We are committed to protecting the privacy of all information including “Personal Data” that we collect and process in the course of our business as loss adjusters and claims managers.
“Personal Data” is any details or information which identifies you or other private individuals. The handling of it is covered by the Data Protection law.
A “Data Controller” is the organisation that alone or jointly with others determines the purposes, conditions and means of processing your personal data. Unless otherwise advised, Woodgate and Clark will be a processor of your data.
Why we need your personal data
We have been appointed by our instructing principals (Data Controller) to deal with your claim. To do that, we will need to process your information. The information will consist of the personal data given to us by our instructing principals upon our appointment and during the handling of your claim by us. It will also include any personal data collected by us from you or other parties during the claims process. We will only collect this information in accordance with the Data Protection principles as detailed above.
We will only process personal data that is necessary for the handling of your claim, examples of which may include but not necessarily be restricted to:
- Your name and address, place and date of birth, National Insurance number, passport number, driving licence number, contact details such as e-mail and telephone number/s, your gender, marital status, family status, photographs, video and other images, professional licenses and affiliations, professional and financial information and history.
- Information to investigate crime, including fraud and money laundering: For example, insurers commonly share information about their previous dealings with policyholders and claimants for this purpose.
Purpose and Legal Basis of processing
We use your Personal Data to:
- Communicate with you and other interested parties to manage your claim.
- Make decisions about claim assessment, processing and settlement.
- Provide improved quality, training and security
- Prevent, detect and investigate crime, including fraud and money laundering.
- Resolve complaints, and handle requests for data access or correction.
As such your Personal Data will
- only be collected where we have lawful grounds and legitimate business reasons to do so.
- be dealt with in a transparent and legitimate manner.
- only be obtained and processed for the purposes of handling of your claim and will not be used for any purpose other than for the handling of your claim.
- be corrected/updated if you inform us that your details have changed or that they are incorrect.
- be retained within appropriate physical and technological security measures.
- be securely deleted of at the end of the appropriate retention period defined by your Insurer and in compliance with privacy legislation. Specific details for any particular claim can be provided on request.
- only be provided to others for the purpose of processing your claim and we will ensure that when we do this the recipient has appropriate security measures in place
On all claims, your information will be provided to the Insurer who holds the relevant policy.
We do however value your feedback and provide this to your insurers (if applicable) in order that we can gauge, measure and improve our service. We will specifically seek your consent should we invite you to take part in any such survey.
In any event please feel free at any time to provide us with your feedback, good or bad.
Sharing of Personal Data
As part of our claims handling your Personal Data may be shared with others, where necessary to deal with the claim or as required by law including:
- Our group companies.
- Our instructing principals’ service providers.
- Our service providers.
- Any regulatory party to comply with legal duties and requirements.
- Other parties such the emergency services, our bank where we operate fund payment arrangements on behalf of our instructing principals’, any fraud prevention database supported by and or regulated by insurers or the FCA. For example the Personal Data may be put on registers of claims and shared with other insurers.
Where we provide Personal Data to a service provider, the service provider will be required to use appropriate technical and operational measures to protect the confidentiality and security of your Personal Data in accordance with all applicable data protection laws and regulations.
We may need to transfer, store or process your data on systems outside the EEA. However, we will ensure that any such activity is subject to equivalent levels of security and data protection measures necessary to comply with Data Protection law.
We will not use your data for any marketing purposes whatsoever and it will not be used, sold, shared or distributed to any third party for marketing or any other commercial purpose/s.
Protecting your data
To protect your data we take all appropriate, reasonable, proportionate, technical and legal measures. If you believe that your communications with us or the data that we have retained is no longer secure you should contact us immediately. See contact details below.
All possible reasonable steps are taken to ensure that your Personal Data is accurate and complete as is necessary for the performance of our services. Should you consider the data we hold is either inaccurate or no longer correct you have the legal right to have it corrected. See contact details below.
Under Data Protection law, you have various rights in relation to your own data (i.e. where you are the ‘data subject’), which are summarised below:
- Right to be informed – Individuals should be entitled to a minimum set of information concerning the purposes for which their personal data will be processed.
- Right to gain access to their information – Individuals can request access to their personal data and GDPR puts obligations on controllers to comply with such requests, where applicable, and to supply this data free of charge if the request is reasonable. This must be carried out within one month of receiving the request.
- Right to rectification – Individuals can request a controller rectify any errors in their personal data where applicable, and this must be carried out within one month of receiving the request.
- Right to erasure – Individuals can request the deletion or removal of personal data where there is no compelling reason for its continued processing.
- Right to restrict processing – Individuals have the right to request the restriction or suppression of their personal data. This is not an absolute right and only applies in certain circumstances.
- Right to data portability – Individuals can obtain and reuse their personal data for their own purposes across different services.
- Right to object – Individuals can object to processing of personal data in some circumstances however, may not agree where we have strong and legitimate reasons to continue that override this right or the processing is necessary for the establishment, exercise or defence of legal claims.
- to not be subject to a decision based on automated processing or profiling – individuals have the right not to be subject to a decision when it is made solely on the basis of automated processing of their personal data. You must ensure that individuals are able to obtain human intervention, express their point of view; and obtain an explanation of the decision and challenge it.
Please note that there will be situations where exceptions apply under Data Protection law that we may rely on. We will tell you if we are unable to comply with your request, or how your request might impact you, when you contact us.
To exercise these rights, please see contact details below.
If you would like to discuss any aspect of this Privacy Notice or anything else about the personal data we collect on you, please contact us using the details below.
Specific queries in relation to exercising your Rights should be directed to:
The Data Protection Team, The Red House, King Street, West Malling, Kent, ME19 6QT
If you have any concerns or complaints in relation to the processing of your data, we ask that you contact us first to give us the chance to understand the issue and see how we can address it.
In any event, you have the right to lodge a complaint with your Insurer (if applicable) or the supervisory authority, the Information Commissioners Office. To report a concern to the ICO:
- Telephone helpline 0303 123 1113
- Textphone service 01625 545860