• Data Controller and key contact: Butcher Robinson & Staples International Limited is collecting individual personal data and the firm’s data protection officer is Nilesh Nagar. Our address is Sackville House, 3rd Floor, 143 Fenchurch Street, London EC3M 6BM;
• Principle reason for collecting the data: The personal data is needed to obtain quotes, place cover, administer policies, settle claims, collect premiums, settle claims, administer complaints, process bordereaux and obtain renewals;
• Marketing: Where personal data is requested for marketing purposes we will seek the individuals explicit consent;
• Categories of personal data processed: Personal data held may relate to applicants, policyholders, members, beneficiaries, dependents and their representatives. Personal data collected may include employment information, interests, hobbies, contact details (email, phone, home and work address, fax) date of birth (age), address, health information, criminal or solvency information, previous policy and claims history, gender, signature, next of kin, income, life cover, pension, bank details, NI details, tax codes, medical details, shareholding, previous employment, references and IP addresses;
• Processing of special data: Where we obtain special categories of personal data (i.e. health, criminal convictions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric, or data concerning sex life or sexual orientation) this will be processed to seek and administer cover or to ensure our compliance with regulatory or legal requirements. Without the individual’s consent we cannot proceed. If consent is withdrawn we may be unable to administer relevant applications, policies (including claims);
• Collection of personal data: Personal data may be collected through online or paper application and claims forms, cookies, emails, letters, previous insurance records, public registers, regulators (including crime prevention and government agencies) and other insurance market participants;
• Others that may process the personal data: Personal data may also be processed by insurers, reinsurers (Lloyd’s and London company market), loss adjusters, Xchanging, the Corporation of Lloyd’s, brokers, IT contractors, storage companies, auditors, advisers, regulators, software suppliers (Finscan, Brokersure, Microsoft, Dow Jones, Blueprint, Drop Box and Zylap) regulators, Ombudsman, auditors, IT service providers and compliance software providers;
• Business interest processing: We may process the individuals personal data to monitor and control the above activities including through internal management reporting. Personal data may be shared with group companies involved in the administration of insurance or reinsurance policies or to enable such companies to manage and control the firm’s operational activities;
• Retail business: Where we provide services directly with consumers and commercial customers we may outsource aspects of the administration to selected processors. Specific details of these parties will be provided in our scheme web site and in the insurance documentation available prior to and after purchase of cover;
• Business contacts: In the course of intermediating insurance staff will contact individuals from other firms, clients, suppliers, regulators and advisers. These individuals and their contact details may be retained by the firm and its staff to enable the firm to administer policies, obtain quotes, place cover, renew cover, collect premiums, settle claims and generally maintain business relationships to further the interests of clients and the firm;
• Additional notifications: Specific disclosures as to which insurers and reinsurers will be approached for quotes, placements and renewals will be advised at that time;
• Overseas transfers of personal data: If insurance and reinsurance is sought from non EU countries personal data will be transferred to such parties to obtain quotes, place cover, administer policies, agree claims and obtaining renewals. Specific proposed transfers will be notified to you for the individuals at the time of the transfer;
• Retention of personal data: The individuals personal data will be held for not less than that necessary to meet statutory or regulatory requirements or to administer the relevant policies. For annual general insurance policies this will be six years and for multi-year or life policies this will be up to 25 years or 12 months following the last date a valid claim can be lodged;
• Individuals rights: The individuals have the following specific rights in relation to the personal data shared with us:
o The right to withdraw consent at any time, where relevant noting that this may result in termination of the policy or policies;
o The right to lodge a complaint with a supervisory authority, the ICO (https://ico.org.uk/ );
o That all data will only originate directly from you or your representative;
o That we need the data to obtain quotes, place cover, administer the policy, agree claims and obtain renewals;
o That data may also be needed to conduct regulatory checks;
o That some regulatory checks are conducted automatically using third party software but no decisions are taken in relation to such processing without human intervention;
o That applications may be processed in accordance with eligibility criteria but any decisions will involve manual intervention;
o That insurers or their agents may use automated processing and any specific arrangements will be advised to you;
o It is expected that any additional notifications and consents required will be obtained at the time the data is collected;
o That personal data will be requested when quotes and applications are sought and
o That those disclosures to insurers, reinsurers or other parties will be notified prior to transfer.
We collect and use non-personal information in the following ways.
a) Internet Protocol (IP) addresses
When you visit our site, we log your IP address (the unique address which identifies your computer on the internet). We use IP addresses to collect broad geographic information on our site visitors. We do not link IP addresses to personally identifiable information.
• Collect generic usage statistics of our site
• Control how often visitors see similar advertisements
• Track visitor preferences
• Improve and update our site
Cookies cannot look into your computer and obtain information about you or your family or read any material kept on your hard drive and cookies cannot be used to identify who you are.
The web-browsers of most computers are initially set up to accept cookies. You can set your web-browser to disable cookies or to inform you when a website is attempting to add a cookie. You can also delete cookies that have been added to your computer’s cookie file.
The following is a table of cookies that may be used on our website:
c) Web analytics
In order to develop our site in line with our customers’ needs, Butcher Robinson & Staples may keep a track on which pages on our website are visited most frequently and how long visitors spend on our site using web page tagging. We may use this information to help improve the site.
We never gather other information from your disk or computer. We collect a copy of the data held by the cookie for inclusion in any analysis. We use full SSL protocols when monitoring activity on secure pages; this ensures that the site’s security is not compromised. We encrypt all transmitted data (even from non-secure pages), so no-one else can read the information we gather.