Kew Insurance Services
'Stay Secure' with 'Simply Secure'

Privacy Notice

Who We are and Our 'Privacy Notice'
Kew Insurance Services Ltd. is an Insurance Broker operating in the sector of Household Insurance. The General Data Protection Regulation now entails greater legal obligations in regard to the obtaining, processing and sharing of personal data. The purpose of General Data Protection Regulation is to protect the data and rights of individuals and, together with a new Data Protection Act, supersedes the Data Protection Act 1998. Kew Insurance Services Ltd. is registered with the Information Commissioner's Office as an organisation that processes personal data.

In this Privacy Notice 'We' and 'Kew' refer to Kew Insurance Services Ltd; ‘your Information’ refers to any information about you which you (or a third party provider) have provided to us. 'GDPR' refers to the General Data Protection Regulation. We are providing this Privacy Notice so that you may be informed as to how we collect, employ and protect your information when you use our products and services. The purpose of this Privacy Policy is to safeguard your information and to maintain trust between yourself and Kew.  

This Privacy Notice explains how Kew safeguards your personal data when we provide our services and products. Within this Privacy Notice, we wish to provide clear and transparent information to you about how we collect your data, how we process your personal data, and the lawful basis for the processing of your data. Recognition of your control over your own personal data is one of the prime objectives of the GDPR. In accordance with the GDPR, we aim to ensure that your data will be protected and treated as confidential, at all times. To achieve this, GDPR establishes a set of well-defined rights and processes. As the Controller of data, in compliance with GDPR, Kew upholds this set of rights and aims to enable each individual to execute their rights.

This Privacy Notice, in conjunction with the terms and conditions of our website, constitutes the basis on which your personal data is held and processed. We will need to request specific personal information, in order for you to take up Kew's products and services. The information you provide will be used for the sole purpose of delivering the service which you have requested. We strive to ensure that our Customers' personal data is accurate and up-to-date, and that any inaccurate information is corrected or deleted immediately. We do not offer your information to any third party outside the scope of your insurance quotation and contract.

In our role of Controller, we need to acquire and employ specific information about policyholders and prospective policyholders in order that we can provide, administer and process the relevant insurance policy. The individuals whose information we receive are the Data Subjects and normally comprise existing and/or potential policyholders, as well as our stakeholders, employees, suppliers and other individuals with whom Kew conducts business. Kew undertakes to deal with all personal information in full compliance with GDPR in regard to the collection, use and recording of information, on paper, electronically, or by any other means. We consider that the appropriate treatment of your personal information by Kew is essential for the objectives of our business operation. We understand that respecting your personal information is crucial to maintaining trust between you and Kew. This Privacy Notice outlines how we respect, safeguard and employ your personal data.

Our Privacy Notice
Our Privacy Notice sets out how we comply with the rules on Data Protection and the legal conditions pertinent to the obtaining, handling, processing, storage, transportation and destruction of personal information. It is the responsibility of the Data Controller and any Data Processor(s) engaged by the Data Controller to comply with this Privacy Notice, as well as with all relevant Data Protection laws. Any Data Protection breach will be taken seriously and the General Data Protection Regulation procedures will be followed in dealing with the breach. 

 Definition of Data Protection Terms
·       'Data' means information which is stored electronically, on a computer, any other electronic device or in paper-based filing systems
·       'Data Controller' means the entity which is in control of the personal  data
·       'Data Subjects' refers to all living individuals about whom Kew holds personal data. Data Subjects have legal rights in relation to their personal data
·       'Data Users' mean Kew's administrators who process personal data (not Kew's Data Processors)
·       'Data Processors' include any entity which processes personal data on behalf of Kew
·       ‘Data Protection Processing’ refers to any activity which involves the use of personal data and includes obtaining, recording or holding the data, or carrying out any operation or set of          operations on the data, including organising, amending, retrieving, using, disclosing, erasing or destroying the data, including transferring personal data to third parties
·       'Personal Data' means data relating to a living individual who can be identified from the data in Kew’s possession

Kew's Data Processors are required to treat Data securely and confidentially, according to the Data Protection Principles within this Privacy Notice:
·       To process Data fairly and lawfully, in accordance with the principles of GDPR
·       To process Data for one (or more) specified purposes, and shall not process data in a way that is incompatible with that legal purpose(s)
·       To handle Data appropriately and not use it excessively for the purpose for which it is being processed
·       To ensure that the Data is up-to-date and accurate
·       To ensure that Data shall not be retained for a longer duration than is necessary for the specified purpose(s)
·       To ensure that Data shall be processed in line with the rights of the data subjects
·       To subject data processing to organisational measures which prevent the unauthorised processing/accidental loss/destruction/damage to any personal data

Data Manager
Kew's Data Manager is responsible for overseeing your Household Insurance Policy on a regular basis, so that your individual rights to your data are fully respected, and that any amendment to or deletion to your policy/ies will comply fully with GDPR, and that your personal data is retained for the appropriate period. In addition, Kew's Data Manager will aim to ensure that all Data Processors are conversant with Kew's Data Protection Policy, and that they will seek guidance from the Data Manager, where appropriate. The objective of our Data Manager is to ensure that our organisation treats your personal information accurately and in full compliance with the principles of GDPR.

