We are committed to ensuring your privacy is protected. Please take time to read this document carefully as it contains details of the basis on which we will process (collect, use, share, transfer) and store your information. You should show this notice to all parties related to any service or related insurance arrangement. If you have given us information about
someone else, you are deemed to have their permission to do so.
If you have any questions or need further information you can e-mail DPO@jensten.co.uk or write to our Data Protection Officer, Jensten Group Limited, Coversure House, Washingley Road, Huntingdon, Cambridgeshire, PE29 6SR.
We are Jensten Insurance Brokers Limited, Company registration number 08284692, ICO ref Z3663264, we operate as an Insurance Intermediary. We are part of the Jensten Group of companies and will, at all times, treat all personally identifiable information strictly in accordance with The UK General Data Protection Regulations (“UK GDPR”), supported by the Data Protection Act 2018 (“DPA 2018”).
We may collect, use, process, store and transfer different kinds of personal data about you for the purpose of arranging your contract(s) of insurance, under the lawful basis of contract. We may also use this data to arrange premium finance for you at your request. We do not collect data that we do not need, the data we could collect is categorised as follows:
Identity data: Full name, previous names, title, date of birth, gender, NI number, passport number, driving licence number.
Contact data: Email address, residential address, telephone numbers.
Financial data: Bank details, payment card details.
Insurance data: Claims history, occupation. We may also request special categories of personal information in relation to medical history, any offences, or alleged offences.
We may use the information that we collect from you to provide you with information about other products or services that we could reasonably consider would be of interest to you, under the basis of legitimate interest. The Privacy and Electronic Communications Regulations 2003 requires consent for electronic communication. We may also share limited information with specified Third Parties in order to gain feedback on our service to you, we do this under the basis of legitimate interest.
Should we need to use your information for any other purpose we shall request your consent to do so.
Where we need to collect personal data under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case we may have to cancel the insurance that you have in place, and we will notify you if this is the case.
We usually use direct interaction to collect data from and about you through telephone, email, letter, or face to face communication. We also use online forms and quotation facilities for certain policy types. These may be websites administered by Jensten Group or by a third-party provider on our behalf.
We will ensure data is processed lawfully, fairly and in an open and transparent manner and ensure appropriate security measures are in place against unauthorised or unlawful processing or accidental loss, destruction or damage using appropriate technical or organisational measures (such as restricting access to key people within our organisation for certain aspects of your information; and periodically checking the level of security we apply to prevent unauthorised use, accidental loss, or misuse of your information).
If you are providing personal data on behalf of a third party, you must provide them with a copy of this privacy notice and obtain any consent where we require it for the processing of their data.
The contractual arrangements we have in place with our suppliers (e.g. Insurance Companies, our Client Database software provider, and similar providers of services to us, including other third-party companies who use our services), are governed by and shall be deemed to operate strictly in accordance with the terms of such contracts. Importantly, from your perspective these contracts set out to define how data will be processed between us, including circumstances when we act as a processor or controller as is required by the UK GDPR.
When acting as a controller of your data, we will, in certain circumstances determine the purposes and means of processing your data; in particular, this will include the data processed by brokers who use the services of other companies in the Jensten Group.
We will never knowingly transfer, store, or process information about you or an individual, outside the European Economic Area (EEA). In the event that, we are compelled to transfer your information outside the EEA (e.g. because it is an insurance arrangement with an Insurance Company who is outside the EEA or part of a larger group of companies who pass information outside the EEA) it shall be in compliance with the conditions for transfer set out in the GDPR and or restricted to a country which is considered to have adequate data protection laws. All reasonable steps shall typically have been undertaken to ensure the firm to which information is being transferred has suitable standards in place to protect such information.
Unless required to do so by law, or for other similar reasons, other than those outlined (see sharing your information) we will never otherwise share personal information without legal basis or without ensuring the appropriate care and necessary safeguards are in place; we will in any other event ask for your consent to share that information and explain the reasons.
We will only keep and or maintain information about an individual for as long as is necessary in providing our products and services or for compliance with a legal or regulatory obligation, including our legitimate interests or of a controller where we are the processor.
This means, we will only keep information that is necessary so that we can sufficiently deal with administrative issues, queries, claims and / or for compliance with legal reasons; usually we will keep information for a minimum retention period of 7 years after cessation of a product or service we have provided. For Employer’s Liability and certain other specific classes of business that require it, we will retain data for a maximum period of 40 years, after cessation of a product or service we have provided.
This Privacy Notice will be updated from time to time and was last updated on 22 March 2022.
It is important that personal data we hold about you is accurate and current. Please ensure that you keep us informed if your personal data changes during your relationship with us.
Under data protection law, you have rights including:
Your right of access – You have the right to ask us for copies of your personal information.
Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
Your right to data portability – You have the right to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
You are not usually required to pay any charge for exercising your rights, but we do reserve the right to make an administrative charge for Subject Access Requests if requests are deemed manifestly unfounded or excessive. If you make a request, we have one month to respond to you, but we are permitted by the UK GDPR to extend this by a further two months if the request is sufficiently complex or if you submit a number of requests.
Please contact us at the details provided below if you wish to make a request.
Data Protection Officer contact details:
The contact details of our Data Protection Officer are:
Data Protection Officer, Jensten Group Limited, Coversure House Vantage Park, Washingley Road, Huntingdon, Cambridgeshire, PE29 6SR
Or email: DPO@jensten.co.uk
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, Helpline number: 0303 123 1113 and ICO website: https://www.ico.org.uk
You will be asked to accept a cookie, which is a small file of letters and numbers that is downloaded on to your computer when you visit any of our group of companies’ websites. This will be clearly explained to you when you visit the website and you will typically have to accept the cookie to benefit from the services the website can offer.
Cookies are operated in strict accordance with the General Data Protection Regulations (Data Protection Act 2018) and Privacy and Electronic Communications Regulations 2011 (PECR) and are widely used by many websites and primarily enable the website to remember an individual’s preferences, recording information the individual may have entered into the web pages.
These same rules also apply if any individual accesses or uses any other type of technology to gain access to information stored electronically by us (e.g. a quote facility or app using a smartphone or similar portable device).
Google Analytics – This cookie is provided by Google, and we use them on our websites in order to analyse how visitors use our website, thereby helping us to improve our websites.
Google Analytics collects information in an anonymous form, including the number of visitors to our websites, how visitors have arrived to our websites, and which pages on our website the visitors have viewed.
Further information about google analytics can be found here: