PSHP Privacy Policy Consumer

Effective date: 11th May 2018

Punter Southall Health & Protection (PSHP) (we, us or our) know that you care how your information is used and shared and we appreciate your trust in us to do that carefully and sensibly. Your privacy is important to us and we are committed to protecting and respecting your privacy.

This privacy policy explains how we use any personal information we may collect from you, is provided to us about you or you provide to us when you use our website, visit our offices, become a recipient of our services, make use of our products or participate in a PSHP research survey.  It has been updated to meet the requirements of new data protection legislation, the General Data Protection Regulation (“GDPR”).  Where any policy you take out through us also includes protection for any family members or other dependants (“Dependants”),  it also applies to information provided to us about them.  If you provide or arrange for the provision of information about your Dependants, please ensure that you provide a copy of this policy to them, or otherwise ensure that they are fully aware of its terms.  We have a separate privacy notice applicable for applications for employment with us, you will be directed to this if you choose to apply through our online service provider.

For an explanation of all the terms in this policy click here.

 

Who we are

We are Punter Southall Health and Protection Limited, trading as Punter Southall Health & Protection and we are the controller. We are part of the Punter Southall Group and our business contact details are:

 

Registered Office 11 Strand, London WC2N 5HR
Telephone: 020 3327 5700 or 01274 588 862
Email: gdpr@www.pshp.11575d42ebf61349adab80629-11834.sites.k-hosting.co.uk
Website: www.pshp.co.uk
Twitter: @PSHP
LinkedIn: https://uk.linkedin.com/company/punter-southall-health-&-protection-consulting

 

The contact detail of our Data Protection Officer is:

 

Name: Richard Garmon-Jones
Address: 11 Strand, London WC2N 5HR
Telephone: 020 3327 5182
Email: Richard.garmon-jones@puntersouthallgroup.com

 

Personal data we collect

The specific types of personal information we may collect and use about you will depend upon your use of our website facilities, services or products, how you use them and the information you choose to provide.

+If you a consumer client or prospective client please click here

The types of information we collect directly from you are:

  • Name, phone number, email address
  • Postal address
  • Date of birth
  • Personal details, health information (physical or mental)
  • Age
  • Gender
  • Marital status
  • Signature
  • Marketing preferences;
  • Call recordings and voicemails

 

Information automatically collected when you visit our website / Open emails

+The types of information we collect from you automatically if you visit our website / open emails are:

  • IP address, MAC address, browser types, browser language, operating system, general location data- the country from which you accessed the our website, software and hardware attributes (including device IDs), referring and exit pages and URLs, platform type, the number of clicks, files you download, domain names, landing pages, pages viewed and the order of those pages, the amount of time spent on particular pages, the terms you use in searches on our sites, the date and time you used the website, any form submitted , error logs, and other similar information;
  • Opening of emails, date and time email opened, links clicked on in email

We and our website service provider (a data processor that works on our behalf), may use a variety of technologies, including cookies and similar technologies, to assist in collecting this information, as is discussed below.

 

Aggregate/Anonymous Data

We and other companies within the Punter Southall Group may aggregate and/or anonymise any personal information collected through the facilities, services or products offered so that such information can no longer be linked to you or your device. We may use this information for any purpose and may share this data with third parties.

 

 

Personal data we obtain from third parties

  • We work with a number of carefully selected partners who may provide us with your personal data. These parties include trade associations, partner general insurance brokers, members of employee health and well-being consultancies, insurers and non-insured benefit providers.  They are responsible for ensuring that they have your consent or otherwise have a lawful basis for providing that information to us.
  • If you wish to see a full list of these organisations then please email gdpr@www.pshp.11575d42ebf61349adab80629-11834.sites.k-hosting.co.uk and we will provide you with an up to date list.

 

Why we collect and use your personal data

We, other controllers with whom we share your personal data, and/or our processors, use your information, and, where relevant, that of your Dependants for various purposes depending on the types of information we have collected from and about you/them and the specific facilities, services or products you/they use. In particular, we collect your information for the following purposes:

  • to contact you in response to your enquiry about the products and services we offer;
  • to provide you/your Dependants with and /or administer the healthcare and wellbeing products and services you request;
  • to reply to your questions about your consumer healthcare;
  • to provide you with newsletters, information about our forthcoming events and marketing communications;
  • to respond to you if you report a problem with our website;
  • to enhance and improve your experience on our website, ensure the security of our facilities and develop the service and products we offer;
  • to analyse email marketing campaigns;
  • to monitor and improve our customer service standards;

The legal bases for using your information are as follows:

  • Where you make an enquiry, ask a question or request information on service or products, our processing is necessary either to take steps at your request prior to entering into a contract, or our legitimate interests in operating our business for providing services;
  • Where you report a problem it is in our and your legitimate interests for us to operate our business smoothly and problem-free;
  • Where you have requested a service or product, the use of your information/that of your Dependants is necessary for the performance of the contract we’ve entered into with you for the provision of those services or products or to take steps at your request prior to entering into a contract. Where special categories of information (and in particular health information), is required in the performance of the contract we will usually ask for your/your Dependants’ explicit consent prior to its collection, and the documentation we provide to you will contain a provision where you/your Dependants can indicate your consent.  If you/they do not consent to the provision of that data, we will be unable to provide the information to the relevant insurer, and that insurer may not be willing to provide the cover you have requested.  You/your Dependants may withdraw your/their consent at any time by notifying us at gdpr@www.pshp.11575d42ebf61349adab80629-11834.sites.k-hosting.co.uk or by telephone 01274 588862.  That may mean, however, that the insurers will no longer be willing to provide the affected benefits.  In certain limited circumstances where the benefits are secured by insurance, we may rely on the substantial public interest justification for processing health related data in connection with insurance contracts, and will have in place appropriate protections;
  • Where we provide you with the website facilities, services or products you’ve requested, use of your information is necessary to perform our obligations under the terms of any contract we have with you;
  • Where we collect your information automatically or you respond to a survey we use your information for our legitimate interests.  This is to provide security for our website, operate our business and provide our services and products;
  • We may also use the data to comply with legal requirements, defend our legal rights and prevent fraud;
  • We will not send marketing communications to you without your consent.  You can withdraw that consent at any time;

