Data Privacy Policy

Legal framework for protecting your personal data

This data privacy policy explains why PAMIA collects personal data, what personal data it collects and what use the data is put to. PAMIA outsources management of its business to a subsidiary company of Thomas Miller Holdings Ltd, Thomas Miller Professional Indemnity Limited. This privacy policy is therefore issued on behalf of PAMIA, Thomas Miller Professional Indemnity Limited and Thomas Miller Holdings Ltd (collectively referred to this privacy notice as “We or Our”) who act as joint data controllers. Additionally, Thomas Miller Professional Indemnity Limited and Thomas Miller Holdings Ltd are both also Data Processors.

A data protection officer (DPO) has been appointed, and accordingly if you have any questions about this privacy policy, including any requests to exercise your legal rights, please contact the DPO using the details provided below.

Data Controller

  • Name: PAMIA Ltd,  Thomas Miller Professional Indemnity Limited: and Thomas Miller Holdings Ltd
  • Phone: +44 (0)207 283 4646
  • Email:
  • Address: 90 Fenchurch Street London EC3M 4ST United Kingdom

Data Protection Officer

The personal data we collect about you

Personal data means any information about an individual from which that person can be identified.  It does not however include anonymous data.

We require your personal data in order to engage in pre-contractual communication with you, to meet Our contractual obligations to you and to engage in post contractual communication with you.  Your personal data enables us to underwrite your policy of insurance with PAMIA and to process claims made under the terms of the policy of insurance.  Without this data We would not be able to communicate with you or enter into a contractual agreement with you.

We may collect, use, store the following categories of personal data about you.

  • Identity Data.  This includes your name and title
  • Contact Data.  This includes your business address, your email address and your telephone number(s).  In very limited circumstances we may also store your home address.
  • Financial Data.  This includes the fee income declared for the purpose of first purchasing from or renewing insurance with PAMIA.
  • Claims Data.  This includes the details of any Claims or Complaints notified pursuant to the provisions of the insurance contract with PAMIA (Claims Notifications)

Aggregated data may be derived from your personal data but it is not considered to be personal data as this data does not directly or indirectly reveal your identity.

Although We may therefore collect, use and share aggregated data - such as statistical data in relation to earnings or Claims Notifications – PAMIA’s Rules impose strict limits on the use of your personal data, especially your financial data. Accordingly, We only share aggregated data to the extent permissible by PAMIA’s Rules.

If We combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, We treat the combined data as personal data which will be handled in accordance with this privacy notice.

We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic or biometric data). 

How We use your personal data

We will only use your personal data to:

  • enter into, or perform, a contract with you;
  • deal with Claims Notifications;
  • comply with a legal, regulatory or contractual duty.

We do not generally rely on consent as a legal basis for processing your personal data.

The following table describes the ways We could use your personal data, and which of the legal bases We rely on to do so.  We have also identified what our legitimate interests are, where it is appropriate to do so.

PurposeType of data Lawful basis for processing including legitimate interest
To register you as a new member of PAMIA(a) identity (b) contact (c) financial Enter into a contract
To renew your membership of PAMIA (a) identity (b) contact (c) financialEnter into and performance of a contract
To provide run-off insurance (a) identity (b) contact (c) financial Enter into and performance of a contract
To perform the contract of insurance a) identity (b) contact (c) personal and special category data (including that of third parties) Performance of a contract.
Necessary for our legitimate interest in investigating and handing Claims Notification

Automated decision making

We do not use automated decision making.

Sharing your personal data with others

We sometimes need to share the personal information We collect and processes with other organisations. Below is a list of parties with whom we may need to share some of your data.

  1. Insurance and reinsurance brokers;
  2. Underwriters;
  3. The Intellectual Property Regulation Board (IPReg);
  4. The Chartered Institute of Patent Attorneys;
  5. The Institute of Trade Mark Attorneys;
  6. The Controller of the Irish Patents Office;
  7. The Institute of Professional Representatives before the European Patent Office;
  8. The Office for Legal Complaints and any successor organisations;
  9. Any other regulatory  bodies;
  10. Courts and tribunals;
  11. Credit reference, debt collection and tracing agencies;
  12. Law enforcement and prosecuting authorities;
  13. Ombudsmen and regulatory authorities, and
  14. Professional advisers.

