Advent Insurance Services Limited

Managing our business operations such as maintaining accounting records, analysing financial results, complying with internal audit requirements and receiving professional advice (e.g. tax or legal advice)

We have a genuine business need (to carry out business operations and activities that are necessary for the everyday running of a business)

Monitoring applications, reviewing, assessing, tailoring and improving our products and services and similar products and services offered by Advent

We have a genuine business need (to market our services)

To assist in any claims made under an insurance policy we have placed

It is necessary to enter into/perform our contract

We have a genuine business need (to assist assist customers in any claims they have)

To apply for and claim on our own insurance.

We have a genuine business need (to have our own insurance)

We have your explicit consent

It is necessary to establish, exercise or defend our legal right

ADVENT INSURANCE PRIVACY POLICY

At Advent, we are committed to maintaining the trust and confidence of our clients to ensure your privacy is protected. In the Privacy Policy, we have provided lots of detailed information on when and why we collect your personal information, how we use it and the conditions where we may disclose it to others and how we keep it secure.

Who are we

In this privacy notice references to “we” or “us” or “Advent” are to Advent Insurances Services Limited. The company's registered office is 23 Church Road, Bishops Cleeve, Cheltenham, GL52 8LR. It is registered in England and Wales, company number 3573045 and is authorised and regulated by the Financial Conduct Authority, Firm reference no. 311694.

Advent’s services consist primarily of insurance broking, which enable the consideration of, access to, administration of, and making of claims on the insurance policies sold.

To arrange insurance cover and handle insurance claims, Advent and other participants in the insurance industry are required to use and share Personal Data. We will receive Personal Data relating to potential or actual policyholders, beneficiaries under a policy, their family members, claimants and other parties involved in a claim. Therefore references to “individuals” in this notice include any living person from the preceding list, whose Personal Data Advent receives in connection with the services it provides under its engagements with its clients. This notice sets out Advent’s uses of this Personal Data and the disclosures it makes to other insurance market participants and other third parties.

Our processing of your personal information

The personal information that we collect will depend on our relationship with you. For example, we will collect more detailed information about you if you are a customer than we would if you simply made an enquiry about the services that we offer.

Sometimes we will ask for or obtain special categories of information because it is relevant to your insurance policy or claim or information regarding criminal convictions for the purposes of preventing, detecting and investigating fraud.

If you provide personal information to us about other people you must provide them with a copy of this Privacy Policy and obtain any consent where we indicate that it is required for the processing of that person's information in accordance with this Privacy Policy.

What Personal Information will we collect?

This section will detail what personal information we collect about you and use if you are a prospective customer or customer and have submitted your personal information so that we can provide you with a quote for the placing of an insurance policy or if you are covered under one of our insurance policy we will be placing. These are:

General Information such as name, date of birth, gender, relationship to the customer (where you are not the policyholder), identification information e.g. passport number

Contact details such as address, telephone numbers, email address

Information relating to the services we are looking to provide e.g. we might need information relating to previous insurance policies and claims.

Financial information such as bank details, payment details

Information obtained when we carry out checks of sanctions lists

Information relating to criminal sanctions (including offences and alleged offences and any caution court sentence or criminal conviction). We may receive this information as a result of carrying out checks of sanctions lists

How will we collect your personal information?

We will obtain your personal information directly from you or from someone else on your behalf in a number of ways including where it is submitted in application forms, initial disclosure documents and more generally during any forms of communication such as email and telephone

From other third parties who might introduce customers to us such as another broker and insurers

Via insurance industry fraud prevention and detection databases and sanctions screening tools

What will we use your personal information for?

We may process your information for a number of different purposes. For each purpose we must have a legal ground for such processing and we will rely on the following legal grounds:

We need to use your personal information to enter into or perform our contract with you, for example, in order to fulfil our obligations under our contract and place appropriate insurance cover, we need to use your personal information to provide you with a quote and determine market placement.

We have a genuine business need to use your personal information such as maintaining our business records and keeping records of insurance policies we place and analysing and improving our business model and services. When using your personal information for these purposes, we have considered your rights and ensured that our business need does not cause you harm.

We have a legal or regulatory obligation to use your personal information. For example, our regulators impose certain record-keeping rules which we must adhere to.

When the information that we process is classed as a special category of information, we must have one of the following additional legal grounds for such processing:

It is necessary for an insurance purpose and it is in the substantial public interest. This will apply where we are advising or arranging an insurance policy, assisting with any claims under a policy, and undertaking any activities to prevent and detect fraud.

Where the use of your special categories of information is necessary to establish, exercise or defend our legal rights, for example legal proceedings are being brought against us or we want to bring a legal claim ourselves.

Purpose for processing	Legal grounds for using your personal information	Legal grounds for using your special categories of information
To evaluate your insurance needs and risk appetite and obtain quotes for you	It is necessary to enter into/perform our contract We have a genuine business need (to determine market placement and place insurance cover for you that is in line with your insurance needs)	It is necessary for an insurance purpose
To set you up as a customer including carrying out fraud, credit and anti-money laundering checks	It is necessary to enter into/perform our contract We have a genuine business need (to carry out appropriate credit checks and fraud checks) We have a legal or regulatory obligation	The prevention and detection of fraud is in the substantial public interest It is necessary for an insurance purpose It is necessary to establish, exercise or defend our legal rights
Communicating with you and responding to any enquiries you have	It is necessary to enter into/perform our contract We have a genuine business need (to respond to our prospective customers and keep them updated on any future placing of insurance cover)	It is necessary for an insurance purpose It is necessary to establish, exercise or defend our legal rights
Complying with our legal or regulatory obligations (such as our requirements to report to the FCA)	We have a legal or regulatory obligation	It is necessary to establish, exercise or defend our legal rights It is necessary for an insurance purpose
Providing improved quality, training and security (for example, with respect to recorded or monitored phone calls to our contact numbers)	We have a genuine business need (to continually improve our services)	It is necessary for an insurance purpose

Who will we share your personal information with?

