Privacy Policy

Context

We are committed to protecting your privacy and complying with the Data Protection Act 1998 and the General Data Protection Regulation (GDPR), as amended from time to time. This Customer Privacy notice describes how we collect and use personal information relating to our customers and information about a data subject received from our customers. It informs you about the personal information that is collected, why it is needed, how it is used and what protections are in place to keep it secure.

What personal information is collected about you?

We may collect different types of personal information about you, depending upon your specific circumstances, which include (without limitation):

How do we collect your personal data?

We collect your personal data in a number of ways, for example:

Why do we need to collect and use personal information?

We collect your personal information to administer and arrange insurance policies and other broker services for our customers, which include (without limitation):

In order to fulfil our service obligations, we may share your personal data with:

How is your personal information protected?

We take the protection of personal data very seriously.  There are systems in place to guard against unauthorised access, improper use, destruction or accidental loss of personal data.  We take appropriate technical and organisational measures to prevent unauthorised or unlawful processing of personal data. In addition, we have rules and procedures in place to ensure that any personal information which we hold on computer systems cannot be accessed by persons who do not have the permissions to do so. Any authorised third-party service providers with whom your data is shared are requested to sign a formal Data Processing Agreement which ensures that your personal data is treated with the same rigour and respect as directly applied by our controls  and in accordance with current Data Protection Act and General Data Protection Regulation laws. Different categories of data are retained for various periods of time in line with our legal obligations and in accordance with our Data Retention Policy.

How can you request access to the personal information that is held about you?

Under Data Protection law, you have the right to request a copy of the personal information that is held about you.  The method of requesting this information is called a “subject access request”. You may make a subject access request at any time by emailing us directly at datasubjectrequest@rivalinsurance.co.uk  and a response will be provided within 30 days. If you are not satisfied with the response, in the first instance you should contact us via telephone or email.  If this still does not bring a satisfactory outcome, you have the right to lodge a complaint with a supervisory authority, which in the United Kingdom is via the Information Commissioner’s Office (www.ico.org.uk/concerns/)