This Privacy Notice outlines the information we may collect about you in relation to your use of our website and/or related services (“personal data”) and how we may use that personal data.
RFIB Group Ltd is the Data Controller and decides how your personal data is processed and for what purpose.
How we use your information
We are legally obliged to conduct appropriate “Know your client” checks and therefore, prior to commencing our relationship and at regular intervals thereafter, we will request and maintain relevant information from you, which may include, Full Name, Date of Birth, Place of Birth, Country of residence, Nationality, Director and Shareholder information (if a limited company) and contact details. We may share this information with other parties in the placement chain upon request, this will only be shared in order to help them facilitate the contract of insurance for you and to help fulfil regulatory obligations, each party with which this is shared is a Data Controller in their own right and the details of which will be evident on the Placement confirmation.
In acting for you in the placement of your insurance business and to service the contract this forms, we will also require Bank details, full risk information and beneficial owner details. We share this information with the underwriter, which acts as a Data Controller in their own right, in order to support the contract of insurance / reinsurance, details of which will be shown on the placement confirmation.
We may share with you specific information relating to the specific market within which you operate and have legitimate interests in sharing this information with you.
We accept that we are both considered to be Controllers of the information that we collect in relation to the Client and alone determine how the data that is collected is processed.
We are obliged to conduct appropriate “Know your client” checks and therefore, prior to commencing our relationship and at regular intervals thereafter, we will request and maintain relevant information from you, which may include, Director information: Full Name, Date of Birth, Place of Birth, Country of residence, Nationality; Shareholder information (if a limited company) and contact details. We may share this information with other parties in the placement chain upon request, this will only be shared in order to help them facilitate the contract of insurance for you and to help fulfil regulatory obligations, each party with which this is shared is a Data Controller in their own right and the details of which will be evident on the placement confirmation.
In acting for you and the client in the placement of your Insurance / Reinsurance business and to service the contract this forms, we will also require Bank details, full risk information and beneficial owner details. We share this information with the underwriter, which acts as a Data Controller in their own right, in order to support the contract of insurance / reinsurance, details of which will be shown on the placement confirmation.
How we process your data
We comply with our obligations under Data Protection law by keeping your personal data up to date; storing and destroying it securely; we will not collect or retain data which we do not need for the above mentioned purposes. We also protect your personal data from loss, misuse, unauthorised access and disclosure by ensuring that appropriate technical measures are embedded within our IT systems
Why we collect this information
We collect and maintain your personal data to enable us to place insurance contracts on your behalf and to fulfil our statutory and regulatory obligations.
What we do with your information
The personal data which is collected for insurance contract purposes will be treated as confidential and will be shared with re/insurers, underwriters, service providers and/or other parties in the insurance placement chain, as necessary, to place and service the contract of Insurance/Reinsurance.
The personal data collected for Due Diligence purposes will be treated as confidential and screened against a global financial crime and sanctions database. We may share this information with other parties in the placement chain upon request for use in Due Diligence.
Each party with which we share your data which does not work on our behalf act as a controller in their own right and will determine how the data is processed when in their control.
The data collected from you will only be transferred outside the EU if:
- the recipient country is certified by EU authorities as providing adequate levels of data protection; or
- where approved safeguards such as standard contractual clauses or binding corporate rules have been implemented.
How long we keep your information
We keep the data collected for Insurance / Reinsurance Contract purposes for a period of 8 years following expiry of the contract. In the event of any claim, relevant data is held for 5 years after the claim has been closed and 10 years in the event that the claim involved legal action.
Personal data collected for Due Diligence purposes is retained for 4 years after the relationship ends.
Visitors to our website
When someone visits www.RFIB.com we use a third party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this and gain appropriate consent in order to do so. We will make it clear why we collect it and what we intend to do with it
To opt out of being tracked by Google Analytics across all websites visit: http://tools.google.com/dlpage/gaoptout
People who email us
We monitor any emails sent to us, including file attachments, for viruses or malicious content. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.
RFIB Group Ltd is the data controller of all the information you provide directly to us when applying for a job with us. All information you provide will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.
We will not share any of the information you provide with any third parties for marketing purposes or store any of your information outside of the European Economic Area. The information you provide will be held securely by us, whether the information is in electronic or physical format.
We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for.
We do not collect or hold more information than we need to. In the event that your application is unsuccessful, your information will be retained for 12 months.
RFIB Group Ltd Contact
You can contact us:
By post:RFIB Group Ltd
20 Gracechurch Street
Please address your correspondence for the attention of Data Protection Officer (DPO).
Your rights over your information (EU & UK residents)
By law, you can ask us what information we hold about you, and you can ask us to correct it if it is inaccurate. You can also ask for us to give you a copy of the information.
Your right to complain (EU & UK residents)
If you have a complaint about our use of your information, you can contact us at the above noted address or the Information Commissioner’s Office via their website at www.ico.org/concerns or write to them at:
Information Commissioner’s Office
People who make a complaint to us (EU & UK residents)
If we receive a complaint from a person this is logged and an assessment undertaken.This normally contains the identity of the complainant and any other individuals involved in the complaint. We will only use the personal information we collect to investigate the complaint and provide a conclusion to the complainant. We usually disclose the complainant’s identity to whoever the complaint is about. This is inevitable where the accuracy of the complaint is in dispute however, if a complainant doesn’t want information identifying him or her to be disclosed, we will try to respect that.
We will keep personal information contained in complaint logs and supporting information in line with our retention policy.This means that information relating to a complaint will be retained for three years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.
We may change this notice from time to time by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This notice is effective from 25thMay 2018 and will be reviewed on a minimum of an annual basis and changed, where necessary.