Cookie & Privacy Policy
Last Updated: 1 July 2022
Ascot Group Limited (‘Company’) and its subsidiaries, including Ascot Underwriting Limited writing for and on behalf of Syndicate 1414 at Lloyd’s, (together being the “Group”) gathers and uses certain personal information in the ordinary course of its business as an insurer and/or insurance intermediary. This information may also be used by other companies in the Group and so, in this notice, references to ‘we’ or ‘us’ mean the Company and the Group.
This Privacy Policy explains how we collect, use, disclose, transfer, and store personal information of:
- policyholders, beneficiaries or claimants, as well as their agents or relatives, (“Policyholders”) during the course of the insurance lifecycle; and
- Users of the internet sites of the Group, including www.ascotgroup.com and affiliated sites, and our social media platforms and email account (collectively, the “Site”)
Any update to this Privacy Policy will be effective upon posting the modified Privacy Policy on our Site. You are encouraged to check periodically for any updates.
Insurance involves the use and disclosure of your personal information by various insurance market participants such as intermediaries, insurers and reinsurers. The London Insurance Market Core Uses Information Notice sets out those core necessary personal data uses and disclosures. Our core uses and disclosures are consistent with the London Market Core Uses Information Notice. You can view the London Market Core Uses Information Notice here. We recommend you review this notice in conjunction with this Privacy Policy.
WHAT PERSONAL INFORMATION WE COLLECT
In order to deliver insurance services to you, we may collect the following information.
Policyholders:
- Name, address (including proof of address), other contact details (e.g. email and telephone numbers), gender, marital status, date and place of birth, nationality, employer, job title and employment history, and family details, including their relationship to you.
- Identification numbers issued by government bodies or agencies, including your national insurance number, passport number, tax identification number and driving licence number.
- Bank account or payment card details, income or other financial information.
- Information about you which we need to collect in order to assess the risk to be insured and provide a quote. This may include data relating to your health, criminal convictions, or other special categories of personal data. For certain types of policy, this could also include telematics data.
- Information about the quotes you receive and policies you take out.
- Credit history, credit score, sanctions and criminal offences, and information received from various anti-fraud databases relating to you.
- Information about previous and current claims, (including other unrelated insurances),which may include data relating to your health, criminal convictions, or other special categories of personal data and in some cases, surveillance reports.
- Certain categories of personal data which have additional protection under the GDPR. The categories are health, criminal convictions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric, or data concerning sex life or sexual orientation.
Site Users
- Personal information that you choose to provide to us through the Site, including, but not limited to, your first and last name, physical address, email address, or telephone number, such as when you:
- Fill out a form on the Site;
- Sign up to a feature that we offer on the Site and you provide your personal information in connection with that feature;
- Sign up to attend an event that we have organised;
- Communicate with us (for example, on a social media platform or by sending us an email);
- Provide personal information to us on our social media pages; or
- Otherwise voluntarily provide personal information to us through the Site
- Information about your use of the Site such as the frequency with which you visit our Site and the links you use.
- Device information, such as the number and frequency of visits by the device, IP addresses, time spent on the Site, and pages viewed.
WHERE WE MIGHT COLLECT YOUR PERSONAL INFORMATION FROM
We might collect your personal information from various sources, depending on your circumstances, including:
Policyholders:
- You.
- Your family members.
- Other insurance market participants.
- Credit reference agencies.
- Anti-fraud databases, sanctions lists, court judgments and other databases.
- Government agencies.
- Open electoral register.
- In the event of a claim, third parties including the other party to the claim (claimant/defendant) witnesses, experts (including medical experts), loss adjustors, solicitors and claims handlers.
Site Users:
- You.
- Your device.
- Third parties acting on our behalf, such as our web hosting provider.
HOW WE USE YOUR PERSONAL INFORMATION
In the course of providing our services or otherwise interacting with you, we may use your personal information for the following purposes:
Policyholders:
- Setting you up as a client, including possible fraud, sanctions, credit and anti-money laundering checks, evaluating the risks to be covered and matching to appropriate policy/ premium and payment of premium where the insured/policyholder is an individual, as necessary for the performance of our contract with you, or necessary to comply with our legal and regulatory obligations.
- Client care, including communicating with you and sending you updates, as necessary to further our legitimate interest in fostering a positive business relationship with you or we have your consents depending on the circumstances, and processing payments to and from individuals, as necessary to perform our contract with you.
