Privacy policy

Privacy Policy

Welcome to our website

If you continue to browse and use this website you are agreeing to comply with and be bound by the following terms and conditions of use, which govern Premium Medical Protection Limited’s relationship with you in relation to this website.

The use of this website is subject to the following terms of use:

The content of the pages of this website is for your general information and use only. It is subject to change without notice.

Neither we nor any third parties provide any warranty or guarantee as to the accuracy, timeliness, performance, completeness or suitability of the information and materials found or offered on this website for any particular purpose. You acknowledge that such information and materials may contain inaccuracies or errors and we expressly exclude liability for any such inaccuracies or errors to the fullest extent permitted by law.

Your use of any information or materials on this website is entirely at your own risk, for which we shall not be liable. It shall be your own responsibility to ensure that any products, services or information available through this website meet your specific requirements.

This website contains material which is owned by or licensed to us. This material includes, but is not limited to, the design, layout, look, appearance and graphics. Reproduction is prohibited other than in accordance with the copyright notice, which forms part of these terms and conditions.

All trademarks reproduced in this website, which are not the property of, or licensed to the operator, are acknowledged on the website.

Unauthorised use of this website may give to a claim for damages and/or be a criminal offence.

From time to time this website may also include links to other websites. These links are provided for your convenience to provide further information. They do not signify that we endorse the website(s). We have no responsibility for the content of the linked website(s).

Your use of this website and any dispute arising out of such use of the website is subject to the laws of England and Wales.

Copyright

This website and its content is copyright of “Premium Medical Protection Ltd” – © “Premium Medical Protection Ltd” 2023. All rights reserved.

Any redistribution or reproduction of part or all of the contents in any form is prohibited other than the following:

  • You may print or download to a local hard disk extracts for your personal and non-commercial use only. You may copy the content to individual third parties for their personal use, but only if you acknowledge the website as the source of the material.
  • You may not, except with our express written permission, distribute or commercially exploit the content. Nor may you transmit it or store it in any other website or other form of electronic retrieval system.

Cookies

To view our cookie policy please click here

PMP Data Privacy Notice

Your privacy is very important to us. This privacy notice (“Privacy Notice”) is provided by Premium Medical Protection (PMP), registered office at 25 Athena Court, Athena Drive, Tachbrook Park, Warwick, England, CV34 6RT in accordance with the data protection law including the Regulation (EU) 2016/679 (“GDPR”).

References to “we”, “our” and “us” in this Privacy Notice are references to BHIIL.  References to “you” or “your” refers to the individual whose personal data is being processed by BHIIL (you may be the insured, beneficiary, claimant, or other person involved in a claim or relevant to the insurance policy).

1. DATA CONTROLLER

A data controller is the natural or legal person, public authority, agency, or other body which determines the purposes and means of the processing of personal data. Premium Medical Protection, registered office at 25 Athena Court, Athena Drive, Tachbrook Park, Warwick, England, CV34 6RT, is the Data Controller as defined by the GDPR.

2. WHAT IS THE PURPOSE OF THIS PRIVACY NOTICE

In order to provide certain insurance products and services (including providing insurance quotes, insurance policies, and/or dealing with any claims or complaints), BHIIL may collect information about you which constitutes personal data under the GDPR.  This Privacy Notice explains how we collect, use, share and protect your personal data.  Please read this Privacy Notice carefully to understand what we do with your personal data.

This Privacy Notice is available on https://premiummedicalprotection.com/privacy-notices/ and may be changed and updated from time to time as required.

3. PERSONAL DATA WE MAY COLLECT ABOUT YOU

In order for us to provide insurance quotes, insurance policies, and/or deal with any claims and complaints, we need to collect and process personal data about you.

The types of personal data we collect may include:

Types of Personal Data Details
Individual details:Name, address (including proof of address), other contact details (e.g., email and telephone numbers), gender, marital status, date and place of birth, nationality, employer, job title and employment history, academic and professional information, family details, including their relationship to you.
Identification details:Identification numbers issued by government bodies or agencies, including your national insurance number or, passport number, tax identification number and driving licence number
Financial information:Bank account or payment card details, income, or other financial information
Risk details:Information about you which we need to collect in order to assess the risk to be insured and provide a quote. This may include data relating to your health, criminal convictions, or other special categories of personal data. For certain types of policy, this could also include telematics data.
Policy information:Information about the quotes you receive and policies you take out
Credit and Anti-Fraud Data:Credit history, credit score, sanctions and criminal offences, and information received from various anti-fraud databases relating to you
Previous and current claims:Information about previous and current claims, (including other unrelated insurances), which may include data relating to your health, criminal convictions, or other special categories of personal data and in some cases, surveillance reports
Special categories of personal data:Certain categories of personal data which have additional protection under the GDPR. Special categories of personal data which may be collected by BHIIL are as follows: Health, criminal convictions, racial or ethnic origin, genetic or biometric data.

