PRIVACY POLICY
Contents
- INTRODUCTION
- OUR CONTACT DETAILS
- DATA CONTROLLER
- DATA PROTECTION OFFICER
- THE PERSONAL DATA WE PROCESS
- HOW WE STORE YOUR PERSONAL INFORMATION
- OUR THIRD PARTIES
- INTERNATIONAL TRANSFERS
- HOW YOU CAN SET YOUR DATA & PRIVACY PREFERENCES
- FOR INDIVIDUALS WHO ARE IN THE UK AND EUROPEAN ECONOMIC AREA: YOUR RIGHTS
- HOW TO EXERCISE YOUR RIGHTS
- ADDITIONAL DISCLOSURES FOR CALIFORNIA RESIDENTS
INTRODUCTION
Insider International Limited (“Insurance Insider”) is a global information business providing intelligence and insight for the reinsurance and international specialty insurance markets. Insurance Insider and its group companies are committed to respecting the privacy of every person who visits, registers with or subscribes to our websites, publications, events and other products or services, or about whom we otherwise collect personal data.
OUR CONTACT DETAILS
Name: Insider International Limited, a business registered in England and Wales with registration number 15236286.
Address: 4 Bouverie Street, London, EC4Y 8AX
E-mail: dataprotectionofficer@insuranceinsider.com
This privacy notice describes how we use your personal data. Please read it carefully along with our Cookies Notices. We may make changes to this notice from time to time, so please check it regularly. We will make you aware when it has been updated.
DATA PROTECTION OFFICER
If you wish to exercise your rights under data protection law, you can do so by contacting us at the details under the heading How to exercise your rights.
THE PERSONAL DATA WE PROCESS
Insurance Insider collects your personal data when you visit our sites and apps, subscribe for products or services, register for, and attend our events, contribute to our businesses or when you otherwise interact with us. We have described below the personal data that we process, what we use it for and where we get it from (which, in each case, may vary depending on the way in which you engage with us).
| Personal data that you provide to us when you register with one of our websites and/or sign up for a free trial of our products or services. This includes your name, address, email address and telephone number and details relevant to your occupation and employer. It will also include payment details. | To provide you with the product and/or service that you have requested. Our lawful basis is that it is necessary to process this information to fulfil the contract we are about to enter into or have entered into with you. | You |
| Personal data that you provide when you register for one of our events. This includes your name, address, email address and telephone number and details relevant to your occupation and employer. It will also include payment details. | To complete your registration for an event and to allow you to participate in the event. Our lawful basis is that it is necessary to process this information to fulfil the contract we are about to enter into or have entered into with you. | You |
| Personal data that you provide to us when you engage with us that relates to your health. | So that we are able to make reasonable adjustments due a personal condition that you may share with us. | You |
| Personal data that you provide to us when you engage with us. | To send marketing to you. We rely on our legitimate interest to contact you in relation to products and/or services that may be of interest to you. We provide you with the opportunity to object to receipt of marketing at the time we collect your information, and you can change your preferences at any time. | You |
| Personal data that you provide to us when you engage with us. | To share with sponsors of our events so that they can contact you in relation to products and/or services that may be of interest to you. We rely on our legitimate interest to share this information with our sponsors for this purpose. We provide you with the opportunity to object to this information being shared. | You |
Information from apps, through your browser or device and your IP address (“Transaction Data”) This is statistical data and does not identify your individual device. This might be your computer type, screen resolution, operating system name and version, device manufacturer and model, language and Internet browser type and version for example. | · To monitor usage and performance of our products, services, processes and platforms, perform analysis (e.g. statistical, market, product analysis), reporting and forecasting; · To understand how you interact with our products, services and platforms; · To perform checks and prevent, detect, investigate and report usage contrary to our terms and conditions. We are relying on our legitimate interest to help us understand, develop, improve our products and services and our legitimate interest to manage risk and security. | Your device |
| Personal data which relates to you and your employment – such as email address, phone number, job title, address, purchase history and account information | To create “segments” of particular audiences so that we can improve the quality and relevance of our sales and marketing activities and provide offers that are relevant to you and your profile. We rely on our legitimate interest to market our products and services. | You |
Your personal data to create a “segment” of particular types of audiences so that we can show you advertisements which may be more relevant to you and the “segments” you may be in. We use third parties to deliver cookies that collect technical information, including how you interact with our site (e.g. browsing information, which articles you have read etc) | To deliver advertisements to you which may be of interest to you. We rely on our legitimate interest to market our products and services. Where we use cookies or other tracking technology, please see our cookie notice for more information and detail on how to manage your cookie choices through your privacy settings. | Your device |
| Some of your personal data together with Technical Data on your device | To share with third parties to deliver targeted advertising to you on other websites (e.g Facebook Customer Audiences). This could include your email address and cookies, web beacons or other tracking technology to monitor your online behaviour and identify website usage, helping advertisers show you advertising and content that is more relevant to you. This is also known as behavioural advertising. Third parties, such as Facebook and Google, will have their own privacy policies which you can find below:
You can find more information about how Google uses data that it receives here: https://policies.google.com/technologies/partner-sites