- Managing insurance and reinsurance claims, as necessary to perform our contract with you, and defending or prosecuting legal claims and investigation or prosecuting fraud, as necessary to further our legitimate interest in protecting our business or we are under a legal and / or regulatory obligation to take such action.
- Contacting the insured/policyholder to renew the insurance policy, evaluating the risks to be covered and matching to appropriate policy/ premium and payment of premium where the insured/policyholder is an individual, as necessary to perform our contract with you and / or discharge our legal and / or regulatory obligations.
- Other purposes outside of the insurance lifecycle but necessary for the provision of insurance throughout the insurance lifecycle period, including:
- Complying with our legal or regulatory obligations.
- General risk modelling, as necessary to comply with our legal and / or regulatory obligations.
- Transferring books of business, company sales & reorganisations, where it is necessary to further our legitimate interests in operating a successful, profitable business.
- Providing information to representatives and advisors, including lawyers and accountants, to help us comply with legal, accounting, or security requirements.
- Detecting security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and assist in the prosecution of those responsible for that activity, where necessary to further our legitimate interest in protecting our IT systems, the business, and the data we hold.
- Meeting legal requirements, including complying with court orders, valid discovery requests, and other appropriate legal mechanisms.
Site Users:
- Responding to your inquiry (for example, to contact you about your request or to ask a question about your inquiry).
- Providing announcements about future events and opportunities, where you have consented to receive such communications or, if consent is not required, where it is necessary further our legitimate interests in promoting our business to you.
- Auditing the use of and develop our products and the Site, including through surveys, where necessary to further our legitimate interests in improving our business operations.
- Administering the Site, including to fix any formatting errors and improve its functionality, where necessary to further our legitimate interest in running an accessible website.
- Developing new products and services, where necessary to further our legitimate interests in expanding our business offering.
- Performing market research, where necessary to further our legitimate interest in better understanding the market we operate in, to allow us to optimise our offerings.
- Analysing our products, services, and websites, where necessary to further our legitimate interest in protecting our services.
- Meeting legal requirements, including complying with court orders, valid discovery requests, and other appropriate legal mechanisms;
- Detecting security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, and assist in the prosecution of those responsible for that activity, where necessary to further our legitimate interest in protecting our IT systems, the business, and the data we hold.
- Recording and responding to any compliments, comments, or complaints from supporters or service users and to appropriately investigate and implement necessary changes, where necessary to further our legitimate interest in optimise our business to better service users needs.
CONSENT
In order to provide insurance cover and deal with insurance claims, we may need your consent in order to process certain categories of personal information. For example, for Policyholders we may need your consent to process your medical and criminal convictions records. For Site Users, we may need your consent to process certain types of personal data when responding to an email enquiry you submit.
You may withdraw your consent to such processing at any time by using the details in the ‘Contact Us’ section below. However, for Policyholders, if you do withdraw your consent this may impact our ability to provide insurance or pay claims.
SHARING YOUR PERSONAL INFORMATION WITH THIRD PARTIES
As a general rule, we do not share your personal information with third parties other than to the extent it is necessary for our operations, in accordance with the purposes for which we use your personal data and the lawful basis for doing so. Accordingly, your personal information may be shared with the following third parties:
- Insurance Market Participants, including their affiliates and sub-contractors, as necessary for the performance of our contract with you.
- IT Service Providers: in order to provide the website it is necessary for us to engage external IT service providers to help administer the website and host our servers, as necessary for the performance of our contract with you, and / or our legitimate interests in running our business efficiently. Your information will be transferred to the external IT service providers who will handle the information only as necessary to perform technical services.
- Other Professionals: in order to provide some of our services, we may require the input of third parties such as service providers, contractors, agents, lawyers, accountants and financial advisers. This may require the disclosure to such third parties of your contact details and other personal data about you which is relevant to the services they provide. Your information will be transferred to such professionals only as is necessary for the performance of their services and as necessary to further our legitimate interest in engaging them to protect our business interests, or where necessary to help us discharge legal and / or regulatory obligations.
- Law Enforcement Agencies: we may disclose your personal information to third parties such as law enforcement agencies if we believe disclosure is necessary or appropriate in our legitimate interests to prevent harm or loss, or in connection with an investigation of suspected or actual illegal activity, or when we are required to do so by applicable law.
