Privacy Note
This privacy notice describes how Global Insurance Management Ltd (also referred to as “we” or “us”) process Personal Data relating to our policyholders, service users and related individuals, and other enquirers and users of our website (“you”).
Pursuant to the definition provided by the EU regulation General Data Protection Rule, we are acting as Data Controller. We are accountable of any usage of your Personal Data made by us or on our behalf.
We may update this notice from time to time and will publish the new version on our website. This notice was last updated on 1 March.
This notice is set out in 10 sections:
1. Who we are
2. What information we collect (including where we collect it from) and how we use it
3. Sharing your information, and our relationship with other parties
4. Legal basis for use of your information
5. International data transfers
6. Retaining your information
7. Security of your information
8. Your legal rights, including your right to access a copy of data we hold
9. Our contact details
10. Related notices and terms
1. Who we are
The website for Global Insurance Management is at www.globalim.co.uk
We offer administration services for Extended Warranty programs, Mechanical Breakdown Insurance (MBI), Guarantee Asset Protection Insurance (GAP) and Service plan programs.
In carrying out these activities, we act as Data Controller, meaning we determine the way in which your data is used (as described in this privacy notice).
We have appointed a Data Protection Officer, who is responsible for overseeing use of Personal Data by us. You may contact the Data Protection Officer with any queries relating to the processing of your Personal Data by us, and to exercise your data protection rights (see section 8 below).
Contact details for the Data Protection Officer are set out at section 9 below.
2. Information we collect and how we use it
2.1 Purchasing insurance from our business partners
You may purchase our insurance from one of our business partners (for example as an add-on to other insurance or a product you are buying from them). You may also purchase a policy which is underwritten by our business partner, but for which we process and service your claims (see section 2.2).
In these circumstances, our business partner will collect and share some of your Personal Data with us in order for us to underwrite and administer your policy (where we are the underwriter) and to provide you with relevant services if you make a claim.
These details may include, but may not be limited to:
- Name (of policyholder and any related individuals under the policy)
- Address and contact details
- Level of cover and policy details
- Vehicle details, including car registration number (for motor breakdown insurance policies for example)
- Bank details for claims payments, reimbursements, policy checking.
Our business partner will also assign you a policy number which we will record alongside your other personal details.
2.2 Making a claim or requesting a service
You may contact us by telephone or email:
- Make a claim under your insurance policy; or
- Request a specific service under an existing service-only contract; or
- Request a pay-on-use service (and enter into a new service-only contract under section 2.1 above).
You may also enquire about such claims or services.
When you contact us in this way (or otherwise contact us for these purposes), we will collect additional information from you to assist with your enquiry, verify and handle your claim or service request, and, where appropriate, to settle the claim and provide the services. This includes arranging for our service providers to respond to and deal with qualifying incidents in settlement of your claim or as part of the services.
If you have purchased our insurance from one of our business partners, or where we are handling a claim under a policy underwritten by one of our business partners (see section 3.2 below), our claims handling service may use the brand of our business partner in dealing with your enquiry. However, the information we collect is used by us (rather than by our business partner) for these purposes.
In each case, the details we collect will include:
- Name, and policy or contract details
- Information about the claim or service request, including the surrounding circumstances, the assistance you require, and information within any related documents you provide to us.
This may include some Sensitive Data, and other information of a sensitive nature. For example, we may need to know information about you and individuals receiving services or involved in the assistance we provide, or other sensitive information about the circumstances of the claim or request. This is collected in order to make appropriate arrangements to deal with your claim and provide the relevant services.
We will also assign you a claim or service number, which we will record alongside your other personal details.
If you provide us with details relating to other individuals, please ensure such individuals are aware that we will use their details for the purposes of the insurance claim or service request and direct them to this privacy notice for more information.
Calls to our call centers may be recorded, and we may keep additional records of our communications with you, and any arrangements made to settle your claim and provide you with services.
See section 2.4 below for more information about this.