Personal Data we will need to collect to process your Application:
Your Contact Details:

·       Name, address, home/mobile telephone number
·       Nature of your business, business telephone number

Your Identification Details:
·       Your date of birth, your signature,  your residency, income and financial details, policy details, marital status, employment status, income and financial details, bank/building society            details, marital status, occupation status, details of your criminal convictions or bankruptcy
·       Any other data which is relevant to your application for insurance/the maintenance of your insurance policy

 How We Safeguard your Personal Data:
The Data Manager oversees the personal information held about you for the purposes of providing your household insurance policy. When we process your personal information, we do so in compliance with the terms of the General Data Protection Regulation.  We maintain security standards and procedures in order to help prevent unauthorised access to your data. All our employees, stakeholders, partners and any third parties are required to operate in accordance with our Privacy Notice and to maintain our privacy standards. Any monitoring of your calls, e-mails, text messages, etc. may take place in accordance with UK law, for relevant business purposes, e.g. the processing and administration of your policy, quality control and training of Kew's team and Data Processors. Any such monitoring aims to prevent the unauthorised use of our telecommunication systems and web site to meet any legal and professional obligations (e.g.to detect and prevent crime) and for the legitimate purposes of the Data Controller.

 How we may use your Personal Data:
·       to facilitate our quotation service so that we may provide you with one (or more) quotations on behalf of one (or more) insurers
·       so that we may consider your application for, and to facilitate your purchase of our household insurance policy
·       to facilitate premium collections and underwriting, in relation to claims and other insurance purposes.
·       to manage accurate records of policies in order to maintain our relationship with you
·       to provide you  with additional services, e.g. managing your household insurance policy
·       to provide you with help regarding your enquiries
·       to facilitate the renewal of your policy or the purchase of a replacement policy
·       to update records we hold on your behalf
·       to assess insurance and financial risk, including money-laundering, via credit searches
·       to enable us to conduct analysis of our service/products and to evaluate/enhance the quality of our customer service
·       to enhance the quality of our Website and systems

 How we share your Personal Data with Third Parties:
The nature of our service means that from time to time we may need to share your personal information with third parties, in order to process your insurance policy/policies. We will obtain their agreement to collect and process your personal data in accordance with the principles of this Privacy Notice so that the privacy of your personal data is safeguarded and the data is used only for legitimate purpose(s). Examples of third parties we may need to contact may include: Insurers who provide and administer the insurance policies you purchase through us and any third party insurance administrators who may provide services to you under the terms of such policies; other third parties we may engage from time to time to provide services to us; professional consultants, e.g. our accountant; the Police or other law enforcement agencies; debt collection agencies; any regulatory bodies, with codes of practice to which we are subject and which require access to your information, and credit reference agencies, when we carry out a credit check search on you before providing our services. We (and other organisations) may use these records to make decisions about your creditworthiness (including others in your household). 

 How we use your Personal Data to prevent Fraud:
To help us to prevent fraud, we require that you provide complete and accurate information to questions we ask you, informing us of any incident, which may/may not have resulted in a claim (e.g. a claim which has been repudiated). Under the conditions of your policy, you must tell us about any insurance-related incident(s), whether or not you have made a claim. When you tell us about an incident we will pass information relating to it to a relevant database. In the event of any incident or claim, we may search these databases when you apply for insurance, or at a time of renewal, to authenticate your claims history and/or that of any other person or property likely to be involved in the policy or claim.  If false or inaccurate information is provided and fraud is identified, details will be passed to fraud prevention agencies, e.g. Insurance Initiative Ltd.

Law enforcement agencies may access and use this information. We may also share information about you with other organisations and public bodies, including the police and we may check and/or file your details with fraud prevention agencies and databases. We (and other organisations) may also access and use this information to prevent fraud and money laundering, e.g. when checking details on applications for credit and credit related or other facilities. We may also access and use this information in order to recover debt, to verify details on proposals and claims for all types of insurance, as well as to verify details of job applicants and employees. We may also access and use the information recorded by fraud prevention agencies from other countries. We may also check the details of other parties related to your contract, including verification of identity. This includes beneficiaries, trustees, settlors, third party premium payers, executors or administrators of your estate and parties with power of attorney.

