Privacy Notice

Fair Processing Notice

The privacy and security of your information is important to us. This notice explains who we are, the types of information we hold, how we use it, who we share it with and how long we keep it. It also informs you of certain rights you have regarding your personal data under current data protection law. We will update this notice as required and at least annually . Therefore, we suggest you revisit this notice periodically   to keep yourself informed.

The terms used in this Fair Processing Notice are based on those used by the Information Commissioner’s Office. You can find out more about the ICO here: https://ico.org.uk/.

Who are we?

Hera Indemnity Ltd and Hera Business Finance, which is a trading style of Hera Indemnity Ltd., (part of The Ardonagh Group) is the Data Controller of the information you provide us and is registered with the Information Commissioner’s Office for the products and services we provide to you.

You can contact us for general data protection queries by email to: advisorydataprotection@ardonagh.com or in writing to The Ardonagh Advisory Data Protection Officer, The Octagon, Colchester, CO1 1TG. Please advise us of as much detail as possible to comply with your request.

For further information about The Ardonagh Group of companies please visit http://www.ardonagh.com/about-us/business-portfolio. Please note that different parts of the group may have different data protection officers.

What information do we collect?

To enable us to provide you with the products or services to meet your needs   we will collect personal information which may include your name, telephone number, email address, postal address, occupation, date of birth, additional details of risks related to your enquiry or product and payment details (including bank account number and sort code). Some of these details may also be required about other individuals who will benefit from the product or services we provide. In some of our call centre operations we may routinely record telephone conversations.

We may need to request and collect sensitive personal information such as details of convictions or medical history for us to provide you with the product or service or to process a claim.

We only collect and process sensitive personal data where it is critical for the delivery of a product or service and without which the product or service cannot be provided. We will therefore not seek your explicit consent to process this information as it is required by us to provide the product or service you have requested and is legitimised by its criticality to the service provision. If you object to the processing of this information, then we will be unable to offer you that product or service. Where you have given consent for the processing of your data, you may withdraw that consent at any time.

Please note that typically we process data on the legal basis that it relates to a contract of insurance, or a contract to provide you with risk advice, so the right to erasure, which does not apply to personal information processed for a contractual purpose, will not be applicable in many instances.

However, we may also collect personal data for marketing purposes from publicly available sources or product development purposes where it is in our legitimate interests to do so.

How do we use your personal data?

We will use your personal data for the purposes set out in the table below.

Purpose for which we may process your data	Legal basis for processing this data
Assess and provide the products or services that you have requested; this may include a search with a credit reference bureau, or data enrichment services	Processing in connection with a contract
Communicate with you to provide our services, including risk advice	Processing in connection with a contract
Develop new products and services	Legitimate interests
Undertake statistical and risk analysis	This will be on a legitimate interested basis unless we conduct specific work for you on a contractual basis
Marketing and self-promotional activity	Legitimate interests
Support monitoring and quality management of our employees and processes	Processing in connection with a contract

We may also take the opportunity to

Contact you about products that are closely related to those you already hold with us

Provide additional assistance and advice about risk and insurance news, products, or services, as part of any advised insurance services that we provide to you

Notify you of important functionality changes to our websites

From time to time we may use your information to provide you with details of marketing or promotional opportunities and offers relating to other products and services from other companies in the Ardonagh Group, subject to relevant marketing regulations and permissions.

From time to time we will need to call you for a variety of reasons relating to your products or service (for example, to update you on the progress of a claim or to discuss renewal of your insurance contract). We are fully committed to Ofcom regulations and have strict processes to ensure we comply with them.

To ensure the confidentiality and security of the information we hold, we may need to request personal information and ask security questions to satisfy ourselves that you are who you say you are.

We may aggregate information and statistics on website usage or for developing new and existing products and services, and we may also provide this information to third parties. These statistics will not include information that can be used to identify any individual.

Any new information you provide us may be used to update an existing record we hold for you.

Securing your personal information

We have implemented mandatory security procedures in the storage and disclosure of your personal information in line with industry practices, including storage in electronic and paper formats.

We store all the information that you provide to us, including information provided via forms you may complete on our websites, and information which we may collect from your browsing (such as clicks and page views on our websites).

We also require our business partners, suppliers, and third parties to implement mandatory security procedures that are equivalent to our own, to protect your information from unauthorised access, use, and disclosure

When do we share your information?

