Updated: 18th September 2018
- 24th May 2018 - Original document uploaded
- 18th September 2018 - Link to 'London Market Core Uses Notice Information Notice' updated.
DTW1991 is committed to protecting your privacy. This Privacy Notice explains how we handle the personal information that we collect about you. We take security issues seriously and have implemented appropriate steps to help maintain the security of our information systems and processes to prevent the accidental destruction, loss or unauthorised disclosure of the information we collect.
It explains what personal information we collect, how we use your data, who the data is shared with, how we keep it safe and for how long we retain your personal information. In addition we set out your rights in respect of your data. Please take time to read this Policy and our website terms and conditions.
In this Privacy Notice “You” or “Your” means:
- policyholders and covered parties,
- brokers, intermediaries and agents,
- service providers and advisers,
- claimants and their agents and relatives,
- enquirers and visitors to our websites.
We are a syndicate at Lloyd’s, managed by Coverys Managing Agency Limited (“Coverys”).
In this Privacy Notice reference to DTW1991, “we”, “our” or “us” means:
i. Syndicate DTW1991 at Lloyd’s, a syndicate at Lloyd's, managed by Coverys Managing Agency Limited, registered in England and Wales under company number 04690709 with its registered office at 71 Fenchurch Street, London, EC3M 4BS ("Coverys"), authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority.
ii. DTW1991 Underwriting Limited. registered in England and Wales under company number 08330551 with its registered office at 71 Fenchurch Street, London, EC3M 4BS, as appointed representative of Coverys, registered in England and Wales under company number 04690709 with its registered office at 71 Fenchurch Street, London, EC3M 4BS, authorised by the Prudential Regulation Authority and regulated by the Financial Conduct Authority and the Prudential Regulation Authority.
Each entity acts as the data controller in respect of the personal data we process
Our websites are:
- Leisure travel insurance websites, as follows:
Other privacy information you might find useful
The Lloyd’s Market Association (“the LMA”) provides information on how personal data is used and shared by insurance market participants. This guidance is called the ‘London Market Core Uses Information Notice’ and is available on the London Market Group website (https://www.londonmarketgroup.co.uk/gdpr).
What Information do we collect about you?
The personal information we collect about you consists of the information you and others provide to enable us to:
- provide you with the insurance from which you or others benefit,
- administer and pay claims,
- enter into commercial contracts with you.
We collect ‘personal data’, which is information about you, and may include:
- your name,
- date of birth,
- qualifications and experience,
- information relating to your financial history including County Court Judgements, bankruptcy proceedings, and Individual Voluntary Arrangements,
- risk specific information including claims history about you and your business.
We may also collect more sensitive data, called ‘special category data’, principally being:
- information on your physical or mental health,
- Information relating to crimnial convictions and offences committed by you.
How do we collect information about you?
We collect personal information about you from a variety of sources, including information:
- you provide to us directly, including information provided on our website or that you give us when corresponding with s by email, by telephone or by post,,
- from third parties, which may include your employer, broker, agent or representatives, family members, medical professionals and hospitals,
- from individuals who make applications on your behalf with your permission, or on behalf of a group(s) of people,
- from our coverholders,
- from claim handlers and other experts that we may use to administer or carry out our obligations to you,
- from fraud, money laundering and crime prevention services and databases,
- from publicly available information, including information posted on websites and social media.
How do we use your information?
We use your personal information, as a data controller, for the following purposes:
- to provide you with our insurance products and services,
- to communicate with you and with third parties as part of our business,
- to administer and pay claims,
- to respond to and handle your complaints,
- to notify you about changes to our products, services and the applicable terms and conditions,
- as part of our due diligence assessments before we enter into commercial contracts with you,
- to comply with legal and regulatory obligations,
- to detect, investigate and prevent fraud and financial crime,
- to update and maintain client and accounting records,
- for internal analysis and research,
- to improve your experience when you use our websites,
- to manage our business operations and comply with internal policies and procedures.
We may also use your contact information to provide you with information about our products and services we think may be of interests to you. We may contact you about these by email if you have previously consented to this or the informatino relates to products and services previously purchased by you.
You can ask us or third parties to stop sending you marketing messafes at any time by following the opt-out links on any marketing message sent to you or by contacting us at any time.
In accordance with data protection legislation, we use your data where we have a legitimate legal basis to do so. These are listed below:
- Legitimate Interests
Where we have an appropriate, legitimate business need to use your personal information such as maintaining our business records, developing and improving our products and services, providing you with an insurance policy or service(s), handling and paying claims.
- Legal Obligation
Where we have a legal or regulatory obligation to use your information to maintain records of any dealings with you or to provide those records when obliged to do so.
- Insurance specific exemptions
In some instances we rely upon a specific legal exemption to allow us to process sensitive personal information about you. This exemption applies where we need to process your information as an essential part of your insurance cover, for example, your medical history or health data.