How we use Information you give to us via our Website:
We may need to contact you for further information regarding your use of our website, in the following circumstances:
·       if we need to respond when you enquire or provide feedback about our products and services
·        to enhance our service or products to suit your needs
·        to notify you about changes to our service or products

Your Individual Rights & Freedoms:
Kew Insurance commits to your Individual Rights & Freedoms within the General Data Protection Regulation, including your right to request access, data portability, restriction, rectification or erasure of your personal data.
·       You have the right to be informed: we will provide you with concise, transparent  information about our data processing activities
·       You have the right of access: you have the right to access your personal data and supplementary information
·       You have the right of rectification: you have the right to request that your data is rectified if your data is inaccurate or incomplete
·       You have the right to erasure/be forgotten: you have right to request that your data be deleted/removed if your data is no longer necessary in relation to the purpose for which it was            collected/processed; it you withdraw your consent and there is no over-riding legitimate interest to continue processing or your personal data was unlawfully processed
·       You have the right to restrict processing: you have the right to restrict the processing of your personal data
·       You have the right to data portability: you have the right to require us to move, copy or transfer your personal data from one IT environment to another in a secure way and in a                      structured, commonly used, machine-readable form, so that there is no hindrance to usability
·       You have the right to object to processing : you can object to processing based on legitimate interests, including objecting to Direct Marketing
·       You have rights in regard to Automated Decisions: you can ask that we do not make our decision based on an automated/profiling systems (i.e. without human intervention)

Processing Confidential Personal Information:
In order for us to respond to your request for certain services, e.g. quotations, the maintenance of cover, and the processing of mid-term adjustments, we may need, from time to time, to ask you to provide us with specific information, and such information might include details of bankruptcy and criminal convictions about you and/or others, who may be party to the insurance policy purchased through Kew Insurance Services Ltd.

We will process any confidential information you provide to us in accordance with this Privacy Notice and we will not use any personal information about you and/or others, except for the specific purposes for which you provide it and in order to provide the services described in your insurance policy. By contacting us over the telephone to request the provision of services in relation to a quotation or insurance policy, we will consider that you have consented to our collecting and processing of any personal information about you and/or relevant others which you may be required to provide (as outlined above). All personal information about you will be treated as private and confidential (even when you are no longer a customer), except in the case that you request that a disclosure is made, and except where law requires us to do so. Some, or all, of the information you supply to us in connection with your insurance proposal, may be passed to insurance and other companies for underwriting, claims and premium collection purposes. You have a right of access to see personal information about you which is held in our records, whether electronically or manually.

By providing us with your information, you are consenting to the collection and use of that information as set out in this Privacy Notice. If we need to change the Privacy Notice, we will inform you of such changes, so that you are made aware of how we collect and use the information at all times. You have the right to ask for a copy of the information we hold about you and to correct any inaccuracies/omissions in your information. Kew considers your privacy and the confidentiality of your personal data to be of the utmost importance. 

Fair and Lawful Processing:
·       Processing personal data - our data users will aim to process your data fairly, taking account of your individual rights and freedoms. When the data is collected, at quotation, we will              inform you of the status of the legal entity who is holding the data, the purpose for which the data is to be processed and the identity of any third party to whom the data may be                      transferred.
·       The lawful processing of your data - at the point of data collection, there is a contractual requirement for us to collect your personal data in order to process and administer your                      household insurance policy
·       Processing for limited Purposes - your personal data will only be processed for the purposes of which you are aware or for a legally permitted purpose and your personal data will not          be collected for one purpose and then used for another. If the purpose for which the data is being processed needs to be changed (unless it is a legally permitted purpose) you will be            informed of the new purpose before any processing occurs.

 Legitimate interests
We and our partners (including insurers, regulators, scheme providers, housing developers and companies identified as providing products or services which may be of interest to you) may process your personal data for certain specific purposes to which we have given careful consideration. We process this information as we believe that it is in our legitimate interest to do so - in order that we may enhance our services to benefit you. We aim to ensure that there is a balance of interests between us and you so that your rights or freedoms are not subject to infringement by our legitimate interests. To evaluate the application of the principle of legitimate interest, we may undertake a 'Legitimate Interests Assessment' (LIA) which is a 3-tier process which involves: (i) an assessment of whether a legitimate interest exists (ii) establishes the necessity for processing and (iii) conducts a 'balancing review' in which we aim to balance our legitimate interests with your rights and freedoms. Under (iii), we will assess the nature of the interests, which may include your reasonable expectations (e.g. would it be reasonable for you to expect specific marketing material?) and the impact that processing may have on you. We may process personal information for certain legitimate purposes which may include certain purposes, such as the following:
·       Where the processing allows us to enhance, modify and improve our services/products/ communication to benefit our customers
·       Send marketing information to our customers  e.g. marketing flyers outlining the benefits of Kew's V.I.P. club
·       Flyers, e-mails and/or texts which may help to prevent home-related incidents and/or claims
·       Flyers, e-mails and/or texts re adverse weather conditions to prevent home-related incidents
·       To contact you with details of other products (e.g. offers and competitions) from time to time
·       Determine the effectiveness of marketing/promotional activities.
·       Develop, evaluate and manage our products, services and customer care
·       To see how our customers use our products and services
·       To learn and assess how our customers interact with our website
·       To manage risk for us and our customers
·       To identify and Prevent Fraud
·       To enhance the security of our Network and Information Systems