From time to time, we may share your personal information with the following third parties for the purposes set out above:

our insurance partners such as other insurance intermediaries, insurers, reinsurers or other companies who act as insurance distributors, for example claims handling agents

other brokers who act directly for you and who have approached us to facilitate the placement of an insurance policy for you

other third parties who assist in the administration of insurance policies such as accountants, auditors, lawyers and other experts

fraud detection agencies and other third parties who operate and maintain fraud detection registers

our regulators

the police and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime

other insurers who provide our own insurance

industry bodies

our third party services providers such as IT suppliers, finance and payment providers, actuaries, auditors, lawyers, marketing agencies, document management providers, tax advisers and insurance software providers

selected third parties in connection with the sale, transfer or disposal of our business

If you would like further information regarding the disclosures of your personal information, please see the "Contacting us" section below for our contact details.

How long do we keep personal information for?

We will only store your personal information for as long as reasonably necessary to fulfil the purposes set out in this Privacy Policy and to comply with our regulatory and/ or legal obligations.

We have a detailed retention policy in place which governs how long we will hold different types of information for. The exact time period will depend on the purpose for which we collected that information, for example:

Purpose	Retention period
Providing a quote	*12 months from date of collection*
Providing or administering an insurance policy	*7 years*
Handling a claim	*7 years from first date of claim notification*
Dealing with a complaint	*7 years from first date of complaint notification*

For further information regarding how long your personal information will be kept, please contact us using the details in the "Contacting us" section below.

Your Rights

Under data protection law you have the right to make certain requests in relation to the personal information that we hold about you. We will not usually make a charge for dealing with these requests. If you wish to exercise these rights at any time please contact us using the details set out in the "Contacting us" section.

There may be cases where we may not be able to comply with your request (such as where this would conflict with our obligation to comply with other regulatory and/ or legal requirements). However, if we can't comply with your request, we will tell you the reason, and we will always respond to any request you make.

There may also be circumstances where exercising some of these rights (such as the right to erasure, the right to restriction of processing and the right to withdraw consent) will mean your insurance can no longer be provided and it may therefore result in cancellation of your policy. You will therefore lose the right to bring any claim or receive any benefit, including in relation to any event that occurred before you exercised your right of erasure, if our ability to handle the claim has been prejudiced. Your policy terms and conditions set out what will happen in the event your policy is cancelled.

Your rights include:

The right to access your personal information

You are entitled to a copy of the personal information we hold about you and certain details of how we use it.

We will usually provide you with your information in writing, unless you request otherwise, or where you have made the request using electronic means, in which case the information will, where possible be provided to you by electronic means

The right to rectification

We take reasonable steps to ensure that information we hold about you is accurate and complete. However, you can ask us to amend or update it if you do not believe this is the case.

The right to erasure

You have the right to ask us to erase your personal information in certain circumstances, for example where you withdraw your consent or where the personal information we collected is no longer necessary for the original purpose. This will need to be balanced against other factors however. For example, we may have regulatory and/ or legal obligations which mean we cannot comply with your request.

The right to restriction of processing

In certain circumstances, you are entitled to ask us to stop using your personal information, for example where you think that we no longer need to use your personal information or where you think that the personal information we hold about you may be inaccurate.

The right to data portability

You have the right, under certain circumstances, to ask that we transfer personal information that you have provided to us to another third party of your choice.

The right to withdraw consent

We will ask for your consent for certain uses of your personal information. Where we do this, you have the right to withdraw your consent to further use of your personal information

The right to lodge a complaint with the ICO

You have a right to complain to the Information Commissioner's Office if you believe that any use of your personal information by us is in breach of applicable data protection laws and/ or regulations. More information can be found on the Information Commissioner’s Office website: https://ico.org.uk/ .This will not affect any other legal rights or remedies that you have.

How we protect your information

To protect your information we use a range of organisational and technical security measures.

Where we have given you (or you have chosen) a password, you are responsible for keeping this password confidential. Please do not share your password with anyone.

Within Advent, we restrict access to your information as appropriate to those who need to know that information for the purposes set out above.

We use firewalls to block unauthorised traffic to the servers and the actual servers are located in a secure location which can only be accessed by authorised personnel. Our internal procedures cover the storage, access and disclosure of your information.

Contacting us

You may contact our data protection officer if you have any questions about how we collect, store or use your personal information:

The Data Protection Officer

Advent Insurance Services

23 Church Road

Bishops Cleeve

Cheltenham

GL52 8LR

Updates to this Privacy Policy

We may need to make changes to this Privacy Policy periodically, for example, as the result of government regulation, new technologies, or other developments in data protection laws or privacy generally. You will be provided with a copy of the most up-to-date Privacy Policy and you can also view it by checking our website

This Privacy Policy was last updated on: 25^th May 2018