Our Privacy Notice The Thomas Gray Partnership Ltd
This Privacy Notice explains how we use any personal information we collect about you
Lawful Basis for collecting and processing information about you
We collect & process information about you in order to fulfil our contractual obligations in providing you with an insurance policy or to obtain a quotation on your behalf before taking out a policy. We will only use and disclose the information we have about you in the normal course of arranging and administrating your insurance.
Health, financial and criminal records data is collected under the lawful basis of public interest, where these would affect the provision of cover and/or performance of insurance contracts.
We sometimes use our Legitimate Interest as the basis for collecting and processing information about you but this would only be to offer you additional covers to compliment the renewal of your existing policy.
We will also use your personal information to meet any legal or regulatory requirements, for example to meet compliance requirements by our regulator, to comply with law enforcement & to manage legal claims.
Categories of Personal Data (information about you)
All personal information including special categories of data such as information about offences or medical conditions will be treated as private and confidential, including if you were no longer a customer.
Recipients of information about you
We share information with insurers and other providers of insurance policies in the normal course of placing your insurance or obtaining quotations on your behalf. We will not disclose any information to any other parties without your consent, except where required by law.
Insurers and their agents share information to prevent fraud and provide the police with information to assist in identifying uninsured drivers. The systems used include the Claims and Underwriting Exchange Register operated by Database Services Limited, to check information provided and prevent fraudulent claims, and the Motor Insurers’ Database (MID) which helps police check who is insured to drive a vehicle. The MID may also be used by insurers in the event of an accident in order to identify relevant policy information. We also use the services of Sanctionsearch.com to fulfil our obligation to demonstrate to the Financial Conduct Authority & HM Treasury that our clients are not on the Financial Sanctions List. Other databases may also be added to these in the future.
We, and other firms involved in arranging your insurance may use public and personal data from a variety of sources including credit referencing agencies and other organisations. The information is used to help tailor a price, ascertain the most appropriate payment options for you and to help prevent fraud. Any credit reference search will appear on your credit report whether or not your application proceeds. If you have any questions about this or any other matter, please do not hesitate to contact us.
Transfer of information about you
We use secure and encrypted systems to transfer and store your data in the United Kingdom. Insurers and others may transfer your data to any country, including countries outside the European Economic Area for offering renewal, research and statistical purposes, crime and for systems administration including back-up and disaster recovery. Where this happens, we will ensure that anyone to whom we pass your information agrees to treat your information with the same level of protection as if we were dealing with it.
Retention of your Data
We retain your data during the lifetime of the policy and for up to 6 years following cancellation. In some instances we retain data for longer periods in order that we can meet our obligations in assisting you with any claims or potential claims.
You are obliged to provide the personal data requested as failure to do so means we will be unable to provide you with a quotation or policy.
Under the General Data Protection Regulation (GDPR) and The Data Protection Act 2018 (DPA 18) you have a number of rights with regard to your personal data. You have the right to request from us access to your personal data free of charge. You also have the right to rectification or erasure of your personal data, the right to restrict processing, object to processing as well as in certain circumstances the right to data portability. If you have any queries in this connection you should contact Paul Thomas, The Data Controller The Thomas Gray Partnership Ltd, 4A Mansion House Street, Newbury, Berkshire, RG14 5ES.
You have the right to lodge a complaint to the Information Commissioners’ Office (ICO) if you believe that we have not complied with the requirements of the GDPR or DPA 18 regarding your personal data. If you think there is a problem with the way we handle your data you can contact the ICO direct either by going to their website https://ico.org.uk/concerns/ or calling their helpline 0303 123 1113.