Tarian Underwriting Limited is committed to protecting the privacy and security of your personal information, providing clear information about how your personal information is processed and complying with data protection laws. This Privacy Notice tells you what we do with information we collect about you.
This Privacy Notice applies to any individual whose personal information we process in the course of providing insurance or related services or operating our business, including website users; individuals enquiring about career and employment opportunities; employees of intermediaries, coverholders and third party suppliers; policyholders; prospective policyholders and beneficiaries and claimants under our insurance policies.
Insurance involves the use and disclosure of your personal information by various insurance market participants. The London Insurance Market Core Uses Information Notice, which can be found at https://www.londonmarketgroup.co.uk/gdpr describes how the insurance market participants process your personal information during the insurance lifecycle. We recommend you review this Core Uses Notice as well as this Privacy Notice.
WHO WE ARE
We are Tarian Underwriting Limited (“Tarian”), a cyber, technology professional indemnity and errors and omissions focused Lloyd’s business. Tarian is authorised and regulated by the Prudential Regulation Authority and regulated by the Financial Conduct Authority.
WHAT PERSONAL INFORMATION DO WE COLLECT ABOUT YOU?
- Individual details
Name, address (including proof of address), other contact details (for example e-mail address and telephone numbers), gender, marital status, date and place of birth, nationality, employer, leisure activities and interests, family details including the relationship of family members to you.
- Identification details
Identification numbers issued by government bodies or agencies, including your national insurance number, passport number, tax identification number and driving licence number.
- Data from fraud prevention, law enforcement or government agencies
Other publicly available databases and data sources used to prevent or detect fraud or provide details to us about criminal convictions or offences.
- Data in relation to regulatory issues from HM Treasury and other authorities,
For example when someone is subject to a financial sanction they will appear on HM Treasury’s asset freezing list
- Information relating to underwriting insurance policies
Managing and processing insurance claims, such as previous insurance records and claims histories, and in some cases, surveillance reports.
- Employment and career information
Your employment history, job title, salary, employment benefit options, educational background and any professional qualifications and licences.
The type of information we may collect and process about you will depend, in some circumstances, upon the type of insurance which we are offering or underwriting.
Sensitive personal information
We may collect certain categories of personal information which are more sensitive. This information, which is known as special category personal data, has additional protection and includes: your health information (such as your medical records and history, test results, information and treatment, and reports on medical diagnoses) information about your personal characteristics and circumstances of a sensitive nature such as your racial or ethnic origin, religious beliefs, sexual orientation, sex life and genetic information your membership of a trade union We may also collect information about criminal convictions or offences where authorised by law.
WHERE DO WE COLLECT YOUR PERSONAL INFORMATION FROM?
Information collected from you and our Cookie and Analytics Policy
Where we have collected the information directly from you it will usually be obvious what this is as you will have contacted us or given it to us. This might not be the case where we have used cookies to collect information from your computer or portable electronic devices.
Cookies and Google Analytics
When you visit our website, our web server collects some basic information such as your internet service provider’s domain name, which pages you accessed on our site, and when. We use this information only to analyse how visitors are using our website and to help guide improvement.
This information is collected and analysed using cookies and Google Analytics.
Information collected from others
We can collect information about you from others and from various sources. This includes information from:
Other insurance market participants which may include intermediaries who are involved in the arranging of insurance cover between us and policyholders (such as insurance brokers and coverholders); other insurers who are providing the insurance cover together with us; other insurers who we are providing reinsurance cover to in our capacity as a reinsurer.
In the event of a claim, third parties who are involved including claims handlers who assist us in investigating or processing claims, solicitors, loss adjustors, experts (including medical experts), witnesses, evidence providers, the other party to the claim (who may be either a claimant or a defendant).
Individuals or companies that you may be associated with (for example representatives acting on your behalf, your employer or your family members).
Anti-fraud databases, sanctions lists, court judgments and other publicly available sources and databases.
Credit reference agencies and other financial institutions.
Which of the above sources apply will depend on your particular circumstances.
HOW WE USE YOUR PERSONAL INFORMATION AND WHY WE MAY DO THIS
We use your personal information in order to meet our obligations in our contracts of insurance and to operate our business. We must have a legal basis to process your personal information. We and our other group companies use your personal information in the following ways and for the following reasons:
To provide insurance services
We may use your personal information to issue quotes for, and administer, policies of insurance. We can use your information in this way to fulfil our contractual obligations or to take steps before entering into a contract.
To do what we are required to do by law
We may use your personal information to comply with legal obligations and to cooperate with regulatory bodies to which we are subject. This includes the prevention and detection of fraud, money laundering, terrorism and other crimes; the carrying out of background checks where these are required and lawful; fulfilling due diligence and reporting obligations; and responding to binding requests from regulators.
We can use your information in this way because we are obliged to comply with legal and regulatory requirements including the Financial Services and Markets Act 2000 and the regulation of the Prudential Regulation Authority and the Financial Conduct Authority.
To review, process and manage insurance claims
We may use your personal information to manage the investigation and payment of claims made under our insurance policies, including conducting fraud, anti-money laundering and sanctions checks and bringing or defending legal claims which relate to the policy of insurance.
We can use your information in this way to fulfil our contractual obligations, to comply with legal and regulatory requirements and because it is in our legitimate interests to exercise our rights and bring or defend claims made against us.
To operate and audit our business
We may use your personal information to fulfil our contractual obligations to third parties; to perform administrative activities in connection with our services; to conduct data analysis which helps us assess risks, price our insurance appropriately and improve our services; to research and develop new insurance products.
We can use your information in this way because it is in our legitimate interests to improve our services and manage our business efficiently, to ensure we manage risk and price our insurance appropriately, and to maintain accurate records and perform audits. When we process your personal information on the basis that it is in our legitimate interests to do so we balance our interests with your rights and freedoms and keep the information used and the processing to the minimum required to meet those legitimate interests.