4. WHERE WE MIGHT COLLECT YOUR PERSONAL DATA FROM

We might collect your personal data from various sources, including:

  • you;
  • your family members, employer or representative;
  • other insurance market partners;
  • credit reference agencies;
  • anti-fraud databases, sanctions lists, court judgements and other databases;
  • government agencies;
  • open electoral register; or
  • in the event of a claim, third parties including the other party to the claim (claimant / defendant), witnesses, experts (including medical experts), loss adjustors, solicitors, and claims handlers

Which of the above sources apply will depend on your particular circumstances.

5. WHO HAS ACCESS TO YOUR PERSONAL DATA?

The insurance life cycle may involve the sharing of your personal information between insurance market participants (an intermediary, insurer, reinsurer), some of which you will not have direct contact with. In addition, your personal data may not have been collected directly by us.

You can find out the identity of the initial data controller of your personal data within the insurance market life cycle in the following ways:

  • Where you took out the insurance policy yourself: the insurer and, if purchased through an intermediary, the intermediary will be the initial data controller and their data protection contact can advise you on the identities of other insurance market participants that they have passed your personal data to.
  • Where your employer or another organisation took out the policy for your benefit: you should contact your employer or the organisation that took out the policy who should provide you with details of the insurer or intermediary that they provided your personal data to and you should contact their data protection contact who can advise you on the identities of other insurance market participants that they have passed your personal data to.
  • Where you are not a policyholder or an insured: you should contact the organisation that collected your personal data who should provide you with details of the relevant insurance market participant’s data protection contact.

You can find out more information about how the insurance industry uses personal data at the following web address:

https://lmg.london/wp-content/uploads/2019/07/LMA-Insurance-Market-Information-Uses-Notice-post-enactment-31-05-2018.pdf

6. THE PURPOSES, CATEGORIES AND LEGAL BASES FOR OUR PROCESSING OF YOUR PERSONAL DATA.

Data protection law says that we are only allowed to hold, use or share personal data if we need to do so, or we have a legal basis for doing so. BHIIL relies on one or more of the following legal bases depending on the type of data and the purpose for using it:

  • To fulfil a contract, we have with you.
  • When we are legally obliged to do so
  • When it is necessary for reasons of substantial public interest
  • When we need to establish, exercise, or defend legal claims.
  • When it is necessary to protect your vital interests
  • When it is in our “legitimate interest” (i.e., we have a commercial or business reason)
  • When your consent is required, and you consent to it.

We set out below the purposes and legal basis for which we may process your personal data during the lifecycle of providing insurance products and services to you.

PurposeCategories of DataOur Reasons/Legal Bases
Quotation /Policy Inception
Setting you up as a client including possible fraud, sanctions, and anti-money laundering checks

Evaluating the risks to covered and matching to appropriate policy /premium

Payment of premium where the insured/policyholder is an individual		Individual details

Identification details

Financial Information

Policy Information

Risk details

Previous claims

Credit and anti-fraud data		Performance of our contract with you

Compliance with a legal obligation

Legitimate interests

– Ensure client is within our acceptable risk profile
– To ensure appropriate product and premium
Policy Administration
Client care and including communication with you and sending updates

Payments to and from individuals		Individual details

Policy information

Risk details

Previous claims

Current claims		Perform contract

Your vital interests

Legitimate interests

– To correspond with clients, beneficiaries, and claimants in order to facilitate the placing of the policy and the handling of claims.

