KASKO - Privacy Policy

Privacy Policy

KASKO (“we”, “our” or “us”) are committed to protecting your personal data and complying with data protection laws. Please read this privacy policy carefully. It provides information about how we use personal data and the rights available to you under data protection laws.

 

1.WHY WE COLLECT PERSONAL DATA

We use personal data to market our services to potential insurance clients, for ongoing client administration and communication and supplier administration and communication.  We are required by data protection laws to have a legitimate reason to process and use personal data. Our grounds for processing are:

  • Marketing in our legitimate business interests in order to grow and maintain our business;
  • Client and supplier administration and communications to support the delivery of our services under contract to our clients and in our legitimate business interests where we have lawful purpose for processing your data e.g. for maintaining our accounts and records, communication and gathering market intelligence in order to develop and improve our products and services. We will ensure that the processing of your personal data does not affect your rights under applicable data protection laws.

We may also process personal data in order

  • to prevent, identify and investigate fraud or any activity that is in the public interest;
  • to defend ourselves against or make any legal claims;
  • to comply with a legal or regulatory obligation e.g. where we are required to maintain records of any transactions or for compliance with international legal and regulatory authorities.

2. INFORMATION WE MAY COLLECT ABOUT YOU

We maintain the minimum records required to achieve our purposes, all the information we collect is necessary for us to manage our relationships with clients and suppliers.

We may collect and process the following personal data about individual company representatives of our marketing prospects, clients and suppliers:

  • Name, individual job title, contact details, opt-out consents, IP addresses, details of existing service provision if one of our clients or suppliers, Client administration and comms Client name
  • Where a supplier is a sole trader we will hold the transaction history, payment records and financial information.

 

We collect information we collect through our website such as IP addresses (although we only store corporate IP addresses).  IP addresses may be supplemented with information from publicly available sources such as corporate websites and Linkedin.

Information about corporate representatives of marketing prospects is also provided to us through our online enquiry form and face to face at industry events.

3. SHARING AND SAFEGUARDING YOUR PERSONAL DATA

All personal data supplied to us is stored on secure servers and only accessed and used in line with our data protection policies and procedures. Your personal data will only be accessed by our employees or authorised third parties who require the information for business purposes. In circumstances where it is necessary to share your personal data with a third party, there are contractual agreements in place to ensure the security and confidentiality of your personal data and the information will only be used for the specific purpose for which it has been provided to them.

 

3.1. OUR GROUP COMPANIES

We may share your personal data with our group companies, based in the UK, Germany, Latvia  but only for the purposes laid out in this privacy policy and we will ensure the security of your personal data.  We have contracts between our group companies.

3.2. AUTHORISED THIRD PARTIES

We may also be required to allow authorised third parties, including service providers and suppliers, access to your personal data, for the purposes stated in section 2 of this notice. Any data sharing with third parties will be in compliance with applicable data protection laws.

Some third parties are connected with the insurance services we support such as the insurance company, the Insurance Ombudsman (at the instigation of the customer).  Others are connected with us including our hosting service provider, email provider, financial services regulators and other Kasko group companies as described above, AWS Ireland server, Mailjet for email. All data sharing with third parties is in compliance with applicable data protection laws.

3.3. GOVERNMENTAL, LEGAL AND REGULATORY AUTHORITIES

It may be necessary for us to share your personal data with financial and regulatory organisations (e.g. the Financial Ombudsman Service, the Financial Conduct Authority, the Information Commissioner’s Office) or law enforcement agencies (including courts) in order to assist them with enquiries, investigations or proceedings and ensure our compliance with our regulatory and legal requirements. As a financial services company, we are required to have certain processes in place with regards to anti-bribery and corruption, money laundering and fraud. If any criminal offence is detected or suspected, we may share data with third parties (e.g. law enforcement agencies, fraud prevention agencies, anti-money laundering agencies) in order to prevent crime or aid investigations if crime is identified.

4. MARKETING

We use personal data relating to corporate representatives to send information about our products and services and those of other companies in our group which may be of interest.  We rely on consent to marketing from our contacts.   If you have consented to receive marketing, you may opt out at a later date.  You have a right at any time to stop us from contacting you for marketing purposes or giving your information to other members of our Group.

EXPORT OF PERSONAL DATA OUTSIDE THE EEA

Our email service providers are located outside of the EEA but in all cases we have ensured that these companies subscribe to the EU approved Privacy Shield so that an adequate level of data protection exists for customer personal data.  In addition we hold only minimal data with our email service provider as an added safeguard.

Following Brexit Kasko Limited, located in the UK, will be in a third country for data protection purposes.  We expect that an Adequacy Decision will be made by the EU to allow continued dataflows between it and the UK but in the absence of such a decision, we will put in place contracts between Kasko group companies incorporating the EU approved model clauses for transfers of personal data outside of the EEA.

 

5. YOUR RIGHTS

Our policy complies with the EU General Data Protection Regulation. The law requires us to tell you about your rights and our obligations with regards to the processing and control of your personal data, however not all of the following may be applicable in our business dealings:

There are some circumstances where we may be required to restrict your rights in order to safeguard the public or our own interests.

For further information regarding your rights, please visit the Information Commissioner’s Office’s website or click on the links provided above.

If you have any questions regarding privacy or how we use personal data, you may contact our Data Protection Coordinator at Kasko LTD, 78 York Street, London, United Kingdom, W1H 1DP or email us at compliance@kasko.io

6. DATA RETENTION

We hold our records for six years from termination of contracts with customers and suppliers.  Data used for marketing purposes will be held indefinitely so long as the individual remains in role and the consent to marketing remains in place.

7. OTHER WEBSITES

Our website contains links to other websites. This privacy policy only applies to this website so when you link to other websites you should read their privacy policies.

8.CHANGES TO OUR PRIVACY POLICY

We keep our privacy policy under regular review and we will place any updates on this web page.

This privacy policy was last updated in December 2018.

10.YOUR RIGHT TO COMPLAIN

Should you have any concerns regarding how we process your personal data, then please contact our Data Protection Coodinator at the address given above.  Individuals also have the right to report concerns to the Information Commissioner’s Office. For more information, please visit their website at www.ico.org.ukor write to them at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.

 

Contact us
Linkedin
Twitter
Have a question?
Leave us a message!