General data privacy notice

 

Legal framework for protecting your personal data.

This data privacy notice is written to comply with the European General Data Protection Regulation (GDPR) and the new UK-GDPR. GDPR gives control to citizens and residents over their personal data.

Data controller

  • Name: Condon Claims Management Ltd
  • Phone: +44 (0) 1394 388885
  • Email: contactus@thomasmiller.com
  • Address: 9 Deben Mill, Woodbridge, Suffolk IP12 1BL

Data protection officer

Data controller’s lines of business

Thomas Miller Holdings Ltd. is the data controller for all lines of business under ownership or management.

Click here to see a complete list of businesses.

How data is used

Condon Claims Management may process personal information as part of its insurance and financial services businesses: underwriting, reinsurance, claims, legal services, loss prevention, wealth management, document processing, finance, marketing, renewals, contract review, risk management and employment.

Personal data profile categories processed

Condon Claims Management maintains personal data for:

  1. Subjects of claims, investigations, proceedings etc.
  2. Advisers, consultants and other professional experts.
  3. Business associates, other professional bodies, advisers.
  4. Business contacts.
  5. Complainants and enquirers.
  6. Customers and clients.
  7. Employees.
  8. Employers and employees of other organisations.
  9. Members and beneficiaries.
  10. Offenders and suspected offenders.
  11. Relatives, guardians.
  12. Shareholders.
  13. Suppliers and service providers.
  14. Subjects of claims, investigations, proceedings and other claim related profiles.
  15. Trustees.
  16. Witnesses.

Automated decision-making

Condon Claims Management does not use automated decision-making.

The legal bases we use for lawful processing

In order for Condon Claims Management to conduct business and fulfil its legal, regulatory and contractual obligations, it needs to perform legitimate and fundamental processing. These are:

  1. Establishing contracts.
  2. Maintaining contracts.
  3. Provision of all contracted services.
  4. Invoicing, remittance, payments, collections.
  5. Non-promotional communications.
  6. Marketing and other promotional communications.
  7. Risk management contract review.
  8. Response to Subject Access Requests.
  9. Performance measurement.
  10. IT support services.
  11. Business continuity planning.
  12. Legal and regulatory obligations.
  13. Responding to enquiries, requests and complaints.
  14. Employment processing.

The categories of people who will access or receive the data

Condon Claims Management sometimes needs to share the personal information it processes with individuals themselves and also with other organisations. Below is a description of the types of organisations with which Condon Claims Management may need to share some of the personal information it processes.

  1. Agents and brokers.
  2. Business associates, other professional bodies, advisers.
  3. Central/local government.
  4. Claimants, beneficiaries, assignees and payees.
  5. Claims investigators.
  6. Complainants, enquiries.
  7. Courts and tribunals.
  8. Credit reference, debt collection and tracing agencies.
  9. Current, past and prospective employers.
  10. Customers and clients.
  11. Data processors.
  12. Debt collection and tracing agencies.
  13. Education and examining bodies.
  14. Employment and recruitment agencies.
  15. Family, associates and representatives of the person whose personal data we are processing.
  16. Financial organisations and advisers.
  17. Healthcare professionals, social and welfare organisations.
  18. Law enforcement and prosecuting authorities.
  19. Ombudsman and regulatory authorities.
  20. Other companies in the same group.
  21. Pension schemes.
  22. Police forces.
  23. Private investigators.
  24. Professional advisers.
  25. Share administrators.
  26. Suppliers and service providers.
  27. Survey and research organisations.
  28. Trade associations, professional bodies, employer associations.

 

The countries where data will be stored, processed and transferred

Your personal data collected by Condon Claims Management may be stored and processed in the United Kingdom or any other country in which Condon Claims Management or associated third parties maintain facilities.

Should Condon Claims Management need to transfer your personal data, Condon Claims Management will take all reasonable measures to safeguard the transfer of your personal data to third parties in a manner that complies with the GDPR.

 

How long the data will be retained

Retention of specific records may be necessary for one or more of the following reasons:

  1. To fulfil statutory or other regulatory requirements.
  2. To evidence events/agreements in case of disputes.
  3. To meet our operational needs.
  4. To meet any historical purposes.

 

Personal data that is collected and subsequently never used for any business purpose will be reviewed and may be destroyed at Condon Claims Management’s discretion.

 

What happens if the data isn’t collected

Your personal data is required for communication and setting up a contractual agreement to provide products and services. Without this data Condon Claims Management will not be able to communicate with you or enter into a contractual agreement with you. This includes both business and employment contracts.

Condon Claims Management needs personal data to:

  1. Enable consensual bilateral communications.
  2. Engage in pre-contractual activities.
  3. Honour contractual obligations.
  4. Enable it to employ people.