Facebook Custom Audience For further details in relation to Facebook Custom Audience, please visit https://www.facebook.com/legal/terms/customaudience. Where we send data to Facebook, we are a Joint Controller with Facebook. This Joint Controller relationship is subject to Facebook’s Controller Addendum. Facebook is the independent Data Controller once it is in receipt of that data. You can find more information about Facebook’s processing at https://www.facebook.com/policy.php When processing your information for these purposes, we are relying on our legitimate interest to help us market our products and services. | You |
| Personal data which may allow us to contact you | To share with trusted third parties to verify the information that we hold and ensure that it remains accurate. We rely on our legitimate interest to provide you with our products and services. | You and trusted third parties |
| Personal data that allows us to contact you | To request your feedback and/or ask you to participate in customer and/or market research. We rely on our legitimate interest to understand, develop and improve our products and services. | You |
| Personal data that you submit on message boards, blogs or other services for generating content from users. | So that you can contribute to online conversations and communities available on our services. Please be careful when deciding to post any personal data for this purpose. User generated content is also subject to our site Terms and Conditions. We rely on our legitimate interest to provide information, opinions or ideas to the public. | You |
| Personal data that you have provided to us | If we sell a business or assets, we may need to disclose your personal data to the prospective buyer of such business or assets. If Insurance Insider, or any of our group companies, is sold or sells our assets or is acquired by a third party, then personal data about our customers will be acquired by that third party. A transfer of your personal data in these circumstances would be necessary so that the services you have contracted for can still be delivered, or so that you can continue to enjoy the benefits of our products and services. You will receive notice if a new controller assumes responsibility for your personal data. We rely on our legitimate interest to sell businesses for operational or strategic purposes. | You |
| Transaction Data | We may include small pixel tags (small image files) within the emails we send you in order to determine whether our emails are opened and/or whether the hyperlinks inside our emails are clicked through. We may also collect browser, location and the device used to engage with our email communications. This information allows us to better understand whether we are meeting our users’ needs and how we can improve our communications. No other information is collected. We rely on our legitimate interest to understand, develop and improve our products and services. | Your device |
| Publicly available data | To carry out sanctions screening to prevent transactions with persons prohibited from certain transactions and/or activities. We rely on our legal obligation to carry out sanctions screening and our legitimate interest to manage risk, security and prevent crime and data that you provide to us. | Independently audited third parties. |
| Publicly available data | To send marketing to you. We obtain such information from trusted sources. We rely on our legitimate interest to contact corporate subscribers in relation to products and/or services that may be of interest. We always provide the opportunity to object to receipt of future marketing at the time we send materials and provide the ability to change preferences at any time. We will not send materials to persons who have previously told us they do not want to receive marketing. | Trusted databases |
| Publicly available data | To provide information, opinions or ideas to the public (journalism) We rely on our legitimate interest in providing information, opinions or ideas to the public, upholding standards of integrity, promoting transparency and accountability, encouraging public understanding and securing the best use of public resources. | Through investigation |
| Personal data that you have provided to us | To protect the security and resilience of our networks/applications and respond to technical and security incidents. We rely on our legitimate interest to manage risk, security and crime prevention. | You |
| Personal data that you have provided to us | To enable us to provide legal and/or regulatory advice in line with our business activities. We rely on our legitimate interest to satisfy our industry, regulatory and legal requirements and exercise our rights. | You |
HOW WE STORE YOUR PERSONAL INFORMATION
DATA SECURITY
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and the relevant data protection regulator of a breach where we are legally required to do so.
DATA RETENTION
We have a data retention policy that ensures we don’t use or store your personal data for longer than necessary. We consider the following to determine retention periods:
· Guidance from the UK Information Commissioner and other regulatory agencies, as well as industry best practice recommendations;
· The use(s) of the personal data;
· The business rationale for collection and expiry of the purpose for which personal data was collected;
· Our ongoing ability to ensure the accuracy of the data; and
· Legal and regulatory requirements.
We may occasionally need to keep personal data for either shorter or longer periods than specified in our retention policy. In such circumstances, application of the retention period to the data will be temporarily suspended. The suspension of any retention period will be carried out in a manner that respects the rights and interests of all persons concerned.
OUR THIRD PARTIES
We use third parties to enable, perform or improve a range of our business processes. These may require us to share your data with third parties and/or they may share your data with us. These third parties may include (but are not limited to):
1. Third parties that enable us to understand, develop, improve and market our products and services;
2. Third parties that enable us to carry our regulatory checks – for example sanctions screening;
3. Third parties that work with us to help us fulfil on and service your products and services;
4. Third parties that support the running of our business processes;
5. Third parties that provide reporting, banking or tax management services and enable us to manage our business financials and performance;
6. Other third parties, bodies or institutions where we are required by regulation, law, industry practices or to detect/prevent fraud, crime, terrorist activity or business risks eg regulators, law enforcement bodies and crime prevention bodies.
