Your Privacy and Security

1. Introduction

This Privacy Statement will help you understand how we collect, use and protect your personal information when you interact with us. Please take a few moments to read the sections below and learn how we may use personal information. You should also show this notice to anyone else who may be accessing your information. In order to comply with regulations we retain the data in relation to your policy for seven years after conclusion of the contract you hold with us. Any data which has Employers Liability will be kept for 60 years.

The data controller is Groves, John and Westrup Limited, 8th Floor Walker House, Exchange Flags, Liverpool, L2 3YL.

The insurer Munich Re Syndicate Limited is also a data controller, St Helens, 1 Undershaft, London EC3A 8EE. For more information see www.munichre.com/syndicate457

If you have any questions about this privacy notice or about your Data Subject Access Rights including:

• Data Portability: The transfer of your personal data to another Data Controller.

• Erasure: To have your personal data removed or deleted.

• Rectification: To have your personal data corrected if it is inaccurate.

• Restrict Processing: To restrict processing where your personal data is inaccurate or the processing is unlawful.

• Subject Access Request: To access your personal data and information around its processing.

• Objecting to direct marketing.

Please contact the Data Protection Officer at:
Groves, John and Westrup Limited,
8th Floor Walker House,
Exchange Flags,
Liverpool, L2 3YL

Or
dataenquiries@gjwdirect.com

2. What Information Do We Collect About You?

We will collect your personal information when:
You contact us to ask a question
You obtain a quotation from us
You use our website
We process any new policy documentation, renewal documentation or mid-term adjustments process claims and
when we provide you with information about our services.

Personal Data

Individual Information

• Type of information processed
Name, address, marital status, date and place of birth, nationality

• Where the data comes from
Insurance intermediaries or other insurance market participants.
You and your family.
Credit reference agencies (if credit is applied for).

• Who we disclose the data to
The insurer
Group companies providing administration.
Reinsurers.
Credit reference agencies (if credit is applied for).
Anti-fraud databases.

• Purpose of processing
Setting you up as a client including possible fraud, sanctions, credit and anti- money laundering checks.
Evaluating and pricing the risks to be insured and validating any appropriate premium.

• Lawful basis of processing
Performance of our contract with you.
Financial Information

Financial Information

• Type of information processed
Premiums and claims paid on your policies.
Bank account or payment card details.
Income and other financial information.

• Where the data comes from
Insurance intermediaries or other insurance market participants.
You and your family.
Credit reference agencies (if credit is applied for).

• Who we disclose the data to
The insurer
Group companies providing administration.
Credit reference agencies (if credit is applied for).
Anti-fraud databases.

• Purpose of processing
Collecting any appropriate premium.

• Lawful basis of processing
Performance of our contract with you.
Statutory and anti-fraud information

Statutory and Anti-Fraud Information

• Type of information processed
Credit history, credit score, sanctions and information from anti-fraud databases concerning you.

• Where the data comes from
Insurance intermediaries or other insurance market participants.
You and your family.
Credit reference agencies (if credit is applied for).
Anti-fraud databases, sanctions lists, court judgements and other government agencies.

• Who we disclose the data to
The insurer.
Group companies providing administration.
Credit reference agencies (if credit is applied for).
Anti-fraud databases.

• Purpose of processing
Setting you up as a client including possible fraud, sanctions, credit and anti- money laundering checks.

• Lawful basis of processing
Performance of our contract with you.
Compliance with a legal obligation.

Claim Information

• Type of information processed
Information about previous and current claims.

• Where the data comes from
Insurance intermediaries or other insurance market participants.
You and your family.
Credit reference agencies (if credit is applied for).
Anti-fraud databases, claimants, defendants, witnesses, experts inc. medical experts, loss adjustors, solicitors and claims handlers.

• Who we disclose the data to
The insurer.
Group companies providing administration.
Reinsurers.
Credit reference agencies (if credit is applied for)..
Anti-fraud databases.

• Purpose of processing
Managing insurance and reinsurance claims.
Defending or prosecuting legal claims.
Investigating or prosecuting fraud.

• Lawful basis of processing
Performance of our contract with you.
Compliance with a legal obligation.

Email, SMS and Telephone Recordings

• Type of information processed
Name, address, marital status, date and place of birth, nationality, employer, job title, employment history, family details and their relationship to you.

• Where the data comes from
Insurance intermediaries or other insurance market participants.
You and your family.
Credit reference agencies (if credit is applied for).

• Who we disclose the data to
The insurer.
Group companies providing administration.
Reinsurers.
Credit reference agencies (if credit is applied for).
Anti-fraud databases.