Substantial Public Interest Consent
Claims Processing
Managing insurance and reinsurance claims

Defending or prosecuting legal claims

Investigating or prosecuting fraud		Individual details

Policy information

Risk details

Previous claims

Current claims

Health data

Criminal records data

Other sensitive data		Perform contract

Legitimate interests

– To assess the veracity and quantum of claims Defend and make claims

– To assist with the prevention and detection of fraud

Consent

Legal claims

Substantial public interest
Renewals
Contacting the insured/policyholder to renew the insurance policy

Evaluating the risks to be covered and matching to appropriate policy/premium

Payment of premium where the insured/policyholder is an individual		Individual details

Policy information

Risk details

Previous claims

Current claims		Perform contract

Legitimate interests

– To correspond with clients in order to facilitate the placing of the policy

Consent Substantial Public Interest
Throughout the insurance lifecycle  
Complying with our legal and regulatory obligations

Pricing and risk modelling

Handling complaints

Transferring books of business, company sales and reorganisations		Individual details

Policy information

Identification details

Current claims

Previous claims

Financial Information

Risk details		Legal Obligation

Consent

Substantial Public Interest

Legitimate Interests

– To structure our business appropriately

– To build risk models that allow the acceptance of risk at appropriate premiums

7. WHO WE MAY SHARE YOUR PERSONAL DATA WITH

In order to undertake the activities listed above it may be necessary to share your data with third parties.  Who we share this data with may depend on the insurance products and services we provide to you but may include:

  • Other insurers that co-insure your policy
  • Reinsurance intermediaries
  • Reinsurance Companies
  • Loss adjusters, solicitors and claims management companies
  • Anti-Fraud agencies and private investigators
  • Government departments and databases
  • Outsourced service providers
  • Regulators
  • Our Berkshire Hathaway entities and affiliate entities
  • Other persons providing auxiliary services on behalf of Berkshire Hathaway International Insurance Limited (BHIIL)

8. CONSENT

In order to provide insurance cover and deal with insurance claims in certain circumstances we may need to process your special categories of personal data, such as medical and criminal convictions records, as set out against the relevant purpose.

Your consent to this processing may be necessary for PMP to achieve this.

You may withdraw your consent to such processing at any time. However, if you withdraw your consent this will impact our ability to provide insurance and pay claims.  

9. PROFILING

When calculating insurance premiums, insurance market participants may compare your personal data against industry averages. Your personal data may also be used to create the industry averages going forward. This is known as profiling and is used to ensure premiums reflect risk.

Profiling may also be used by us to assess information you provide to protect against fraud.  

10. RETENTION OF YOUR PERSONAL DATA

We will keep your personal data only for so long as is necessary and for the purpose for which it was originally collected.

11. INTERNATIONAL TRANSFERS

We may need to transfer your data to insurance market participants or their affiliates or sub-contractors and BHIIL group affiliates which are located outside of the European Economic Area (EEA) where data privacy laws may not be the same as they are in the EEA. Those transfers are undertaken with the required GDPR safeguards in place.

If you would like further details on how your personal data would be protected if transferred outside the EEA, please contact the BHIIL Data Protection Officer.

12. YOUR RIGHTS

As set forth by the applicable data protection legislation, you have the right to:

  • Be informed of what personal data (if any) we hold about you;
  • Be informed about how we use your personal data;
  • Be provided with a copy of the personal data that we hold about you;
  • Request that any inaccuracies in the personal data we hold about you is corrected or updated;
  • Request that any personal data, for which we no longer have a lawful basis to use, be deleted;
  • Where our use of your personal data is based on your consent, to withdraw your consent so that we no longer use your personal data;
  • Object to us using your personal data for our legitimate interests, however we will be entitled to continue that use if our interests outweigh any prejudice to your data protection rights;
  • Request that we restrict how we use your personal data whilst a complaint is being investigated;
  • Be provided with a copy of your personal data in an electronic machine-readable format for your own use or for the purpose of sharing with a new insurer; and
  • File a complaint with us and/or the relevant data protection authority.
  • In certain circumstances, we may need to restrict the above rights in order to safeguard the public interest (e.g. prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege).

13. OUR CONTACT DETAILS

If you have any questions in relation to our use of your personal data, you can contact the Data Protection Officer at BHIIL by post or email using the following details:

Data Protection Officer
Berkshire Hathaway International Insurance Limited
4th Floor, 8 Fenchurch Place,
London, EC3M 4AJ

E-Mail: DPO@Bhiil.com

14. YOUR RIGHT TO COMPLAIN TO THE DATA PROTECTION AUTHORITY

If you are not satisfied with our use of your personal data or our response to any request by you to exercise any of your rights in section 12, or if you think we have breached the GDPR, then you have the right to complain to the ICO.

