Please take time to read this document carefully as it contains details of the basis on which we will process (such as collecting, using, sharing, transferring) and store your information.
You should show this notice to all parties related to your insurance arrangement. You must ensure that any such personal data you supply relating to anyone else is accurate and that you have obtained their consent to the use of their personal data for the purposes set out above. Where you authorise a third party on the policy, it is our standard practice to speak to either you or the third party regarding the policy, after completing relevant identity checks.
If you have any questions or need further information you can contact us by calling 0333 433 0001 or emailing firstname.lastname@example.org or writing to us at GoShorty, First Floor, West Wing, London House, First Avenue, Poynton Cheshire SK12 1YP
Who are we?
goshorty is a trading style of Complex to Clear Group Limited, (referred to as “GoShorty” “us” or “we”) is an insurance broker authorised and regulated by the FCA No. 751221. GoShorty arranges and administers insurance policies in conjunction with our panel of insurance companies, product and service providers.
Complex to Clear Group Limited T/A GoShorty is a registered company, company number 05044963 registered in England and Wales. Address – First Floor, West Wing, London House, First Avenue, Poynton Cheshire SK12 1YP.
Data Controller and Data Processer
GoShorty will treat your personally identifiable information strictly in accordance with The Data Protection Act 2018 (DPA 2018) as amended on 01 January 2021 to reflect the United Kingdom’s status outside the EU.
We will ensure data is processed lawfully, fairly and in an open and transparent manner and ensure appropriate security measures are in place against unauthorised or unlawful processing or accidental loss, destruction or damage using appropriate technical or organisational measures.
As a processor, we operate strictly in accordance with contracts we have in place with our suppliers (e.g., Insurance Companies, Software Providers, and similar providers of services to us) which set out our relationship as a processor as required by The Data Protection Act 2018.
In relation to the personal data we collect from and use, we are the ‘data controller.’ This means we decide the purpose and manner in which your personal data is used and processed. Our service and product suppliers may also be data controllers of your personal data, and this is explained more fully below.
The data we may collect about you
The following is a list of the types of personal data we may collect and hold about you:
|Types of personal data||Details|
|Individual details||Name, address (including proof of address), other contact details (e.g. email and telephone numbers, gender, marital status, date and place of birth, nationality, employer, job title and employment history, and family details, including their relationship to you, vehicle and property details.)|
|Identification details||Identification numbers issued by government bodies or agencies, including your national insurance number, passport number, tax identification number and driving license number.|
|Financial information||Bank account or payment card details, income or other financial information.|
|Risk details||Information about you which we need to collect in order to assess the risk to be insured and provide a quote. This may include data relating to your health, criminal convictions, motoring convictions or offences or other special categories of personal data.|
|Policy information||Information about the quotes you receive and policies you take out.|
|Credit and anti-fraud data||Credit history, credit score, sanctions and criminal offences, and information received from various anti-fraud databases relating to you.|
|Previous and current claims||Information about previous and current claims, (including other unrelated insurances), which may include data relating to your health, criminal convictions, motoring convictions or offences or other special categories of personal data and in some cases, surveillance reports.|
Some of the personal data you share with us may be ‘special category’ personal data. Certain categories of personal data have additional protection under data protection regulation due to its sensitivity. Special category data includes data relating to health, criminal convictions, racial or ethnic origins, political opinions, religious or philosophical beliefs, trade union membership, genetic, biometric or data concerning sex life or sexual orientation. For the purposes of this notice, we should only process special category relating to health or criminal convictions.
Using information about you
We may collect and process your personal data to:
Profiling and automated processing of personal data
You should be aware that our assessment may involve an automated decisionto check for customer suitability to our products, for example we might perform a credit search to check an individual’s solvency and credit rating. We also analyse data to identify products and services that customers may be interested in, this is commonly known as profiling. You have the right to object to the use of profiling activities and the use of automated decision making (services/tools and techniques) however in those situations it may prevent us from being able to provide you with insurance.
Please contact us if you object to the use of, or you have any questions relating to the use of, your data, the retention of your personal data or the use of profiling and automated decision-making services/tools and techniques.
Where we may collect personal data about you
We may receive your personal data through various channels; over the phone, through our website, face to face and directly through secure transfer from other providers
We might collect your personal data from various sources, including:
Sharing your personal data
We will also share personal data with authorised third parties, this is necessary where we are required to do so by law, where we need to administer our business, to quote for, source, place and administer your insurances, to perform underwriting activities and to process claims. Some examples include:
Examples of important areas where we use third party suppliers include for the purposes of:
We will ensure that any data processor we use has entered into a contract with us which fully sets out the data processor’s duties, including in relation to protecting the processing of your personal data.
Unless required to do so by law, or for other similar reasons, other than those outlined we will never otherwise share personal information without good reason and without ensuring the appropriate care and necessary safeguards are in place; we will in any other event ask for your consent to share that information and explain the reasons.
* We will conduct credit reference checks at one or more of the UK’s credit reference agencies in certain circumstances. In all cases these checks will be carried out to confirm identity, help prevent fraud and calculate premiums. This is a soft search which means it is only visible to you (if you request a copy of your credit file at the credit reference agencies) and is not visible to other organisations. This type of credit reference check will not affect your credit file.