• Purpose of processing
Setting you up as a client including possible fraud, sanctions, credit and anti- money laundering checks.
Evaluating and pricing the risks to be insured and validating any appropriate premium.
Prevention of unauthorised use of our telecommunications systems and websites
Quality control and training

• Lawful basis of processing
Performance of our contract with you.
Compliance with a legal obligation.

Special Categories of Data

Individual Information

• Type of information processed
Gender, health information and medical reports.

• Where the data comes from
Insurance intermediaries or other insurance market participants.
You and your family.
Credit reference agencies (if credit is applied for).

• Who we disclose the data to
The insurer.
Group companies providing administration.
Reinsurers.
Other intermediaries or market participants.
Credit reference agencies (if credit is applied for).
Anti-fraud databases.

• Purpose of processing
Evaluating and pricing the risks to be insured and validating any appropriate premium.

• Lawful basis of processing
Consent.

Statutory and Anti-Fraud Information

• Type of information processed
Criminal records and convictions.
Surveillance reports.

• Where the data comes from
Insurance intermediaries or other insurance market participants.
You and your family.
Credit reference agencies (if credit is applied for)..
Anti-fraud databases, sanctions lists, court judgements and other government agencies.

• Who we disclose the data to
The insurer.
Group companies providing administration.
Reinsurers.
Other intermediaries or market participants.
Credit reference agencies (if credit is applied for).
Anti-fraud databases.

• Purpose of processing
Setting you up as a client including possible fraud, sanctions, credit and anti- money laundering checks. 
• Lawful basis of processing
Processing carried out under the control of official authority.

Non-Personal Information Collected Online
Please see /cookies

Dealing With Other People

Policy Administration

We will deal with anyone named on the policy.  It is not our policy to deal with your spouse, partner or parent without your written consent. If you would like someone else to deal with your policy on your behalf on a regular basis please let us know.

If you give us information about another person, in doing so you confirm that they have given you permission to provide it to us to be able to process their personal data (including any special personal data) and also that you have told them who we are and what we will use their data for, as set out in this privacy statement.

Marketing

If you have opted in to receive marketing material Groves, John and Westrup Limited or group companies (which includes any company of whom the ultimate parent company is Munich Re Specialty Group Limited) will contact you from time to time by telephone, post, e-mail or SMS to keep you informed with news, products or services, including but not limited to boat insurance together with carefully selected offers or promotions which we feel may be of interest to you. Other carefully selected companies may also contact you by post.

If you would like to receive the marketing material referred to above please contact us using either the email address insure@gjwdirect.com, Tel: 0151 473 8000 or write to The Data Protection Officer at the above address.

3. Confidentiality

We treat your personal information as private and confidential.

The disclosures we make have been detailed in Section 2 above.

We would like to bring to your attention our obligations to disclose information in the following four exceptional cases permitted by law, and the other situations as set out below.

These are:

• Where we are legally compelled to do so;
• Where there is a duty to the public to disclose;
• Where disclosure is required to protect our interest;
• Where disclosure is made at your request or with your consent.

Also, from time to time we will employ agents and sub contractors to process your personal information on our behalf. These include IT Software Suppliers and Payment Services Suppliers. The same duty of confidentiality and security will apply to them and all processing will be carried out under our instruction.

When taking out a policy for your narrowboat it is necessary for us to pass your information to River Canal Rescue (RCR) to enable your contract with them to be fulfilled. Once we have passed your data to RCR they will become the Data Controller. A copy of RCR's privacy notice can be found at http://www.rivercanalrescue.co.uk/privacy-cookie/

If you make a complaint about the service we have provided, we may be obliged to forward details about your complaint, including your personal information to the relevant Ombudsman, the insurer and to Lloyds.

In the unfortunate event that you have to make a claim then we will need to disclose information with any other party involved in that claim. This may include:

Third parties involved with the claim, their insurer, solicitor or representative;

Medical teams, the police or other investigators and Courts.

Credit Reference

When you apply to us to open an account we make a number of checks to assess your application for credit and verifying identities to prevent and detect crime and money laundering. To obtain this information, we will check the following records about you and anyone else who may also be insured and whose personal details have been provided as part of the insurance application.

Our own records

Credit Reference Agency (CRA) records. When we search these CRAs this will place a search footprint on your credit file that may be seen by other lenders. They supply us with both public (including the electoral register), and shared credit and fraud prevention information;

Fraud Prevention Agency (FPA) Records.

We make searches about you at credit reference agencies who will supply us with information, including the Electoral Register and credit information. The agencies will record details of the search whether or not your application proceeds. The searches will not be seen or used by lenders to assess your ability to obtain credit. We may use scoring methods to assess this application and to verify your identity. Credit searches and other information which is provided to us and/or the credit reference agencies, about you and those with whom you are linked financially, may be used by other companies if you, or other members of your household, apply for other facilities including insurance applications and claims. This information may also be used for debt tracing and the prevention of money laundering as well as the management of your account. Alternatively, we may ask you to provide physical forms of identification.