Please see below for the contact details:

England

Information Commissioners Office Tel: 0303 123 1113 (local rate) or
Wycliffe House Tel: 01625 545 745 (national rate)
Water Lane Email: casework@ico.org.uk
Wilmslow
Cheshire
SK9 5AF

Scotland

Information Commissioner’s Office Tel: 0131 244 9001
45 Melville Street Email: Scotland@ico.org.uk
Edinburgh
EH3 7HL

Wales

Information Commissioner’s Office Tel: 029 2067 8400
2nd floor Churchill House Email: wales@ico.org.uk
Churchill way
Cardiff
CF10 2HH

Northern Ireland

Information Commissioner’s Office Tel: 0303 123 1114 (Local rate)
3rd Floor, 14 Cromac Place Tel: 028 9027 8757 (national rate)
Belfast Email: ni@ico.org.uk
BT7 2JB

PMP Privacy Notice

Privacy Notice (also known as “Fair Processing Notice”)

Data Controller:            PREMIUM MEDICAL PROTECTION LIMITED

25 Athena Court, Athena Drive, CV34 6RT

Contact for queries:     Rachel Stanley

How we will use the information you give us.

We will only use your information on the basis that it is necessary to administer your insurance contract or help you make a claim. Where we need to pass information to other firms, it will only be for that purpose. These firms will be Insurers, other insurance brokers and firms handling claims. It includes finance providers and firms that process or administer our records.

When we contact you, it will either be for the above reason, or because we have a legitimate interest in marketing related products. For any other marketing it will only be with your consent and you will be able to withdraw your consent or unsubscribe easily at any time.

We may need to transfer your data to insurance market participants or their affiliates or subcontractors and BHIIL group affiliates which are located outside of the European Economic Area (EEA) where data privacy laws may not be the same as they are in the EEA. Those transfers would always be made in compliance with the UK GDPR.

If you would like further details of how your personal data would be protected if transferred outside the EEA, please contact the BHIIL Data Protection Officer

We will not collect and use special categories of personal data information without your consent unless the law allows us to do so. If we do it will only be for the following reasons:

  • When it is necessary for reasons of substantial public interest, or
  • To establish, exercise or defend legal claims

As an Appointed Representative of Harley Street Insurance Group Limited, all information we process is available to that firm.

What type of personal information do we need?

  • We need personal details which will include details of your insurance, claims, employment, experience, business or education.
  • We will only collect what is necessary and will only keep it for as long as we are required to do in line with our data retention policy. You can ask us for a copy.

What other types of information do we need?

  • Under certain circumstances we may also need to obtain information about Health.
  • We might also need details of criminal convictions.
  • We will only collect what is necessary and protect it with appropriate security measures.

How do we obtain your information?

  • We may gather it from information you submit to a website, by telephone, face to face or by email.
  • We may receive it from insurers, other insurance brokers, and firms handling claims. It includes finance providers and firms that process or store our records.
  • If you obtain an online quotation from us, you will be subject to an automated decision based on the underwriting criteria set by insurers.

What are my legal rights?

  • You have the right to complain to the Information Commissioner at ico.org.uk, Tel 0303 123 11132.
  • You can obtain a copy of your personal information from us without charge by contacting us at the address above. This may include the right to transfer information to other providers.
  • You have the right to ask us to correct information.
  • You have the right to ask us to delete your information or stop using it, unless it is necessary for us to retain it for insurance or financial purposes as set out in our document retention policy.
  • You may have the right to object if decisions about you are made solely by a computer.

If you wish to exercise your rights, discuss how we use your information, please use the contact details provided below or on our full Privacy Notice available  on our website here: www.premiummedicalprotection.com/privacy-notices/

Our contact details

  • If you have any questions in relation to our use of your personal data, you can contact the Data Protection Officer at PMP by post or email using the following details:
Email admin@premiummedicalprotection.com
PostData Protection Officer, Unit 25, Athena Court, Athena Drive, Tachbrook Park, Warwick, CV34 6RT

HSIG Privacy Policy

Privacy Notice (also known as “Fair Processing Notice”)

Data Controller:            HARLEY STREET INSURANCE GROUP LIMITED

25 Athena Court, Athena Drive, CV34 6RT

Contact for queries:     Rachel Stanley

How we will use your information.

We will only use your information in connection with Premium Medical Protection Limited (PMP), to administer your insurance contract or help you make a claim. Where we need to pass information to other firms, it will only be for that purpose. These firms will be Insurers, other insurance brokers and firms handling claims. It includes finance providers and firms that process or administer our records.

