This Privacy Notice is to provide you, whether you are a client, a partner or employee of a client or other individual about whom we control data, with helpful information about the types of data we process and what we do with that data. If you have any questions, or if you want any further information, please contact us using the contact details below:
Gibbs Laidler Consulting LLP (referred to as we or us)
Address: 7a The Old Yard, Rectory Lane, Brasted, Westerham, TN16 1JP
Telephone: 01959 562242
The Data We Handle
We are data controllers. The data we process concerns people with whom we have business relationships, including the directors, partners and employees of our clients and potential clients and other third parties who interact with us. In the course of providing our consultancy services we may also process some personal data in respect of the customers of our clients.
We may obtain personal data directly from the individuals concerned, from our clients, potential clients, from third parties involved in matters we act on for our clients, and from other third parties (including publicly available information).
The types of data we process are varied and may include detailed data about our clients’ businesses, including personal data about directors, partners, employees, clients, customers and affiliates. We may record full names, contact details, and associated personal data. The data may include information that is supplied to the UK government and/or regulatory authorities.
We may also handle data concerning our clients’ employees and other individuals associated with our client firms, including their claims history. This data could include names and the address of our client’s customers.
Where we handle data relating to customers of our clients or other individuals with whom our clients interact; for instance, when we conduct claims reviews or benchmarking, advise on complaints or offer advice on specific cases. If we do so, and we cannot avoid processing such personal data, this Privacy Notice will apply to the individuals concerned.
In some circumstances we may handle special category personal data and information about criminal convictions, in which case we take particular care to only process such data in accordance with legal constraints. Where necessary, will obtain the express consent of the data subject to process such data. Special category data can include information about the health, racial or ethnic origin, religious or political beliefs, trade union membership, sex life or sexual orientation; genetic or biometric data; or philosophical beliefs of an individual.
What We Do With Data
We process personal data for the purpose of providing insurance consultancy services to our clients and also for our own general business purposes which may include:
- Helping to administer our clients’ insurance arrangements
- Managing our business performance, assessing client satisfaction (such as asking for client feedback, monitoring client records including audit reports and meeting notes, testing and updating our systems, networks, applications or software, and general improvement of our services)
- Advertising, marketing and public relations, including sending direct marketing communications (subject to the restrictions of UK law and regulation)
- Ensuring the safety and security of our people and premises
- Disclosures to our auditors and our own legal and other professional advisors
- Fraud prevention, anti-money laundering, anti-bribery and for the prevention or detection of crime.
Our Basis For Processing
We will only process personal data where we have a lawful basis for doing so. In general, our lawful basis will be one or more of the following:
- The processing is necessary for the performance of a contract to which you are party or in order to take steps at your request prior to entering a contract
- The processing is necessary for compliance with our legal obligations
- The processing is necessary for the purposes of pursuing our legitimate interests (this includes carrying out our business of providing insurance consultancy services to firms and pursuing our general business interests)
- The processing is necessary for the establishment, exercise or defence of legal claims.
In addition, in some circumstances we may process personal data on the basis that an individual has provided their express consent, for example, for marketing to an individual by email or SMS or for the processing of special category data. Please note that the individual concerned may withdraw their consent at any time by contacting us using the contact details above. (For example an OJEU requirement)
We may send marketing materials to you on the basis of our legitimate interests or, where necessary, having obtained the consent of the individual concerned, provided we are otherwise permitted to do so by law.
Individuals always have the right to unsubscribe from any marketing. Instructions on how to opt-out will be included within the communication concerned. Alternatively, please use the contact details above.
Who We Share Data With
In providing our services and in complying with our legal obligations, we may share the personal data that we obtain, insofar as we are required or permitted by law to do so, with the following third parties:
- Suppliers and service providers used by us in providing services, details of which can be made available on request, including document storage facilities, IT service providers such as cloud providers of software, data room providers and providers of our IT servers
- Our auditors, our own legal and other professional advisors, our insurers and insurance brokers
- Government agencies, regulators, the police/law enforcement agencies and other authorities (including the Information Commissioner and Ombudsmen)
- Financial organisations, debt collection, credit reference and tracing agencies
- Insurance providers when undertaking an insurance review under OJEU
We may also share your personal data with anyone you have authorised to deal with us on your behalf.
Where Data May Be Sent
The data we collect may be transferred to, and stored at, a destination outside of the European Economic Area (“EEA”). It may also be processed by staff operating outside of the EEA who work for one of our suppliers. If we provide information to a third party, we will ensure that it and any of its agents and/or suppliers take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Fair Processing Notice.
How Long We Keep Data
We will keep personal information no longer than is necessary for the purpose for which it was provided unless we are required by law or have other legitimate reasons to keep it for longer (for example if necessary for any legal proceedings). These retention periods depend on the nature of our relationship with the individual and the information involved. For instance, we will retain details of our client’s insurers and claims data to assist in the tracing of future requests for potential claims relating to latent disease claims and to comply with the limitation act for claims where the third party could be a minor.
All persons about whom we hold or process personal data (data subjects) have the right to lodge a complaint with the Information Commissioner in respect of our processing of their personal data. Information can be found at www.ico.org.uk/for-the-public/. To raise a complaint with us in the first instance, please contact us using the contact details above.
Individuals’ Rights Under UK Data Protection Law And Regulation
All persons about whom we hold or process personal data (data subjects) have rights under data protection laws to request from us access to or rectification of your personal data. We will erase any or all of your personal data upon your specific request where we have no legitimate reason to continue to hold your information. You also have the right to request the restriction of any processing or to object to our processing of your personal data. You also have the right to data portability. Please use the contact details above to exercise your rights. You can find more information about your rights at www.ico.org.uk/for-the-public/
Using our website – Cookies
A Cookie is a small file downloaded on to your computer or device when you access certain websites. Generally, Cookies identify you through your IP address and do not collect information about your identity. For more information about Cookies please visit:
Cookies allow us to distinguish you from other users of our website and help us to provide you with a good experience when you browse our website and also allow us to improve our website.
- Understanding what brought you to our website and what pages you visited;
- Remembering you when you return to our website; and
- Providing you with safe restricted access areas.
You can manage Cookies by changing your browser settings to block or delete cookies. To find out how, visit www.allaboutcookies.org. Please note that if you block all cookies you may not be able to access parts of our website.
CHANGES TO THIS PRIVACY NOTICE
The Privacy Notice is subject to change at any time. It was last changed on 25th May 2018. If we make changes to this Privacy Notice, we will update the date it was last changed. Any changes we make to this Privacy Notice become effective immediately when we post the revised Privacy Notice on this Site. We recommend that you review this Privacy Notice regularly for changes.