GDPR Privacy Notice
Lodestar Marine Limited is the data controller responsible for the personal data it collects.
This Privacy Notice sets out what personal data we may collect and how we may collect it, how and why we may use it, how we keep it secure and data subject rights in respect of personal data.
The types of personal data we use, its purposes and its sources.
In order to operate our business we need to obtain and use a limited amount of personal data.
The categories of personal data include:
- contact details (including email addresses) of brokers and assureds
- personal data about directors of businesses such as name and date of birth
- names of employees of businesses.
The personal data is provided to us directly by the insurance brokers and/or directly by applicants that apply for an insurance policy from us.
The legal reason for collecting the data is to allow us to contact the broker and applicant, to review the underwriting information which is needed for entering into an insurance contract with the applicants and for policy administration and servicing.
Who we share data with
Personal data are not processed outside Lodestar, other than:
- with the Lloyd’s syndicates and insurers that we represent
- with Lodestar’s outsourced service providers, Pro Insurance Solutions Limited and Lodestar’s affiliate, Tawa Associates Limited
- with third party auditors that audit the underwriting process on behalf of these Lloyd’s syndicates (access during their audit)
- to Correspondents, surveyors, lawyers, and recovery agents
- when we are required by law to do so
- to transfer the data in case of a merger or sale
- in case of legal proceedings
- for audit purposes
- to prevent or detect fraud
We are committed to ensuring that the data collected is secure. While we cannot ensure or guarantee that loss, misuse or alteration of data will not occur, we use our best efforts to prevent this. In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the data.
How Long We Keep Data
We retain the data on the following terms:
- In case we underwrite the insurance, data are retained for a 10 years period after expiry of the policy or after final settlement of the claim under the policy;
- In case we do not underwrite the policy, data are retained for 2 years after our rejection to underwrite.
Sending Personal Data outside the EU
Personal data are stored on our underwriting processing system and not processed outside the EU. We ensure any data are processed securely and in accordance with this Privacy Notice.
Data Subject Rights
Data subjects have the right of access to confirm if we process their data and get a copy of the data we process. Data subjects also have the right to rectification if any data are incorrect and the right to erasure if there are no legitimate grounds for retaining the data.
Due to the limited categories of personal data we collect, it could be difficult to verify the identity of data subjects however, please contact us at firstname.lastname@example.org to exercise these rights.
Data subjects have the right to complain to the Information Commissioner’s Office if they are concerned about we how use personal data. Please refer to www.ico.org.uk/concerns for instructions on how to report a concern.
London, 25 May 2018