Privacy Notice

This Privacy Notice (the “Privacy Notice”) relates to First Insurance Solutions Limited (“we” or “us”) whose registered office is at:

First Insurance Solutions House
Centre 3000
St. Leonards Road
Maidstone
Kent
ME16 0LS

A copy can be found on our Website at https://firstins.co.uk. We may make changes from time to time so you should check the latest version of this Privacy Notice periodically.

The privacy and security of your personal data is important to us. Your information will be properly managed and protected at all times. Please read this Privacy Notice carefully as it contains important information on:

the personal information we collect about you in relation to the services we provide
what we do with that information and
with whom we may share your information

Who we are

First Insurance Solutions Limited is a data controller for the purposes of the General Data Protection Regulation, 2018 (“Data Protection Laws”). We are responsible for, and control the processing of, personal information which we hold about you.

Useful Words & Phrases

Personal Data refers to:

Any information from which a living individual can be identified.

This includes information such as telephone numbers, names, addresses, email addresses, online identifiers, photographs, voice-recordings. It also includes expressions of opinion and indications of intentions about data subjects (and their own expressions of opinion/ intentions).

It also covers information which on its own does not identify someone but which could identify them if put together with other information which we have or are likely to have in the future.

Special Categories of Personal Data refers to:

Sometimes referred to as Sensitive Personal Data and includes any information relating to
Racial or ethnic origin
Political opinions
Religious beliefs or beliefs of a similar nature
Trade union membership
Physical or mental health condition
Sexual life
Genetic or biometric data for the purpose of uniquely identifying you
Offences or alleged offences or information relating to any offences committed or allegedly committed.

Processing refers to:

This covers virtually anything anyone can do with personal data, including
Obtaining, recording, retrieving, consulting or holding it
Organising, amending or altering it
Disclosing, disseminating or otherwise making it available
Aligning, blocking, erasing or destroying it
Extends to manual filing systems and automated or electronic data.

Data Subject refers to:

The person whom the data is about.

Information Commissioner refers to:

The UK Information Commissioner who is responsible for implementing, overseeing and enforcing the Data Protection Laws.

Data Controllers refers to:

Decide how and why personal data is processed.

Data Processor refers to:

Acts on the Data Controller’s behalf.

What information do we hold and where did we obtain it?

Personal information provided by you:
In order to provide services to you, we collect and process personal information about you including – but not limited to – your name, contact information, address information including post code, family details, health and personal circumstances, financial details and credit history, employment details and any criminal convictions. We may hold some of this information already and will update it periodically when new policies are taken out or existing policies fall due for renewal.
Payment card information you provide when paying for your policy is processed and stored via our secure systems and used solely for the purpose of that transaction.
When you ask us to arrange insurance for you where this involves providing information relating to children, you confirm that you are the responsible guardian for that child.
Please note that if we do not hold your personal information then we will not be able to offer services to you.

IP Addresses and Cookies:
We may place a text file called a “cookie” in the browser files of your computer. The cookie itself does not contain Personal Information although it will enable us to relate your use of this site to information that you have specifically and knowingly provided. However, the only Personal Information a cookie can contain is information you supply yourself. A cookie can’t read data off your hard disk or read cookie files created by other sites. First Insurance Solutions Ltd uses cookies to track user traffic patterns (as described above). Our advertising system delivers a one-time cookie to better track ad impressions and click rates.
You can refuse cookies by turning them off in your browser. If you’ve set your browser to warn you before accepting cookies, you will receive the warning message with each cookie. You do not need to have cookies turned on to use this site. However, you do need cookies to participate actively in message boards, forums, polling and surveys.

Below is a list of our websites and details of the use of cookies on these sites:

First Insurance (http://firstins.co.uk)

DYNSRV – This cookie is used for load balancing to manage server traffic demand and just contains a unique id. No personal information stored.
wfvt_* – Wordfence security cookie. No personal information stored just a unique id.
vuid – Vimeo Analytics unique id

First Insurance Solutions (http://firstinsurancesolutions.co.uk)
DYNSRV – This cookie is used for load balancing to manage server traffic demand and just contains a unique id. No personal information stored.
_ga – Google Analytics – Used to distinguish users.
_gi – Google Analytics – Used to distinguish users.
_gat – Google Analytics – Used to throttle request rate.
wfvt_* – Wordfence security cookie. No personal information stored just a unique id.

First Equestrian Insurance (http://firstequestrianinsurance.co.uk)
DYNSRV – This cookie is used for load balancing to manage server traffic demand and just contains a unique id. No personal information stored.
_ga – Google Analytics – Used to distinguish users.
_gi – Google Analytics – Used to distinguish users.
_gat – Google Analytics – Used to throttle request rate.
wfvt_* – Wordfence security cookie. No personal information stored just a unique id.
NID – Google – Unique id to remember user preferences.

