Legal framework for protecting your personal data
- Name: PAMIA Ltd, Thomas Miller Professional Indemnity Limited: and Thomas Miller Holdings Ltd
- Phone: +44 (0)207 283 4646
- Email: firstname.lastname@example.org
- Address: 90 Fenchurch Street London EC3M 4ST United Kingdom
Data Protection Officer
- Name: Jim Ashton
- Phone: +44 (0)207 204 2545
- Email: email@example.com
- Address: 90 Fenchurch Street London EC3M 4ST United Kingdom
The personal data we collect about you
Personal data means any information about an individual from which that person can be identified. It does not however include anonymous data.
We require your personal data in order to engage in pre-contractual communication with you, to meet Our contractual obligations to you and to engage in post contractual communication with you. Your personal data enables us to underwrite your policy of insurance with PAMIA and to process claims made under the terms of the policy of insurance. Without this data We would not be able to communicate with you or enter into a contractual agreement with you.
We may collect, use, store the following categories of personal data about you.
- Identity Data. This includes your name and title
- Contact Data. This includes your business address, your email address and your telephone number(s). In very limited circumstances we may also store your home address.
- Financial Data. This includes the fee income declared for the purpose of first purchasing from or renewing insurance with PAMIA.
- Claims Data. This includes the details of any Claims or Complaints notified pursuant to the provisions of the insurance contract with PAMIA (Claims Notifications)
Aggregated data may be derived from your personal data but it is not considered to be personal data as this data does not directly or indirectly reveal your identity.
Although We may therefore collect, use and share aggregated data - such as statistical data in relation to earnings or Claims Notifications – PAMIA’s Rules impose strict limits on the use of your personal data, especially your financial data. Accordingly, We only share aggregated data to the extent permissible by PAMIA’s Rules.
If We combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, We treat the combined data as personal data which will be handled in accordance with this privacy notice.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic or biometric data).
How We use your personal data
We will only use your personal data to:
- enter into, or perform, a contract with you;
- deal with Claims Notifications;
- comply with a legal, regulatory or contractual duty.
We do not generally rely on consent as a legal basis for processing your personal data.
The following table describes the ways We could use your personal data, and which of the legal bases We rely on to do so. We have also identified what our legitimate interests are, where it is appropriate to do so.
|Purpose||Type of data||Lawful basis for processing including legitimate interest|
|To register you as a new member of PAMIA||(a) identity (b) contact (c) financial||Enter into a contract|
|To renew your membership of PAMIA||(a) identity (b) contact (c) financial||Enter into and performance of a contract|
|To provide run-off insurance||(a) identity (b) contact (c) financial||Enter into and performance of a contract|
|To perform the contract of insurance||a) identity (b) contact (c) personal and special category data (including that of third parties)||Performance of a contract. |
Necessary for our legitimate interest in investigating and handing Claims Notification
Automated decision making
We do not use automated decision making.
Sharing your personal data with others
We sometimes need to share the personal information We collect and processes with other organisations. Below is a list of parties with whom we may need to share some of your data.
- Insurance and reinsurance brokers;
- The Intellectual Property Regulation Board (IPReg);
- The Chartered Institute of Patent Attorneys;
- The Institute of Trade Mark Attorneys;
- The Controller of the Irish Patents Office;
- The Institute of Professional Representatives before the European Patent Office;
- The Office for Legal Complaints and any successor organisations;
- Any other regulatory bodies;
- Courts and tribunals;
- Credit reference, debt collection and tracing agencies;
- Law enforcement and prosecuting authorities;
- Ombudsmen and regulatory authorities, and
- Professional advisers.
The countries where personal data will be stored, processed and transferred
The personal data We collect will be stored and processed in the United Kingdom. Should We need to transfer your personal data to any other country (for example in order to instruct professional advisers to defend a Claim Notification) We will take all reasonable measures to safeguard the transfer of your personal data in a manner that complies with the GDPR.
How long we retain your personal data
Retention of specific records may be necessary for one or more of the following reasons:
- To fulfil statutory or other regulatory requirements;
- To evidence events/agreements in case of disputes;
- To meet our operational needs;
- To meet any historical purposes.
We do not have a set period for the retention of personal data. We use data to calculate the premium PAMIA Ltd charges for providing insurance and in connection with handling claims. We therefore retain the data for as long as is necessary in order to properly perform these tasks.
Personal data that is collected and subsequently never used for any business purpose will be reviewed and may be destroyed at our discretion.
You have rights regarding the personal data we store on your behalf. These are:
- The right to a copy of your personal data by making a subject access request;
- The right to have inaccurate data rectified;
- The right to object to your data being used for marketing or profiling;
- The right to lodge a complaint with the Information Commissioner’s Office;
- The right claim compensation for damages caused by a breach of the GDPR.
Should you ever wish to exercise any of these rights, please contact our DPO. Where it is appropriate to do so, We reserve the right to request verification of your details.
Where we store your personal data
We will take all steps necessary to ensure that your personal data is treated securely and in accordance with this data privacy notice.
All information we are provided with is stored on our secure servers and the tools we use to protect information includes encryption, user authentication, firewall technology and the use of detection software.
The right to complain to the regulator
You have the right to lodge a complaint with the Information Commissioner’s Office if you think that your personal data has been inappropriately used.
Changes to this statement
a. Cookies may be used by the Website to allow us to recognise you and your preferred settings e.g. to store your ID and password for future sessions. This saves you from re-entering information on return visits to the Website. You have the option not to use this feature, in which event no cookies will be retained on your computer.
b. If the site has a secure log-in for our registered users, it may use a temporary ’session cookie’ in order to perform the secure login to our website. This cookie contains no personal information, just a long random number, and is deleted from your web browser when you exit the Website.
c. Temporary cookies are used in the transactional part of the Website to authenticate you as an authorised user after you have logged in.
d. Your browser may be capable of being programmed to reject cookies, or to warn you before downloading cookies, and information regarding this may be found in your browser’s ‘help’ facility.
For an explanation of cookies see: www.allaboutcookies.org
If you have any questions regarding cookie use, please contact us by email at firstname.lastname@example.org.
Below is a table of all cookies on this website – their name, type and purpose:
|Cookie Type||Cookie Name||Cookie Purpose|
|Session & TYPO3 Content Management Cookie||Session & fe_typo_user & s_sq s_cc||We use session cookies to record an individual users preferences that the user has specified, so that each time the user returns their preferences remain. Commonly this would be language settings, shopping carts, anything where you have indicated a preference. Where forms are used on the site, we hold the information in a session cookie so that we can improve the user experience on the site. Should a user, for example, forget to fill in parts of a form when submitting a form, we can auto-fill the values for those fields that have been filled in, thereby reducing the amount of fields a user needs to amend. This information is stored only in your browser and is destroyed once your browser is closed.|
|Google Analytics||__utmz __utmc __utmb __utma||These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site for you. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.|
We use third party companies as suppliers for some of our functions. Their use of the data is controlled by our contract with them and they are only allowed to use the data strictly for the purpose we have stated e.g. the data is not used in connection with data from other companies and we are not tracking user behavior outside our own sites.