Your Privacy and Security: Introduction

This Privacy Notice will help you understand how we collect, use and protect your personal data when you interact with us. Please take a few moments to read the sections below and learn how we may use personal data. You should also show this policy to anyone whose personal data you may disclose to us.

In order to comply with regulations we retain the data in relation to your quote for 12 months from the date of quotation. We retain the data in relation to your insurance contract for seven years after conclusion of the contract you hold with us. Any data which has Employers Liability will be kept for 40 years.

The data controller is Munich Re Specialty Insurance (UK) Limited, Union, 2-10 Albert Square, Manchester, M2 6LW.

If you have any questions about this privacy notice or about your Data Subject Rights including:

• Subject Access Request: To request access to your personal data and information around its processing.
• Rectification: To have your personal data corrected if it is inaccurate.
• Restrict Processing: To restrict processing where your personal data is inaccurate or the processing is unlawful.
• Objecting to direct marketing.
• Object to processing based on legitimate interest.
• Data Portability: The transfer of your personal data to another Data Controller.
• Erasure: To have your personal data removed or deleted.

The Data Protection Officer
Munich Re Specialty Insurance (UK) Limited
1 Fen Court
London
EC3M 5BN
Email: p0060010241@munichre.com

What Information Do We Collect About You?

We will collect your personal data when:

• You contact us to ask a question.
• You obtain a quotation from us.
• You use our website.
• We process any new policy documentation, renewal documentation, mid-term adjustments and process claims.
• When we provide you with information about our services.

Personal Data

Special Categories of Personal Data

Non-Personal Data Collected Online

Please see our cookie policy on our website  https://www.gjwdirect.com/cookie-policy/

Dealing With Other People

Policy Administration

We will deal with anyone named on the policy.  It is not our policy to deal with your spouse, partner or parent without your written consent. If you would like someone else to deal with your policy on your behalf on a regular basis please let us know.

If you give us information about another person, in doing so you confirm that they have given you permission to provide it to us to be able to process their personal data (including any special categories of personal data) and also that you have told them who we are and what we will use their data for, as set out in this privacy notice.

Marketing

If you have opted in to receive marketing material from GJW Direct, MyBoat or group companies (which includes any company of whom the ultimate parent company is Munich Re Specialty Group Limited), we will contact you from time to time by telephone, post, e-mail or SMS to keep you informed with news, products or services, including but not limited to boat insurance together with carefully selected offers or promotions which we feel may be of interest to you. Other carefully selected companies may also contact you by post.

If you would like to receive the marketing material referred to above please contact us using either the email address insure@gjwdirect.com, Tel: 0151 473 8000 or write to The Data Protection Officer at the above address.

Confidentiality

We treat your personal data as private and confidential.

The disclosures we make have been detailed in Section 2 above.

We would like to bring to your attention our obligations to disclose information in the following four exceptional cases permitted by law, and the other situations as set out below.

These are:

• Where we are legally compelled to do so;
• Where there is a duty to the public to disclose;
• Where disclosure is required to protect our interest;
• Where disclosure is made at your request or with your consent.

Also, from time to time, we will employ agents and sub-contractors to process your personal data on our behalf. These include IT Software Suppliers and Payment Services Suppliers. The same duty of confidentiality and security will apply to them and all processing will be carried out under our instruction.

When taking out a policy for your narrowboat, it is necessary for us to pass your information to River Canal Rescue (RCR) to enable your contract with them to be fulfilled. Once we have passed your data to RCR, they will become the Data Controller. A copy of RCR's privacy policy can be found at http://www.rivercanalrescue.co.uk/privacy-cookie/

If you make a complaint about the service we have provided, we may be obliged to forward details about your complaint, including your personal data to the relevant Ombudsman, the insurer and to Lloyds.

In the unfortunate event that you have to make a claim, then we will need to disclose information with any other party involved in that claim. This may include:

• Third parties involved with the claim, their insurer, solicitor or representative;
• Medical teams, the police or other investigators and Courts.

Credit Reference

When you apply to open an account with us, we make a number of checks to assess your application for credit and verifying identities to prevent and detect crime and money laundering. To obtain this information, we will check the following records about you and anyone else who may also be insured and whose personal details have been provided as part of the insurance application.

Our own records

Credit Reference Agency (CRA) records. When we search these CRAs, this will place a search footprint on your credit file that may be seen by other lenders. They supply us with both public (including the electoral register), and shared credit and fraud prevention information.

