We may update this policy from time to time should business or regulatory changes require us to do so. If this is the case we will communicate the changes on our websites. This version of the policy was released on 15-06-2022.
The trading companies within the Embignell Ltd group of companies and all trading names are listed here:
Our Contact Details
By email: firstname.lastname@example.org
By phone: 0343 178 1255
By post: Embignell Ltd, 39/51 Highgate Road, London NW5 1RT
Data Protection Notice
For this data protection notice “we/our/us” means any of the Embignell group trading companies.
Please ensure that you read and understand this Data Protection notice as it explains to you what we will do with the information that you give us. This may involve the collection and processing of sensitive personal data.
Under the UK General Data Protection Regulation (“UK GDPR”) and the United Kingdom Data Protection Act 2018, the lawful bases we will rely on to process your personal data are:
- Our contractual obligations to you in providing our products and services
- Our legitimate business interests
- Your consent in respect of marketing preferences
Protection of your personal data
The security of your personal information is very important to us and we maintain systems and processes to ensure compliance with all current data protection legislation. Your personal data is encrypted and securely stored in our data centres, which are PCI DSS certified. We will hold this information for a reasonable period of time, whether or not you make a purchase with us or secure employment with us, to ensure that we have a clear and complete history of insurance enquiries, card applications, policy records, transactions or job applications. All data is securely destroyed by a certified security company for the on-site physical destruction of hardware and media.
The Data Controller
The following Embignell Ltd trading companies are registered data controllers with the Information Commissioner’s Office:
- Union Income Benefit Holdings Ltd with the register number: Z5289358
- Union Income Ltd with the register number: Z1929787
- Union Benefit Services Ltd with register number: ZA176950
- Stonebridge International Insurance Ltd with the register number: Z529126X
How we collect your personal data
We will collect your data if you apply for a quote, purchase a product, or register for a service on one of our websites, one of our business partner websites or via our mobile app. We will also collect data from you if you submit an application to work for any of the group companies via the website.
The information that we collect may include:
- Basic information to identify you: your name, address, email address, telephone number and date of birth
- Information about members of your family if you want to include them on a product that you purchase from us
- Your marketing preferences
We may use information from public sources e.g. the electoral roll to verify your identity. We may also use information from online sources such as social media or information sharing platforms. We may also use information provided to us by third parties, who provide us with details of individuals who have expressed an interest in hearing about insurance products.
We will always explain why we need any information that we ask for from you and explain how we process it. We will obtain your consent where necessary. Where the information you provide is required for us to deliver the product or service we are providing, this is the legal basis on which we will process your information. If you wish to withdraw consent to us processing the information that we are processing on a legal basis, we will unfortunately not be able to provide the product or service to you.
How we will use your personal data
If you register for a product or service with us, we will use your information in the ways that we have set out below. You have the right to withdraw your consent to us processing any of your personal data at any time, if it is not specifically required for us to provide and administer the product or service that you have purchased or registered for.
We may monitor and/or record your communication with us, either ourselves or using reputable organisations selected by us, to ensure consistent servicing levels and operations. We will keep information about you only for so long as it is appropriate. We need your personal information to administer your product or insurance policy or handle any claims whilst your policy is in force. We may need to keep information after your policy has ended or your product has been cancelled to ensure we and the administrator have an accurate record of our relationship to you and communications that we had or where we are required to keep the information for legal, regulatory or tax purposes. We maintain a data retention policy to apply to personal data that we hold.
Automated decision making
We may carry out automated decision making based on your Personal Information if you apply for a product with us. For insurance products this may include your age and the level of cover and is used to calculate the price of cover that we provide. If you apply for a job with us this will include your credit history and your criminal record.
Within the Embignell Group
All personal information that you provide to us will be held and processed for the purpose of administering any products or services that you purchase from any company within the Embignell group or to manage quotations or future services that we may provide to you. If you purchase a product or request a quotation via one of our business partner’s websites, then your personal information will be used to enable us to keep a record of these transactions, so that we can provide better service to you. If you provide personal information to us in reference to a job application, then your information will be used to process your application and to administer any contract of employment.
The data controller will be the group company who provides the relevant product, any quotes or applications for services or products or for managing your application for employment or contract of employment or service, as listed above in section: Data Controller.
