Overview

This Privacy Notice describes the manner in which Genesis Risk Solutions Ltd. gathers, uses, stores, processes and discloses the personal data of users of our services.

This notice sets out:

  • The information we may gather from you or ask you to provide,

  • The legal basis under which we may process your information,

  • How we may use that information to carry out our business,

  • Under what circumstances we may disclose your personal information to third parties,

  • Details of how we keep your information secure,

  • Your rights in relation to accessing data we may hold about you.

We are committed to protecting your personal data and to being transparent about the data which we hold about you and our use of it.

Who we are

Genesis Risk Solutions Ltd (GRS) are an independent insurance intermediary specialising in the Commercial sector. Registered in England. Company Registration Number 05638109.

Contractors Insurance Services, Scaffolding & Roofing Insurance Services, Demolition Insurance Services & Aviation Insurance Consultants are trading names of Genesis Risk Solutions Limited.

Genesis Risk Solutions Limited is authorised and regulated by The Financial Conduct Authority. Registration Number 463687. This can be checked by visiting www.fca.org.uk

In respect of any personal information we hold about you the data controllers are the Executive Management Team of Genesis Risk Solutions Ltd.

Information we collect

Personally Identifiable Information

When you interact with us we may collect, store and process data through which you may be personally identified.

Examples of when this might occur include:

  • when you visit our website,

  • when you ask us to send you information for example signing up to our mailing list,

  • when you interact with us on social media,

  • when you correspond with us,

  • when we require you to complete any documentation, for example a quote request form.

The type of information we may collect and process includes, for example

  • your name and address,

  • your telephone number(s),

  • your email addresses,

  • your company financial information and bank details,

  • your date of birth, for example if you have requested payment by finance

  • information about the way in which you interact with us; for example whether you have clicked links on our emails, or whether you have responded to a mailing we have sent to you.

In most cases this will be information you provide to us in the course of your interaction with us.

 

Information we receive from third parties

From time to time we may receive and process information about you from third parties.  For example, we may use third parties to verify your address details, perform a credit check for payment by monthly Direct Debit, or to provide general research information about you compiled using publicly available data.

Non-Identifiable Information we may process

We may also process information about you from which you cannot be personally identified.  This includes:

Log Files

Each time you visit our website, log files are generated on the servers

Information that may be recorded includes the time and date of your visit, the files that were requested, your IP (Internet Protocol) address, the referrer website address (if provided) and the browser version.

We collect this anonymised information to help us better understand how you interact with the site, to allow us to diagnose problems, administer our systems and to audit the geographical make-up of users and how they have arrived at our site.

Cookies

We may use cookies when you visit our website.  Cookies are small pieces of information that are stored by your browser on your computer to make sure our website is effective and accessible for all our customers.

Sensitive Personal Data

Data Protection law sets out certain categories of data which are considered particularly sensitive.  This includes information related to health-records, race, religious beliefs, trade union memberships and political affiliation.  We do not usually collect this information from our customers unless it is absolutely necessary to do so.  If it is necessary we will always seek your explicit consent.

The lawful basis under which we process your data

There are three lawful bases under which we may process your data:

Contractual

When you purchase goods or services from us; including requesting a quotation; you are entering into a contract with us.  In order to undertake our responsibilities with regards to that contract we need to store and process your personal information.  For example we may need to send your documents to you, to contact you in relation to an adjustment to your policy, or to talk about issues with payment.

Legitimate Interest

We may process your personal data for our legitimate business reasons.  This will most likely occur where there is a clear reason for doing so, where there is a benefit to you, where we consider that you would reasonably expect the processing to take place and where we judge there to be a limited impact on your privacy.

Consent

Where the above bases are not considered to be appropriate reasons for the processing of your data, but where processing still needs to take place, we will seek, record and maintain your explicit consent before undertaking any processing.     

How We Use Your Information

We may process and use your personal information in a variety of ways, including for the following purposes:

  • To process quotation requests on third party Insurer sites and by e-mail

  • To ensure we can accurately keep in touch with our clients

  • To perform credit checks

  • To set up finance agreements with third party finance institutions

  • To promote our products and services

Communications

For all communications related to a policy or quotation you have incepted or requested, the legal basis under which we process your data is contractual.  This would include contacting you, for example, in relation to an outstanding form, a delayed payment or for clarification on certain information we require in order to provide you with an accurate service.

We use our legitimate business interests as the legal basis for marketing communications about our products and services. We will send information that we consider to be of interest and benefit to you in line with the contact preferences that you have communicated to us. If at any time you wish to unsubscribe from receiving future marketing communications you can do so via the unsubscribe link at the bottom of each email communication.

Your contact preferences can also be updated at any time or by contacting our Technical Support Team: [email protected]

Profiling, analysis and research

We do not profile your data for research or analysis purposes, other than internally to analyse the distribution of certain policy types or classes of business. We do not pass this information on to third parties.

Retaining your information

We store your personal information for no longer than is required for the purposes for which it was collected.  Please be aware that the precise period may vary depending on your interaction with us and your relationship with us.

Once the relevant purpose has been satisfied we will delete or anonymise the information we hold about you unless the law requires us to retain a copy. 

Sharing Your Personal Information

We do not sell, trade, or rent identifiable personal information to others without your consent except to the extent required by law.

However, we may share your data with the following categories of companies as an essential part of providing you with relevant products and services:

  • Third party service providers to help us operate our business; for example sending out mailings, providing insurance &/or underwriting services, payment processing partners.

  • Government bodies and law enforcement agencies

When we use third-parties, their access to your personal data is specifically restricted to the contracted purpose for which the data is provided and we take all reasonable steps to make sure the processing complies with our Data Protection Policy, our Privacy Notice and applicable laws.

How We Protect Your Information

Protecting your data is important to us.  We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, alteration, disclosure or destruction of your personal information, username/password and transaction information.

Data exchange between you and our website happens over a SSL secured communication channel and is encrypted.

We take every precaution to protect your information. To this end all personal information stored by us is kept on servers in a secure environment. Only qualified and elected members of staff who need the information to perform a specific job are granted access to personally identifiable information.

We regularly review policies and procedures to ensure that our systems remain safe and secure for your protection. We will not transfer, process or store your data anywhere that is outside of the European Economic Area.

Your rights with regard to your data

You have certain rights with regard to the storage and processing of your personal data including the right to request that we:

  • provide you with a copy of the personal information we hold;

  • update your personal information where it is out-of-date or incorrect;

  • erase personal information we hold;

  • restrict the way in which your information is processed;

  • consider any valid objections to the processing of your personal information; and

  • provide information about you to a third party provider of services (where the Company’s lawful basis for processing is your consent).

If you wish to exercise any of these rights, you must submit a request in writing to the email address below.   We will respond to your request including providing information about whether the rights apply in the particular circumstances under which you are making the request). We may require additional information from you in order to respond to your request.

Email:  [email protected]

You also have the right to make a complaint to the Information Commissioners’ Office (ICO) if you believe that we have not complied with the requirements of Data Protection law with regard to your personal data.

Further information can be found at ico.org.uk.

This policy was last updated on 23 May 2018