Last updated 30 April 2019
About this Policy
This notice is written to comply with the General Data Protection Regulations (GDPR) and provides information about how JMM Insurance (Ireland) Limited collects, uses, shares and stores personal data in the capacity as a ‘Data Controller’.
JMM Insurance (Ireland) Limited (‘the Company’, ‘We’, ‘Us’ or ‘Our’) is a Data Controller within the meaning of the General Data Protection Regulations and Irish data protection legislation.
Our registered address is: 15 Earlsfort Terrace, Dublin 2, DO2 XY28
Our email address is: firstname.lastname@example.org
Our telephone number is: 01 910 3290
The Data Protection Officer of JMM Insurance (Ireland) Limited may be contacted at the above address.
Information We Collect
We are committed to protecting and respecting your privacy. We wish to be transparent about how we process your data and show you that we are accountable with the GDPR in relation to not only processing your data but ensuring you understand your rights as a client.
We collect information: (i) you give us; (ii) information generated during the provision of our services and; (iii) information provided to us by third parties.
Types of information we may collect or hold about you include:
- Identity details such as your name, address, date of birth and contact details;
- Your insurance policy and claims history;
- Financial information such as bank account details;
- Where critical for providing the service requested, sensitive details such as information about your health; and
- Other information in connection with the insurance cover from which you benefit.
Purposes of Processing and the Legal Basis for Processing
We use, and share, your data where:
- use is necessary to provide a service or fulfil a contract that you have entered into (e.g. to provide you with insurance services) or because you have asked for something to be done so you can enter into a contract with us. This may include:
o Arranging insurance cover and processing premium;
o Administering and servicing the insurance policy;
o Assisting with the processing, management and/or the defence of any insurance claims;
o Inviting and arranging renewal of your insurance business.
- use is necessary because we have to comply with a legal obligation (e.g. complying with our obligations to report to regulatory authorities or law enforcement, etc.);
- use is necessary to protect your “vital interests” in exceptional circumstances;
- use for our legitimate interests such as managing our business and fraud or crime prevention. This may include things like training and quality assurance, strategic planning, statistical analysis of our service provision. You may object to your personal information being used for these purposes.
For employees, this may include reasonable checks in relation to employment processing.
Recipients of Your Personal Data – Third Parties
In the course of providing our services to you, complying with legal obligations or pursuing our legitimate interests, we may share your personal data with the following categories of recipients:
- third parties with whom: (i) we need to share your information to facilitate transactions you have requested, and (ii) you ask us to share your information;
- service providers who provide us with support services to enable delivery of our services;
- statutory and regulatory bodies and law enforcement authorities. Examples include:
o Agents or brokers
o Loss adjusters
o Law enforcement agencies
o Fraud and crime prevention detection agencies
o Compulsory insurance databases.
We will only disclose your personal information in connection with the insurance services that we provide and to the extent required or permitted by law.
Please note that under no circumstances do we sell your data or pass your data to those that wish to use it for marketing purposes.
Where we Store your Personal Data
The data that we collect from you may be transferred to and stored at a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for us or for one of our suppliers. Such staff may be engaged in, among other things, the processing or your refund request, the processing of your payment details and the provision of support services. By submitting your personal data, you agree to this transfer, storing or processing.
We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy notice.
How long we will hold your Data?
How long we hold your data for is subject to a number of pieces of legislation and regulations – as a general rule, we will keep your data for 6 years after the end our relationship with you or the last service provided. We will however endeavor not to keep any of your personal data longer than is necessary to fulfil the relevant purpose and/or comply with a specific legal retention period.
Information We Need
If you do not provide certain information, we may not be able to provide the requested services to you.
We will tell you when we ask for information which is not a contractual requirement or is not needed to comply with our legal obligations.
We do not analyse your information using automated means.
Your Rights with Respect to Our Use of Your Data
From 25 May 2018, you have several enhanced rights in relation to how we use your information.
If you wish to exercise any of your data rights (for example, if you wish to update your details, view a copy of the information we hold on your, request that any inaccurate personal data be corrected, blocked, deleted or to change your consent choices (where applicable), you can contact us by writing to the address above or by emailing us.
If we are unable to deal with your request fully within a calendar month (due to the complexity or number of requests) we may extend this period by a further two calendar months and shall explain the reason why. If you make your request electronically, we will try to provide you with the relevant information electronically.
If you are not happy with any aspect of how your data is used, you also have the right to complain to the Data Protection Commission in Ireland.
You can contact the Office of the Data Protection Commission at:
Telephone: +353 (0)761 104 800 or Lo Call Number 1890 252 231
Fax: +353 57 868 4757
Data Protection Commission
Co. Laois, R32 AP23