2.3 Other use of our website and social media
We may collect other personal details from users of our website or our social media accounts, for example users who send us queries, enter our competitions, or are involved in other activities run by us within this context. We may use such details in order to deal with your enquiry, and to administer the relevant competitions or activities.
Note that information provided over social media may also be used and stored by the social media provider, in accordance with its own terms and policies.
We may also use cookies or similar technologies to collect website usage information, including your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views and website navigation paths. We do not, however, seek to relate this information to you as an individual nor combine it with other data relating to you. For further information, please refer to the Cookies Policy.
Our website may include hyperlinks to, and details of, third party websites. Subject to our data sharing responsibilities (see section 3 below); we have no control over, and are not responsible for, the privacy policies and practices of third parties.
2.4 Other collection and uses of your Personal Data
We may also collect and use your Personal Data as follows:
- We may record calls made to us for the purposes of record-keeping, training, quality control.
- We may conduct surveys or ask you for feedback on our products and services, and may invite you to take part in focus groups. We use your responses and contributions to these for the purposes of quality control and improvement of our products and services.
- We carry out sanctions checking including to safeguard against fraud and money laundering, and in accordance with Government requirement.
- We may carry out audits of third parties who handle claims under our policies (see section 3.4 below), which may involve us reviewing samples of personal details used in relation to such services.
- If you contact us, for example over email, by telephone, by post, or over our website or social media, we may retain your contact details and your communication in order to handle (see Art. 6 - for retention period information) your query and maintain records of communications.
- We maintain records of our activities and services, which may include communications exchanged with you or concerning you.
- We may use your Personal Data in order to handle complaints about our activities, and to assess and manage any potential or actual legal action arising from such complaints.
- We may use some Personal Data for analytical purposes and to assist us in improving our processes, products and services, for example root cause analysis on complaints. We seek to use anonymous data sets for these purposes.
- We may review and enforce your compliance with our policy terms, website terms or†̈other terms relevant to our relationship with you, or deal with related enquiries.
- We may use your Personal Data in order to comply with our legal and regulatory obligations (including those imposed by the Financial Conduct Authority, or to protect and enforce our legal rights and those of other individuals.
2.5 Children's data
We do not intentionally offer insurance policies or service-only contracts or collect any personal information from children under 18 years of age. We shall seek to cancel a policy or service-only contract, refund the premium or payment and delete the details of such individuals when a parent or guardian notifies us that any personal details have been obtained from their child in this context.
3. Sharing your information and our relationship with other parties
3.1 Providers of services to you
We share your Personal Data with providers of services to settle claims and provide a service, including the provision of repairs and replacement services, under your insurance policy or service-only contract. These include, for example, providers who carry out repairs/replacements of items insured under our policies. We will share details such as your name, address or location, car registration number, number of passenger, and other details and circumstances of the relevant incident. These details may include Sensitive Data relevant to the service they are providing, such as the health and vulnerabilities of individuals involved in a relevant incident. We remain responsible for how our providers use your Personal Data for these purposes.
3.2 Business partners
Information about your claims and other correspondence with you may be disclosed to our business partners from whom you purchased a policy (see section 2.2 above) for their audit purposes.
3.3 Third party claims handlers
Third party organizations may handle claims under some of our insurance policies. Where this is relevant, further detail can be found in your policy documentation. They will obtain information about you and your policy directly from our business partner who sold you the policy (see section 2.1 above). These organizations will act as Data Co-controller, meaning that they will decide how they use your Personal Data in handling a claim and what additional information they may need from you, in accordance with their own data protection practices. We will not generally have access to the Personal Data they record, other than for audit purposes.
3.5 Other disclosures
We may also disclose your Personal Data to the following parties:
- Legal authorities or regulatory bodies;
- Parties involved with current or prospective legal proceedings, or assisting us to establish, exercise or defend our legal rights. For example, we may share information with our legal or other professional advisers.
- Parties with whom you have given us permission to speak about your insurance policy or claim (including other relevant individuals under a policy).
- Providers of other products and services for them to send you direct marketing communications, to the extent that you have consented to us doing so - see section 2.5 above.
