Healthy Horizons is committed to protecting the privacy and confidentiality of all individuals and takes its responsibilities regarding the security of data very seriously. We abide by the rules of the General Data Protection Regulation (GDPR) upheld by the Information Commissioner Officer (ICO) and are authorised and regulated by the Financial Conduct Authority (FCA) to advise and arrange General Insurance policies. This includes processing any personal data lawfully, fairly and in a transparent manner.
What information do we collect about you and why?
As a Brokerage and as part of our service we will only collect information from you so that we can advise and arrange General Insurance policies that are suitable for you. In the financial services industry we call this fact-finding which provides us with all the information that we need from you in order to provide you with a suitable product that meets your circumstances and requirements.
When obtaining information from you we will do this by phone, email or post and will confirm the accuracy of the data collated. It is important that all the data we hold on you is accurate so that we can advise and arrange suitable products to you.
The types of information we may collect from you includes; contact details, date of birth, gender, marital status and dependents, bank account details, medical insurance history, occupation, income and anti-money laundering status. In addition, we may collect sensitive personal data such as medical conditions or criminal offence data where required to do so to arrange a policy on your behalf.
Where you provide your personal data on our website it will be taken as a positive action that you would like us to contact you for the purpose as set out on our website.
Contact details received from a third party lead generator
Occasionally we may receive your contact details from a third party lead generator who you have expressed an interest in the products/service we have to offer. Where we use lead generators we will request from them that they have obtained your consent and have made it clear to you that they will pass your details on to a firm such as ours and that you will be expecting us to contact you.
Information from other sources
We may obtain information from other sources such as public records, if required. This is to enable us to verify who you are or facts that you have told us are accurate.
How will we use this information?
We will only use your data in ways that you would reasonably expect us to. Below summarises how we will use your data.
We will use the information you provide to us to research the market on your behalf to find a suitable policy that meets your circumstances and needs. Once we have carried out research we will provide you with a personalised report detailing the product information. Whilst you consider the report we will remain in touch to answer any questions you may have.
If you are happy to proceed we will then use your data to complete an application form which will then be forwarded to the relevant Insurer. We will then liaise with them on your behalf until the policy has been arranged.
We will then contact you at renewal or when your policy is due to be reviewed so that we can continue to ensure that the policy you have in place remains suitable. Where your circumstances or personal information have changed we will update our records and notify the Insurer to do the same.
We will also use your data to assist you handle any claim you have on your policy or with handling a complaint if you are not happy with the service you have received.
As part of our service we like to keep our customers up to date with new products or offers that are available and maybe of interest. Therefore, we may contact you from time to time through email marketing, phone, text or other types of marketing material. If you wish to opt out of this at any point then please let us know.
The lawful basis on which we use this information
How we use your information (detailed above) we will do so using the lawful basis legitimate interests. We have decided upon this basis as it allows us to meet with the ICO and FCA rules and is the most suitable lawful basis for processing data with a view to arranging a policy.
Who will it be shared with?
As stated above, if you wish to proceed to take out a policy then we will pass your details on to the Insurer the policy will be arranged with. The information we pass on will be detailed within the application we complete on your behalf.
Where required we may forward your details onto regulatory authorities or fraud agencies where we have a legal obligation to do so to comply with our regulatory requirements or where fraud is suspected. We may do this under the lawful basis legal obligation.
If you have been introduced to us via a third party, then we may provide them with updates on the progress of your application, where applicable
What we will do to ensure the security of personal information
We will not share any of the information you provide to third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us regardless of whether the information is in electronic or physical format. We use leading technologies and security measures to safeguard your information and keep strict security standards to prevent any unauthorised access to it.
How long will we retain your data
We will only hold data for no longer than is necessary. Where we have arranged a policy on your behalf we will keep your file including your personal data and any call recording, on record for a minimum of six years, in line with our regulatory obligation with the FCA. Where we need to hold your file for longer than this then we will inform you of this.
What are your rights?
You have the right to:
- Be informed about how we use, share and store your personal information;
- Request access to the personal data we hold on you (also known as a Subject Access Request (SAR)). Where a SAR is requested we will respond promptly and within one month from the date we receive the request;
- Request your personal data is amended if inaccurate or incomplete;
- Request your personal data is erased where there is no compelling reason for its continued processing and we don’t have a legitimate interest to retain it;
- Request that the processing of your data is restricted;
- The right to object to your personal data being processed;
- Rights in relation to automated decision making and
Where the processing of your data is based on your consent, you have the right to withdraw this consent at any time by contacting us by phone or email. We do not use automated decision making or profiling systems.
Where we need your consent we will ask for this separately. We do not use pre-ticked boxes or make assumptions that you have given your consent. Your consent must be freely given by positively opting in or making a clear affirmative action that you are giving your consent. We will do our very best to ensure you know exactly what you are consenting to and remind you that you may withdraw your consent at any time by contacting us by email or phone. Where consent is obtained a record of this will be made confirming what you have consented to, the time and date and how consent was obtained.
Customers: Our customers are important to us however we appreciate that on some occasions you may wish to look elsewhere. If you do, we would like to stay in touch and therefore will ask for your consent in order for us to do so.
Group Leavers: Where an employee leaves a firm who will no longer benefit from a group scheme we may contact them to inform them that there cover will cease and to offer a continuation option. We will do this under the lawful basis of legitimate interest as the employee has a right to be made aware that they will no longer have cover.
Potential Customers: Where you have expressed an interest in a product but have then decided not to proceed we would like to keep in touch therefore will ask for your consent to do so in case a product may be of interest to you at a later date.
Non-Customers: We will only send you information about regulated products or services if we have obtained your consent to do so.
Right to complain
We hope that the service you receive from us is to the high standard you would expect. If at any point you are unhappy with the way we have used your data then please notify: Healthy Horizons by either email, post or phone below. If you remain concerned about the way we collect or use your personal data you can raise your concern with the Information Commissions Office (ICO) on 0303 123 1113. For further details you may visit the ICO website www.ico.org.uk
We will tend to disclose the complainants identity to whoever the complaint is about, however if you wish your identity to remain anonymous, we will try to respect that. We will keep your complaint on record for two years once closed or six years if it also relates to how we arranged a policy and falls under the FCA ruling.
Changes to the information
We regularly review and, where necessary update our Privacy Notice. If we plan to use personal data for a new purpose our Privacy Notice will be updated and you will be notified.
How to contact us
If you wish to contact us about the above or any other matter then please contact us at:
Katherine Kentish Healthy Horizons 15 Malton Close Monkston
Milton Keynes MK10 9HR
Tel: 01908 990307