The privacy and security of personal information is important to McGill and Partners (collectively, McGill and Partners Group Ltd and all subsidiary and affiliate companies worldwide). This notice explains who we are, the types of personal information we collect and hold, how we use it, who we share it with and how long we keep it. It also informs you of certain rights you have regarding your personal information under applicable current data protection law.
This website is not intended for children, and we do not knowingly collect data relating to children.
1. Who are we?
McGill and Partners generally acts as the data “controller”, “business” or a “responsible party” of any personal information provided to us when you use our services, and this privacy notice applies in that context.
In some cases we may act as a “processor” under applicable data protection laws, which means we collect or receive your personal information from or on behalf of our client or another person acting on our client’s behalf. In such circumstances, we will process personal information on behalf of and subject to the instructions of our client as the “controller” of the data. Our clients’ privacy notices will apply in those circumstances.
You can contact us for general data protection queries in writing to the Data Protection Officer, McGill and Partners, Suite 806, Gallery 8, 1 Lime Street, London EC3M 7HA or by email to DPO@mcgillpartners.com. Please advise us of as much detail as possible to enable us to comply with your request.
2. What information do we collect?
To enable us to provide services to our clients, we may collect and use personal information provided to us by our clients or by those with whom we deal on behalf of clients. This information may include, but not necessarily be limited to: name, address, telephone number, email address, postal address, occupation, date of birth, additional details of risks related to the services we provide and payment details (including bank account number and sort code). It may also include personal information (including sensitive personal data) where provided in relation to any claim we may be handling, and generally includes any information that identifies, relates to, describes or is reasonably capable of being associated or linked with an individual. This information will be collected as it is considered necessary for a legitimate insurance purpose and to meet contractual or regulatory obligations that arise from the provision of insurance-related services to our clients.
We may also collect personal information from third parties such as regulatory authorities, your employer, other organisations with whom you have dealings, government agencies, credit reporting agencies, recruitment agencies, information or service providers and publicly available records.
We only collect and use sensitive personal data where it is critical for the delivery of insurance products and services we provide to our client and as allowed under applicable law. If you object to use of such information we will be unable to offer that product or service.
If you apply for a job or work placement, you may need to provide information about your education, employment, racial background and health. In doing so, you expressly consent to our use of this information to assess your application, for our internal recruitment analytics and for such monitoring or screening activities as we may require in accordance with applicable law. We may disclose your personal information to recruiters, screening check providers, health service providers, professional and trade associations, law enforcement agencies, recruitment analytics and diversity research providers, referees and your current and previous employers. We may also collect your personal information from these parties in some circumstances.
3. How do we use your personal information?
We will only use your information when it is legally permissible for us to do so. This includes to enable us to assess the products and provide the services that our client has requested but we may also, if relevant, use this personal information to:
- Communicate with you
- Develop new products and services
- Undertake statistical analysis
- Comply with a legal or regulatory obligation or requirement
Where you are our client, from time to time we may need to contact you for a variety of reasons relating to the services we provide (for example, to update you on the progress of a claim or to discuss renewal of your insurance contract). To ensure the confidentiality and security of the information we hold, we may need to request personal information and ask security questions to satisfy ourselves that you are who you say you are.
We aim to keep the information we may hold about you as accurate as possible. If you are our client, you can inform us of a change in your details by contacting your usual McGill and Partners contact at any time. Where you are not our client, you can contact our Data Protection Officer using the details provided above.
We may aggregate information and statistics on website usage or for developing new and existing products and services, and we may also provide this information to third parties. Where provided to third parties, these statistics will not include information that can be used to identify any individual, other than in very limited circumstances. For example, personally identifiable information may be held and shared with third parties where necessary for security reasons such as when monitoring access to data rooms and any online portal or platform we make available to you.
4. Securing your personal information
We follow strict security procedures in the storage and disclosure of personal information, whether in electronic or paper format, in line with industry practice.
We store all the information provided to us, including information provided via forms you may complete on our website, and information which we may collect from your browsing (such as clicks and page views on our websites).
Any new information you provide us may be used to update an existing record we hold for you.
5. When do we share your information?
The insurance lifecycle involves the sharing of your personal data between insurance market participants such as insurers, managing agents, other intermediaries, loss adjusters and platforms customarily used in the London and international insurance markets, some of whom you will not have direct contact with. In these instances, while the information provided will be disclosed to these companies, it will only be disclosed by McGill and Partners to allow for the provision and administration of the service provided (for example verification of any quote given to our client, claims processing, underwriting and pricing purposes, or to maintain management information for analysis).
To help us prevent financial crime, your details may be submitted, where relevant to the insurance cover being sought, to fraud prevention agencies and other organisations where your records may be searched.
We may share information with anyone our client has authorised to deal with us on their behalf. We may also share information with McGill and Partners group entities around the world, and with third party outsourcers who provide essential services to us in connection with our day-to-day business activities. As a global service provider, data that we collect from you may be transferred to, accessed, processed or stored in jurisdictions including but not limited to Australia, Bermuda, the EEA, India, the United Kingdom and the United States. We have established safeguards to protect personal information that is transferred to other countries which may not have equivalent protection to your home jurisdiction, including appropriate contractual protections where required.
If we provide information to a third party, we will require it and any of its agents and/or suppliers to take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this privacy notice or an equivalent notice or policy.
We will not share your personal information for third party marketing or for any purpose other than those set out in this notice without your consent unless required by law to pass on your information to the police or other law enforcement body, or statutory or regulatory authority.
6. How long do we keep your information for?
We will not keep your personal information longer than is reasonably necessary for the purpose for which it was originally provided, unless we are required by applicable law or regulation, or have other legitimate reasons to keep it for longer (for example if necessary for any legal or claims proceedings).
Where your personal information is no longer required, it will be securely deleted or stored in a way which means it will no longer be used by us.
7. Your rights
There are a number of rights that you may have under the data protection law in your home country. Commonly exercised rights that may be available to you are:
- Access – you may reasonably request a copy of the information we hold about you
- Erasure – where we have no legitimate reason to continue to hold your information, you have the right to have your data deleted (sometimes known as the right to be forgotten)
If you are unhappy about the way we have handled your data or upheld your rights please contact us in the first instance.
If you remain dissatisfied with our response, you may be entitled to complain to the ICO – further details of your rights in that regard can be obtained by visiting the ICO website at https://ico.org.uk/your-data-matters/
If you make a privacy complaint, we will respond to let you know how your complaint will be handled. We may ask you for further details, consult with other parties and keep records regarding your complaint.