Privacy Policy

Manchester Underwriting Management Limited & Pelican Underwriting Management Limited Privacy Notice

This privacy notice is designed to help you understand how we, Manchester Underwriting Management Limited, and our Appointed Representative, Pelican Underwriting Management Limited, process the personal data we receive.

Insurance involves the use and disclosure of your personal data by various insurance market participants such as intermediaries, insurers and reinsurers. The London Insurance Market Core Uses Information Notice [https://www.lmalloyds.com/LMA/News/LMA_bulletins/LMA_Bulletin_2013/LMA17_038_MS.aspx] sets out those core necessary personal data uses and disclosures. Our core uses and disclosures are consistent with the London Market Core Uses Information Notice. We recommend you review this notice.

Manchester Underwriting Management Limited and Pelican Underwriting Management Limited are underwriting agents of the insurer for policies we issue. We have authority to underwrite and administer policies on behalf of the insurer. Our contact details are shown below along with the details of the current insurers that underwrite our policies. This information is also available on our website. The insurer will also be named in any quote or policy purchased from us. If you are an intermediary, e.g. an insurance broker or an intermediary that issues policies on our behalf then you will provide a privacy notice to policyholders.

In order for us to quote and issue an insurance policy we need to collect and process certain information about the policyholder and those covered by the policy. Similarly, in order to administer a claim we need to collect and process certain information about those parties involved in the claim, e.g. claimants, witness, etc. We also collect personal data and other information for intermediaries that distribute our policies to enable us to meet contractual, regulatory, legal and business interests. This privacy notice helps you and parties involved in a claim to understand among other things the legal basis and purpose behind our requirement to receive the information and includes details of those that we share it with and why. You can find more information about this below under ‘What information we collect about you’, from those involved in administering our policies and claims and from the Insurance Market Core Uses Information Notice.

Please contact us at our registered office or email us at dataprivacy@manchesterunderwriting.com if you have questions concerning this Privacy Notice, including requests for information relating to data held by previous insurers and other parties referenced in this notice, or your Data Subject Access Rights. These include:

Right to withdraw consent: Where you have provided consent to marketing or processing sensitive information.
Data Portability: The transfer of your personal data to another Data Controller.
Erasure: To have your personal data removed or deleted.
Rectification: To have your personal data corrected if it is inaccurate.
Restrict Processing: To restrict processing where your personal data is inaccurate or the processing is unlawful.
Subject Access Request: To access your personal data and information around its processing.
Rights in relation to automated decision making and profiling.
To object to direct marketing.

Certain rights (erasure, restriction of processing, objecting to processing, removal of consent) if exercised may prevent us administering a claim or a policy and may lead to its termination. Regulatory and legal requirements may also prevent the exercising of some rights. We will advise you of this at the time of your request. Other rights (access, rectification and portability) may only be exercised where they do not adversely impact the rights of others, are legitimate and can be effected without undue burden or cost.

If you are unhappy with any response or have a complaint in relation to your data privacy please refer to our Manchester Underwriting Management Complaints Procedure. This does not restrict your rights to refer this matter to the Information Commission Office at:

The Information Commissioner
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF

What information do we collect?

Personal Data

Categories of data	Type of information processed	Where the data comes from	Who we disclose the data to	Purpose of processing	Lawful basis of processing
Individual Information	Name, address, marital status, date and place of birth, nationality, employer, job title, employment history, family details and their relationship to you.	Insurance intermediaries or other insurance market participants.Your family. Your employer.Credit reference agencies.	Insurers and companies within the Insurer’s Group and their agents (e.g. auditors).Group companies providing administration.Reinsurers.Our professional advisers, agents, third party service providers and brokers.Other intermediaries or market participants.Credit reference agencies. Sanction checking service providersAuditorsAnti-fraud databases.Ombudsman	Setting up as a client including possible fraud, sanctions, credit and anti- money laundering checks.Evaluating and pricing the risks to be insured and validating any appropriate premium.Policy administration and complaint handling.Evaluating and validating claims.Managing, administering and monitoring risk through reinsurance.Marketing to brokers using broker contactsBusiness continuity and disaster recovery.	Legal obligationLegitimate interest (insurance purposes)Consent.
Policy Information	Information about the quotes you receive and the policies you take out.	Insurance intermediaries or other insurance market participants.Your family. Your employer.	Insurers and companies within the Insurer’s Group and their agents (e.g. auditors).Group companies providing administration.Reinsurers.Our professional advisers, agents, third party service providers and brokers.Other intermediaries or market participants.AuditorsAnti-fraud databases.Ombudsman.	Managing you as a client including communication, evaluating and pricing the risks to be insured and validating and collecting any appropriate premium.Evaluating and validating claims.Managing, administering and monitoring risk through reinsurance.Policy administration and complaint handling.	Legal obligationLegitimate interest (insurance purposes)
Financial Information	Premiums and claims paid on your policies.Bank account details.Income and other financial information.	Insurance intermediaries or other insurance market participants.Your family. Your employer.Credit reference agencies.	Insurers and companies within the Insurer’s Group and their agents (e.g. auditors).Group companies providing administration.Reinsurers.Our professional advisers, agents, third party service providers and brokers.Other intermediaries or market participants.Credit reference agencies.Anti-fraud databases.AuditorsOmbudsman.	Collecting any appropriate premium.Payment of claims and related expenses.Evaluating and pricing the risks to be insuredPolicy administration and complaint handling.Managing, administering and monitoring risk through reinsurance	Legitimate interests (insurance purposes)
Statutory and anti-fraud information	Name, date of birth, address, credit history, credit score, sanctions and information from anti-fraud databases concerning you.	Insurance intermediaries or other insurance market participants.Your family. Your employer.Credit reference agencies.Anti-fraud databases, sanctions lists, court judgements, other government agencies and professional bodies.	Insurers and companies within the Insurer’s Group and their agents (e.g. auditors).Group companies providing administration.Reinsurers.Our professional advisers, agents, third party service providers and brokers.Other intermediaries or market participants.Credit reference agencies.Anti-fraud databases.AuditorsOmbudsman.Regulators and law enforcement authorities.	Setting you up as a client including possible fraud, sanctions, credit and anti- money laundering checks.	Legal obligationLegitimate interests (insurance purposes)
Claim Information	Information about previous and current claims.	Insurance intermediaries or other insurance market participants.Family and employers.Credit reference agencies.Anti-fraud databases, claimants, defendants, witnesses, experts inc. medical experts, loss adjustors, solicitors and claims handlers.Courts.	Insurers and companies within the Insurer’s Group and their agents (e.g. auditors).Group companies providing administration.Reinsurers.Our professional advisers, agents, third party service providers and brokers.Other intermediaries or market participants.Credit reference agencies.Anti-fraud databases.AuditorsOmbudsman.	Managing insurance and reinsurance claims.Defending or prosecuting legal claims. Investigating or prosecuting fraud.Administering regulatory and sanction checks.Administering complaints.	Legal obligationLegitimate interests (insurance purposes) For witnesses consent is obtained unless compelled by law