We may need to transfer your data to insurance market participants or their affiliates or subcontractors and BHIIL group affiliates which are located outside of the European Economic Area (EEA) where data privacy laws may not be the same as they are in the EEA. Those transfers would always be made in compliance with the UK GDPR.

If you would like further details of how your personal data would be protected if transferred outside the EEA, please contact the BHIIL Data Protection Officer.

We will not collect and use special categories of personal data information without your consent unless the law
allows us to do so. If we do it will only be for the following reasons:

  • When it is necessary for reasons of substantial public interest, or
  • To establish, exercise or defend legal claims

What type of personal information do we need?

  • We need personal details which will include details of your insurance, claims, employment, experience, business or education.
  • We will only collect what is necessary and will only keep it for as long as we are required to do in line with our data retention policy. You can ask us for a copy.

What other types of information do we need?

  • Under certain circumstances we may also need to obtain information about Health.
  • We might also need details of criminal convictions.
  • We will only collect what is necessary and protect it with appropriate security measures.

How do we obtain your information?

  • We gather it from information you provide to PMP, or from you if you make a complaint.
  • We may receive it from insurers, other insurance brokers, and firms handling claims. It includes finance providers and firms that process or store our records.

What are my legal rights?

  • You have the right to complain to the Information Commissioner at ico.org.uk, Tel 0303 123 11132.
  • You can obtain a copy of your personal information from us without charge by contacting us at the address above. This may include the right to transfer information to other providers.
  • You have the right to ask us to correct information.
  • You have the right to ask us to delete your information or stop using it, unless it is necessary for us to retain it for insurance or financial purposes as set out in our document retention policy.
  • You may have the right to object if decisions about you are made solely by a computer.

BHIIL Data Privacy Notice

DATA PRIVACY NOTICE

WHO WE ARE

Your privacy is very important to us.  This privacy notice (“Privacy Notice”) is provided by Berkshire Hathaway International Insurance Limited (“BHIIL”).   References to “we”, “our” and “us” in this Privacy Notice are references to BHIIL.  References to “you” or “your” refers to the individual whose personal data is being processed by BHIIL (you may be the insured, beneficiary, claimant or other person involved in a claim or relevant to the insurance policy).

We are a controller of your personal data under applicable data protection laws including from May 25th 2018 the General Data Protection Regulation (“GDPR”).  We, as a controller determine why and how we collect and process your personal data.

WHAT IS THE PURPOSE OF THIS PRIVACY NOTICE

In order to provide certain insurance products and services, BHIIL may collect information about you which constitutes personal data under the GDPR.  This Privacy Notice explains how we collect, use, share and protect your personal data.  Please read this Privacy Notice carefully to understand what we do with your personal data.

We may change this Privacy Notice from time to time and if we make any material changes then we will make the updated Privacy Notice available on our website at www.bhiil.com and also by other means

1. PERSONAL DATA WE MAY COLLECT ABOUT YOU.

In order for us to provide insurance quotes, insurance policies, and/or deal with any claims or complaints, we need to collect and process personal data about you.  The types of personal data that are processed may include:

Types of Personal DataDetails
Individual details:Name, address (including proof of address), other contact details (e.g. email and telephone numbers), gender, marital status, date and place of birth, nationality, employer, job title and employment history, academic and professional information,  family details, including their relationship to you.
Identification details:Identification numbers issued by government bodies or agencies, including your national insurance number or , passport number, tax identification number and driving licence number
Financial information:Bank account or payment card details, income or other financial information
Risk details:Information about you which we need to collect in order to assess the risk to be insured and provide a quote. This may include data relating to your health, criminal convictions, or other special categories of personal data. For certain types of policy, this could also include telematics data.
Policy information:Information about the quotes you receive and policies you take out
Credit and Anti-Fraud Data:Credit history, credit score, sanctions and criminal offences, and information received from various anti-fraud databases relating to you
Previous and current claims:Information about previous and current claims, (including other unrelated insurances),which mayinclude data relating to your health, criminal convictions, or other special categories of personal data and in some cases, surveillance reports
Special categories of personal data:Certain categories of personal data which have additional protection under the GDPR. The categories are health, criminal convictions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric, or data concerning sex life or sexual orientation
2. WHERE WE MIGHT COLLECT YOUR PERSONAL DATA FROM

We might collect your personal data from various sources, including:

  • you;
  • your family members, employer or representative;
  • other insurance market participants;
  • credit reference agencies;
  • anti-fraud databases, sanctions lists, court judgements and other databases;
  • government agencies such as the DVLA and HMRC;
  • open electoral register; or
  • in the event of a claim, third parties including the other party to the claim (claimant / defendant), witnesses, experts (including medical experts), loss adjustors, solicitors, and claims handlers

Which of the above sources apply will depend on your particular circumstances.

