Privacy Policy
What is Personal Data
Under the EU’s General Data Protection Regulation (GDPR) personal data is defined as: “any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
Who is the Data Controller
This website is operated by Professional Personal Claims Ltd, who is the data controller and is committed to protecting your privacy and takes its responsibilities regarding the security of user information very seriously. This privacy statement sets out how both UK and European Union data protection requirements will be complied with. This website is structured so you can visit it without identifying yourself or revealing sensitive personal information. Once you choose to provide us with any information by which you can be identified, then you can be assured that it will only be used in accordance with this Privacy Notice. This website and our services are not intended for individuals under 18 years of age. If you have any queries about the policy, you should contact the Company.
How Your Personal Information will be Used
By agreeing on a website operated by Professional Personal Claims Ltd to the Company’s Privacy Policy you agree the Company may collect and use your personal data or in certain circumstances pass your data to Personal & Professional Ltd if this is necessary they will become the data controller, you will be notified of this occurrence and they will continue to comply with the following Data Protection policy. Professional Personal Claims Ltd or Personal & Professional Ltd will use your data in order to:
Contact you in response to a specific enquiry.
Provide our products and services that you request from us.
Send you transactional communications via the contact details you have provided to us during our services.
Contact third parties on your behalf, with your specific instruction.
Contact you by telephone, email and text to provide information, which you have specifically requested.
Operate and manage your account and manage any application, agreement or correspondence you may have with us.
Carry out, monitor and analyse our business, to identify, prevent, detect or tackle fraud, money laundering, terrorism and other crimes.
Conduct audits, for regulatory purposes, legal purposes and compliance with industry standards.
We will not under any circumstances sell or share your data with third party marketing companies without your consent.
Why is it Necessary to Collect and Store Personal Data
We need to collect personal data in order for us to provide you with a service, to answer your enquires about our services and to maintain our records. In any event, we are committed to ensuring that the information we collect, and use is appropriate for this purpose, and does not constitute an invasion of your privacy. The personal data we collect and store and transfer different kinds of personal data about you which we have categorised as follows:
Identity Data. This includes, first name, maiden name, last name, marital status, title, date of birth and gender.
Contact Data. This includes, postal address, email address and telephone number.
Financial Data. This includes, creditor details, bank account information and payment details.
Compliance Data. This includes, recorded calls for quality checks and staff training.
Technical Data. This includes, internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
Usage Data. This includes, information about how you use our website, products and services.
Marketing and Communications Data. This includes, your communication preferences.
Aggregated Data. This includes statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data, which will be used in accordance with this privacy notice.
Special Categories of Personal Data. This includes health and vulnerability related data that you may voluntarily share with us during the fulfilment of our services to you. We will always ask for your explicit consent to record and share Special Category Data.
How we Might Collect Personal Data
We use different methods to collect data from and about you as follows:
When you voluntarily provide it to us: You may give us your Identity, Contact and Financial Data by filling in forms or by corresponding with us by post, phone, email or otherwise. This includes personal data you provide when you: apply for our products or services; request marketing to be sent to you; or give us some feedback.
Collected automatically: As you interact with our website, we may automatically collect Technical Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies. We may also receive Technical Data about you if you visit other websites employing our cookies. Please see our cookie policy for further details.
Provided by third parties or publicly available sources: We may receive personal data about you from various third parties as set out below:
Technical Data from analytics providers such as Google based outside the EU;
Identity and Contact Data from publicly available sources, including Companies House and the Electoral Register based inside the EU.
Processing Purpose and our Legal Basis
We will always have a legal basis for processing personal data and we have methodically assessed our purposes and legal bases. Our legal basis for processing your information is most commonly in line with our contractual obligations to fulfil the services and products you request from us. As a Regulated Company, we are audited and held to high standards for the services and products we offer. Therefore, we may be legally obligated to process personal data during regulatory audits. In the process of delivering our services, there may be legitimate interests that we pursue, which we have tested to ensure that those interests are balanced, appropriate and we have considered any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). If you have any questions about the legal basis for our processing activities, please feel free to get in touch with our Data Protection Office.
Recipients of Your Personal Data
During the course of providing the services that you request from us, we may share your information with our processing partners, known as recipients and data processors. We conduct due diligence with both recipients and data processors around the areas of their data security protocols, data protection policies and we have strict contracts in place that govern how they process your information.
