Privacy Policy for Augment Risk UK Trading Ltd

Augment Risk UK Trading Ltd (Augment Risk) is a company registered in the United Kingdom and trading as an insurance broker in the UK. It is an Appointed Representative of Advent Solutions Management Ltd.  Augment Risk is company registered on the public register of data controllers maintained by the UK Information Commissioner with ICO license number ZB503866.

To provide services to our client including the placing and administration of insurance business on their behalf or the collection of claims we may receive personal information such as the name, date of birth and contact details of individuals who are policyholders of an insurance company we are providing services or are an employee of a client for whom we are acting. When claims occur, we may be required to obtain medical and health information about policyholders.

Wherever possible we seek to not receive personal information about policyholders or employees but where we do so it is necessary for the purposes of placing or administering the (re)insurance business or the management and collection of claims monies from (re)insurers. 

Under UK data protection legislation, we are required to inform data subjects, in this case the policyholder or employee, that our lawful basis for processing the personal information is in pursuit of our legitimate interests as a business providing insurance services to the data subject’s employer or their insurer.

As a general rule we keep information for one year after the insurance policy expires or until a year after any claim is closed. However, there may be exceptions where we need to keep personal information for longer. This for example may be a requirement of the Insurer or a regulatory requirement.

In some cases, we may need to share information to carry out the services we offer. 
We share information with the employer’s insurer(s) and/or reinsurer(s) who may vary from time to time.
We also share information with our IT providers as they maintain the data we have received on their servers on our behalf.

From time to time, we may transfer the personal data to a group company located outside of the UK and/or to (re)insurers. When we make International Personal Data transfers of this kind, we will ensure that we have the appropriate safeguards in place, in line with UK data protection legislation, to protect your personal data. These safeguards include putting in place standard contract clauses with the group company or (re)insurer(s) that are the recipient of your personal data.

Individuals have certain rights regarding processing of their personal data, including a right to lodge a complaint with the ICO, if they are not happy with how we have processed the data.

These rights about the personal data we process include:

• A right of access: Individuals have the right to ask us for copies of their personal information. This right always applies however there are some exceptions, which means they may not always receive all the information we process.

• A right to rectification: Individuals have the right to ask us to rectify information they think is inaccurate. They also have the right to ask us to complete information they think is incomplete. This right always applies.

• A right to erasure: Individuals have the right to ask us to erase personal information in certain circumstances.

• A right to restrict processing: Individuals have the right to ask us to restrict the processing of their information in certain circumstances.

• A right to object to processing: Individuals have the right to object to processing if we are able to process the information because the process forms part of our legitimate business interests. 

• A right to data portability: This only applies to information an individual has given us to use. The individual has the right to ask that we transfer the information they gave us from one organisation to another or give it to them. The right only applies if we are processing information based on the individual’s consent.