First Fleet Insurance (http://firstinsfleet.co.uk)
DYNSRV – This cookie is used for load balancing to manage server traffic demand and just contains a unique id. No personal information stored.
_ga – Google Analytics – Used to distinguish users.
_gi – Google Analytics – Used to distinguish users.
_gat – Google Analytics – Used to throttle request rate.
wfvt_* – Wordfence security cookie. No personal information stored just a unique id.

UK Special Risks (https://ukspecialrisks.co.uk/)
DYNSRV – This cookie is believed to be used for load balancing to manage server traffic demand and just contains a unique id. No personal information stored.
wfvt_* – Wordfence security cookie. No personal information stored just a unique id.
Google Analytics – Our sites use Google Analytics, a web analysis tool provided by Google Inc. (‘Google’). Google Analytics uses cookies to track your use of the website. This information (including your IP address) is sent to Google’s servers in the USA where it’s used to prepare analysis and reports for us on the use and effectiveness of our websites. Google will not associate your IP address with any other data held by Google.

Personal information provided by third parties:
We may receive information about you from third parties including Insurance companies, loss adjusters, finance providers and other data bases for the purposes of reducing fraud and financial crime, provided such third parties have lawful bases on which to share your personal data with us; which we will add to the information we already hold about you where it is relevant to the services we provide to you.

How will we use the information about you?:
The processing of data is necessary for the arranging, underwriting, and administration of insurance policies and insurance policy claims, provided the Data Controller shall implement suitable and specific measures to safeguard the data subject’s rights and freedoms in respect of such processing.
Information about you will be treated as private and confidential and may be used in the normal course of arranging and administering your insurance. We may also use your data to inform you of relevant information relating to existing insurance policies or any finance arrangements you may have with us in connection with your insurance.

How we contact you about other products and services:
We may from time to time process your personal data to inform you about similar products and services that may be of interest to you. This is because we value your custom and pride ourselves in offering professional and tailored advice to meet specific insurance needs. This includes keeping you informed on the latest insurance and industry information and details of any offers or promotions relating to the insurance services we provide to you.
Our preferred methods of contact are by post, telephone, email and SMS text message.

Why is processing your personal data Legal?:

We are relying upon legitimate interests to process your personal data:
Your personal data will be used for the purpose of providing insurance services.
Your data is used to ensure we can contact you regarding any insurance-related communication, arranging and administering your insurance, and dealing with any claims-related matters.
We do not carry out any “Profiling” or automated decision-making but some of the Insurers we work with may do in order to provide you with the most competitive premiums.

Purposes for which we process your data:

To perform our contractual obligations to you. This includes meeting your insurance requirements at inception, for mid-term adjustments and at renewal.
The basis on which we can do this (what the law allows):
Necessary in connection with any contract you may enter into with us.

To administer your account, including any related financial transactions.
The basis on which we can do this (what the law allows):
Necessary in connection with any contract you may enter into with us.

To assist in the prevention and reduction of fraud and other financial crime.
The basis on which we can do this (what the law allows):
Necessary for us to comply with the law and our legal obligations.

In the interests of security and to improve our service, telephone calls may be monitored and recorded.
The basis on which we can do this (what the law allows):
Necessary to pursue our legitimate interests in the management and operation of our business.

To advise you of similar products and services that may be of interest to you.
The basis on which we can do this (what the law allows):
Necessary to pursue our legitimate interests in operating our business.

In order to perform our contractual obligations to you, we may need to collect special categories of data from you, such as health information and details of any criminal convictions.
The basis on which we can do this (what the law allows):
Necessary in connection with any contract you may enter into with us and for reasons of substantial public interest relating to insurance.

Who will we share your information with?

We may share information we hold about you with Insurers and other statutory, regulatory and law enforcement bodies for the prevention of fraud, financial crime, or where the law requires us to do so.
As part of the service we provide, we may share your personal information with OpenGI (our software provider), the Financial Conduct Authority (FCA), Insurers and other insurance intermediaries, our IT contractors, risk management assessors, uninsured loss recovery agents, and other third parties involved either directly or indirectly in your insurance.
We may also pass information about you to credit reference agencies and premium finance providers to assess your financial standing generally and, in particular, where you have requested a premium instalment plan.
We and other organisations may use credit or insurance reference and fraud prevention agency records about you and people financially linked to you, as well as others within your household, to help make decisions about you for underwriting purposes, validating claims and satisfying anti-money-laundering requirements. Upon request, we will tell you which credit reference and fraud prevention agencies we have used so you can obtain a copy of your details from them. Your data may be shared with third parties we use to recover monies you owe us.
We will not sell, distribute or lease your personal information to third parties without your permission unless required by law to do so.

How long will we keep your data for?

Your data will be kept for as long as it is needed for us to arrange, place and administer your insurance. This means that we will retain your data whilst any insurance policy arranged through us remains valid, and for as long as is reasonable, in order to deal with any claims or other outstanding insurance or finance related matters.
If you consent to marketing, any information we use for this purpose will be kept with us until you notify us that you no longer wish to receive this information.

