Privacy

Introduction

This is a statement of the data protection policy adopted by Access Underwriting Limited. Responsibility for the management, updating and dissemination of the policy rests with the company’s senior managers and the policy is subject to regular review to reflect changes to legislation, accepted best-practice or to the structure or policies of the firm. All staff are expected to strictly apply the policy and to seek advice when required or when data security concerns arise.

The business needs to collect and use certain types of information about the people with whom it deals in order to operate and, in addition, the firm may need to hold and process information to comply with its legal obligations. This personal information must be dealt with properly however it is collected, recorded and used – whether on paper, electronically, or other means – and there are legal safeguards to ensure this in the Data Protection Act.

No staff members are permitted to download, copy or save customer details, either in hard copy or onto personal mobile devices, storage devices or into cloud-based storage, other than any such procedure or facility operated and approved by the company’s director/s.

Cookies

When We collect personal data about You through Your use of Our web site, We may record this by assigning a unique digital identity. This is done by placing a unique identifier in a file on Your computer – this is called a “cookie”. Cookies are small pieces of information stored by Your browser on Your computer’s hard drive. Cookies cannot be used by themselves by a third party to identify You. We may use personal data obtained to communicate with You to link the personal data gathered through the cookie to You. We will not disclose any personal data to any other person in any way which enables them to identify You through the cookie.

You may prevent us recording this personal data and opt-out by setting Your browser so that it will not accept cookies. This may prevent Us from fully communicating with You and may cause the non function of specific calculation programmes. The cookie is used for tracking content preferences and traffic patterns in order to provide the most value to You. Usage information may also be used to target advertising to visitors to Our Web Site. For reasons of improving personalisation of communications to You, We may receive personal data about You from other sources and add it to Your personal data held by Us.

Links to Other Web Sites

Update and Changes to Our Privacy Statement

Disclaimer

Content of Site

Copyright

All material on this website is copyright of Access Underwriting Ltd. Information accessed on this website is protected under copyright law. You may not copy, republish or redistribute the information contained on the web site for commercial purposes or gain other than the expressed agreement of Access Underwriting Ltd unless You acknowledge it on the internet with a direct link to the page on Our web site from where the information was taken.

Trademarks

Product Availability

The information contained on this web site does not constitute a distribution, an offer to sell or the solicitation of an offer to buy. Insurance products detailed on this website are only available for risks in the United Kingdom.

If You are accessing this web site outside the United Kingdom, the United Kingdom or Your local legislation may not permit Us to offer products to You in Your own country. Please check with Your professional adviser as to whether such products are available in the country in which You are resident.

Sharing of Data

We share information with insurers, which could include reputable providers in other countries, to enable them to provide accurate terms and we must advise customers that they will also obtain data about them and their insurance history from various insurance anti-fraud databases, such as the Claims and Underwriting Exchange (CUE) as well as publicly available websites and credit referencing agencies. We will not give anyone else any personal information except on the customer’s instructions or authority, or where we are required to do so by law, or by virtue of our regulatory requirements. Information submitted on our website may be processed by our third party partners whose widgets or scripts we make use of.

Legal Bases of Collection

Companies can only process data where there is a lawful basis for doing so and we have mapped our data against the permitted lawful bases and recorded this in the table in the following pages. Customer data is generally collected by us for Contractual Purposes and for the Legitimate Business Interest of providing insurance quotations and arranging contracts of insurance.
The Data Protection Act 2017, which updates the Data Protection Act 1998, states that collection of sensitive and criminal record data is permitted without expressed consent where justification exists, including to support insurance processing, on the lawful basis of significant public interest.

We regard the lawful and correct handling of personal information by the firm as an essential element in achieving fair treatment of customers and to maintaining confidence between those with whom we deal and ourselves. We therefore need to ensure that our organisation treats personal information lawfully and correctly.

To this end, we fully endorse and adhere to the Principles of data protection, as set out in the Data Protection Act and General Data Protection Regulations.

In this respect, personal information:
1. shall be processed fairly and lawfully and, in particular, shall be processed only in accordance with our stated privacy policy;
2. shall be obtained only for one or more specified and lawful purposes, and shall not be further processed in any manner incompatible with that purpose or those purposes;
3. shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed;
4. shall be accurate and, where necessary, kept up to date;
5. shall not be kept for longer than is necessary for the specified purpose(s);
6. shall be processed in accordance with the rights of data subjects under the Act;
7. should be subject to appropriate technical and organisational measures to prevent the unauthorised or unlawful processing of personal data, or the accidental loss, destruction, or damage to personal data;
8. shall not be transferred to a country or territory outside the UK unless that country or territory ensures an adequate level of protection for the rights and freedoms of data subjects in relation to the processing of personal data.

Therefore, the firm will, through appropriate management and strict application of criteria and controls:
a. observe fully conditions regarding the fair collection and use of information;
b. meet its legal obligations to specify the purposes for which information is used in the disclosure documentation provided to customers, obtaining consent for any marketing activities that we intend to provide;
c. collect and process appropriate information only to the extent that it is needed to fulfil our operational needs or to comply with any legal requirements;
d. ensure the quality of information used, regularly checking its accuracy;
e. ensure that the information is held for no longer than is necessary for the purpose for which the data was originally collected, subject to our legal and regulatory obligations and legitimate business interest to protect and defend the company from litigation;
f. ensure that the rights of people about whom information is held can be fully exercised under the Act (i.e. the right to be informed that processing is being undertaken, to access one’s personal information; to prevent processing in certain circumstances, and to correct, rectify, block or erase information that is regarded as wrong information);
g. take appropriate technical and organisational security measures to safeguard personal information;
h. ensure that personal information is not transferred abroad without suitable safeguards.
i. To assist in achieving compliance with the Principles for Business of the Financial Conduct Authority:
j. appoint an Information Security/Data Protection Officer (as stated on the first page of this document) at a senior level with specific responsibility for data protection and information security assets within the firm who will be responsible for providing staff with guidance on data protection procedures.