Your data will be used for our legitimate interests as a business including: customer profiling to better understand customers, improve our products and to suggest other products that may be relevant to our customers including marketing and for management and audit of business operations. We will only communicate with you in line with any marketing preferences that you have given us and this may continue after your product has ended or been cancelled. Your marketing preferences can be updated at any time by contacting us:
By email: email@example.com
By phone: 0343 178 1255
By post: Customer Services, Embignell Ltd, 39/51 Highgate Road, London NW5 1RT.
Outside the Embignell Group
We will share your information that you provided to us with the providers of the product that you have purchased or the service that you have registered for. The provider will be identified to you when you purchase the product or register for the service. They will have their own data protection notice that will be provided to you.
We may share your information with our service providers that support us in conducting our business e.g. storage of data, data analytics or market research. This may include online partners who enable us to communicate with you via digital platforms.
We can supply on request further details of the service providers we provide your data to and how this information may be used. If you require further details, please contact our Data Protection team using the details near the bottom of the page.
It may be necessary for us to share your data without your consent or notice being required where this relates to crime or fraud prevention i.e. where we are required to do so by law.
Security and integrity of personal information
We use reasonable technical and physical information system measures to safeguard the integrity and security of personal information in our possession. We also undertake reasonable efforts to ensure that personal information is accurate and current. Your information may be transferred to third party providers who process information on our behalf, including providers of information technology, identity management, website hosting and management, data analysis, data back-up, security and storage services. As a result, your personal information may be transferred outside the country where you are located. This may include countries outside the European Economic Area (EEA) and countries that do not have laws that provide specific protection for personal information.
By submitting personal data to this site, you are providing explicit consent to the transfer of such data for the purposes of providing the product or service that you have requested from us. Where we transfer such data we will do so with clear data processing agreements in place, which obligate the data processor to meet the requirements of current Data Protection regulations in processing your data.
Online advertising we use:
We may use Google AdWords Remarketing to advertise our services across the internet. AdWords Remarketing will display relevant ads tailored to you based on what parts of our website you have viewed, by placing a cookie on your computer. This cookie does not in any way identify you or allow any access to your computer, it is used to say “this person visited this page, so show them ads relating to that page.” Google AdWords Remarketing allows us to tailor our marketing to better suit your needs and only display ads that are relevant to you.
How to opt out of Remarketing and Advertising
Third party sites
Under the EU GDPR and Data Protection Act 2018 you have rights in connection with the processing of your personal information.
- Access to personal information held about you and for the information to be provided to you in a suitable format
- To restrict processing of your personal information
- To request erasure or correction of personal information held on you
- To object to processing or automated decisions
- To request data portability for us to transfer data to you or another organisation
You can find out more about your rights from the Information Commissioner’s Office at www.ico.org.uk
To make a request to exercise your rights you should contact our Data Protection team on the details below:
UK Data Protection Officer
If you are a UK resident, we have a dedicated UK Data Protection Officer who you can contact for any queries relating to this policy, to exercise any of your rights under data protection regulations including: data subject access requests, correcting your information, making a complaint.
Data Protection Officer / Data Protection Team
By email: firstname.lastname@example.org
By post: Data Protection Team, Embignell Ltd.
39/51 Highgate Road, London NW5 1RT.
EU Data Protection Officer
If you are a resident of an EU/EEA State, we have a dedicated EU Data Protection Officer who you can contact for any queries relating to this policy, to exercise any of your rights under data protection regulations including: data subject access requests, correcting your information and making a complaint.
Data Protection Officer / Data Protection Team
By email: lenz@gielisch
By post: GCM GmbH, Gielisch Claims Management, Ringstr. 9-11, 50996 Köln.
The information that you have requested will be provided in a suitable format to meet your requirements.
Compliance and co-operation with regulatory authorities
If you wish to make a complaint regarding your personal data you can do so by contacting our Data Protection Team on the details above.
If we cannot resolve the complaint to your satisfaction and you are an UK resident, you can contact the Information Commissioner’s Office who are the Supervisory Authority in the UK protecting the rights of individuals under current UK Data Protection regulations.
By post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF
By telephone: 0303 123 1113
If we cannot resolve the complaint to your satisfaction and you are a resident of an EU/EEA State, you also have the right to contact your local Data Protection authority. Our Data Protection Team will provide you with the contact details of the relevant Lead Supervisory Authority in your State that protects the rights of individuals under current EU General Data Protection Regulations.