Fraud Prevention Agency (FPA) Records

We make searches about you at credit reference agencies who will supply us with information, including the Electoral Register and credit information. The agencies will record details of the search whether or not your application proceeds. The searches will not be seen or used by lenders to assess your ability to obtain credit. We may use scoring methods to assess this application and to verify your identity. Credit searches and other information which is provided to us and/or the credit reference agencies, about you and those with whom you are linked financially, may be used by other companies if you, or other members of your household, apply for other facilities including insurance applications and claims. This information may also be used for debt tracing and the prevention of money laundering as well as the management of your account. Alternatively, we may ask you to provide physical forms of identification.

We may also make periodic searches at CRAs and FPAs to manage your account with us.

Information on applications will be sent to and recorded by CRAs. When you borrow from us, we will give details of your account(s) and how you manage it/them to CRAs. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs and FPAs to perform similar checks, and to trace your whereabouts and recover debts that you owe. Records remain on file for six years after they are closed, whether settled by you or defaulted.

If you give us false or inaccurate information and we suspect identify fraud, we will record it and may also pass this information to FPAs and other organisations involved in the prevention of crime and fraud.

If you borrow from us and do not make payments that you owe us, we will trace your whereabouts and recover debts.

Your data may also be used for other purposes for which you give your specific permission or, in very limited circumstances, when required by law.

How to Find Out More

This is a condensed guide to the use of your personal data. If you would like to read the full details of how your data may be used please contact the Data Protection Officer at the address above.

You can contact the CRAs currently operating in the UK; the information they hold may not be the same so it is worth contacting them all. They will charge you a small statutory fee.

• Call Credit. Consumer Services Team, One Park Lane, Leeds, LS3 1EP or call 0845 366 0071 or log on to callcredit.co.uk
• Credit File Advice Centre, PO Box 1140, Bradford, BD1 5US or call 0844 335 0550 or log on to www.equifax.co.uk
• Credit Expert, PO Box 7710, Nottingham, NG80 7WE or call 0344 481 0800 or log on to www.experian.co.uk

If necessary, we may also have to investigate your claims and conviction history in the course of administering any claim. You can be assured that we will keep such investigations strictly confidential.

Insurers pass information to the Claims Underwriting and Exchange Register, run by Insurance Database Services (IDS). This helps insurers check information and prevent fraudulent claims. When we deal with your request for insurance we may search these registers. Under the conditions of your policy you must tell us about any incident (such as an accident or theft) which may give rise to a claim. When you tell us about an incident, we will pass information to the registers.

Fraud Prevention and Detection Notice

In order to prevent and detect fraud, insurers may, at any time:

• Share information about you with us and other group companies;
• Pass details to Insurance Hunter, a central insurance application and claims checking system, whereby it may be checked against information held by Insurance Hunter and shared with other insurers.
• If false or inaccurate information is provided and fraud is identified, details will be passed to fraud prevention agencies.
• Law enforcement agencies may access and use this information

We, and other organisations, may also access and use this information to prevent fraud and money laundering, for example when:

• Checking details on applications for credit and credit related or other facilities;
• Managing credit and credit related accounts or facilities;
• Recovering debt;
• Checking details on proposals and claims for all types of insurance.

We and other organisations may access and use, from other countries, the information recorded by fraud prevention agencies.

We may also disclose information about you and your policy to: 

• The insurer and other group companies; 
• In the event that we undergo re-organisation or are sold to a third party, in which case you agree that any personal data we hold about you may be transferred to that re-organised entity or third party;
• Where it is necessary to deliver the products and services bought by you, for example, we may disclose your personal data to a credit card company to validate your credit card details and obtain payment. It may also be necessary for us to pass your personal data to the organisation from whom you have ordered any products or services other than your insurance product, such as legal expense provider, etc. At all times we will remain the data controller unless we inform you otherwise.

Information Security

Your privacy is important to us and we follow strict security and organisational procedures in the processing, storage, destruction of your information.  This is to prevent unauthorised access or loss of your information. 

Transfer of data

We will not transfer your personal data to countries that do not provide an adequate level of data protection.  Your personal data may be disclosed to companies within the Group outside the UK or EEA and to Service Providers outside the UK or EEA.

Privacy Support

We reserve the right to amend or modify this privacy notice at any time and in response to changes in applicable law.

If you are unhappy with any response or have a complaint.  You can raise this with:

The Information Commissioner
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
www.ico.org.uk