Some of our third parties may be international. See the “International Transfers” section below to understand how we manage our data internationally.
INTERNATIONAL TRANSFERS
The Insurance Insider has an office in the United States . Your data may be transferred to or accessed globally.
As well as other Insurance Insider operations, the service providers we share your data with may have operations in the UK, the EEA and elsewhere in the world.
While some countries – for example those in the European Economic Area (“EEA”), the Isle of Man, Andorra, Argentina, Guernsey, Israel, Jersey, New Zealand, Switzerland and Uruguay are recognised as having must have the same high standard of data protection as offered in the UK, other parts of the world may not guarantee that same level of protection. When we share your data with anyone outside of the UK and the EEA, where necessary, we always put in place the safeguards required by law to ensure that a consistent high level of protection travels with your data.
If you would like more specific details about the safeguards in place when transferring your data, please email dataprotectionofficer@insuranceinsider.com.
FOR INDIVIDUALS WHO ARE IN THE UK AND EUROPEAN ECONOMIC AREA: YOUR RIGHTS
You have certain rights in relation to your personal data which include the following:
YOUR DATA PROTECTION RIGHTS
Under data protection law, you have rights including:
· Your right of access
You have the right to ask us for copies of your personal information.
· Your right to rectification
You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
· Your right to erasure
You have the right to ask us to erase your personal information in certain circumstances.
· Your right to restriction of processing
You have the right to ask us to restrict the processing of your personal information in certain circumstances.
· Your right to object to processing
You have the right to object to the processing of your personal information in certain circumstances.
· Your right to data portability
You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you.
HOW TO EXERCISE YOUR RIGHTS
To exercise any of these rights, please contact us by post or email at the following addresses:
Data Protection Officer
Insider International Limited
4 Bouverie Street
London,
EC4Y 8AX
United Kingdom
Email: dataprotectionofficer@insuranceinsider.com
We may need to check your identity prior to processing a request. We will do our best to respond to any questions and address any of your concerns.
You also have the right to complain directly to the Regulator regarding the processing of your personal data – the Information Commissioner in the UK or the regulatory body of the country where you live. You can contact the UK Information Commissioner at the link provided or in writing to:
Information Commissioner’s Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk
For other regulatory bodies, this information is readily available. But, you can contact us at dataprotectionofficer@insuranceinsider.com should you require assistance.
ADDITIONAL DISCLOSURES FOR CALIFORNIA RESIDENTS
We have explained our privacy practices in full in the other sections of this Privacy Notice. In this section, we provide a list of the categories of personal information set out in the California Consumer Privacy Act (“CCPA”) that have been collected, the purposes for which those categories of information are collected or used, and the business purposes (as defined in the CCPA) for which those categories are disclosed. In the twelve months preceding the date this Privacy Notice took effect, we have not sold personal information although we do use standard Internet advertising and analytics tools provided by third parties that rely on cookies and other tracking technologies (see our Cookie Settings for more information), and we may disclose your information with your consent and for the business purposes described below.
| Categories of Personal Information Collected | · Internet or other electronic network activity information, e.g., browsing history; search history; online interests, such as information about categories of consumer interests derived from online usage; and information on a consumer’s interaction with a website, application, or advertisement. · Demographic and statistical information, including information regarding personal characteristics of protected classifications under California law like race and gender · Device information and other personal identifiers, e.g., name; alias; postal address; online identifiers; IP address; email address; account name. · Professional, education, or employment-related information, e.g., business name or job title. · Geolocation information · Commercial or transactions information, e.g., records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. · Inferences, e.g., inferences drawn from the information identified in this Privacy Notice to create a profile about a consumer reflecting the consumer’s preferences, predispositions, behavior, etc. |
| Purposes for Which the Categories of Personal Information Are Collected or Used | · To provide online platforms. · To communicate with you. · To improve and develop online platforms. |
| Purposes for Which the Categories of Personal Information are Disclosed for Business Purposes or Sold | We disclose these categories of personal information for business purposes. For example, we share this information: · To our service providers. · To protect our lawful interests. |
Subject to certain limitations, you have the right to: request to know more about the categories and specific pieces of personal information we collect, use, and disclose; request deletion of your personal information; opt out of any “sales” of your personal information that may be occurring; and not to be discriminated against for exercising these rights.
To access any of your rights described in this section (for customers who are California Residents), please submit your request by emailing dataprotectionofficer@insuranceinsider.com. When you exercise your rights, we may seek to verify your identity, for example by verifying purchases you have made with us. If we receive your request from an authorised agent, we may ask for evidence that you have provided such agent with power of attorney or that the agent otherwise has valid written authority to submit requests to exercise rights on your behalf. If you are an authorised agent seeking to make a request, please contact us. We will not discriminate against you for exercising your rights.