Special Categories of Data

Categories of data	Type of information processed	Source of the data	Who we disclose the data to	Purpose of processing	*Lawful basis of processing /Grounds for processing***
Individual Information	Health information and medical reports.	Insurance intermediaries or other insurance market participants.Your family. Your employer.Credit reference agencies.Anti-fraud databases, sanctions lists, court judgements, other government agencies and professional bodies.	Insurers and companies within the Insurer’s Group and their agents (e.g. auditors).Group companies providing administration.Reinsurers.Our professional advisers, agents, third party service providers and brokers.Other intermediaries or market participants.Anti-fraud databases.AuditorsOmbudsman.	Setting you up or managing you as a client.Evaluating and pricing the risks to be insured and validating any appropriate premium where there is health or life insurance.Policy administration and complaint handling.Evaluating and validating claims.Managing, administering and monitoring risk through reinsurance.	Legal obligation / Necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacityConsent / The data subject has given explicit consent to the processing of those personal data for one or more specified purposesLegitimate interest (insurance purposes) / Necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity
Statutory and anti-fraud information	Criminal records and convictions. Surveillance reports.	Insurance intermediaries or other insurance market participants.Your family. Your employer.Credit reference agencies.Anti-fraud databases, sanctions lists, court judgements, other government agencies and professional bodies.	Insurers and companies within the Insurer’s Group and their agents (e.g. auditors).Group companies providing administration.Our professional advisers Reinsurers.Our agents, third party service providers and brokers.Other intermediaries or market participants.Credit reference agencies.Anti-fraud databases.AuditorsOmbudsman.Regulators and law enforcement authorities.	Setting you up as a client including possible fraud, sanctions, credit and anti-money laundering checks.Evaluating and validating claims.	Legal obligation / Processing is necessary for reasons of substantial public interest, on the basis of UK or EU lawLegitimate interests (insurance purposes) / Processing is necessary for the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity

How we protect information

Personal privacy is important to us and we and those we share personal data with follow strict security and organisational procedures in the processing, storage, destruction and disclosure of your information. This is to prevent unauthorised or unlawful processing and the accidental loss, destruction or damage of your information. Examples of the security measured we use include access controls, firewalls and encryption.

Profiling

MUM undertakes a limited amount of profiling/automated decision making. This is used when providing online underwriting systems, which will ask questions similar to the proposal forms used by MUM. The online system uses the answers to establish if the risk is one suitable for MUM or not.

Call Monitoring and Recording

For quality control purposes and to audit the evaluation process for the pricing of the risks to be insured, we may review copies of telephone recording made between an intermediary and policyholders.

Cookies Policy

The processing of cookies is governed by our cookies policy – see the separate statement on our website.

Data Retention

Personal data will only be kept for as long as it is necessary for the purpose it was collected for. We maintain a record retention policy that details the procedures for retaining and securely destroying data. Contractually the insurers we work with require us to maintain policy records for set periods. Additionally, policies contain general insurance cover and associated claims could arise up to 15 years or 50 years after the expiry of the policy. Policy records required to investigate and administer such claims will be retained accordingly. Where personal data including sensitive personal data is submitted to us in a form that prevents easy separation all the records will be held for the minimum period required to meet our contractual, legal and regulatory obligations.

Transfer of Data

Insurer and reinsurers can be UK or EU based and they can have Group companies worldwide. The insurers and reinsurers are responsible for complying with the EU GDPR or equivalent.

We will not transfer personal data to any other recipients in other countries that do not provide an adequate level of data protection. Personal data may be disclosed to our group companies, insurers, reinsurers, retrocessionaires, other insurance intermediaries or market participants, professional advisors, regulators, law enforcement authorities, ombudsman and other agents and suppliers, some of whom may be outside the EEA. Further details can be obtained by contacting us or for the insurers we work with, by reviewing the privacy notices below.