The search will be visible on your credit report but it won’t affect your credit rating as it’s not an application for credit. The credit reference agencies may add the details of our searches and personal data that we hold about you to their records relating to you.
Telephone call recording
Telephone calls with us will be recorded for training, quality and complaint handling purposes. We may engage third parties to carry out compliance monitoring on our behalf, and personal data including call recordings, is made available to such parties for this purpose.
Under the Data Protection Act 2018 (DPA 2018) the below lawful bases are appropriate for our data processing activities. We will use information, including sensitive information, about individuals, and other parties related to our insurance activities, principally:
Where we rely on legitimate interests in order to process your data, you may object at any time.
We will not change the lawful bases for our data processing without providing you notice.
Please note that Insurers and other third parties we may share your data with will act as data controllers for that data they receive. If we cease to process your data for whatever reason, Insurers or third parties may be required to continue to hold and process your data for their own purposes and based on their own legitimate interests or other legal basis.
Safeguarding your information
When processing personal data for profiling purposes undertaken as part of our activities, including those as a distributor of insurance we will ensure appropriate safeguards are in place, ensuring:
Analytics (aggregated information)
By collecting information regarding your current, on-going, and past insurance arrangements or policies we will use this to carry out research and analysis (including profiling) principally as part of the actuarial (but not limited to) activities we carry-out to provide insurance arrangements to you now and in the future.
We will do this in such a way, which involves large volumes of information being converted into statistical or aggregated data meaning a particular individual can no longer be identified. Some aspects of the research and analysis undertaken are separate from using your information directly in connection with your insurance arrangement but are compatible with our activities as a distributor of insurance.
Use and storage of your information overseas
We will never knowingly transfer, store, or process information about you outside the European Economic Area (EEA). In any event, if we are compelled to transfer your information outside the EEA (e.g. because it is an insurance arrangement with an Insurance Company who is outside the EEA or part of a larger group of companies who pass information outside the EEA) it shall be in compliance with the conditions for transfer set out in the Data Protection Act 2018 and or restricted to a country which is considered to have adequate data protection laws, and all reasonable steps shall typically have been undertaken to ensure the firm has suitable standards in place to protect your information
Retention of your personal data
GoShorty will only keep and maintain information about an individual for as long as is necessary in providing our products and services or for compliance with a legal or regulatory obligation, including our legitimate interests or of a controller.
For the purposes of supporting our complaint handling, quality management, regulatory requirements and to defend against legal claims, personal data associated with the provision of quotes, inceptions and management of policies will be retained for a maximum of 7 years from the conclusion of your relationship with us.
Personal data will be retained for 11 years for the purpose of analysing and assessing risk in relation to insurance claims.
Personal data relating to quotes requested and subsequently not taken up by you will only be processed for marketing purposes for 2 years. Should you wish to stop receiving any form of marketing contact please let us know.
Call recordings will be retained for 3 years. Certain call recordings may be held for longer in the event that they are required to support specific regulatory investigations, complaints handling or the prevention and detection of crime.
Individuals are provided with legal rights governing the use of their personal data. These grant individuals the right to understand what personal data relating to them is held, for what purpose, how it is collected and used, with whom it is shared, where it is located, to object to its processing, to have the data corrected if inaccurate, to take copies of the data and to place restrictions on its processing. Individuals can also request the deletion of their personal data.
These rights are known as Individual Rights under the Data Protection Act 2018. The following list details these rights:
Individuals can exercise their Individual Rights at any time. As mandated by law we will not charge a fee to process these requests, however if your request is considered to be repetitive, wholly unfounded and/or excessive, we are entitled to charge a reasonable administration fee.
In exercising your Individual Rights, you should understand that in some situations we may be unable to fully meet your request, for example if you make a request for us to delete all your personal data, we may be required to retain some data for taxation, prevention of crime and for regulatory and other statutory purposes.
If you require further information on your Individual Rights or you wish to exercise your Individual Rights, please contact us by calling 0333 433 0001 or emailing email@example.com or writing to us at GoShorty, First Floor, West Wing, London House, First Avenue, Poynton Cheshire SK12 1YP.
GoShorty may contact you by post and telephone for our legitimate marketing purposes in order to let you know about offers and other products and services.
With your consent we may also from time to time contact you by SMS or email with details of our other products and services.
We may collect personal data about you which, when combined with the personal data you have given us, helps us to target and tailor communications which we believe may be more relevant to you.
If you would like to opt out of receiving marketing correspondence of any kind, you can let us know at any time by writing to us, by calling us on 0333 433 0001 or emailing firstname.lastname@example.org
We do not sell or pass on your details to any third parties for the purposes of marketing their own products or services.
Using our Website, and Cookies
How to complain
If you have any concerns about our use of your personal information, you can make a complaint to us by writing to us, by calling us on 0333 433 0001 or emailing email@example.com.
You can also complain to the ICO if you are unhappy with how we have used your data.
The ICO’s address:
Information Commissioner’s Office
Helpline number: 0303 123 1113
ICO website: https://www.ico.org.uk