TRANSFERS OF DATA
Some of the third parties listed above may be located outside of the UK or the European Economic Area (EEA). In such cases, these jurisdictions or recipients may be less protective of your personal information than the applicable laws in the UK and EEA.
If you are located in the UK or EEA, we will comply with applicable legal requirements to provide adequate protection for the transfer of personal data to recipients in countries outside of the UK and EEA respectively. In such cases, we will only transfer your personal data if:
- The country to which the personal information will be transferred has been granted an adequacy decision by the UK government (for transfers of UK data subjects’ personal data) or the European Commission (for transfers of EEA data subjects’ personal data);
- We have put in place appropriate safeguards in respect of the transfer, for example the Standard Contractual Clauses; or
- In the absence of an adequacy decision and where it is not possible to implement appropriate safeguards, we have another lawful basis for doing so.
If you are located in the UK or EEA you also may request a copy of the safeguards that we have put in place in respect of transfers of personal information by contacting us as described in the ‘Contact Us’ section below.
By providing us with your personal information, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy.
COOKIES
We only use cookies for session management. These are stored temporarily on your decide while you browse our website and are deleted from your device when you finish browsing; they do not collect nor keep user personal data. First party cookies are set by us; third party cookies are set by a third party’s website.
In order to monitor the use of our website, we use Google Analytics. Google Analytics collects information on website trends, without identifying individual visitors. Google Analytics uses a different set of cookies for each website, and visitors are not tracked across multiple sites.
We use the following cookies on this website:
Cookie | Name | Purpose | Expiry |
Universal Analytics (Google) | Analytics (Google) _ga _gid | These Cookies are used to collect information about how visitors use our website. We use the information to compile reports and to help us improve the website. The Cookies collect information in a way that does not directly identify anyone, including the number of visitors to the website, where visitors have come to the website from and the pages they visited. Read Google’s overview of privacy and safeguarding data | 2 years |
Vimeo cookies | player vuid | We embed videos from our official Vimeo channel. When you press play Vimeo will drop third party cookies to enable the video to play and to collect analytics data such as how long a viewer has watched the video. These cookies do not track individuals. | 2 years |
Web beacons | GIFs | Ascot does not use Web Beacons on its website, but at times may include them in marketing emails to track user activity including email opens and click-through rates. These are only used where Ascot has received permission from a user to provide necessary and informative marketing emails to business partners | 2 years |
For further details on cookies please visit http://www.allaboutcookies.org where you can find comprehensive information on Cookie restriction and blocking for a wide variety of browsers.
DATA RETENTION
We will keep your personal information only for so long as is necessary and for the purpose for which it was originally collected. In particular, for so long as there is any possibility that either you or we may wish to bring a legal claim under this insurance, or where we are required to keep your personal information due to legal or regulatory reasons.
When assessing what retention period is appropriate for your personal data, we take into consideration:
- the requirements of our business and the services provided;
- any statutory or legal obligations;
- the purposes for which we originally collected the personal data;
- the lawful basis on which we based our processing;
- the amount and categories of your personal data; and
- whether the purpose of the processing could reasonably be fulfilled by other means.
YOUR RIGHTS
If you have any questions in relation to our use of your personal information, you should contact our Data Protection Officer. Under certain conditions, you may have the right to require us to:
- Provide you with further details of the use we make of your personal information.
- Provide you with a copy of the personal information that you have provided to us.
- Update any inaccuracies in the personal information that we hold.
- Delete any personal information, or special categories of personal information, that we no longer have a lawful ground to use.
- Where processing is based on consent, to withdraw your consent so that we stop that particular processing.
- Object to any processing based on the legitimate interests ground unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights.
- Restrict how we use your personal information whilst a complaint is being investigated.
In certain circumstances, we may need to restrict the above rights in order to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege). Otherwise, we endeavour to deal with your request free of charge. However, where a request is manifestly unfounded or excessive, we may either charge a reasonable fee taking into account the administrative costs of providing the information or refuse to respond.