To help us prevent financial crime, your details may be submitted to fraud prevention agencies and other organisations where your records may be searched, including the Claims and Underwriting Exchange (CUE) and the Motor Insurers Anti-Fraud and Theft Register (MIAFTR).

In addition to companies within the Ardonagh Group, third parties (for example insurers, loss adjustors or data enrichment services,credit lenders or claims management companies) deliver some of our products or provide all or part of the service requested by you. In these instances, while the information you provide will be disclosed to these companies, it will only be used for the provision and administration of the service provided (for example verification of any quote given to you or claims processing, underwriting and pricing purposes or to maintain management information for analysis).

We, or our partners, may make searches of your credit history.

We may use firms involved in financial management regarding payment.

We may also share your data with other companies who carry out market research on our behalf and who may contact you for the purpose of obtaining feedback on the products and services we offer.

We may share corporate contact information within The Ardonagh Group of companies to assist in providing you with risk advice and keeping you informed about additional products and services. For more information on the companies within the Ardonagh Group, please click here http://www.ardonagh.com/about-us/business-portfolio

The data we collect about you may be transferred to, and stored at, a destination outside of the European Economic Area (“EEA”). It may also be processed by staff operating outside of the EEA who work for us or for one of our suppliers. Such staff may be engaged in, amongst other things, the provision of information you have requested. Whenever we send information outside of the EEA, we will ensure that we have taken the appropriate steps to do so in a manner compliant with the relevant data protection legislation.

We may of course be obliged by law to pass on your information to the police or other law enforcement body, or statutory or regulatory authority including but not limited to the Employer’s Liability Tracing Office (ELTO) and the Motor Insurance Bureau (MIB).

We may also share your information with anyone you have authorised to deal with us on your behalf.

If we provide information to a third party, we will require it and any of its agents and/or suppliers to take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Fair Processing Notice.

How long do we keep your information for?

We will not keep your personal information longer than is necessary for the purpose for which it was provided unless we are required by law or have other legitimate reasons to keep it for longer (for example if necessary to meet legal and regulatory obligations).

We will typically keep information for 6 years after termination or cancellation of a product, contract, or service we provide, or the closure of a claim or complaint. In certain cases, we will keep your information for longer, particularly where a product includes liability insurances or types of insurance for which a claim could potentially be made by you or a third party at a future date, even after your contract with us has ended.

Your rights

There are a number of rights that you have under data protection law. Commonly exercised rights are:

Access – You may reasonably request a copy of the information we hold about you. ICO guidance

Erasure - Where we have no legitimate reason to continue to hold your information, you have the right to have your data deleted (sometimes known as the right to be forgotten). ICO guidance

Correction – you may request correction of the personal information we hold about you to enable any incomplete information to be corrected. ICO guidance

We may use automated decision making in processing your personal information for some services and products. You can request a manual review of the accuracy of an automated decision if you are unhappy with it. ICO guidance

How to complain

If you have any concerns about our use of your personal information, you can make a complaint to us by email to advisorydataprotection@ardonagh.com or in writing to The Ardonagh Advisory Data Protection Officer, The Octagon, Colchester, CO1 1TG

You can also complain to the ICO if you are unhappy with how we have used your data.

The ICO’s address:

Information Commissioner’s Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Helpline number: 0303 123 1113

ICO website: https://www.ico.org.uk

You decide

You can decide if you want to receive information from Hera Indemnity now and in the future. If you do not want to receive news, e-bulletins and any other communication from us you can telephone, email or write to our offices to stop this -

+44 (0)20 7062 4020

enquiries@heraindemnity.co.uk

Hera Indemnity Limited, 70 Gracechurch Street, London EC3V 0HR

How you can update your information

The accuracy of your information is important so if you change email address, or any of the other information we hold becomes out of date and inaccurate, you can telephone, email or write to our offices to update these records -

+44 (0)20 7062 4020

enquiries@heraindemnity.co.uk

Hera Indemnity Limited, 70 Gracechurch Street, London EC3V 0HR

Security protecting personal data

When you give us personal information, we take steps to ensure that it is treated securely. We do not hold any credit or debit card payment information. More general contact details such as your name, address, telephone and email may be held on our servers. No outside party has access to these servers. Data files on these servers are regularly scanned for virus detection and protected by strong firewalls for which access passwords are regularly updated.