Monitoring and recording communications

We may monitor and record communications with you (including telephone calls and emails) for the purpose of quality assurance, training and compliance with the relevant regulations.

Keeping your data secure

We will use technical and organisational measures to safeguard your personal data:
Access to client records is controlled by password and user name that are unique to our staff and can only be accessed via our own computer systems.
We will take reasonable steps to ensure the reliability of any employee, agent or contractor who may have access to your personal data, ensuring in each case that access is strictly limited to those. individuals who need to access the relevant personal data as strictly necessary for the purposes of lawfully processing that data.
Staff shall respect and maintain all due confidentiality.
Personal data is stored on our secure internal and external servers.
We have an agreement with our reputable and established software supplier, OpenGI, to ensure that any data that is passed through their systems is kept secure.
We use reputable and established third party data processors, such as: live chat system, SchemeServe, etc. to process your data.
Your data is retained on computer systems located and maintained in the United Kingdom – we do not store your data outside of the European Economic (EEA).

Although we will use all reasonable efforts to safeguard your personal data, you acknowledge that use of the internet is not entirely secure and for this reason we cannot guarantee the security of integrity of any personal data that is transferred from you, or to you, via the internet. Should you have any particular concerns about your data, please contact us.

What rights do you have?

As a data subject, you have the following rights under the Data Protection Laws:
the rights of access to personal data relating to you
the right to correct any mistakes in your information
rights in relation to automated decision taking
the right to restrict or prevent your personal data being processed
the right to have your personal data ported to another data controller (e.g. if you decide to transfer your insurance)
the right to erasure
compensation for damage caused by contravention of the Data Protection Laws
the right to complain to the Information Commissioner if you believe we have not handled your personal data in accordance with the Data Protection Laws

These rights are explained in more detail below, but if you have any comments, concerns or complaints about our use of your personal data, please contact us (see the ‘Contact us’ section below).  We will respond to any rights that you exercise within 30 days of receiving your request, unless the request is particularly complex, in which case we will respond within 90 days.

Right to access to personal data relating to you

You may ask to see what personal data we hold about you and be provided with:
a copy
details of the purpose for which it is being or is to be processed
details of recipients or classes of recipients to whom it is or may be disclosed, including if they are overseas and what protections are used for those overseas transfers
the period for which it is held (or the criteria we use to determine how long it is held)
any information available about the source of that data.

See the ‘Contact’ page for details of who to contact to make a request for your personal data.  To help us find the information easily, please provide as much information as possible about the type of information you would like to see.
If, to comply with your request, we would have to disclose information relating to or identifying another person, we may need to obtain the consent of that person if possible.  If we cannot obtain consent, we may need to withhold that information or edit the data to remove the identity of that person if possible.
There are certain types of data, which we are not obliged to disclose to you, which include personal data which records our intentions in relation to any negotiations with you where disclosure would be likely to prejudice those negotiations.

Right to correct and mistakes in your information

You can ask us to correct any mistakes in your information which we hold, free of charge.  If you would like to do this please:
email, telephone or write to us (see the ‘How to contact us’ section below)
let us have enough information to identify you, and
let us know the information that is incorrect and how it should be corrected

Right to restrict or prevent processing or personal data

In accordance with the General Data Protection Regulations 2018 you may request that we stop processing your personal data temporarily if:
you do not think that your data is accurate – we will start processing again once we have checked whether or not it is accurate
the processing is unlawful but you do not want us to erase your data
we no longer need the personal data for our processing, but you need the data to establish, exercise, or defend legal claims; or
you have objected to processing because you believe that your interests should override our legitimate interests

Right to erasure

In accordance with the General Data Protection Regulations 2018 you can ask us to erase your personal data where:
you do not believe that we need your data in order to process it for the purpose set out in this Privacy Notice
if you had given us consent to process your data, you withdraw that consent and we cannot otherwise legally process your data
you object to our processing and we do not have any legitimate interests that mean we can continue to process your data; or
your data has been processed unlawfully or has not been erased when it should have been

There may be exemptions which mean we may continue to process your data.

Complaints to the Commissioners Office

If you do not think that we have processed your data in accordance with this notice, please contact us in the first instance to discuss your concerns. If we cannot resolve your complaint to your satisfaction, you can complain to the Information Commissioner’s Office, who are the supervisory authority in the UK protecting the rights of individuals under current data protection regulations.  Further information is available by calling

0303 123 1113 or visiting www.ico.org.uk

How to contact us

For questions regarding your personal information held by us, or if you wish to request a copy of the information we hold about you please telephone, email or write to us at:

First Insurance Solutions
Compliance Department
Centre 3000
St. Leonards Road
Maidstone
Kent
ME16 0LS

Email:     info@firstins.co.uk
Tel:         01634 868444