CONTACT US
If you have any questions or concerns about this Privacy Policy, or if you would like to access, correct or delete any of your personal information, or make a complaint, please contact our Data Protection Officer at:
- Address: Ascot Underwriting Limited, 20 Fenchurch Street, London EC3M 3BY
- Email: DPO@ascotgroup.com
- Phone: 020 7743 9600
YOUR RIGHT TO COMPLAIN
If you are not satisfied with our use of your personal information or our response to any request made by you to exercise any of your rights, or if you think that we have breached any relevant data protection laws, then you have the right to complain to the ICO. Contact details for the ICO can be found here:
Information Commissioner’s Office
CALIFORNIA RESIDENTS: YOUR CALIFORNIA PRIVACY RIGHTS (EFFECTIVE 1/1/2020)
This section of our privacy policy supplements the information contained in our general privacy policy. At its current state, this applies only to those who reside in the State of California (“consumers” or “you”). We adopt this notice to comply with the California Consumer Privacy Act of 2018 and other laws that provide rights to specific California residents.
For more information, please go to: https://oag.ca.gov/privacy/ccpa
WHAT PERSONAL INFORMATION WE COLLECT In compliance with the California Consumer Privacy Act (CCPA) and other California privacy laws, we collect information that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household (“personal information”). We have collected categories of personal information from consumers within the last twelve (12) months. This does not mean that all examples of that category of personal information were in fact collected; we may collect all or just a few of these categories with regard to a particular consumer.
Category | Examples | Collected |
A. Identifiers. | A real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address,
account name, Social Security number, driver’s license number, passport number, or other similar identifiers. |
YES |
B. Personal information categories
listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)). |
A name, signature, Social Security number, physical characteristics or description, address, telephone number, passport number, driver’s license or state identification card number, insurance policy number, education, employment, employment history, bank account number, credit card number, debit card number, or any other financial information, medical information, or health insurance information. Some personal information included in this category may overlap with other categories. | YES |
C. Protected classification characteristics under California or federal law. | Age (40 years or older), race, color, ancestry, national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity, gender expression, pregnancy or childbirth and related medical conditions), sexual orientation, veteran or military status, genetic information (including familial genetic information). | YES |
D. Commercial information. | Records of personal property, products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies. | YES |
E. Biometric information. | Genetic, physiological, behavioral, and biological characteristics, or activity patterns used to extract a template or other identifier or identifying information, such as, fingerprints, faceprints, and voiceprints, iris or retina scans, keystroke, gait, or other physical patterns, and sleep, health, or exercise data. | NO |
F. Internet or other similar network activity. | Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. | NO |
G. Geolocation data. | Physical location or movements. | NO |
H. Sensory data. | Audio, electronic, visual, thermal, olfactory, or similar information. | NO |
I. Professional or employment-related information. | Current or past job history or performance evaluations. | YES |
J. Non-public education information (per the Family Educational Rights and Privacy Act (20 U.S.C. Section 1232g, 34 C.F.R. Part 99)). | Education records directly related to a student maintained by an educational institution or party acting on its behalf, such as grades, transcripts, class lists, student schedules, student identification codes, student financial information, or student disciplinary records. | NO |
K. Inferences drawn from other personal information. | Profile reflecting a person’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes. | NO |
USE OF PERSONAL INFORMATION
WHERE WE MIGHT COLLECT YOUR PERSONAL INFORMATION FROM
We might collect your personal information from various sources, depending on your circumstances, including:
- You.
- Your family members.
- Other insurance market participants.
- Credit reference agencies.
- Anti-fraud databases, sanctions lists, court judgments and other databases.
- Government agencies.
- Open electoral register.
- In the event of a claim, third parties including the other party to the claim (claimant/defendant) witnesses, experts (including medical experts), loss adjustors, solicitors and claims handlers.
HOW WE USE YOUR PERSONAL INFORMATION
In the course of providing our services, we may use your personal information for the following purposes:
- Setting you up as a client, including possible fraud, sanctions, credit and anti-money laundering checks, evaluating the risks to be covered and matching to appropriate policy/ premium and payment of premium where the insured/policyholder is an individual.
- Client care, including communicating with you and sending you updates and processing payments to and from individuals.
- Managing insurance and reinsurance claims, defending or prosecuting legal claims and investigation or prosecuting fraud.
- Contacting the insured/policyholder to renew the insurance policy, evaluating the risks to be covered and matching to appropriate policy/ premium and payment of premium where the insured/policyholder is an individual.
Other purposes outside of the insurance lifecycle but necessary for the provision of insurance throughout the insurance lifecycle period:
- Complying with our legal or regulatory obligations.
