Welcome to Caspian Insurance Services Privacy Statement
We are Caspian Assured Ltd trading as Caspian Insurance Services, directly authorised and regulated by the Financial Conduct Authority under firm reference number 788964. Our registered office is: Tower 12, 2nd Floor, 18-22 Bridge Street, Manchester, M3 BZ.
Caspian Assured Ltd is a data controller and is registered with the Data Commissioner’s Office (ZA192229). If you have any queries about this Privacy Notice or you would like to exercise your rights please contact us at [email protected]
Caspian never forget it’s your right to total transparency and control on how we use your data. As such
we give you these promises:
● We will only collect data about you that is relevant and necessary;
● Your data will only be held on systems that meet compliance standards;
● Your data will only be accessed by those who need it and we will minimise the amount of data
that is processed, wherever possible;
● We won’t share except for the marketing of our own services to you, where we are required to
share it by law, if we need to inform a regulatory body or we need to fulfil our service
commitments to you through a third party that meets our own privacy standards;
● We will always remember that it is your personal data, not ours. As such we will ensure complete
transparency and openness with you wherever possible.
● We respect your rights as outlined in the next section and will respond to all requests promptly
You have certain rights under the Data Protection Law;
You can read more about your rights here.
If you would like to uphold your rights then please contact our Data Protection Officer at [email protected]. If you are in dissatisfied with our response you also have the right to lodge a complaint with the Data Protection Authority. This can be done at https://ico.org.uk/concerns/
How we Collect your Data?
We collect information from you when you register for quotes and/or policies, telephone our office, sign up for our newsletter, respond to a survey or marketing communication, surf the website and/or use certain other site features.
We will always be clear to explain when and why we need this data and the purposes for which we will use it and will obtain your explicit consent to do so. We try and minimise the data held and the exact data elements we hold will be dependent on your journey with us.
We may collect and process your:
When handling your personal and health data, we may record and store it on audio files, paper files on our computer systems (websites, email, hard-drives and cloud facilities). When visiting our website, we may collect data such as your email and IP address as well as other online identifiers. Our Cookie Statement can be found on our website.
What we use your Data for?
We may use your data:
How we Process your Data?
Data is processed/stored on encrypted systems on-premises and on hosted cloud services.
As such, some data will either be in UK and EU data centres or on US based servers. We may also process your data in countries outside the UK or European Union from time to time in other aspects of our business.
We operate primarily in the United Kingdom, however as a multinational service provider, we may operate across a number of jurisdictions. We use the following safeguards with respect to data transferred outside the UK and European Union where an “adequacy decision” is not in place:
We regularly review suppliers for data security compliance to ensure your data is safe and track where your data is held.
All our processes are subject to various internal policies to ensure that your data privacy and security is upheld.
Data to Third Parties
We share information where others are involved in the delivery of your service. These include:
● Consultants, administrators, service providers, health assessors, insurers and reinsurers for the day-to-day provision of our financial products and/or services through secure insurer portals
● Guarantors, government and industry bodies; for example, HMRC, ABI, regulatory authorities, fraud and crime prevention organisations and law enforcement agencies.
● Other Caspian Assured Ltd trading styles for the purpose set out in this statement or if we transfer our assets to another entity.
● Third parties who operate services to allow you to review, evaluate and obtain financial products and/or services and who allow us to search for policies and assets.
● Any trustees of your policy.
● Any third party you instruct to act on your behalf.
● Where we have a legal obligation to
In some cases these Third Parties will become Independent Data Controllers when we pass your data to them and Caspian do not warrant the use of your data by them. Please email [email protected] to obtain the full list of companies we may have shared your data with or if you have any concerns.
Our website and other materials sent to you may contain links to other third-party websites. We may also offer buttons to social media that link to third party services. We’re not responsible for the availability, content or data privacy these sites provide through their tools or sites.
Dependant on the data you provide us and for what purpose it is provided we may need to retain your data. We operate a data retention policy and look to find ways to reduce the amount of information we hold about you and the length of time that we need to keep it. For example We will hold the data linked to applications and/or quotes made or requested through our website for a minimum of six years. We store CCTV footage for 60 days unless an incident occurs to our knowledge that may be required for evidence at a later stage. We may also need to retain your data for compliance with our legal and regulatory obligations for a longer period of time. If you wish to find out more about your specific data retention, please contact us.
We always ask for consent when providing you quotations.
Where we use your information for our legitimate interests, we make sure that we take into account any potential impact that such use may have on you. Our legitimate interests don’t automatically override yours and we won’t use your information if we believe your interests should override ours unless we have other grounds to do so (such as your consent or a legal obligation).
Every marketing email sent from Us allows you to opt out of receiving emails from us, except for the purposes of fulfilling any contractual arrangements. You can also contact us at the email address above and request to opt out, view, export or delete your data. If you request for your data to be deleted, your name and email address will be added to an exceptions list and all other data removed to the extent possible.
We seek to uphold our legal obligations as covered by the Data Protection Act 2018, General Data Protection Regulation 2016 and the Privacy and Electronic Communications Regulations. Our Data Protection Authority is designated as the Information Commissioners Office (UK) (Registration ZA192229). We only warrant compliance with our legal obligations under the jurisdiction of the UK Courts.