IT Support and Data Backup
We Use GoDaddy for the purpose of data backups and cloud storage
GoDaddy
14455 N. Hayden Rd, STE. 226
Scottsdale, AZ 85260 USA
We use TextAnywhere for the purpose of text message communications
TextAnywhere
Indigo House
Sussex Avenue
Leeds
West Yorkshire
LS10 2LF
We use Google to monitor the behaviour of visitors to our website
1–13 St Giles High St.
London
WC2H 8AG
Third Parties
Third parties to whom we may choose to sell, transfer or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this privacy notice.
When we may Have to Disclose Your Personal Data
We may have to disclose your personal data with other third parties as set out below. These organisations or bodies will not use your information to contact you. These third parties will be subject to obligations to process your personal information in compliance with the same safeguards that we deploy.
Claims Management Regulator
The Financial Conduct Authority
The Financial Ombudsman Service
The Financial Services Compensation Scheme
Your Lender
The Party that sold you a Product
Your Bank or Building Society
HM Revenue & Customs
The Company’s Compliance Consultants
The Company’s Solicitors
Transferring Data Outside of the EEA
In the provision of our services to you we use data processors that are outside of the European Economic Area (EEA). Specifically, we use data processors based in The United States of America. The General Data Protection Regulation has strict rules about data transfers to international organisations and we use approved data transfer mechanisms, including the EU–US Privacy Shield and contracts with model clauses. We take extra steps to ensure comprehensive due diligence and regular audits, both onsite and remote, of the data processing activities of our data processors. If you would like any more information, please get in touch by contacting our Data Protection Office, details can be found at the start of this Privacy Notice.
Making Sure Your Data is Secure
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.
How Long Do We Keep Data
We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. By law we have to keep certain information about our customers and this data will be held solely and securely for those legal purposes.
Your Rights as a Data Subject
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
Right of access – you have the right to request a copy of the information that we hold about you.
Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
Right of portability – you have the right to have the data we hold about you transferred to another organisation.
Right to object – you have the right to object to certain types of processing such as direct marketing.
Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
Right to judicial review -in the event the Company refuses your request under rights of access, we will provide you with a reason as to why. You have the right to complain and we have provided a specific section on this below. All of the above requests will be forwarded on should there be a third party involved in the processing of your personal data.
Requesting Access to my Data
At your request, the Company can confirm what information we hold about you and how it is processed. If the Company does hold personal data about you, you can request the following information: Identity and the contact details of the person or organisation that has determined how and why to process your data. Contact details of the data protection officer, where applicable. The purpose of the processing as well as the legal basis for processing. If the processing is based on the legitimate interests of the Company or a third party, information about those interests. The categories of personal data collected, stored and processed. Recipient(s) or categories of recipients that the data is/will be disclosed to. If we intend to transfer the personal data to a third country or international organisation, information about how we ensure this is done securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure your information.
How Long Your Data will be Stored
Your personal data will be stored by the Company for as long as necessary to complete providing the service you have requested and to comply with all relevant legislation. You have the right to request access your personal data the Company is storing. You have the right to request the Company destroy or transfer to a suppression list your personal data the Company is storing. However, the Company has the right to refuse to destroy your personal data where its retention is required by the Company to comply with relevant legislation or Court proceedings.
How can I Access my Personal Data you Hold and What Forms of ID will I Need to Provide
We accept copies of the following forms of ID when information on your personal data is requested: Passport, driving license, birth certificate, utility bill from last 3 months. You may access your personal data by contacting the Company’s data protection officer, details are contained on the contact us website page.
How Can I Make a Complaint About the use of my Personal Data
You may make a complaint regarding the use of your personal data by contacting the Company’s data protection officer, details are contained on the contact us website page. Alternatively, you may raise a complaint with The Information Commissioner, Information Commissioners Office, Wycliffe House, Water Lane, Wilmslow, Cheshire. SK9 5AF. Telephone: 0303 123 1113
Copyright Notice
This website and its content is copyright of Professional Personal Claims Ltd - © Professional Personal Claims 2019. All rights reserved. Any redistribution or reproduction of part or all of the contents in any form is prohibited other than the following: you may print or download to a local hard disk extracts for your personal and non-commercial use only you may copy the content to individual third parties for their personal use, but only if you acknowledge the website as the source of the material You may not, except with our express written permission, distribute or commercially exploit the content. Nor may you transmit it or store it in any other website or other form of electronic retrieval system.