We may also make periodic searches at CRAs and FPAs to manage your account with us.

Information on applications will be sent to and recorded by CRAs. When you borrow from us, we will give details of your account(s) and how you manage it/them to CRAs. If you borrow and do not repay in full and on time, CRAs will record the outstanding debt. This information may be supplied to other organisations by CRAs and FPAs to perform similar checks, and to trace your whereabouts and recover debts that you owe. Records remain on file for six years after they are closed, whether settled by you or defaulted.

If you give us false or inaccurate information and we suspect or identify fraud, we will record it and may also pass this information to FPAs and other organisations involved in the prevention of crime and fraud.

If you borrow from us and do not make payments that you owe us, we will trace your whereabouts and recover debts.

Your data may also be used for other purposes for which you give your specific permission or, in very limited circumstances, when required by law.

How to Find Out More

This is a condensed guide to the use of your personal information. If you would like to read the full details of how your data may be used please contact the Data Protection Officer at the address above.

You can contact the CRAs currently operating in the UK; the information they hold may not be the same so it is worth contacting them all. They will charge you a small statutory fee.

• Call Credit. Consumer Services Team, One Park Lane, Leeds, LS3 1EP or call 0845 366 0071 or log on to www.callcredit.co.uk

• Equifax. Credit File Advice Centre, PO Box 1140, Bradford, BD1 5US or call 0844 335 0550 or log on to www.equifax.co.uk

• Experian. Credit Expert, PO Box 7710, Nottingham, NG80 7WE or call 0344 481 0800 or log on to www.experian.co.uk

If necessary we may also have to investigate your claims and conviction history in the course of administering any claim. You can be assured that we will keep such investigations strictly confidential.

Insurers pass information to the Claims Underwriting and Exchange Register, run by Insurance Database Services (IDS). This helps insurers check information and prevent fraudulent claims. When we deal with your request for insurance we may search these registers. Under the conditions of your policy you must tell us about any incident (such as an accident or theft) which may give rise to a claim. When you tell us about an incident we will pass information to the registers.

Fraud Prevention and Detection Notice

In order to prevent and detect fraud insurers may, at any time:

• Share information about you with us and other group companies;
• Pass details to Insurance Hunter, a central insurance application and claims checking system, whereby it may be checked against information held by Insurance Hunter and shared with other insurers.
• If false or inaccurate information is provided and fraud is identified details will be passed to fraud prevention agencies.
• Law enforcement agencies may access and use this information.
• We and other organisations may also access and use this information to prevent fraud and money laundering, for example when:
• Checking details on applications for credit and credit related or other facilities;
• Managing credit and credit related accounts or facilities;
• Recovering debt;
• Checking details on proposals and claims for all types of insurance;

We and other organisations may access and use, from other countries, the information recorded by fraud prevention agencies.

We may also disclose information about you and your policy:
• the insurer and other group companies
• In the event that we undergo re-organisation or are sold to a third party, in which case you agree that any personal information we hold about you may be transferred to that re-organised entity or third party.
• Where it is necessary to deliver the products and services bought by you, for example, we may disclose your personal information to a credit card company to validate your credit card details and obtain payment. It may also be necessary for us to pass your personal information to the organisation from whom you have ordered any products or services other than your insurance product, such as legal expense provider, etc. At all times we will remain the data controller unless we inform you otherwise.

Information Security

Your privacy is important to us and we follow strict security and organisational procedures in the processing, storage, destruction of your information.  This is prevent unauthorised access or loss of your information We encrypt special categories of information in transit.

Transfer of data

We will not transfer your personal data to countries that do not provide an adequate level of data protection.  Your personal data may be disclosed to companies within the Group outside the EEA and to Service Providers outside the EEA.

4. Privacy Support

We reserve the right to amend or modify this Privacy Statement at any time and in response to changes in applicable law.
If you are unhappy with any response or have a complaint.  You can raise this with:
The Information Commissioner
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF
www.ico.org.uk

For information regarding how GJW Direct use job applicant data, please review our Applicant Information Notice.

Created by Mahmudur Rahman Shovyfrom the Noun ProjectCreated by Laurent Patainfrom the Noun ProjectCreated by Mister Pixelfrom the Noun ProjectCreated by Jonathan Lifrom the Noun Projectgjw iconsgjw iconsgjw iconsgjw iconsgjw iconsgjw iconsgjw iconsgjw iconsgjw iconsgjw iconsgjw iconsgjw iconsgjw iconsgjw iconsgjw icons