Last Updated - October 2019

What this Privacy Notice covers

This privacy notice sets out how Polaris UK Ltd (“Polaris”, "we " or "us") use the information we collect from you when using imarket how we safeguard your privacy. It also describes your data protection rights, including a right to object to some of the processing which Polaris carries out. More information about your rights, and how to exercise them, is set out in the “What rights do I have?” section below.

This notice covers only business contact data and subscriber data which we hold on behalf of our corporate insurance company and insurance brokers. If you are an individual whose personal data is stored in the imarket insurance system, please contact your relevant insurer or insurance broker for more information and to exercise your rights.

Summary of how we use your data

Withdrawing consent or otherwise objecting to direct marketing

Wherever we rely on your consent, you will always be able to withdraw that consent, although we may have other legal grounds for processing your data for other purposes, such as those set out above. In some cases, we are able to send you direct marketing without your consent, where we rely on our legitimate interests. You have an absolute right to opt-out of direct marketing, or profiling we carry out for direct marketing, at any time. You can do this by following the instructions in the communication where this is an electronic message, or by contacting us using the details set out below.

The information we collect

As part of providing imarket, we will collect and process the following personal data:

What we do with the information we gather and the legal basis for use

Polaris will only process the information you provide to us for the following purposes:

Whom we will share our data with, where and when

Polaris is a data processor for imarket and will only use the information you provide to us to pass to insurance companies from whom you wish to obtain services, and your software system providers, on your direction.

Data will be shared with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of our legitimate interests in compliance with applicable laws.

Personal data will also be shared with third party service providers, who will process it on behalf of Polaris for the purposes identified above. Such third parties include providers of website hosting, maintenance, IT support and organisations which use imarket services for security and include IBM, insurers verifying your rights to use services on their systems, Click4Assistance, Iron Mountain and Colt.

In the event that the business is sold or integrated with another business, your details will be disclosed to our advisers and any prospective purchaser’s adviser and will be passed to the new owners of the business.

Where information is transferred outside the EEA, and where this is to a stakeholder or vendor in a country that is not subject to an adequacy decision by the EU Commission, data is adequately protected by EU Commission approved standard contractual clauses, an appropriate Privacy Shield certification or a vendor's Processor Binding Corporate Rules. For example transfers to IBM in Australia, Brazil, Costa Rica, Singapore, and the United States are covered by the Standard Contractual Clauses.

How long will we retain your personal data

To allow us to perform the contract, we will retain your data prior to and for the contract’s duration. We may also retain data for a longer period (up to 7 years) if it is needed in case of account/audit queries, or to comply with legal requirements. However, if this is the case we will only retain the data that is necessary to deal with such issues.

Links to other websites

Our website contains links to enable you to visit other websites of interest easily. However, once you have used these links to leave our site, you should note that we do not have any control over these other websites.

Therefore, we cannot be responsible for the protection and privacy of any information that you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the Privacy Notice applicable to the website in question.

Use of Cookies

What is a cookie?

Most websites will use cookies in order to improve the user experience by enabling that website to 'remember' the user, either for the duration of their visit (using a 'session cookie') or for repeat visits (using a 'persistent cookie').

Cookies perform many functions, such as letting a user navigate between pages efficiently, storing user preferences, and generally improving the user experience of a website. Cookies make the interaction between the user and the website faster and easier. If a website doesn't use cookies, it will behave as the user was a new visitor to the site each time a different page was opened. This would mean that the website would not retain details, such as login information, already entered during the visit.

What is in a cookie?

Each cookie is unique to a web browser. It will contain some anonymous information such as a unique identifier and the site name and some digits and numbers. It allows a website to remember things like preferences or the contents of a shopping basket.

How we use cookies

We use "session" cookies on the website. We will use the session cookies to retain information about your current visit to assist your navigation around the website. Session cookies will be deleted from your computer when you close your browser.

What is a session cookie?

Session cookies enable the website you are visiting to retain details of your movement from page to page so you are not required to enter the same information multiple times during the same visit to the site. Cookies allow you to proceed through many pages of a site quickly and easily without having to authenticate or reprocess each new area you visit.

Important information regarding session cookies:

Where we rely on your consent for processing data, such as for placing cookies and similar technologies, you can withdraw this consent at any time. Note that by disabling certain categories of cookies you may be prevented from accessing some features of imarket or certain content or functionality may not be available.

Your rights in relation to your personal data

You have the right to ask us for a copy of your personal data; to correct, delete or restrict (stop any active) processing of your personal data; and to obtain the personal data you provide to us for a contract or with your consent in a structured, machine readable format, and to ask us to share (port) this data to another controller.

If you believe that any information we are holding on you is incorrect or incomplete, please contact us as soon as possible, using the same email address. We will promptly correct any information found to be incorrect.

In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement, or where we are using the data for direct marketing). If you wish us to cease processing of your data, we will remove any data we hold for you unless it is needed to comply with legal or statutory requirements, or we have a legitimate interest in retaining the data (for example because we have no other contact within your organisation). In this case we will only retain any data needed to comply with that requirement. If you wish us to cease sending emails to you, or remove your details from our records, please contact us or use the unsubscribe link in the latest email sent to you.

These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping it. Relevant exemptions are included in both the GDPR and in the Data Protection Act 2018. We will inform you of relevant exemptions we rely upon when responding to any request you make.

To exercise any of these rights, please contact us at [email protected]. You can also get in touch with us by writing to Polaris, New London House, 6 London Street, London EC3 7LP. If you have unresolved concerns, you have the right to complain to an EU data protection authority where you live, work or where you believe a breach may have occurred. This is likely to be the Information Commissioner’s Office in the UK.