We have a contract in place with Acturis Limited. This means that they cannot do anything with your personal information unless we have instructed them to do it. They will not share your personal information with any organisation apart from us. They will hold it securely and retain it for the period we instruct.
Your Rights
Under the Data Protection Act 1998, you have rights as an individual which you can exercise in relation to the information we hold about you. From 25th May 2018, the General Data Protection Regulations (GDPR) come into force.
Please ask us for an explanation of each should you wish to have more information:
- The right to be informed
- The right of access
- The right to rectification
- The right to erasure
- The right to restrict processing
- The right to portability
- The right to object
- Rights to automated decision and profiling
Your Right To Access
You have the right to access any information we hold about you, and the right to know why that data is being processed, how long it’s stored for, and who has had or has access to it. You will not be charged for us supplying you with this information however we do reserve the right to apply a reasonable fee where requests are deemed excessive. We will respond to any such request within the maximum time frame allowed of one month.
Cookies
Please see our separate Cookie Policy for information in relation to what cookies are, and how to manage them.
How To Contact Us
For further information on how your information is used, how we maintain the security of your information and your rights to access the information we hold on you or if you would like to make a complaint, you can write to us, email us, or call us as follows:
Peter Blackmore
Randell Dorling Limited
7th Floor
77 Cornhill
London
EC3V 3QQ
Tel: 0207 7929 5454
If You Have A Complaint
If you have any concerns about your rights and our practices in relation to data protection, please contact us directly using the details provided above. We will aim to respond to your concerns and clarify how we have processed your information and with whom. We will also endeavour to put right anything that’s gone wrong.
If you are still dissatisfied after contacting us, you may report your concern to the Information Commissioner’s Office by contacting them as follows:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Tel: 0303 123 1113
Website: www.ico.org.uk
Going Forward
We may need to make changes to this Privacy Notice in the future, for example, as the result of government regulation, new technologies, or other developments in data protection laws or privacy generally. You should check our website periodically to view the most up to date Privacy Policy.