Privacy Notice
How We Use Personal Information Introduction
This notice explains how we collect, use and store personal information. Your privacy and personal information are important to us and we are committed to keeping it protected. We’ve tried to make this notice as clear and transparent as possible, so you are confident about how we use your information. As data controller, we are responsible for decisions about how your information will be processed and managed. You will also find details below regarding your rights under data protection laws and how to contact us.
1. Who we are and whose personal information we collect
When we refer to “we”, “us” and “our” in this notice it means Alfred Thomas Consultancy Li,ited. When we say “you” and “your” and “individuals” in this notice, we mean anyone whose personal information we may collect, including:
- anyone seeking a quote from us or whose details are provided during the quotation process
- anyone who may benefit from or be directly involved in service including suppliers
- anyone who has a business relationship or transacts business with us or provides us with a service, such as brokers, intermediaries and buyers.
2. How we use personal information
We use personal information in the following ways:
- to provide quotes, administer business and carry out inspections to work our contract
- to prevent financial crime to meet our legal obligations
- to manage our business, conduct market research and manage our relationships with business partners to meet the legitimate needs of our business
- to send marketing information about our products and services if we have received your specific consent.
There is no obligation to provide us with personal information, but we cannot provide our products and services without it.
3. Marketing
We use an individual’s personal information to market products and services to them. Our marketing activities may include:
- providing information about products and services by telephone, post, email and SMS; we will either do this ourselves or use third party partners to do it for us
- working with selected partners to display relevant online advertisements, and to our other customers, on third party websites and social media platforms. To do this, we may provide our partners with an individual’s personal information in an encrypted format, which they use only to identify the appropriate audiences for our advertisements. We ensure that our partners delete this information once the advertisement audiences have been identified, and do not use the information for their own purposes.
If you do not wish to receive marketing information about our products and services you can tell us at any time by using the contact details found in Section 10: Know your Rights.
4. Automated decision making, including profiling
Anyone subject to an automated decision has the right to object to it. To do so please contact us using the details in Section 10: Know Your Rights and we will review the decision.
5. The personal information we collect
The information we collect will depend on our relationship with you. We collect the following types of personal information so we can complete the activities in Section 2: How We Use Personal Information:
- basic personal details such as name, age, contact details and gender
- family, lifestyle and social circumstances, such as marital status, dependants and employment type
- financial details such as direct debit or payment card information
- photographs and/or video, including surveillance to help us manage policies and assess claims
- identification checks and background insurance risk details including previous claims information
- information relating to the use of our websites via the use of cookies
- accessibility details if we need to make reasonable adjustments to help
- business activities such as goods and services offered.
In certain circumstances, we may request and/or receive special category or sensitive information about you. We would only collect this information if it is relevant to the work or where it is necessary for a legal obligation:
- your current or former physical or mental health
- criminal offences, including alleged offences, criminal proceedings, outcomes and sentences (previous criminal convictions, bankruptcies and other financial sanctions such as County Court Judgements)
6. Where we collect personal information
We collect personal information direct from individuals, their representatives or from information they have made public, for example, on social media.
We also collect personal information from other persons or organisations, for example:
- credit reference and/or fraud prevention agencies
- emergency services, law enforcement agencies, medical and legal practices
- other involved parties, for example, claimants or witnesses.
We also collect information from your computer in the form of cookies. Please refer to our Cookie Policy for more details –
7. Sharing personal information
We only share your information when necessary for the purposes stated in Section 2: How We Use Personal Information.
We may share personal information with:
- other companies within the global Alfred Thomas Group
- credit reference, fraud prevention and other agencies that carry out certain activities on our behalf, for example, the Insurance Fraud Bureau (IFB) and marketing agencies if agreed
- external agencies for market research purposes
- any organisation where you have agreed for them to receive that data as part of the terms and conditions of your membership or affiliation
- prospective buyers in the event that we wish to sell all or part of our business.
8. Transferring personal information outside the UK
We use servers located in the European Union (EU) to store personal information where it is protected by laws equivalent to those in the UK. We may transfer personal information to other members of the global Alfred Thomas. We have Binding Corporate Rules (BCRs) which are our commitment to the same high level of protection for personal information regardless of where it is processed. These rules align with those required by the European Information Protection authorities. For more information about BCRs, please contact our Data Protection Officer.
Some of our suppliers have servers outside the EU. Our contracts with these suppliers require them to provide equivalent levels of protection for personal information.
9. How long we keep personal information
We keep information only for as long as we need it to administer the policy, manage our business or as required by law or contract.
10. Know your rights
Any individual whose personal information we hold has a number of rights in relation to how that information is processed by us. You have the following rights:
- The right to object – individuals can object to us processing their data and we will either agree to stop processing or explain why we are unable to
- The right of access– individuals can request a copy of their personal information we hold, subject to certain exemptions (a subject access request)
- The right of rectification – individuals can ask us to update or correct their personal information to ensure its accuracy
- The right to be forgotten – individuals can ask us to delete their personal information from our records if it is no longer needed for the original purpose
- The right of restriction – individuals can ask us to restrict the processing of their personal information in certain circumstances
- The right to data portability – individuals can ask for a copy of their personal information, so it can be used for their own purposes
- The right to withdraw consent – individuals can ask us, at any time, to stop processing their personal information, if the processing is based only on individual consent
- The right to make a complaint – individuals can complain if they feel their personal information has been mishandled. We encourage individuals to come to us in the first instance but they are entitled to complain directly to the Information Commissioner’s Office (ICO) www.ico.org.uk
If you wish to exercise any of these rights you can do so by contacting our Data Rights team.
11. Alfred Thomas Consultancy Limited Data Protection Officer contact details
Any queries about how we use personal information should be addressed to our Data Protection Officer:
Phone: 01489 232 262
Email: [email protected]
Address: Data Protection Officer, 17 Brunel Way, Segenswoth East, Fareham, Hampshire. PO15 5TX
12. Changes to our Privacy Notice
This Privacy Notice was last updated in July 2021.
Occasionally it may be necessary to make changes to this notice. When that happens we will provide an updated version at the earliest opportunity. The most recent version will always be available on our website.
13. Alfred Thomas Privacy Standards (APS)
The Alfred Thomas Privacy Standard provides you with information on the rules governing the international transfer of personal data between Alfred Thomas Group companies operating in the European Economic Area (EEA) and Alfred Thomas Group companies outside that area. The Alfred Thomas Privacy Standard also describes your rights in respect of such transfers, what to do if you want to exercise your rights or complain about such transfers, and how to contact us. The latest Alfred Thomas Privacy Standard.