UMe Business Contact Privacy Notice

Introduction

This Privacy Notice is for individuals connected with, or employed by, cedants, insurance intermediaries and consultants, and other professional third parties, such as retrocessionnaires and service providers, with whom UMe has a business relationship. All references in this Privacy Notice to “Business Contacts”, “you”, “your” and like terms should be interpreted accordingly.

Underwrite Me (“UMe”) is comprised of multiple business units and operates through various legal entities, including their respective branches and representative offices, under the common control of Pacific Mutual Holding Company. All references in this Privacy Policy to “UMe”, “we”, “us”, “our” and like terms should be interpreted accordingly.

This privacy notice describes how we, as a “Data Controller”, collect and use personal information about you during and after your relationship with us, in accordance with applicable data protection legislation. This Privacy Notice was developed to guide the activities of UMe UK. It applies to the processing of personal data of our UK and EU Business Contacts.

This privacy notice is not intended for individuals who have policies that are reinsured with us, or individuals who seek to be, are, or were employed by UMe, please see the privacy notices for you found here.

What personal information do we collect?

We may collect, store, and use the following categories of personal information about you:

  • Contact details such as name, title, addresses, telephone numbers and email addresses;
  • Identification details such as signatures and job titles in order to confirm your identity;
  • CCTV footage if you visit us at our offices, and
  • Other personal information incidental to our business relationship

Where permitted in accordance with local law, we may also in some circumstances record video/audio call conversations with you.

How is your personal information collected?

We typically collect personal information about our Business Contacts directly from the individual via our website page to register for our Protection Platform, from their employers or from other Business Contacts with whom we share a relationship. For example, our service providers will share with us the contact details for their advisers and service providers. We will collect additional personal information in the course of our relationship as a necessary consequence of the services being provided.

How do we use your personal information?

We will only use your personal information when the law allows us to; this is known as a “legal basis” for processing.

We may use your personal information to:

  • Communicate with you in relation to, or to facilitate the provision of, our services;
  • Communicate with you to provide you with information about UMe and relevant events or research organised or produced by us, unless you have indicated to us that you do not wish to receive such information;
  • Process identification details of certain Business Contacts in order to confirm their identities, in order to comply with our legal obligations;
  • Check identification details of Business Contacts against databases of individuals who are subject to sanctions, classified as “politically exposed persons”, or have committed crimes and to follow up any suspicions, in order to ensure that we comply with our anti-money laundering and terrorism obligations and to avoid fraud itself; and
  • Meet our other compliance and regulatory duties, for example to retain certain records.

There may be overlap in the circumstances in which we use the same information about you.

We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose.

We may process your personal information without your knowledge or consent, where this is required or permitted by law or regulation.

When do we disclose your personal information?

We may need to share your personal data with third parties, including other Business Contacts, other entities within the Pacific Life group and our professional advisors. Where we share your personal data with another party performing services for us, we require those third parties to respect the security of your personal data and to treat it in accordance with the law.

We may share your contact details with our preferred partners for relevant event invitations such as insurance industry conferences or share information about your use of our site with our social media, advertising and analytics partners who may combine it with other information that you’ve provided to them or that they collected from your use on their service. You may at any time inform us that you no longer wish to receive future invitations or marketing from us.

We may also need to share your personal information with a regulator or to otherwise comply with the law.

How is your personal information protected?

We have in place physical, electronic, and procedural safeguards to protect personal information that we hold against unauthorised disclosure or unlawful processing. Safeguards include only holding personal information on secure servers, and the use of encryption, firewalls and access controls.

How long is your personal information retained?

We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal or regulatory requirements.

You will appreciate that as a regulated business, we are subject to record retention obligations on us. We retain your personal data in order to comply with these obligations.

Your rights in connection with personal information

Under certain circumstances, by law you have the right to:

  • Request access to your personal information. This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to stop processing personal information where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground.
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
  • Request the transfer of your personal information to another party.

You can exercise these rights by contacting the UMe Data Protection Officer, or your usual UMe relationship contact.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights).

Please note – In the current circumstances we may take longer than usual to comply with access and erasure requests as our offices are currently closed. We will inform you if the request will take longer than the permitted 30 days and provide an estimated date for completion.

Right to withdraw consent

In the limited circumstances where you may have provided your consent to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. To withdraw your consent, please contact your usual UMe relationship contact. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate basis for doing so in law.

Enquiries or concerns?

We have appointed a Data Protection Officer to oversee compliance with this privacy notice. If you have any questions about this privacy notice or how we handle your personal information, or if you are unhappy with how we handle your personal information, please contact the Data Protection Officer at dpo@underwriteme.co.uk or your usual UMe relationship contact. If we do not resolve your concerns to your satisfaction, you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.

Revisions to this privacy notice

We may update this privacy notice from time to time, and will communicate such updates through our website. We will not do so where we believe this would materially impact your rights and freedoms: in those circumstances we will expressly notify you. We may also notify you in other ways from time to time about the processing of your personal information.

If you have any questions about this privacy notice, please contact your usual UMe relationship contact, who will be happy to assist you.

This Privacy Policy was last updated May 2020.