3. WHO HAS ACCESS TO YOUR PERSONAL DATA?

The insurance life-cycle may involve the sharing of your personal information between insurance market participants (an intermediary, insurer, reinsurer), some of which youwill not have direct contact with. In addition, your personal data may not have been collected directly by us.

You can find out the identity of the initial data controller of your personal data within the insurance market life-cycle in the following ways:

  • Where you took out the insurance policy yourself: the insurer and, if purchased through an intermediary, the intermediary will be the initial data controller and their data protection contact can advise you on the identities of other insurance market participants that they have passed your personal data to.
  • Where your employer or another organisation took out the policy for your benefit: you should contact your employer or the organisation that took out the policy who should provide you with details of the insurer or intermediary that they provided your personal data to and you should contact their data protection contact who can advise you on the identities of other insurance market participants that they have passed your personal data to
  • Where you are not a policyholder or an insured: you should contact the organisation that collected your personal data who should provide you with details of the relevant insurance market participant’s data protection contact.
4. THE PURPOSES, CATEGORIES AND LEGAL GROUNDS FOR OUR PROCESSING OF YOUR PERSONAL DATA.

Data protection law says that we are only allowed to use personal information if we have a proper reason for doing so.  This includes when we share it outside BHIIL.  Data protection law says we must have one or more of the following reasons:

  • To fulfil a contract we have with you
  • When it is our legal duty
  • When it is in our legitimate interest
  • When you consent to it

When we have a commercial or other business interest reason of our own to use your personal information this is called a “legitimate interest”. We will tell you what that is if we rely on it as a means to process your data.

We will not collect and use special categories of personal data information without your consent unless the law allows us to do so.  If we do it will only be for the following reasons:

  • When it is necessary for reasons of substantial public interest, or
  • To establish, exercise or defend legal claims

We set out below the purposes and legal basis for which we may process your personal data during the life-cycle of providing insurance products and services to you.

PurposeCategories of DataOur Reasons
Quotation /Policy Inception
Setting you up as a client including possible fraud, sanctions and anti-money laundering checks

Evaluating the risks to covered and matching to appropriate policy /premium

Payment of premium where the insured/policyholder is an individual		Individual details

Identification details

Financial Information

Policy Information

Risk details

Previous claims

Credit and anti-fraud data		Performance of our contract with you

Compliance with a legal obligation

Legitimate interests

– Ensure client is within our acceptable risk profile
– To ensure appropriate product and premium
Policy Administration
Client care and including communication with you and sending updates

Payments to and from individuals		Individual details

Policy information

Risk details

Previous claims

Current claims		Perform contract

Legitimate interests

– To correspond with clients, beneficiaries and claimants in order to facilitate the placing of the policy and the handling of claims

Substantial Public Interest

Consent
Claims Processing
Managing insurance and reinsurance claims

Defending or prosecuting legal claims

Investigating or prosecuting fraud		Individual details

Policy information

Risk details

Previous claims

Current claims

Health data

Criminal records data

Other sensitive data		Perform contract

Legitimate interests

– To assess the veracity and quantum of claims

– Defend and make claims

–  To assist with the prevention and detection of fraud

Consent

Legal claims

Substantial public interest
Renewals
Contacting the insured/policyholder to renew the insurance policy

Evaluating the risks to be covered and matching to appropriate policy/premium

Payment of premium where the insured /policyholder is an individual		Individual details

Policy information

Risk details

Previous claims

Current claims		Perform contract

Legitimate interests

– To correspond with clients in order to facilitate the placing of the policy

Consent

Substantial Public Interest
Throughout the insurance life-cycle  
Complying with our legal and regulatory obligations

Pricing and risk modelling

Handling complaints

Transferring books of business, company sales and re-organisations		Individual details

Policy information

Identification details

Current claims

Previous claims

Financial Information

Risk details		Legal Obligation

Consent

Substantial Public Interest

Legitimate Interests

– To structure our business appropriately

– To build risk models that allow the acceptance of risk at appropriate premiums
5. WHO WE MAY SHARE YOUR PERSONAL DATA WITH

In order to undertake the activities listed above it may be necessary to share your data with third parties.  Who we share this data with may depend on the insurance products and services we provide to you but may include:

  • Other insurers that co-insure your policy
  • Reinsurance intermediaries
  • Reinsurance Companies
  • Loss adjusters, solicitors and claims management companies
  • Anti-Fraud agencies and private investigators
  • Government departments and databases
  • Outsourced service providers
  • Regulators
  • Our Group affiliate service companies Resolute Management Limited and Resolute Management Services Limited.

