Data Protection Notice
Effective 26 June 2018
We respect your trust in us to use, store and share your information. In this notice, we explain how we collect personal information about you, how we use it and how you can interact with us about it. ‘Personal Information’ is information about you and other individuals that identifies or makes an individual identifiable.
We try to keep this notice as simple as possible but if you are unfamiliar with our terms, or want more detail on any of the information here, please refer and go to www.gjis.co.uk to view and read the full terms of Business. You may also contact us directly for more details, as required.
1. Who we are
In this notice, 'we', 'us' and 'our' refers to GJIS Limited, a company registered in England and Wales under company number 01310695, including its trading name Global Jewellery Insurance Services. We are the data controller and are responsible for, and control, the processing of, your Personal Information, in accordance with the General Data protection Regulation and Data Protections Act 2018 (‘GDPR’/ ‘Act’)
2. Contact us
We welcome your feedback and questions about this Policy. If you wish to contact us please email our Representative, with overall responsibility for data protection, at email@example.com or write to us at GJIS Limited, Peel Place, 50 Carver Street, Birmingham B1 3AS.
3. How we collect information about you
When you visit our website (at https://www.gjis.co.uk), make an enquiry, post on our discussion forum, respond to a survey or register with us we may collect some basic information about you, such as your name, contact details and a record of any communications, for the purpose of responding to any query raised or comment made. We also collect statistical data about your browsing actions and patterns. This means information about your computer and your use of our Services, including (where available) your IP address, unique mobile device identifier (UDID), Android ID, device MAC address, browser information, operating system, timestamps, the pages that you request, applications downloaded, traffic data, location data, weblogs and other communication data, and the resources that you access. This will help us make our website work better for you. We will not use this information to identify you.
In addition, we collect Personal Information from you and other third parties (including your family, members, trade associations, your employer, credit reference agencies, anti- fraud and other databases, government agencies (DVLA, HMRC), and third parties to a claim (witnesses, experts, loss adjusters, legal representatives etc.), in order to provide insurance quotes, administer insurance policies and/ or deal with any claims or complaints and to provide you with access to our online services (‘Services’). The types of information we collect includes:
In certain circumstances we may need to process special categories of data (i.e. details of your health/ physical injuries) and/ or criminal convictions (i.e. driving offences) to assess the risk to be insured and/ or process a claim. We will only process this information where necessary and on the basis of the below legal basis.
4. How we use your information
To provide our products and Services under the terms and conditions we agree between us, we need to collect and use personal information about you. If you do not provide this personal Information we may not be able to provide you with our products and Services.
In accordance with the GDPR/ Act, we may only process your Personal Information if we have a ‘legal basis’ (i.e. legally permitted reason) for doing so. For the purposes of this Policy, our legal basis for processing your Personal Information is set out in the table below.
In accordance with the Act, we are able to process your special category data (details of your health) and details of any criminal convictions where it is necessary for an insurance purpose (including advising on, arranging, underwriting or administering a contract of insurance and administering a claim under a contract of insurance) provided we have established a legal basis for doing so.
Where we are processing your special category data/ details of criminal convictions for an insurance purpose our legal basis is set out in the table above.
We will not process your special category data/ details of your criminal conviction without your explicit consent where it is not necessary for an insurance purpose.
It is important that we keep your personal data accurate and up to date and so we ask you to provide accurate information and inform us of any changes.
As set out above, your Personal Information may be processed for the purpose of creating general risk profiles. Where special categories of data / criminal conviction data are relevant this maybe processed as part of this analysis. If we were to report trends to any third parties any report, we prepare will group the information so that all Personal Information (information that makes you identifiable) is removed. For example, we may produce a risk exposure report on a certain geographical area or postcode.
6. How we keep your information safe
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our Service and any transmission is at your own risk.
When you contact us to ask about your information, if necessary, we may ask you to identify yourself. This is to help protect your
7. How long we keep your information
To meet our regulatory and legal obligations, we collect some of your personal information, verify it, keep it up to date through regular checks, and delete it once we no longer require it for the purpose for which is was originally collected. We may also gather information about you from third parties to help us meet our obligations. If you do not provide the information we need, or help us keep it up to date, we may not be able to provide you with our products and services.