- Other service providers, for example those providing data backup or technology services.
- Other parties to the extent that you have consented to us doing so or where we are otherwise required or permitted to do so by law.
4. Legal basis for use of your information
We collect, use and disclose your Personal Data for the following reasons:
- Collection and use of Personal Data which is necessary for performance of our contract of insurance or service-only contract with you, for example in order to administer a policy, handle claims and provide relevant services.
- Collection and use of the Personal Data is necessary for performance of your contract of insurance with another company, to enable us to provide assistance or services and/or pay claims to you, where these are benefits processed and serviced by us.
- Collection and use of Personal Data which is in our legitimate interests, for example to manage our business, handle claims, provide services, respond to enquiries, maintain records of communications, handle complaints, enforce compliance with our terms and investigate fraud.
- Collection, use and disclosure of Personal Data to conduct sanctions checking.
- Disclosure of data in the legitimate interests of the third party who receives it, for example our business partners who audit us or third parties who handle claims under our insurance policies.
- Collection, use or disclosure of data to comply with a legal obligation, for example where our regulator or law enforcement authorities require us to do so.
5. International general Personal Data transfers
In cases where we could be led to transfer your data to a location outside the UK and the European Economic Area we will ensure your data is given a similar level of protection as required under UK data protection law.
Any sensitive personal data shall not be transferred outside European Economic Area without you being informed prior to the transfer.
6. Retaining your information
Your Personal Data shall be retained as long as needed for the authorized purposes listed in the consent form you have signed, including the relevant purposes specified above. This includes retention of some Personal Data following the end of our relationship with you, especially in order to resolve any potential disputes and for ongoing or prospective legal proceedings, maintain records of our services, and otherwise comply with our legal obligations and defend our legal rights.
We undertake to keep your Personal Data safe, confidential, accurate and efficient for the usage duration period hereby authorized.
At the end of the retention period, your Personal Data will be anonymized or destroyed.
Please use the contact details at section 9 below if you need further information about our retention periods.
7. Security of your information
We regularly review the technical and organisational security measures we have in place on our information and communications systems in order to prevent the loss, misuse or unauthorised alteration of your personal information.
Communications sent over our website, or using email or social media, rely on the internet which is a publicly hosted network.
Global Insurance Management Limited has deployed an adequate procedure to identify and communicate any incident of data breach within a delay of 72 hours and to resolve it within a reasonable delay.
Further information about security measures we apply to communications sent by email or over our website is available on request - please use the contact details at section 9 below.
You are responsible for keeping the password you use for accessing our website confidential. We will not ask you for your password, except when you log in to our website.
8. Your legal rights
In accordance with data protection laws, you have a right to:
- Obtain a copy of the Personal Data we hold about you, together with other information about how we process it;
- Request rectification of inaccurate data, and, in some circumstances, to request us to erase or restrict our use of your data, or otherwise to object to our processing of your data for direct marketing purposes or for reasons relating to your particular situation;
- Oppose to a processing on your Personal Data;
- Request modification of your Pervsonal Data;
- Request erasure of your Personal Data;
- Receive a copy or have a copy transmitted to another company (portability of data) (in a machine-readable format) of Personal Data which you have provided to us, where we process it electronically based on your consent or that it is necessary for performance of our contract with you (see section 4 above). Such data may be transmitted to another Data Controller (such as another insurance provider);
- Make a complaint about how we handle your data to the Information Commissioner’s Office. Please visit ico.org.uk for further information about how to do this.
- Withdraw any consent which you have given relating to use of your data, at any time. This includes consents to receiving direct marketing communications (see section 2.5 and section 4).
Note that there are certain limitations and exemptions to these rights which we may apply depending on the circumstances.
Please use the contact details under section 9 below to send us requests to exercise these rights (specifying what you are requesting), or if you would like further information about them.
9. Our contact details
Data Protection Officer
Address: Global Insurance Management Limited
Bourn, 5th Floor (West)
1 Manor House Drive
Coventry
CV1 2FX
Email: dpo@globalim.co.uk