You have the right to object to us processing your personal data where we are doing so based on our legitimate interest (for the purposes outlined in this Privacy Notice) unless we can demonstrate that we have conformed to the 'balancing review' and that our processing actions would be in line with your reasonable expectations. Please note that by exercising your right to object to us processing your personal data for direct marketing purposes it may be that Kew will no longer be able to continue to provide products or services or administer its contract with you. We will always endeavour to act reasonably and will strive to give full and proper consideration to your interests in carrying out our assessment of legitimate interests.

How long do we keep your Information?
We will retain your personal information in accordance with our internal retention policies. We will determine the length of time we will need to keep your information based on the minimum retention periods required by law or regulation. We will only keep your personal information after this period if there is a legitimate business reason and for no longer than is necessary for the specific purpose/purposes in order to manage, maintain and administer your household insurance policy. Kew shall aim to securely delete any information from our systems which is no longer needed for that specific purpose and we shall update, archive or securely delete information which becomes out of date.

Data Security:
·       We shall take appropriate security measures against the unauthorised processing of personal data, and against the accidental loss of, or damage to, personal data. Robust procedures          are in place to maintain the security of all personal data from the point of collection to the point of destruction
·       Personal data may only be transferred to a third-party Data Processor if Kew has a contract in place with the third party which obliges them to meet the requirements set out in this                  Privacy Notice.

Summary of our commitment to Data Protection:
We confirm that via appropriate management and robust controls, Kew:
·       will adhere carefully to conditions regarding the fair collection and use of information
·       will meet its legal obligations to specify the purposes for which information is used
·       will collect and process only the information which is relevant to meeting our specific operational needs or to comply with any legal requirements
·       will maintain and oversee the quality of information used
·       will ensure that information is not retained for any longer than the timeframe which is necessary
·       will ensure that the rights of people whose information we retain can be wholly exercised, at all times, in accordance with General Data Protection Regulation. This will encompass the            right to be informed that processing is being undertaken, the right to access one’s personal information, the right to prevent processing in certain circumstances, and the right to amend            or erase information which is deemed to be erroneous
·       will take appropriate technical and organisational security measures to safeguard every element of all personal information

 Dealing with Subject Access Requests:
If you require any information about your personal data, it will be necessary to make this request verbally or in writing. Any member of our company who receives a request for personal data will forward it promptly to the Data Manager. This will normally be free of charge, except in exceptional circumstances.

Google Analytics:
We may use google analytics (a web analytics services provided by Google). Google analytics uses cookies, which may be test files placed on your computer, to assist us in analysing information regarding trends and patterns of visitors who are using our website. Our website may, from time to time, contain links to and from other websites. If you do follow/click a link to another website, it is important to note that this Privacy Notice does not cover these sites as they will hold their own Privacy Notices. We do not accept any responsibility or liability for these other sites. 

Site Mapping:
Site Improve Analytics may be used to distinguish the category of user and the page order visited. The information is anonymous and is used to enhance our site.

Cookies:
Cookies collect anonymous information about how visitors use our website, which we will then use to make continuous improvements and enhancements to our site. Some of the standard information collected includes the number of visitors, where the visitors have come from and a breakdown of the pages visited. You are within your right to refuse (disable) cookies or tell your browser to let you know each time our website tries to set a cookie (enabling each time). Refusing cookies may mean that some/or all of our website may not work as effectively or at all. For more information, visit allaboutcookies.org.

 Further Information:
If you require any further information in regard to the contents of this Privacy Notice and/or your personal data, please contact us on 0208 332 6535 or email admin@simplysecure.co.uk or write to us: Data Manager, Kew Insurance Services Ltd., 24 Ormond Road, Richmond, Surrey, TW10 6TH

 The Controller of your Personal Data - Kew Insurance Services Ltd.

 Our Website - Our Website is hosted by SQUARESPACE and managed internally.

 

 

PNWB0518V13