privacy notice for advisers who have a terms of business agreement with Ellipse

Who are we?

ERGO Lebensversicherung AG UK Branch, trading as Ellipse, is the data controller of personal data in respect of arranging and administering group insurance contracts.

How will we use the information about you?

We will only process your personal data for the purposes of carrying out our responsibilities as set out in the terms of business agreement between your firm and Ellipse. Therefore, we will process your personal data in order to undertake any activity relating to our policies, products and services and, where relevant, to process applications, set up and administer policies, products and services and handle any claims.

We will not use your data for anything else without your permission, nor will we pass it to any third party. We do not transfer personal data outside the EEA.

Will we send you marketing communications?

With respect to marketing activities, we will only process your personal data with your explicit consent. We will invite you to choose the topic/subject/type of email communications that you wish to receive from us and how frequently we communicate with you. If you consent we will only send you email communications that are relevant to the topics/subject areas you have expressed an interest in. We will make a record of the consent you have given, along with your preferences.

You have the right to withdraw your consent at any time. To do so please click on the ‘change my preferences’ link in any email newsletter and change your communication preferences, or completely unsubscribe from all future email marketing communications.

If you do not consent, we will not send you any email marketing communications relating to our products and services. We will only send you emails about any specific quotes you have obtained from us, or any schemes or polices which are insured with us and you are the nominated adviser for. This is to allow the effective processing of the policy, in the normal course of our business relationship.

What personal data do we hold and where did we get it from?

The majority of personal data that we hold is obtained directly from you, but we also gather information which is observed from any interactions you have made with our marketing emails or website, including email opens/clicks, web visits, forms and surveys you have completed, and information that is inferred, that is we combine information together to determine how best to interact with you. We use cookies to retrace usage behaviour when you visit our website. You can decide whether you wish to accept or decline these cookies by modifying the settings in your browser, which is explained here. Anonymised usage data (date, time of day, pages viewed, navigation, software used, etc) is also collected on our behalf by Google Analytics, but this is only used for the purposes of analysing usage behaviour.

The personal data that we collect directly from you includes your name, title, company name, email address, phone number and mobile phone number. This is collected from you when you first register your online account. This information is superseded by any changes or amendments you make to that data in your online account. You can make changes to this data at any time.

If you have consented to receive email marketing communications, we will hold a record of your preferences as well as a record of the email communications we have sent to you.

Finally, we also hold information about the quotes, schemes and policies you have with us, as well as general information about the group risk business your firm is involved in. We combine this information with your personal information in order to provide a complete picture of our business relationship and to determine how we should best serve you now and in the future. For example, this helps to determine how frequently we engage with you and the help and support we provide to you.

Which other organisations may we share your data with?

Ellipse may share your personal information with:

  • other Munich Re companies and our reinsurers
  • our research and insight partner, ORC International, who may invite you to take part in a voluntary customer satisfaction survey
  • our IT service providers: Northdoor, NIU Solutions and RedSpire, as part of the ongoing maintenance and development of our systems and services
  • our regulators and government agencies: the Financial Conduct Authority, BaFIN (the German financial regulator) and Her Majesty’s Revenue and Customs ‘HMRC’
  • your clients and their representatives

We will not share your personal data with anyone else, nor will we under any circumstances sell your personal data onto any third party companies.

How long do we hold your information for?

We will keep personal information only as long as we legitimately require it.  In most cases this will be for the period during which our terms of business agreement applies, or until you leave your company. It is your company’s responsibility to notify us in the event that you leave the business. This should be done by your firm’s Adviser Administrator who will remove access to your online account.

In the event that our terms of business agreement ceases, or your Adviser Administrator confirms you have left the company, after a period of three months, we will anonymise your online account and record in our customer relationship management system so your personal data is removed, but your colleagues can still access your client’s policy documents.

How can you access the data and correct it?

You have the right to access the personal information we hold about you. In particular, you have the right to have information corrected. You can do this by amending the personal details you provide to us in your online account. If you are unable to access your online account to view or correct the information we hold about you, or if you have any queries regarding the information that we hold about you, please contact us at DataProtection@ellipse.co.uk

What are your rights to be forgotten?

If you wish to opt out of marketing communications, you should update your preferences or unsubscribe. We will however continue to hold your personal data in order to carry out our responsibilities under our terms of business agreement.

If you want to be forgotten, you must close your online account, but this means you will no longer be able to offer Ellipse products, or service Ellipse products held by your client(s). If you wish to close your online account, please contact your firm’s Adviser Administrator who will remove your access. Your account and any personal records will be anonymised three months after the date you closed your online account.

Do we make any automated decisions when processing your data?

We do not apply any automated decision making to the personal data you provide to us.

How can you complain?

If you are unhappy with the way in which your personal data is handled, please contact our Data Protection Officer.

If you remain unhappy with our response to your complaint, you can complain directly to the Information Commissioners Office (ICO). They are the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. Visit https://ico.org.uk/concerns/ to raise a complaint.