Data Protection & Security Policy
It is our policy to treat customers (and other stakeholders in the business) fairly when handling their data in line with regulatory requirements for proper systems and controls and taking due
comply with the Data Protection Act 1998. For a copy of our registration
under the Act, click
Our registration number is Z4908414. Our registration is renewable every year in September. In addition we are required to ensure that our registration details remain up to date and any change is notified to the Information Commissioner’s Office within 28 days of any change occurring.
Our firm will provide the Financial Conduct Authority (FCA) with any personal data it may require for any permitted purpose and according to law.
Our firm undertakes to obtain all necessary consents from employees, appointed agents or customers prior to providing the FCA with personal data.
Our firm will treat all customer information as private and confidential, even when customer’s policies have lapsed or are cancelled; we will not release information to anyone else except where:
• The customer gives us permission, for instance, by acceptance of our
Terms of Business Agreement
• Required under our authorisation by the FCA
• We have to by law
Our firm maintains archive records for lapsed and cancelled policies, settled claims and accounts.
Data is only retained where necessary, and data will not be kept longer than is strictly required.
We accept that it is senior management’s responsibility to assess the risks of financial crime associated with customer
It is our policy to take reasonable care to establish and maintain effective systems and controls for compliance with applicable requirements and standards under the regulatory system and for countering the risk that the firm might be used to further financial crime.
Areas which we monitor and address are:
• Physical security
• Staff recruitment and vetting
• Staff training and awareness
• Systems and controls
• Disposal of data
• Third parties
• Compliance and monitoring
Appropriate controls are in place should there be a need for files and records to be temporarily removed from the office.
All data is kept in a secure environment whether on computer or in manual records.
Peter Cutler, Finance Director & Data Controller is responsible for maintaining adequate controls in respect of passwords, log-in codes, tapes, discs, keys to cabinets and back-up tapes.
The approved person responsible for compliance is also responsible for monitoring the accuracy and security of data. All staff are advised of their data protection responsibilities.
This policy and the procedures arising from it are reviewed at least annually. Peter Cutler, Finance Director & Data Controller, is responsible for this policy.
do not currently transfer any data collected on our website out of the European
Economic Area. However, the Internet is made up of a large variety of
international connections and if you are visiting this website from outside the
European Economic Area the various connections will necessarily result in the
transfer of information across international boundaries. By visiting the
website and communicating electronically with us you consent to these transfers.
and construed in accordance with the laws of England and Wales. You agree to
submit any dispute arising out of your use of this website to the exclusive
jurisdiction of the courts of England and Wales.