Use of 'cookies'

Hera Indemnity Ltd website at www.heraindemnity.co.uk uses ‘Session Cookies’ These cookies last for the session the visitor is on our site. This is helpful as it will speed-up navigation from one page to another during the visit (session). Once the visitor leaves our site the cookie stops and does not remain on the visitor’s PC or phone. ‘Permanent Cookies’ on the other hand, as the name suggests, persist after the visitor has left a site to remain on the visitor’s PC or phone. These cookies can all be turned-off and removed easily using your browser’s preference settings which will vary depending on which browser you use. Hera Indemnity Ltd website at www.heraindemnity.co.uk does not use ‘Permanent Cookies’.

Links to and from external Websites

Our Website contains links to external Websites run by other organisations. This privacy policy applies only to our Website‚ not those external Websites that we link to, who will have their own privacy policies. We are not responsible for these external Websites and their privacy policies and practices. In addition, if you are linked to our Website from an external site, we cannot be responsible for the privacy policies and practices of the owners and operators of that external Website and recommend that you check the privacy policy of that external site.

Interruptions and Omissions in Service

Every effort is made to ensure that our Website is accurate, secure and accessible at all times. However, Web and Internet connections can fail from time-to-time which is beyond our control. Although rare, service breaks are typically temporary amounting to as little as a matter of minutes in some cases. We do not accept any liability arising from any such errors, omissions, interruptions or delays or any ongoing obligation or responsibility to operate this Website (or any particular part of it) or to provide the service offered on this Website. We may vary the specification of this site from time to time without notice.

Your Use of our Website

You may only use this Website for lawful purposes when seeking information. You must not under any circumstances seek to undermine the security of the Website or any information submitted to or available on it. In particular, but without limitation, you must not seek to access, alter or delete any information to which you do not have authorised access, seek to overload the system via spamming or flooding, take any action or use any device, routine or software to crash, delay, damage or otherwise interfere with the operation of this Website or attempt to decipher, disassemble or modify any of the software, coding or information on the Website.

Information on our Website

Whilst we make every effort to ensure that the information on this site is accurate and complete, we do not accept any liability arising from any inaccuracy or omission in any of the information on our Website or any liability in respect of information on our Website supplied by you, any other site user or any other person.

Choice of Law and Jurisdiction

The use of this Website and any agreements entered into through this Website are to be governed by English law. The courts of England are to have exclusive jurisdiction to settle any dispute arising out of or in connection with the use of this Website or any agreement made through this Website.

Credit Broking

What personal data do Hera Business Finance collect from you?

We can only provide our services if we collect personal data.

1.1.    How we collect personal data.

We may collect your personal data when you use our Services.   The term "use" includes:

a)     making an application for credit or financial services

b)     making an application to provide a guarantee for our customers and prospective customers

c)      obtaining a quote for credit or financial services

d)     undertaking transactions (whether or not on or via the Sites)

e)     accessing or browsing the Sites

f)      communicating with us whether by email, telephone or signing up for newsletters or any other forms

g)     completing online or paper forms, and

h)     registering an account with us

We may also collect your personal data from publicly available information such as information on third party websites, from our business partners who have your consent to pass it on or who are authorised by you to authenticate or identify you to us or enable you to sign in to our Sites using their credentials, or from credit reference agencies and other data processors when assessing whether to provide or providing you with Services.

We may also collect your personal data when we monitor and record email and telephone communications with you or between you and others who are using our systems or those of our agents acting on our behalf.

1.2.    What personal data is collected?

We may collect all or some of the following personal data from or about you:

a)     your name, title, gender and date of birth

b)     your company name or affiliation

c)     your contact information including phone/mobile number/fax and email address

d)     your bank account details, credit/debit card information or other payment system information   including your billing and delivery postal addresses

e)     your financial details and credit and payment history

f)      other demographic information including your home, business or other addresses and postcode

g)     your communication and purchase preferences and interests

h)     other information relevant to customer surveys and/or offers which we may make available to you

i)      your browsing, online activities and transactions

j)      where you have registered with us, your username and password

Storing payment details.

When you conduct a transaction with us over the telephone, using a paper application form or through our Sites, we may offer to retain your payment details for your convenience to save you having to re-enter these details on a future occasion.   If you prefer that we do not maintain these details, you may edit and delete any card or payment system information that we hold about you when using our Sites or ask an agent to remove these details from our systems if communicating with us via telephone.