We may also share your personal data with certain BHIIL affiliates within the Berkshire Hathaway Group who are located in the United States who provide administration and consulting services to BHIIL in relation to the insurance products and services we provide to you.  Any such transfers are made under agreements using European Union approved model data transfer clauses which obligate the recipient to protect your personal data.

6. CONSENT

In order to provide insurance cover and deal with insurance claims in certain circumstances we may need to process your special categories of personal data, such as medical and criminal convictions records, as set out against the relevant purpose.

Your consent to this processing may be necessary for BHIIL to achieve this.

You may withdraw your consent to such processing at any time.  However, if you withdraw your consent this will impact our ability to provide insurance or pay claims.

7. PROFILING

When calculating insurance premiums insurance market participants may compare your personal data against industry averages.  Your personal data may also be used to create the industry averages going forward. This is known as profiling and is used to ensure premiums reflect risk.

Profiling may also be used by us to assess information you provide to understand fraud patterns.  Where special categories of personal data are relevant, such as past motoring convictions for motor insurance, your special categories of personal data may also be used for profiling.

8. RETENTION OF YOUR PERSONAL DATA

We will keep your personal data only for so long as is necessary and for the purpose for which it was originally collected. In particular, for so long as there is any possibility that either you or we may wish to bring a legal claim under the insurance policy or where we are required to keep your personal data due to legal or regulatory reasons.

9. INTERNATIONAL TRANSFERS

We may need to transfer your data to insurance market participants or their affiliates or sub-contractors and BHIIL group affiliates which are located outside of the European Economic Area (EEA) where data privacy laws may not be the same as they are in the EEA.  Those transfers would always be made in compliance with the GDPR.

If you would like further details of how your personal data would be protected if transferred outside the EEA, please contact the BHIIL Data Protection Officer.

10. Your RIGHTs

If you have any questions in relation to our use of your personal data, you should first contact the Data Protection Officer at BHIIL by post or email using the following details:

Data Protection Officer
Berkshire Hathaway International Insurance Limited
4th Floor, 8 Fenchurch Place
London
EC3M 4AJ

Email: DPO@Bhiil.com

Under certain conditions, you may have the right to require us to:

  • provide you with further details on the use we make of your personal data/special categories of data;
  • provide you with a copy of the personal data that you have provided to us;
  • update any inaccuracies in the personal data we hold;
  • delete any special category of data/personal data that we no longer have a lawful ground to use;
  • where processing is based on consent, to withdraw your consent so that we stop that particular processing;
  • object to any processing based on the legitimate interests ground unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights; and
  • restrict how we use your personal data whilst a complaint is being investigated.

In certain circumstances, we may need to restrict the above rights in order to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege).

11. YOUR RIGHT TO COMPLAIN TO THE INFORMATION COMMISSIONERS OFFICE (“ICO”)

If you are not satisfied with our use of your personal data or our response to any request by you to exercise any of your rights in SECTION 10, or if you think that we have breached the GDPR, then you have the right to complain to the ICO.  Please see below for contact details of the ICO.

England
Information Commissioners Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF		Tel: 0303 123 1113 (local rate) or Tel: 01625 545 745 (national rate)

Email: casework@ico.org.uk
Scotland
Information Commissioner’s Office
45 Melville Street
Edinburgh
EH3 7HL		Tel: 0131 244 9001

Email: Scotland@ico.org.uk
Wales
Information Commissioner’s Office
2nd floor Churchill House
Churchill way
Cardiff
CF10 2HH		Tel: 029 2067 8400

Email: wales@ico.org.uk
Northern Ireland
Information Commissioner’s Office
3rd Floor, 14 Cromac Place
Belfast
BT7 2JB		Tel: 0303 123 1114 (Local rate) Tel: 028 9027 8757 (national rate)

Email: ni@ico.org.uk