Shepherd Compello Ltd trading as Shepherd Compello and/or EPG Administration Services is responsible for ensuring compliance with relevant data protection laws. We will, at all times, keep your data confidential and private and protect your data as we protect our own data.
What Data Do We Collect?
In order to provide our services as an insurance intermediary including advising on, arranging, placing and administering (potential) insurance policies, we may collect data about the policyholder and related parties. We may collect the following Personal Data:
- Individual details: name, address, telephone number, email address, gender, date of birth, job title, employment history, nationality, place of birth, employer marital status.
- Claims data: information regarding insurance claims.
- Credit history and anti-financial crime data: including credit score, information regarding sanctions, financial crime history and regulatory and law enforcement actions.
- Financial information: bank details, payment details and income data.
- Policy information: information concerning your previous insurance history.
- Insured risk: information about you which we need to collect in order to assess the risk to be insured and provide a quote. This may include data relating to your health, criminal convictions or other special categories of personal data that relevant to your enquiry.
- Identification details: identification numbers issued by government bodies or agencies, passports, driving licences and online identifiers such as IP addresses.
Health data: past and present information concerning physical and mental health, medical prescription data, medical history including procedures and lifestyle factors relevant to health including alcohol, drug use and smoking.
Criminal convictions data: criminal records and/or driving offences.
Special categories of personal data: including racial or ethnic origin, political opinions or trade union membership, religious and/or philosophical beliefs, biometric data and data concerning sex life or sexual orientation.
How We Use Your Personal Data and Whom We Disclose it to
The General Data Protection Regulation (GDPR) requires Shepherd Compello to establish a legal basis for processing your Personal Data. For each category of data that we process, the following table identifies what grounds we rely on in relation to the particular processing activity and whom we disclose it to: DOWNLOAD.
The London Insurance Market Core Uses Information Notice
Insurance involves the use and disclosure of your Personal Data by various insurance market participants such as intermediaries, agents, insurers and reinsurers. The London Insurance Market Core Uses Information Notice (available: https://www.londonmarketgroup.co.uk/gdpr) sets out those core necessary Personal Data uses and disclosures. Our core uses and disclosures are consistent with the London Market Core Uses Information Notice. We recommend that you review this notice in full.
Third parties with whom we may share your Personal Data may become data controllers in their own right. You may enquire for the details of those with whom we may have shared your Personal Data by contacting our Data Protection contact, whose details are below.
Where no other legal basis for processing applies, we rely on your consent to process your Personal Data, such activities are set out in the table above. In submitting your information to us, Shepherd Compello may use your information in the ways outlined in this Policy. You confirm that any information given by you is true and complete. Where you are providing any form of Personal Data to us on behalf of another, you further agree that you will not provide any information to us unless you have the necessary consent of the individual or individuals in question and that you will provide them with a copy of this notice, along with any other relevant notices that may be provided by us or other insurance market participants. You may withdraw your consent at any time by contacting our Data Protection Officer, the contact details of whom you will find below. However we must notify you that, where we are acting as your insurance intermediary, any withdrawal of such consent will harm our ability to fairly represent you in the future.
In order for the insurance market to operate effectively and efficiently, insurance premiums are calculated by benchmarking or comparing (potential) policyholders’ risk profiles against other policyholders’ risk profiles in attempt to determine how likely an insured event is to occur.
To undertake this process, insurance market participants must compile and analyse information received from insureds to model the likelihood of such events occurring. As such Shepherd Compello and other insurance market participants may use your Personal Data to build models that help to determine insurance premium pricing. Generally such models will use anonymised data that cannot be traced back to an identifiable natural person.
Shepherd Compello and other insurance market participants may also use similar techniques to help identify fraud patterns.
Information Security Safeguards
Shepherd Compello has in place electronic, physical and procedural safeguards to ensure that your Personal Data is protected. The safeguards in place vary depending on the sensitivity of the data in question. Such safeguards include firewalls, anti-virus software, security protocols on all devices and access controls. Access to your Personal Data will be restricted to relevant personnel and third parties outlined in the section How We Use Your Personal Data and Whom We Disclose it to.
International Transfers of Personal Data
As Shepherd Compello is a global insurance intermediary, we may transfer Personal Data outside of the European Economic Area (EEA). Where this is the case, we will ensure that Personal Data is only transferred out of the EEA in compliance with the GDPR and that such data is appropriately safeguarded.
Retention of Your Personal Data
Retention periods of your Personal Data vary depending on business needs and various legal requirements. We may retain Personal Data for as long as is necessary whilst the original purpose of processing continues. Where Personal Data is no longer required for the original purpose for which it was collected, we will either destroy the data or anonymise the data so it may not be traced back to an identifiable natural person.
The GDPR grants the following rights for individuals:
- The right to be informed: individuals have the right to be informed about the collection and use of your Personal Data.
- The right of access: individuals have the right to obtain a copy of your Personal Data as well as other supplementary information.
- The right to rectification: individuals have the right to have inaccurate Personal Data corrected and, where it is incomplete, completed. If you think Shepherd Compello may hold incorrect Personal Data, please contact our Data Protection Officer.
- The right to erasure: in some circumstances, individuals have the right to be forgotten or to have their data erased.
- The right to restrict processing: individuals have the right to request the restriction or submission of processing activities. This right is not absolute and only applies in certain situations.
- The right to data portability: this right allows individuals to obtain and reuse their Personal Data for their own purpose across different services. Individuals may also request that their information be transferred from one IT environment to another in a safe and secure way.
- The right to object: individuals may have the right to object to processing of their Personal Data in circumstances where the Personal Data is processed for: a task in the substantial public interest, the exercise of official authority vested in Shepherd Compello and where Shepherd Compello relies on a legitimate interest as the grounds for processing. Individuals have an absolute right to stop their data being used for direct marketing activities.
- Rights related to automated decision making including profiling: solely automated decision-making, without any human involvement, with legal or similarly significant effects may only be carried out where the decision is: necessary for entering into or performance of a contract, authorised by law or based on individual’s explicit consent.
Communications & Marketing
We may use your Personal Data to contact you with newsletters, events information or company updates. Shepherd Compello does not sell, trade or rent your personal information to any other company or organisation. Your details will only be shared with third parties as set out in the section How We Use Your Personal Data and Whom We Disclose it to.
We will respond to you in a timely manner to any requests to correct inaccuracies regarding your personal information and marketing preferences. To do so, please return the message containing the inaccuracies to the sender with details of the correction requested.
If you do not wish to receive any further information from us either by email, please contact firstname.lastname@example.org with your instructions to us.
Cookies and Use of Our Website
Shepherd Compello operates www.shepherdcompello.com (the Site) and, like many companies, utilise cookies to enhance your browsing experience. Cookies are files with small amounts of data which may include an anonymous unique identifier. Cookies are sent to your to browser and are stored on the hard drive the device you are using to access the Site.
In writing: The Data Protection Officer
Shepherd Compello Ltd.
55 Gracechurch Street
Phone: +44 (0)207 378 4000
If you have concerns with the way in which Shepherd Compello is handling your Personal Data, you may contact the Information Commissioner’s Office (ICO). The ICO is the body tasked with regulating the handling of data in the UK. You may contact the ICO in the following ways:
In writing: Information Commissioner’s Office
Telephone: 0303 123 1113 – UK only
+44 1625 545 7000 – Outside of the UK