On 25th May 2018, a new law called the General Data Protection Regulation (GDPR) will be enacted in the UK, dealing with the ways that companies store and handle personal data from customers.
Secure Mortgages take the protection of personal information extremely seriously and we have processes in place to keep our systems secure.
We wish only to protect the privacy and the confidentiality of ALL Personal Data that the company processes in connection with the services it provides to clients.
We provide insurance broking services, which enable the consideration of, access to, administration of, and making of claims on insurance.
In order for us to arrange insurance cover and assist in the handling of insurance claims, Secure Mortgages and other participants in the insurance industry are required to use and share Personal Data.
The insurance industry is required to use and share Personal Data. For further information in considering how & why, reference could be made to the following website link:
This website link displays the London Market Core Uses Information Notice regarding Data Protection. Secure Mortgages use of Personal Data is consistent with the LMA Notice. This notice sets out the use by Secure Mortgages of this Personal Data and the disclosures it makes to other insurance market participants and other third parties.
Secure Mortgages may receive Personal Data relating to potential or actual policyholders, claimants and other parties involved in a claim, during the insurance policy period and sometimes beyond. Any references to “individuals” in this notice include any living person from the preceding list, whose Personal Data Secure Mortgages receives in connection with the services it provides under its engagements with its clients.
Identity of controller and contact details
Secure Mortgages (the controller in respect of the Personal Data it receives in connection with the services provided under the relevant engagement between Secure Mortgages and its client). Our contact address is 12 The Glades, Aldridge, West Midlands WS9 8RN.
Personal information that we process
We collect and process the following Personal Data:
Individual details –
name, address (and proof of address), other contact details (e.g. email and telephone details), gender, marital status, date and place of birth, employer, job title and employment history, relationship to the policyholder, insured, or claimant.
Financial information - bank account number and account details and other financial information only to the extent relevant to the risk being insured:
Health data - current or former physical Insured risk - information about the insured risk, which contains Personal Data and may include, or mental medical conditions, health status, injury or disability information, medical history;
Criminal records data - criminal convictions, including driving offences.
Policy information - information about the quotes individuals receive and the policies they obtain.
Credit and anti-fraud data - credit history and credit score, information about fraud convictions, allegations of crimes and sanctions details received from various anti-fraud and sanctions databases, or regulators or law enforcement agencies.
Previous claims - information about previous claims, which may include health data, criminal records data and other special categories of Personal Data (as described in the Insured Risk definition above).
Current claims - information about current claims, which may include health data, criminal records data and other special categories of Personal Data (as described in the Insured Risk definition above).
(Where we collect such information directly from individuals, we will inform them of whether the information is required and the consequences of not providing it on the relevant form).
Personal Data sources
We collect and receive Personal Data from the following sources:
How we use and disclose Personal Data
We will now set out the purposes for which we use Personal Data, explain how we share the information, and identify the “legal grounds” on which we rely to process the information. These “legal grounds” are set out in the General Data Protection Regulation (the GDPR), which allows grounds” set out in the GDPR (the full description of each of the grounds can be found below).
Article 6(1) of the GDPR sets out the conditions the must be met for the processing of personal data to be lawful. They are:
(a) the data subject has given consent to the processing of their personal data for one or more specific purposes;
(b) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
(c) processing is necessary for compliance with a legal obligation to which the controller is subject;
(d) processing is necessary in order to protect the vital interests of the data subject;
(e) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(f) processing is necessary for the purposes of the legitimate interests pursued by a controller, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
In order to facilitate the provision of insurance cover and assist in the administering of insurance claims, unless another legal ground applies, we rely on the data subject’s consent to process special categories of Personal Data and criminal records data, such as medical and criminal convictions records. The affected individual’s consent to this processing of special categories of Personal Data and criminal records data may be necessary for Secure Insurance Services to be able to provide the services the client requests.
Where a third party provides us with information about a person, the third party must agree to notify them of our use of their Personal Data and to obtain such consent for us.
Secure Mortgages have in place physical, electronic, and procedural safeguards appropriate to the sensitivity of the information we maintain. These safeguards will vary depending on the sensitivity, format, location, amount, distribution and storage of the Personal Data, and include measures designed to keep Personal Data protected from unauthorised access. If appropriate, the safeguards include the encryption of communications, encryption of information during storage, firewalls, access controls and other security systems.
In addition access to Personal Data is limited to personnel and third parties that require access to such information for legitimate, relevant business purposes.
Limiting collection and retention of Personal Data
Secure Mortgages only collect, use, disclose and otherwise process Personal Data that is necessary for the purposes identified in this Privacy Notice or as permitted by law.
The retention periods for Personal Data are based on business needs and legal requirements. Secure Insurance Services retain Personal Data only for as long as is necessary for the processing purpose(s) for which the information was collected, and any other permissible, related purpose. For example, we retain certain transaction details and correspondence until the time limit for claims arising from the transaction has expired, or to comply with regulatory requirements regarding the retention of such data. When Personal Data is no longer needed, the data will be securely destroyed.
Accuracy, accountability, transparency and Individuals rights
Under certain conditions, individuals have the right to request any of the following:
Secure Mortgages will respond to most requests within 30 days.(If we are unable to resolve an enquiry or a complaint, individuals have the right to contact the UK data protection regulator, the Information Commissioner’s Office.)
Third party websites
Our websites may contain links to other third party websites. If any person(s) follow such a link to any of third party website, please note that the websites will have their own privacy policies and Secure Insurance Services cannot accept any responsibility or liability for their policies or processing of your personal information. It is important that any person check the website policies before submitting any personal information to any third party websites.
All insurances transacted over the phone have a 14 day cooling off period and all documents will be either emailed or posted on the same day.
For all insurances transacted over the phone you can contact us within the 14 days to cancel your policy and get a full refund.