To exercise our legal rights
We may use your personal information to exercise, defend and protect our legal rights or the rights of third parties where it is necessary to do so. For example we may bring or defend claims or recover debts which are due to us.
We can use your information in this way because it is in our legitimate interests to exercise our rights to collect money which is owed to us and to bring or defend claims made against us.
We may use your personal information to assess your suitability for employment and make recruitment decisions.
We can use your information in this way because it is in our legitimate interests to recruit suitably qualified employees and carry out our responsibilities in relation to recruitment.
Sensitive personal information
If it is necessary that we process your sensitive personal information (or special category personal data) for one or more of the purposes above we will only do so where one of the following lawful reasons applies:
- we have obtained your explicit consent
- we need to process your sensitive personal information to establish, exercise or defend a legal claim
- we need to process your sensitive personal information for reasons of substantial public interest, for example an insurance purpose
- we are otherwise authorised by local law to process your sensitive personal information
WHO DO WE SHARE YOUR PERSONAL INFORMATION WITH?
We may share your personal information with third parties and other companies within our group in the following circumstances:
Beat group companies – we operate as an international business so we may share your personal information with group companies who may use this information for the purposes described in this Privacy Notice.
Insurance market participants – including other insurance and reinsurance companies, coverholders, intermediaries, retrocessionaires and business partners. We may share your personal information with these third parties should they need to use your personal information in connection with the provision of insurance and processing of claims. For example, we may share your personal information with other reinsurers for the purposes of settling claims.
Service providers – we may share your personal information with service providers that perform services and other business operations for us, for example, software and analytics providers, professional advisors and auditors.
Potential purchasers – we may share your personal information with any third party that purchases, or to which we transfer, all or substantially all of our assets and business. Should such a sale or transfer occur, we will use reasonable efforts to try to ensure that the entity to which we transfer your personal information uses it in a manner that is consistent with this Privacy Notice.
Companies who are our customers – we may share your personal information with your company or employer in certain circumstances, for example, if your company or employer has a corporate insurance policy with us and you make a claim under that policy.
Any law enforcement agency, court, regulator or government authority. We may share your personal information with these parties where this is necessary to comply with a legal or regulatory obligation, or otherwise to protect our rights or the rights of any third party.
WILL WE SEND YOUR PERSONAL INFORMATION OVERSEAS?
We may need to transfer your personal information to other insurance market participants, our group companies, and service providers, contractors and agents who perform services on our behalf and are located outside of the European Economic Area (EEA).
We will put agreements in place with the people we send information to so that these transfers will be made in compliance with data protection legislation and they will be required to treat your personal information with the same degree of protection that would apply within the EEA. For more information on the appropriate safeguards in place, please contact us at the details below.
In some cases we might need to share information to carry out the services we have promised to carry out, for example if you require urgent assistance abroad. In such an urgent situation we may not always have the time to put in place the type of agreement we would normally want to.
In certain circumstances, in order to provide insurance cover and deal with claims, we may need to process your special category personal data, such as medical records and information relating to criminal convictions, for the purposes outlined above. We may need your consent to do this and if we do need your consent we will ask you for it separately.
You do not have to give your consent and you may withdraw your consent at any time. However, if you do not give your consent, or you withdraw your consent, this may affect our ability to provide the insurance cover from which you benefit or prevent us from providing cover or handling claims.
PROFILING AND AUTOMATIC DECISION MAKING
When we analyse personal information for the purposes of risk assessment or risk modelling this may involve profiling, which means that we may process your personal information using software that is able to evaluate behaviours and predict risks or outcomes.
It helps us to understand any risks associated with the insurance policy and to make decisions about how we can improve and develop our products and services, or our pricing and underwriting. It is in our legitimate interests to manage risk and ensure we are charging appropriate premiums.
HOW LONG WILL WE KEEP YOUR PERSONAL INFORMATION FOR?
We will keep your personal information only for so long as is necessary and for the purpose for which it was originally collected. In particular, for so long as there is any possibility that either you or we may wish to bring a legal claim under an insurance policy, or where we are required to keep your personal information for legal or regulatory reasons.
You may contact us for one or more of the following reasons:
- To ask us to correct information about you that is wrong or incomplete, or to delete personal information about you. To tell us you no longer agree to, that you object to, or that you wish to restrict us using information about you and ask us to stop.
- To exercise your right of access, which means you may ask us to provide you with a copy of all of the personal information that we have about you.
- To exercise your right to data portability, which means you may obtain and reuse the information that you have provided to us for your own purposes across different services. You may ask for this information to be provided directly to you or directly to another organisation. We will provide the information in a machine readable format so that another organisation’s software can understand that information.
Sometimes we will not be able to stop using your personal information when you ask us to (e.g. where we need to use it because the law requires us to do so or we need to retain the information for regulatory purposes).
In other cases, if we stop using your personal information, we will not be able to provide services to you, such as administering an insurance policy or servicing a claim.
We will tell you if we are unable to comply with your request, or how your request might impact you or others, when you contact us.
HOW TO CONTACT US
Our Legal Department is responsible for responding to questions about this Privacy Notice or to your requests to exercise your rights which are set out above. You can contact our Legal Department at:
Tarian Underwriting Limited
5th Floor Camomile Court
23 Camomile Street
London, EC3A 7LL
Telephone: +44 (0)20 3786 1443
If you have any concerns about the way in which we are using your personal information, please contact our Legal Department in the first instance and we will try to resolve your concern. However, you do also have the right to complain about how we treat your personal information to the Information Commissioner’s Office (“ICO”). The ICO can be contacted at: https://ico.org.uk/