Privacy notice for advisers & contacts not registered with Ellipse
Who are we?
AIG Life Limited, trading as Ellipse, is the data controller of personal data in respect of arranging and administering group insurance contracts.
How will we use the information about you?
We will only process your personal data where you have given us consent to use your data for a specific purpose. This can include sending you information about our products and services; contacting you to discuss a specific enquiry you have made; or sending you our monthly email newsletter.
We will not use your data for anything else, nor will we pass it to any third party. We may process Personal Information both nationally and internationally.
This may include transferring Personal Information outside the European Economic Area (EEA).
We take additional steps to ensure the security of Personal Information when we transfer it outside the EEA.
Due to the global nature of our business activities, for the purposes set out above (see section entitled ‘How do we use Personal Information?’), depending on the nature of our relationship with you, we will transfer Personal Information to parties located in other countries (including the USA, China, Mexico, Malaysia, Philippines, Bermuda and other countries that have data protection regimes which are different to those in the country where you are based, including countries which have not been found to provide adequate protection for Personal Information by the European Commission).
For example, we may transfer Personal Information in order to help detect, investigate and prevent financial crime. We may transfer information internationally to our group companies, service providers, business partners, government or public authorities, and other third parties.
When making these transfers, we will take steps to ensure that your Personal Information is adequately protected and transferred in accordance with the requirements of data protection law.
This typically involves the use of data transfer agreements in the form approved by the European Commission and permitted under Article 46 of the EU General Data Protection Regulation (GDPR) (the relevant data protection law). If there is no data transfer agreement in place, we may use other mechanisms recognised by the GDPR as ensuring an adequate level of protection for Personal Information transferred outside the EEA (for example, the US Privacy Shield framework or any framework that replaces it).
Will we send you marketing communications?
We will only send you marketing communications if you have provided consent for us to do so. You can sign up to receive our monthly ‘knowledge hub’ email newsletter on our website. We’ll send you an email and invite you to confirm your agreement to receive the newsletter. We will make a record of the consent you have given, along with your preferences.
If you consent to receive the ‘knowledge hub’ email newsletter, this is the only marketing communications you will receive from us, unless you subsequently register with Ellipse and provide new email marketing preferences.
You have the right to withdraw your consent at any time. To do so please click on the ‘change my preferences’ link in any email newsletter and choose the unsubscribe option.
If you do not consent, we will not send you any email marketing communications.
What personal data do we hold and where did we get it from?
The personal data that we collect directly from you includes your name, title, company name, email address, and phone number. This is collected from you when you either: completed an enquiry form on our website; signed up to receive our monthly ‘knowledge hub’ email newsletter; or when you provided this information directly to our sales team.
If you have consented to receive email marketing communications, we will hold a record of your preferences as well as a record of the email communications we have sent to you.
Which other organisations may we share your data with?
Ellipse may share your personal information with:
- our IT service providers: Northdoor, NIU Solutions and RedSpire, as part of the ongoing maintenance and development of our systems and services
- our regulators and government agencies: the Financial Conduct Authority, BaFIN (the German financial regulator) and Her Majesty’s Revenue and Customs ‘HMRC’
We will not share your personal data with anyone else, nor will we under any circumstances sell your personal data onto any third party companies.
How long do we hold your information for?
We will keep personal information only as long as we legitimately require it. In most cases this will be for the period during which you continue to receive our marketing emails, or for the period immediately following an enquiry you have made with us. We will delete your personal data after a period of six months following either, the date you withdrew consent to receive email communications, or the date of your enquiry, unless your provide us with written consent to retain it for longer.
If you are a regulated financial adviser and you subsequently decide to sign a terms of business agreement with Ellipse, then our adviser privacy notice applies from the date you return the agreement.
How can you access the data and correct it?
You have the right to access the personal information we hold about you. In particular, you have the right to have information corrected. You can do this by contacting us at DataProtection@ellipse.co.uk
What are your rights to be forgotten?
If you want to be forgotten, please contact us at DataProtection@ellipse.co.uk and we will delete all of the personal data we hold about you. If you had chosen to receive marketing communications this will cease.
Do we make any automated decisions when processing your data?
We do not apply any automated decision making to the personal data you provide to us.
How can you complain?
If you are unhappy with the way in which your personal data is handled, please contact our Data Protection Officer.
If you remain unhappy with our response to your complaint, you can complain directly to the Information Commissioners Office (ICO). They are the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals. Visit https://ico.org.uk/concerns/ to raise a complaint.