We will occasionally ask for your consent in relation to processing your sensitive personal information. If we ask for your consent we will explain why it is necessary.
Who is your information shared with?
We may share your personal information with third parties where relevant. Your information will not be shared other than for the reasons described in this Privacy Notice. Your information will be kept confidential and will not be used for any reason other than the reasons we have described.
Your information may be disclosed to the following organisations:
- our staff, agents and contractors,
- our professional advisers,
- third party contractors that provide services to us, such as medical screening companies, surveyors, loss adjusters, solicitors, emergency assistance providers and auditors,
- governmental bodie, law enforcement agencies, regulatory authorities, anti-fraud organisations and industry bodies and databases (where we are required to share information in accordance with applicable legislation and guidelines).
- insurance market participants such as coverholders, brokers, third party administrators, other insurers and reinsurers,
- analytics and search engine providers that assist us in the improvement and optimisation of our websites.
We take your data security seriously, and we have implemented appropriate measures to ensure that your data is handled securely. Where your data is transferred to a destination outside the European Economic Area (“EEA”), local laws may provide for a lower standard of protection for personal data than is applicable within the EEA. We implement appropriate safeguards so that your data is protected.
How long do we retain your information?
We keep your personal data for only as long as is reasonably necessary to fulfil the purposes for which we process your personal data, as listed above in this Privacy Notice.
The retention periods are set out in our Retention Policy, which takes into account factors including:
- any applicable legal obligation to hold records for a specified minimum period,
- the amount, nature and sensitivity of the personal data,
- the potential risk of harm from unauthorised use or disclosure of your personal data,
- the purposes for which we process your personal data, and whether we can achieve those purposes through other means.
For our proposers, policyholders and claimants we have different retention periods for different types of insurance policy. We do not keep your information for any longer than necessary, but certain types of insurance policy allow for claims to be made many years after the existence of the policy and therefore we need to retain your information to deal with any claims which may arise in the future.
For our business partners we collect personal information as part of our due diligence process. We will retain the information we collect for the duration of our working relationship and in line with any legal or contractual obligations.
Where your personal data is no longer required, we ensure it is securely deleted.
How do we keep your personal data safe?
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition we limit access to your personal data to those meployees, agents, acontractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. The terms of our contracts with third party contractors include obligations on them in relation to what personal data they can process and what they can do with that information.
A number of rights exist which allow you to ask us to do certain things with your information. Your rights are:
- Right to be informed
You have the right to be informed about the collection and use of your personal data. This Notice provides you with this information.
- Right to access
You have the right to obtain a copy of your personal data from us.
- Right to rectification
If we hold inaccurate information about you, you can ask us to correct it. If the data we hold is incomplete, you can ask us to consider additional information.
- Right to erasure
This right is sometimes called the right to be forgotten. You can ask us to erase your personal information.
- Right to restrict processing
You can ask us to stop processing your information. We will continue to store the data but will not carry out any further processing.
- Right to data portability
You can ask us to provide you with your data in a format which allows you to use it across different services.
- Right to object
In certain circumstances, you can object to our processing of your information.
- Rights related to automated decision making and profiling
For products where automated decision making is used, you can challenge any decision that has been made and ask us to review the outcome.
If you have provided us with consent to process specific data you can withdraw this consent at any time. In some circumstances exercising your rights, including withdrawing consent, may mean that we cannot continue to provide you with the insurance product(s) or services that we have agreed to, or we may not be able to administer or pay your claim or fulfil our contractual obligations. If this is the case, we will make you aware of the consequences of processing your request so that you can make a fully informed decision. Withdrawal of your consent will not affect the lawfulness of any processing that took place before your consent was withdrawn.
Not all of the above rights are absolute, which means that we may not have to comply with all aspects of your request. If this is the case we will explain the reasons for our decision.
If you would like to contact us about your rights, please see the How to contact us section below.
We may change the content of this Noticefrom time to time without further notice. Any changes will be highlited to you in an updated Privacy Notice and the latest version will always be hosted on our website www.dtw1991.com.
How to contact us
If you have any questions about how we collect, store or use your personal information, or you would like to update the information we hold about you, please contact our Data Protection Officer at firstname.lastname@example.org or at:
The Data Protection Officer
Coverys Managing Agency Limited
71 Fenchurch Street
Your right to complain
If you are not satisfied with our use of your personal data or our response to any request by you to exercise your data protection rights, or if you think we have breached any relevant data protection laws, then you have the right to complain to the authority that supervise our processing of your personal data. In the UK, this is the ICO, details of which can be found at https://ico.org.uk.
OUtside of the UK, if you would like details of the appropriate authority that supervises our processing of your personal data, please contact us using the details set out in the How to contact us section.