 

Marketing and research

  • You have choices when it comes to receiving marketing communications and taking part in market research. We will send you relevant news about our products and services in a number of ways including by email, but only if you have previously agreed to receive these marketing communications. When you make an enquiry via our website we will ask if you would like to receive marketing communications. You can change your marketing choices at any time online, over the phone or in writing to;

 

Punter Southall Health & Protection

Butterfield Park

Baildon

BD17 7HE

Telephone: 01274 588862

 

  • We would also like to hear your views to help us to improve our services and products so we may contact you for market research purposes. You always have the choice about whether to take part in our market research.

 

Who we share your personal data with

In providing our facilities, services and products to you we may share your personal information with other organisations or entities. Listed below are examples of the organisations / entities, the reason for sharing and the type of the information shared.

 

 Organisation / Entity Information shared Reason for sharing
Insurance Companies – a complete list can be found here. Personal, physical and mental health details; To provide you with the service you’ve requested.
Infrastructure service providers Personal contact, and physical and mental health details; Incidental access only in the course of providing the service to us.
Referral partners Information you authorise us to share with them Where you have instructed them to liaise with us, or otherwise agree to the sharing of information
Legal and other professional advisers. Information necessary to advise. To advise us on our legal rights and obligations.

 

Insurers will receive your/your Dependants’ data as independent controllers, and will be responsible for processing your data in accordance with data protection laws.  They will have their own privacy notices and documentation setting out how and why they process your personal data.  Others will be our data processors.  We have agreements in place with them, to protect your data, as required under data protection law.

 

Where we process your personal data outside the EEA

It is not intended that your information be transferred outside the European Economic Area (EEA), but if it is, Model Clauses or other mechanisms approved by the European Commission or the Information Commissioner’s Office (the UK data protection regulator (“ICO“)) will be put in place prior to us processing your information in that way.

You can obtain further information regarding the mechanisms used to safeguard your data by contacting our Customer Care team or Data Protection Officer at the contact details listed above.

 

How long we will keep your personal data

We will only keep your personal data for as long as we need to in order to fulfil the purposes for which it was collected, as set out in this privacy policy, and for as long as we are required to keep it by law or regulatory requirements, or need to keep it for the establishment, exercise or defence of legal claims.

 

Cookies and similar technologies

When we collect information automatically, as stated above, we and our service providers use Internet server logs, cookies, tags, SDKs, tracking pixels and other similar tracking technologies. We use these technologies in order to offer you a more tailored experience in the future, by understanding and remembering your particular browsing preferences. As we adopt additional technologies, we may also gather information through other methods.

We also use cookies to measure the effectiveness of our marketing communications, for example by telling us if you have opened the marketing email.

Please note that you can change your settings to notify you when a cookie is being set or updated, or to block cookies altogether.

You should note that by blocking, disabling, or managing any or all cookies, you may not have access to certain features of our website or offerings of the Services. For more information on the cookies we use, the purposes for which we use them and how you can control them please refer to our Cookies Policy.

 

How to access and control your personal data – Your rights

You have certain rights with respect to your information which are summarised below. Some of the rights are complex therefore, not all details are included in the summary:

  • Right to be informed: you should be given, at the time your information is collected, or can ask for information about how your information is collected and used. A copy of this privacy policy can be obtained by clicking the printer icon at the top of this page;
  • Right of access: you can ask for copies of all the information that we process about you;
  • Right to rectification: you can ask to have inaccurate information held about you corrected;
  • Right to erasure: you can ask for the information held about you to be erased (subject to certain criteria);
  • Right to restriction of processing: you can ask us to stop processing your information (under certain circumstances);
  • Right to data portability: you can, under certain circumstances, request that we transmit your personal information to another provider of services;
  • Right to object: you can object to your information being processed if our legal basis for processing your information is based on a “legitimate interest”. To check whether we use your information for “legitimate interests” see the section Why we collect and use your personal data

You also have the right to object to object to direct marketing if you make such an objection, we will cease to process your personal data for this purpose.

 

If you would like to exercise any of your rights mentioned above, you can do so by writing or emailing our Data Protection Officer at the address details above or our Customer Care team at CSARequests@www.pshp.11575d42ebf61349adab80629-11834.sites.k-hosting.co.uk.

 

Your right to withdraw consent

Where you have provided consent for us to process your information you can withdraw your consent at any time. Please note: Withdrawal will not affect the lawfulness of processing prior to you withdrawing your consent.

You can withdraw your consent in the following ways:

  • In writing, to our Customer Care team or Data Protection Officer;
  • By unsubscribing from our marketing emails

 

 

Your right to make a complaint

If you have a compliant about the way we process your personal information or think that we have not complied with your rights, you can make a complaint to:

The Information Commissioners Office

Wycliffe House

Water Lane

Wilmslow

Cheshire

SK9 5AF

Telephone: 0303 123 1113 or 01625 545745

Fax: 01625 524510

Website: www.ico.org.uk

 

Changes to this policy

You will be informed of changes to this policy by dedicated service emails, or by notification on our website.