2020 Vision Systems is committed to ensuring your privacy is protected, endorsed by operating an Information Security Management System to ISO IEC 27001:2013.
1. About us
We have appointed a data protection officer to oversee our handling of personal information. If you have any questions about how we collect, store or use your information, you can contact our data protection officer using the details set out below contacting us.
2. Who do we collect information about?
We collect information about:
- Previous, current and prospective clients
- 2020 Vision Systems website users
- Business contacts
3. When do we collect personal information
- Whenever you use the 2020 Vision Systems website
- If you respond to a customer survey, questionnaire or marketing campaign
- If you contact us for any other reason
- From publicly available third-party sources such as credit rating databases and government databases for socio-demographic information
- When you are referred to us through our “refer a friend” scheme
4. What personal information do we collect and use?
In order for us to provide suitable information or technical support, we need to collect and process personal data about you.
The personal information that we collect will depend on your relationship with us. We will collect different information depending on whether you are an existing client or prospective customer, website user, or other third party.
- General information such as your name, address, addresses of the property or business, and contact details
- Website browsing history
- Information captured during our telephone calls
- Your marketing preferences
- IP address
- Device ID information
- Sensitive personal information
5. How do we collect your information?
We collect personal information from a number of different sources, including:
- Directly from you or from someone else on your behalf
- From other third parties who provide a service in relation to your business
- From other services providers
- Through publicly available sources such as internet search engines and social media sites
- Through customer surveys and responses to various marketing campaigns
- From your use of our website and cookies
- From credit reference agencies
- Through insurance industry fraud prevention and detection databases and sanctions screening tools
- From government agencies such as HMRC and from professional regulators
7. What are our purposes for using your personal information?
We may process your personal information for a number of different purposes. For each purpose we must have a legal ground for such processing. When the information that we process is classed as sensitive personal information, we must have an additional legal ground for such processing.
Generally, we will rely on the following legal grounds:
- Where the processing is necessary for our provision of your business details and services for activities such as assessing your application, managing your business requirements and providing other services to you
- Where we have an appropriate business need such as maintaining our business records or developing and improving our products and services where such business need does not harm your interests
- Where we have a legal or regulatory obligation to use such personal information
- Where the use is necessary to establish, exercise or defend our legal rights
- Where you have provided your consent to our use of your personal information
You will find details of our legal grounds for each of our processing purposes below.
8. Who do we share your information with?
From time to time, we may share your personal information within 2020 Vision Systems, or with third parties. If you would like further information regarding the disclosures of your personal information, please see section below for our contact details.
Disclosures to third parties
- Our regulators
- The police and other third parties or law enforcement agencies where reasonably necessary for the prevention or detection of crime
- Industry bodies
- Online search engines
- Social media platforms
- Our third party service providers such as IT suppliers, actuaries, auditors, lawyers, marketing agencies, payment processing agencies, document management providers and tax advisers
- Third parties who undertake analysis for the purposes of product improvement
- Selected third parties in connection with the sale, transfer or disposal of our business. We will ensure that such third parties have the appropriate technical and organisational measures in place to safeguard your data
9. How long do we keep personal information for?
10. Your rights
Under data protection law you have certain legal rights in relation to the personal information that we hold about you. You may exercise these rights at any time by contacting us.
In some cases we may not be able to comply with your request (e.g. we might not be able to delete your data) for reasons such as our own obligations to comply with other legal or regulatory requirements. However, we will always respond to any request you make and if we can’t comply with your request, we will tell you why.
In some circumstances exercising some of these rights (including the right to erasure, the right to restriction of processing and the right to withdraw consent) will mean we are unable to continue providing you with cover under the policy and may therefore result in the cancellation of the policy. You will therefore lose the right to bring any claim or receive any benefit under the policy, including in relation to any event that occurred before you exercised your right of erasure, if our ability to handle the claim has been prejudiced. Your policy terms and conditions set out what will happen in the event your policy is cancelled.
For some policies no refunds will be payable on cancellation, for other products a refund may be payable.
Your rights include:
The right to access your personal information
You are entitled to a copy of the personal information we hold about you and certain details of how we use it. There will not usually be a charge for dealing with these requests. Your information will usually be provided to you in writing, unless otherwise requested, or where you have made the request by electronic means, in which case the information will be provided to you by electronic means where possible.
The right to rectification
We take reasonable steps to ensure that the information we hold about you is accurate and complete. However, if you do not believe this is the case, you can ask us to update or amend it.
The right to erasure (also known as ‘the right to be forgotten’)
In certain circumstances, you have the right to ask us to erase your personal information. Examples would include where the data is no longer required for the original purpose, consent has been withdrawn and there no overriding ground for continuing the processing, or for compliance with the national law.
The right to restriction or suspension of processing
In certain circumstances, such as a question over its accuracy, you are entitled to ask us to stop using your personal information or to suspend its use.
The right to data portability
In certain circumstances, you have the right to ask that we transfer any personal information that you have provided to us to another third party of your choice.
The right to object to marketing
You can ask us to stop sending you marketing messages at any time.
The right not to be subject to automated decision-making (including profiling)
You have a right not to be subject to a decision based solely on automated means. Please note that as set out at section 8, personal information including sensitive personal information may be used in the context of auto-renewal of certain types of policies. This involves automated decision making to determine what the cost of renewing the policy will be. Automated decision making may also be used in relation to our marketing of our products to you, but purely in relation to us using parameters for making selections for segmentation.
The right to object to processing
For certain uses of your personal information, we will ask for your consent. This consent can take the form of an action or affirmative instruction. Where we do this, you have the right to withdraw your consent to further use of your personal information. In other circumstances we may process your data using legitimate interest, and again you have the right to withdraw this right of processing, unless it is necessary in connection with our legal rights. Please note that in the event that you withdraw your permission for us to use all of your personal data, we may be unable to continue providing you with insurance cover under the policy and this may therefore result in the cancellation of the policy. You will therefore lose the right to bring any claim or receive any benefit under the policy. Your policy terms and conditions set out what will happen in the event your policy is cancelled.
The right to lodge a complaint with the ICO
We would hope that you will always raise any issues with us first, and that we will be able to resolve them to your satisfaction. However, if this isn’t possible then you always have a right to complain directly to the Information Commissioner’s Office (ICO) if you believe that any use of your personal information by us is in breach of applicable data protection laws and regulations.
Please see below for contact details of the ICO:
Information Commissioner’s Office
Tel: 0303 123 1113 (local rate) or 01625 545 745 (national rate)
Making a complaint will not affect any other legal rights or remedies that you have.
11. How we protect your information
We use a range of organisational and technical security measures in accordance ISO 27001:2013 ISMS to protect your information.
Where we have given you (or where you have chosen) a password, you are responsible for keeping this password confidential. We ask you not to share a password with anyone, and to use a password that is appropriate (i.e. a mixture of upper and lower case letters, and characters, which isn’t used on other sites and isn’t easily guessed).
We restrict access to your information as appropriate within 2020 Vision Systems to only those who need to know that information for the purposes set out above.
Firewalls are used to block unauthorised traffic to the servers and the actual servers are located in a secure location, which can only be accessed by authorised personnel. Our internal procedures cover this.
12. Contacting us
If you have any questions about how we collect, store or use your personal information, you may contact our data protection officer at:
Data Protection Officer
2020 Vision Systems
28 Northumberland Square
Tyne and Wear