- General risk modelling.
- Transferring books of business, company sales & reorganizations.
If we are involved in any merger, acquisition, sale of company assets, transition of service to another provider, or insolvency, bankruptcy or receivership, we also reserve the right to transfer your personal information in connection with such transaction.
SHARING PERSONAL INFORMATION
Further to the purposes set out above, we may disclose personal information to our service providers, contractors, agents and to other companies within the Group that perform activities on our behalf. We will only disclose your personal information for business purposes if reasonably necessary and proportionate to achieve the operational purpose for which the personal information was collected – such as, in connection with the insurance cover that we provide and to the extent required or permitted by law. Additionally, when we disclose personal information for a business purpose, we enter a contract that describes the purpose and requires both parties to keep that personal information confidential and not use it for any purpose except in the performance of the contract.
In the preceding twelve (12) months, we have disclosed the following categories of personal information for a business purpose:
Category A: Identifiers.
Category B: California Customer Records personal information categories.
SALES OF PERSONAL INFORMATION
In the preceding twelve (12) months, we have not sold and will not sell any personal information.
YOUR RIGHTS AND CHOICES
If you have any questions in relation to our use of your personal information, you should contact our Data Protection Officer. Under certain conditions, you may have the right to request that we disclose certain information to you about our collection and use of personal information over the past 12 months. Subject to certain exceptions, California consumers may have the right to require us to:
- Provide you with a copy of the personal information that you have provided to us, including but not limited to the categories of personal information collected about you, the categories of sources for the personal information collected about you, and specific pieces of personal information we collected from you.
- Provide you with further details of the use we make, including but not limited to our business or commercial purpose for collecting or selling that personal information.
- Provide the categories of third parties with whom we share that personal information.
- Update any inaccuracies in the personal information that we hold.
- Delete any personal information, or special categories of personal information, that we have collected and retained (unless an exemption listed below applies).
If we sold or disclosed your personal information for a business purpose, two separate lists disclosing:
- Sales (if any) along with the personal information categories that each category of recipient purchased; and
- Disclosures for a business purpose along with the personal information categories that each category of recipient obtained.
In certain circumstances, we may need to restrict the above rights in order to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege). The response we provide will also explain the reasons we cannot comply with a request, if applicable. Otherwise, we endeavor to deal with your request free of charge. However, where a request is manifestly unfounded or excessive (or repetitive), we may either refuse to respond or charge a reasonable fee, taking into account the administrative costs of providing the information. Please see the Contact Us section below for information about how to exercise these rights.
DELETION REQUEST RIGHTS
You have the right to request that we delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request to delete your personal information, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies.
We may deny your deletion request if retaining the information is necessary for us or our service providers as permitted by law.
EXERCISING YOUR RIGHTS
To exercise any of the rights stated above, please submit a verifiable consumer request to us through either of the following methods:
- Using our toll-free number at +1(844)-589-1559
- USCompliance@ascotgroup.com
- Visiting CCPA Requests Form
You may make a verifiable consumer request for access or data portability twice within a 12-month period. The request must provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative. Making a verifiable consumer request does not require you to create an account with us. We will only use personal information provided in a verifiable consumer request to verify the requestor’s identity or authority to make the request, and cannot use for any other purposes.
Only you or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child.
RESPONSE TIMING AND FORMAT
We endeavor to acknowledge a verifiable consumer request within 10 days and respond within 45 days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request’s receipt.
NON-DISCRIMINATION
We will not discriminate against you for exercising any of your CCPA rights, including by: (A) denying goods or services to the consumer; (B) charging different prices or rates for goods or services, including the use of discounts or other benefits or imposing penalties; (C) providing a different level or quality of goods or services to the consumer; or (D) suggesting that the consumer will receive a different price or rate for goods or services or a different level or quality of goods or services.
CHANGES TO OUR PRIVACY NOTICE
We reserve the right to amend this privacy notice at our discretion and at any time. Any amendments or modifications to this Privacy Policy will become effective immediately upon posting. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.
CONTACT INFORMATION
If you have any questions or concerns about this Privacy Policy, or if you would like to access, correct or delete any of your personal information, or make a complaint, please contact CCPA Inquiries at:
55 West 46th Street, 26th Floor, New York, NY 10036
Email: USCompliance@ascotgroup.com
Toll Free Phone: +1(844)-589-1559