 

Without this data, Condon Claims Management will not be able to perform these four primary activities.

 

The right to withdraw consent

In situations where Condon Claims Management requests and receives your consent to perform processing, we are also obliged to stop such processing if you decide to withdraw your consent.

Withdrawing consent is as straightforward as giving consent. Withdrawing consent cannot be back-dated so it has no effect on processing already performed during the period of consent.

 

The right to access, change, delete, restrict, object, request a copy

You have rights regarding the personal data we store on your behalf. These are:

  1. Access to a copy of your personal data.
  2. Object to processing that you object to.
  3. Stop receiving direct marketing material.
  4. Object to decisions being taken by automated means.
  5. Have inaccurate personal data rectified, blocked, erased or destroyed.
  6. Lodge a complaint with the Information Commissioner’s Office or local privacy authority.
  7. Claim compensation for damages caused by a breach of the GDPR.
  8. Have data transferred to another party.

 

Should you ever wish to exercise any of these rights; please contact the Data Protection Officer.

 

The right to complain to the regulator

You have the right to lodge a complaint with the Information Commissioner’s Office if you think that your personal data has been inappropriately used.

 

Cookies

 

  1. Cookies may be used by the Website to allow us to recognise you and your preferred settings e.g. to store your I.D. and password for future sessions. This saves you from re-entering information on return visits to the Website. You have the option not to use this feature, in which event no cookies will be retained on your computer.
     
  2. If the site has a secure log-in for our registered users, it may use a temporary ‘session cookie’ in order to perform the secure login to our website. This cookie contains no personal information, just a long random number, and is deleted from your web browser when you exit the Website.
     
  3. Temporary cookies are used in the transactional part of the Website to authenticate you as an authorised user after you have logged in.
     
  4. Your browser may be capable of being programmed to reject cookies, or to warn you before downloading cookies, and information regarding this may be found in your browser’s ‘help’ facility.

 

For an explanation of cookies see: https://www.allaboutcookies.org/

If you have any questions regarding the use of cookies please contact us by email at contactus@thomasmiller.com

Below is table of all cookies on this website - their name, type and purpose:

We use third-party companies as suppliers for some of our functions. Their use of the data is controlled by our contract with them, and they are only allowed to use the data strictly for the purpose we have stated e.g. the data is not used in connection with the data from other companies, and we are not tracking user behaviour outside of our sites.

 

Other websites

This privacy policy only covers the Website. Any other websites which may be linked to by the Website may be subject to their own privacy policy, which may differ from ours, and we are not responsible for the content provided on any third-party websites.
 

Cookie Type Cookie Name Cookie Purpose
Session & TYPO3 Content Management Cookie Session & fe_typo_user & s_sq s_cc We use session cookies to record an individual users preferences that the user has specified, so that each time the user returns their preferences remain. Commonly this would be language settings, shopping carts, anything where you have indicated a preference. Where forms are used on the site, we hold the information in a session cookie so that we can improve the user experience on the site. Should a user, for example, forget to fill in parts of a form when submitting a form, we can auto-fill the values for those fields that have been filled in, thereby reducing the amount of fields a user needs to amend. This information is stored only in your browser and is destroyed once your browser is closed.
Google Analytics __utmz __utmc __utmb __utma These cookies are used to collect information about how visitors use our site. We use the information to compile reports and to help us improve the site for you. The cookies collect information in an anonymous form, including the number of visitors to the site, where visitors have come to the site from and the pages they visited.
Google reCAPTCHA _GRECAPTCHA Google reCAPTCHA sets a necessary cookie (_GRECAPTCHA) when executed for the purpose of providing its risk analysis.
YouTube VISITOR_PRIVACY_METADATA This cookie is used to store the user's consent and privacy choices for their interaction with the site. It records data on the visitor's consent regarding various privacy policies and settings, ensuring that their preferences are honored in future sessions.
YouTube YSC This cookie is set by YouTube to track views of embedded videos.
YouTube VISITOR_INFO1_LIVE This cookie is set by Youtube to keep track of user preferences for Youtube videos embedded in sites;it can also determine whether the website visitor is using the new or old version of the Youtube interface.

We use third party companies as suppliers for some of our functions. Their use of the data is controlled by our contract with them and they are only allowed to use the data strictly for the purpose we have stated e.g. the data is not used in connection with data from other companies and we are not tracking user behavior outside our own sites. 


6. Other Websites

This privacy policy only covers the Website. Any other websites which may be linked to by the Website may be subject to their own privacy policy, which may differ from ours and we are not responsible for the content provided on any third party web sites.