Credit reference agencies

2.1.    In relation to any of your personal data or personal data in respect of any person other than yourself which you provide to us, you acknowledge, or confirm that you have made the relevant individual aware, that in accordance with this Privacy Policy, we may use or disclose such personal data to our suppliers (including credit reference agencies and fraud prevention agencies) and other organisations may access and use this information to prevent and detect fraud, money laundering and other crimes and to make credit assessments. Examples of circumstances when personal data or information relating to you, your guarantor, partner or other members of you or that person's household may be shared include, but are not limited to:

2.1.1.  searching for and checking information and details on applications for credit and credit related and other facilities; 
2.1.2.  recording any such searches as having been made; 
2.1.3.  managing credit and credit related accounts or facilities;  
2.1.4.  recovering debt; 
2.1.5.  checking details on proposals for financial products; 
2.1.6.  making enquiries when you ask for any lending products; and 
2.1.7.  for fraud prevention purposes.
 
2.2.   Any enquiry that Hera Business Finance makes at a credit reference agency may be assessed with reference to any 'associated' records. Another person's record may be 'associated' with yours when: 

2.2.1.  you make a joint application (including in relation to any guarantee); 
2.2.2.  you advise Hera Business Finance of a financial 'association' with another person; or 
2.2.3.  if the credit reference agencies have existing linking or 'associated' records.
This 'association' will be taken into account in all future applications by either or both you and the person whose record is 'associated' and shall continue until either person applies to the credit reference agencies and is successful in filing a 'disassociation'.

2.3.   Credit reference agencies keep a record of enquiries and may record, use and give out information that Hera Business Finance gives them to other lenders, insurers and other organisations.  If false or inaccurate information is provided or fraud is suspected details may be passed to fraud prevention and credit reference agencies.  Law enforcement agencies may access and use this information.  The information recorded by fraud prevention agencies may be accessed and used by organisations in different countries.  If you wish to receive details of the relevant fraud prevention agencies, you may contact Hera Business Finance, 70 Gracechurch Street, London EC3V 0HR.

Legal Disclaimer

Hera Indemnity Ltd, uses reasonable care to make sure that the information appearing on this Website is accurate and up-to-date. However, errors and omissions may occur and our visitors/users should not take the accuracy of the information for granted but check directly with Hera Indemnity Ltd. None of the material contained in this Website is to be relied upon as a statement or representation of fact.

Hera Indemnity Ltd shall not be liable for any loss of profits or contracts or any direct, indirect or consequential loss, business interruption or loss of data or programs arising out of or in connection with the use of the information either contained within this Website or from any of its hyper link connections, other than death or personal injury to the extent that this is caused by the negligence of Hera Indemnity Ltd.

Hera Indemnity Ltd may make improvements and/or changes to the content of this information at any time without notice. All services, product and product price specifications contained within Hera Indemnity Ltd. Website are subject to change without notice.

Information provided on the www.heraindemnity.co.uk Website is provided "as is" without any warranty of any kind, either express or implied, including, but not limited to, the implied warranties of merchantability, fitness for a particular purpose, or non-infringement, as such exclusions of implied warranties shall apply pursuant to applicable laws and regulations.

Links to Third Party Sites

Hera Indemnity Ltd cannot and has not reviewed all pages of the Websites linked to this Website and therefore cannot be liable for their content. Users link to other Websites at their own risk and use such sites according to the terms and conditions of use of those sites. Hera Indemnity Ltd provides links to you only as a convenience, and the inclusion of any link does not imply endorsement by Hera Indemnity Ltd or the linked Website.

Copyright

No part of this Website may be copied or imitated in whole or in part. No logo, graphic, sound or image from this Website may be copied or re-transmitted unless expressly permitted in writing by Hera Indemnity Ltd. (These prohibitions are without limitation to the legal rights of Hera Indemnity Ltd.)

Trademarks

The trademarks and logos (the Trademarks) used and displayed on this Site are registered and unregistered trademarks of Hera Indemnity Ltd and others. They may not be used in any advertising or other publicity materials in relation to the distribution of any information or materials obtained from this Website without the prior written consent of the Trademark owner. (These prohibitions are without limitation to the legal rights Hera Indemnity Ltd)

Governing Law

Any dispute or claim concerning or arising from this Website shall be determined in accordance with the law of England and Wales, and the courts of England and Wales shall have exclusive jurisdiction in determining such disputes or claims.