The countries where personal data will be stored, processed and transferred

The personal data We collect will be stored and processed in the United Kingdom.  Should We need to transfer your personal data to any other country (for example in order to instruct professional advisers to defend a Claim Notification) We will take all reasonable measures to safeguard the transfer of your personal data in a manner that complies with the GDPR.

How long we retain your personal data

Retention of specific records may be necessary for one or more of the following reasons:

  1. To fulfil statutory or other regulatory requirements;
  2. To evidence events/agreements in case of disputes;
  3. To meet our operational needs;
  4. To meet any historical purposes.

We do not have a set period for the retention of personal data.  We use data to calculate the premium PAMIA Ltd charges for providing insurance and in connection with handling claims.  We therefore retain the data for as long as is necessary in order to properly perform these tasks.

Personal data that is collected and subsequently never used for any business purpose will be reviewed and may be destroyed at our discretion.

Your rights

You have rights regarding the personal data we store on your behalf. These are:

  1. The right to a copy of your personal data by making a subject access request;
  2. The right to have inaccurate data rectified;
  3. The right to object to your data being used for marketing or profiling;
  4. The right to lodge a complaint with the Information Commissioner’s Office;
  5. The right claim compensation for damages caused by a breach of the GDPR.

Should you ever wish to exercise any of these rights, please contact our DPO.  Where it is appropriate to do so, We reserve the right to request verification of your details.

Where we store your personal data

We will take all steps necessary to ensure that your personal data is treated securely and in accordance with this data privacy notice.

All information we are provided with is stored on our secure servers and the tools we use to protect information includes encryption, user authentication, firewall technology and the use of detection software.

The right to complain to the regulator

You have the right to lodge a complaint with the Information Commissioner’s Office if you think that your personal data has been inappropriately used.

Changes to this statement

Our data privacy policy may be updated from time to time and the latest version will always appear on PAMIA’s website.


a. Cookies may be used by the Website to allow us to recognise you and your preferred settings e.g. to store your ID and password for future sessions. This saves you from re-entering information on return visits to the Website. You have the option not to use this feature, in which event no cookies will be retained on your computer.

b. If the site has a secure log-in for our registered users, it may use a temporary ’session cookie’ in order to perform the secure login to our website. This cookie contains no personal information, just a long random number, and is deleted from your web browser when you exit the Website.

c. Temporary cookies are used in the transactional part of the Website to authenticate you as an authorised user after you have logged in.

d. Your browser may be capable of being programmed to reject cookies, or to warn you before downloading cookies, and information regarding this may be found in your browser’s ‘help’ facility.

For an explanation of cookies see:

If you have any questions regarding cookie use, please contact us by email at

Below is a table of all cookies on this website – their name, type and purpose:

Cookie Type Cookie Name Cookie Purpose
Session & TYPO3 Content Management Cookie Session & fe_typo_user & s_sq s_cc We use session cookies to record an individual users preferences that the user has specified, so that each time the user returns their preferences remain. Commonly this would be language settings, shopping carts, anything where you have indicated a preference. Where forms are used on the site, we hold the information in a session cookie so that we can improve the user experience on the site. Should a user, for example, forget to fill in parts of a form when submitting a form, we can auto-fill the values for those fields that have been filled in, thereby reducing the amount of fields a user needs to amend. This information is stored only in your browser and is destroyed once your browser is closed.
Google Analytics __utmz __utmc __utmb __utma These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site for you. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.

We use third party companies as suppliers for some of our functions. Their use of the data is controlled by our contract with them and they are only allowed to use the data strictly for the purpose we have stated e.g. the data is not used in connection with data from other companies and we are not tracking user behavior outside our own sites. 

Other Websites

This privacy policy only covers the Website. Any other websites which may be linked to by the Website may be subject to their own privacy policy, which may differ from ours and we are not responsible for the content provided on any third party web sites.

J A Kemp & Co has used PAMIA to provide its primary layer of professional indemnity insurance since PAMIA was founded. PAMIA's understanding of the way patent attorney firms work is unparalleled. Efficient, responsive and excellent value for money - it's
Gill Jennings & Every LLP has been a member of PAMIA for over 20 years, and has always appreciated the value for money and excellent service provided by PAMIA. Robert Skone James, Managing Partner
You are currently offline. Some pages or content may fail to load.