With the arrival of GDPR we have reviewed our privacy notice and personal data breach procedure which you can read below.
All information held by The Insurance Charities (the Charity) has been given directly by the individual or a third party acting on behalf of that individual with his or her express agreement.
The Data Controller is The Insurance Charities.
Information is held and processed by the Charity to fulfil its objects; the lawful basis for processing is therefore legitimate interest.
If you gave us your details because you are interested in our work or are supporting us either practically or financially, we will contact you whenever we believe we have something of interest to share with you. If you solely gave us your details for this purpose you can ask us to stop sending you certain types of update or all updates at any time.
If you are a member of the Charity, we have legal obligations to you so that you can fulfil your important role. You can terminate your membership at any time.
If you have provided us with details in support of an application you have made for financial or practical support, we will retain any details we believe will help us make appropriate decisions in respect of you. No information about your application, or the help we give you, will be publicised without your express consent.
We can reassure you that any information supplied to us is not sold to or shared with any third parties. The only people who see any of your data are those who are directly employed by the Charity, or are its agents, and are committed to its objectives. These people may be in any of the jurisdictions in which the Charity operates. Any details given to such individuals outside of the UK are transferred securely and with a commitment from the recipient that they will only be processed in line with the Charity’s direction. No automated decision making exists.
Your details will be held securely by us for the duration of the time we are involved with you and then for an appropriate period of time thereafter. These have been agreed by the Charity’s Board of Directors.
If you are receiving help from us, once that help comes to an end we will retain securely certain details to enable us to comply with legislation and good practice. This also enables us to consider an application from you or an eligible relative, without repeating checks which have already been made.
You have the right to ask to see what data is held on you at any time by contacting the Data Controller.
You have the right to lodge a complaint with the Information Commissioner’s Office (ICO) Wycliffe House Wilmslow SK9 5AF if you feel there has been a breach of your rights.
Personal Data Breach Procedure
Where something happens to affect the confidentiality, integrity or availability of personal data, the Charity will immediately assess whether a personal data breach has occurred. The Charity is well placed to identify any such event due to the tight controls it has on its paper and electronic data. If a data breach is likely to put at risk any individual’s rights and freedoms, the Charity will notify the ICO as well as inform the individual(s) using the contact details it holds on record. It will also take appropriate steps to mitigate any possible adverse effects and deal with the breach.