As a guide we usually retain your personal data for around 7 years following expiry of a policy of insurance, completion of a claim, cancellation of your online account or termination of a contract between us. We may be required to retain data for longer periods. If you would like further details of our retention periods, please contact us on the details above.
For the purposes of the GDPR/ Act we have a legitimate interest in processing your personal data (name and contact details) for marketing communications. We will only require your consent, in certain circumstances, where we are marketing products and services to you as an individual, not to your business. Circumstances where we may need your consent are outlined below.
Where you have previously ordered products or services from us, unless you have told us not to, we may contact you by telephone, email or post about similar or related products, services, promotions and special offers that may be on interest to you.
In addition, with your consent, we may contact you by telephone, email or post to provide information in relation to other products, services, promotions, special offers and other information we think may be of interest to you.
You have the right at any time to ask us to stop processing your information for direct marketing purposes. If you wish to exercise this right please follow the unsubscribe link on the communications or contact us on the below details, or the relevant third party, giving us or them enough information to identify you and process your request.
Please note that even if you ask not to receive marketing communications, we may still need to send you service messages regarding the Services.
9. Your information and third parties
Sometimes we share your information with third parties. For example, to:
In addition, we may share your details with third parties to effectively provide our Services, including:
In order to process your application we may supply your personal information to credit reference agencies (CRAs) and they will give us information about you such as about your financial history. We do this to assess creditworthiness and product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity. We may also continue to exchange information about you with CRAs on an ongoing basis, including about your settled accounts and any debts not fully repaid on time. CRAs will share your information with other organisations.
Your data may also be linked to the data of your spouse, any joint applicants or other financial associates.
The personal information we have collected from you will be shared with fraud prevention agencies who will use it to prevent fraud and money - laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance or employment.
Further details of the CRA's and fraud prevention agencies, and how they process your information can be ascertained by contacting our offices.
Where required by the GDPR/ Act we will ensure that relevant contractual protections are in place with these third parties to ensure they have the same levels of information protection that we have.
We also have to share information with third parties to meet any applicable law, regulation or lawful request. When we believe we have been given false or misleading information, or we suspect criminal activity we must record this and tell law enforcement agencies, which may be either in or outside the UK.
I0. International transfer of data
We may transfer your personal information outside of the European Economic Area (EEA) to help us provide your products and services. It may also be processed by persons operating outside the EEA who work for us, one of our associated companies or a third party engaged by us. Such countries may not have similar protections in place regarding protection and use of your data. We will take all steps reasonably necessary to ensure the security of your Personal Information i.e. where approved contractual clauses are agreed.
11. Your rights
This section sets out the legal rights of individuals in respect of the Personal Information we are holding and/or processing. If you wish to exercise any of your legal rights you should put your request in writing to us (using our contact details below) giving us enough information to identify you and respond to your request.
We can help you with/ you have the right to:
If you seek to exercise a right under the relevant law and we consider an exemption is applicable (or the relevant right is not exercisable), we will explain this to you in as clear a way as we can.
You can find out more about internet advertising by visiting the following websites: www.allaboutcookies.org, www.yourchoicesonline.eu, and www.networkadvertising.org. Some of these sites enable you to opt out of online behavioral advertising and other tracking cookies (in addition to the control settings on your browser).
13. Making a complaint
If you have a complaint about the use of your personal information, please let a member of staff know, giving them the opportunity to put things right as quickly as possible.
If you wish to make a complaint you may do so in person, by telephone, in writing and by email. Please be assured that all complaints received will be fully investigated. You can register a complaint, using the contact details above. We ask that you supply as much information as possible to help us resolve your complaint quickly.
You also have the right to make a complaint to the Information Commissioner's Office, the data protection regulator in the UK, at www.ico.org.uk.
13. Updates to this notice
We will make changes to this notice from time to time, particularly when we change how we use your information, and change our technology and products.
You can always find an up-todate version of this notice on our website at www.gjis.co.uk/privacy_policy
You will also find it incorporated within our Terms of Business which are included in your policy documentation from time to time, or you can ask us for a copy.
© Copyright 2018 - GJIS Limited. All rights reserved.