privacy notice for the nomination of beneficiaries service
Your personal data – what is it?
Personal data is defined as any data from which a living individual be identified.
Identification can be by the information alone or in conjunction with any other information in the data controller’s possession or likely to come into such possession. The processing of personal data is governed by the General Data Protection Regulation 2016/679 (the “GDPR”).
Who are we?
ERGO Lebensversicherung AG UK Branch, trading as Ellipse, is the data controller of personal data in respect of arranging and administering group insurance contracts.
How will we use the information about you?
We will process personal data in order to provide our nomination of beneficiaries service. This service holds your nomination(s) regarding group life assurance benefits insured with Ellipse. The data will be held in our secure repository and will only be accessed by us in the event of a claim in respect of an individual. The nomination information will be passed to the Scheme Trustees in order to assist them in their determination of the beneficiary or beneficiaries of the insurance contract.
The basis of our processing of such data is your consent to use the online nomination of beneficiaries service.
Consent and withdrawal of consent
You have the right to withdraw your consent at any time. Should you decide to withdraw your consent please contact us. Once consent is withdrawn, access to the service will be stopped and records relating to the nomination of beneficiaries will be deleted.
What personal data do we hold and where did we get it from?
From your employer:
Your employer will have passed on to us employee details as part of the insurance contract which underpins the employee benefits offered to you by your employer.
If you send us an e-mail or you register to use our secure website, your personal data (i.e. name or e-mail address) will be used only for our correspondence with you in order to send you the documents you produce or information you requested.
Our online system:
In order to use our nomination of beneficiaries service you must register as a user of our service. When you register we will hold your personal data for the period in which you use the service. Once you no longer use the service, either because you have withdrawn your consent, you have left the employer, or your employer has withdrawn from using the service, all records will be deleted after 90 days.
Which other organisations may we share your data with?
Ellipse may share your personal information with:
- our IT service providers: NIU Solutions, Northdoor and RedSpire, as part of the ongoing maintenance and development of our systems and services
- the Trustees of your group life assurance scheme
- our regulators and government agencies: the Financial Conduct Authority, BaFiN (the German financial regulator) and Her Majesty’s Revenue and Customs ‘HMRC’
We do not transfer personal data outside the EEA.
How long do we hold your personal data for?
We will keep personal information only as long as we require it, which would be for as long as:
- you remain a member, or
- your employer chooses to use this service
We will delete all nomination information 90 days after you are no longer a member or the end of the service. We will regularly review our data retention policy to ensure that data is not kept for longer than is necessary.
How can you access the data and correct it?
You have the right to access the personal information we hold. You are able to access the information held in respect of your nomination by logging into your account and making any changes you wish as often as you wish. We will only pass on to the Scheme Trustees the most recent version of your nomination.
How to stop using our online nomination of beneficiary service
Contact our Data Protection Officer. You will need to tell us the name of your employer. We will delete all of your online nominations and email you to confirm we have done this. We strongly suggest that you make your wishes for your nomination of beneficiary known to the Trustees in some other way – talk to your employer about how to do this.
How to complain
If you are unhappy with the way in which your personal data is handled, please contact our Data Protection Officer.
If you remain unhappy with our response to your complaint, you can complain directly to the Information Commissioners Office (ICO). They are the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. Visit https://ico.org.uk/concerns/ to raise a complaint.
We do not apply any automated decision making to the personal data you provide to us.