Privacy Policy

Controller

Dolmen Insurance Brokers Ltd T/A Dolmen Underwriting herewithin referred to as “Dolmen”, is both a data controller and processor as defined under the General Data Protection Regulation. CUsafe, Indian Insurance, Dolmen Underwriting and Asian Insurance are trading names used by Dolmen Insurance Brokers Ltd.

We are not responsible for the content of privacy practices of other websites. Any external links to other websites are clearly identifiable as such. Dolmen Insurance Brokers Ltd are committed to ensuring that your privacy is protected under the General Data Protection Regulation Data Protection act. This Policy explains how we use the data we collect about you, how you can instruct us if you prefer to limit the use of that data and procedures that we have in place to safeguard your privacy.

Your Rights

New data protection laws have come into force across Europe that give you more rights and choices about how your data is used.  The General Data Protection Regulation (GDPR) strengthens your rights over how companies use your data. A summary of these rights is as follows.

  • Right of access – you have the right to request a copy of the information that we hold about you.
  • Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
  • Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
  • Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
  • Right of portability – you have the right to have the data we hold about you transferred to another organisation.
  • Right to object – you have the right to object to certain types of processing such as direct marketing.
  • Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
  • Right to judicial review: in the event that Dolmen refuses your request under rights of access, we will provide you with a reason as to why.

All of the above requests will be forwarded on should there be a third party involved as we have indicated in the processing of your personal data.

Republic of Ireland – www.dataprotection.ie

 

The data we collect and how we use it

If you submit your email address on the website it will only be used by Dolmen. It is our policy not to pass email addresses to any third parties without first obtaining your consent. We receive and store certain types of data when you interact with us. For example, like many websites, we use “cookies” and we obtain certain types of data when you access the website. Cookies are small pieces of data that are stored by your browser on your computer’s hard drive and enable us to provide features such as remembering your address. Cookies can be deleted from your device or blocked if you wish. Most web browsers automatically accept cookies, but you can change your browser to prevent it from accepting them. We may also use aggregate information and statistics for the purposes of monitoring web site usage in order to help us develop the web site and our service and may provide such aggregate information to third parties. These statistics will not include data that can be used to identify any individual. We may collect personal data about you if you choose to provide it in the various sections in this website to provide you with information or a quotation. The data you provide will be used to assist in your request for a quote, provide you with information, or to improve the Web site and our products and services.

 

 

How we protect your data

The Internet is not a secure medium. However every effort has been put in place to protect your data. We have put in place, various security procedures as set out in this policy. Firewalls are used to block unauthorised traffic to our servers and these servers are located in a secure location which can only be accessed by authorised personnel. Your data is encrypted, confidential and is only stored for lawful purposes. All staff members follow internal procedures and are trained to keep your data safe and secure.

Disclosure to 3rd parties

We do not sell, trade or rent your personal data to others. It is our policy not to pass personal data to any third parties without first obtaining your consent. We may provide aggregate statistics about users, traffic patterns and related site data to reputable third-parties, but these statistics will include no personally identifying data.

In certain circumstances, Dolmen may disclose personal data to law enforcement agencies providing the request is legitimate. In such circumstances, Dolmen will seek assistance from the Board or from Dolmen legal advisers where necessary

Collection and use of Personal Data

We use personal data to arrange transactions on your behalf as agreed with you, to service our customers, assist with claims and the payment of policy benefits. We must have a lawful basis to collect and use personal data.

Needed for your contract:

We need to collect and use your personal data to provide our services to you, this includes but is not limited to, your name, date of birth, contact and bank account details. Depending on the policy type this can include health, employment, pension and salary information. We restrict access to, and use of, any sensitive personal data. We also create new personal data.

Personal Data needed for policy contracts is held and used to;

  • Process your application
  • Set up and issue your policy;
  • Provide you with information about your policy;
  • To help the administration of your policy and assist with the payment of your policy benefits;
  • Provide customer care and service; and
  • Contact you to inform you of any relevant actions you may need to take.

Required by law:

We use your personal data to comply with law and regulations such as;

  • Reporting to regulators;
  • Keeping proper books and records

We carry out internal reporting, quality checking, compliance controls and audits to help meet these obligations.

We must collect certain personal data to comply with Anti-Money Laundering Law. This depends on your policy type. To do this, we use your name, date of birth, address, nationality and occupation data:

  • Up to date proof of identification and address.
  • Screening of all customers against financial sanctions and Politically Exposed Persons (PEP) lists.
  • Where needed we carry out searches of publicly available information.

 

You may be asked to give us your tax residence information and tax identification number for tax reporting for certain policies. In order to give you information and updates on your policy, we may use your policy and contact details. We use our customer personal data, including yours, to identify the target market for our regulated services.

In order to receive financial advice from us, you must give personal and financial information for your current and future needs to be assessed. This enables us to recommend the most suitable financial product for you. This also involves creating new and assumed personal data about you. We complete an analysis of you using your personal data to comply with regulations. When you give us your personal data we will check to see if we already have a record of you, this helps us to comply with your Data Protection Rights.

Legitimate Interest:

We use your personal data for our legitimate interests as shown below. This doesn’t affect your privacy rights. We believe these uses benefit our customers. You can contact us if you have any questions using the contact details of this Privacy Notice,

Statistical Analysis

  • We may combine and group personal data for analysis to help us understand our customers and develop better services for you.
  • We use summary data to help promote our services and products from our product providers.

Your Consent

You need to give your consent for us to collect and use personal data classed as sensitive or for certain uses of your personal data. You are given the choice to provide consent, or not. When we collect your consent, we will explain what we need it for and how you can change your mind in the future.

  • Profiling
  • Direct Marketing
    • We would like to be able to contact you about offers and services from across our group of companies, separately from your policy communications. We will only send you digital marketing content where we have your consent. When you use our website you can consent to third party advertising. This shows us if you have visited our website before or visited any websites offering similar products or services.
  • Sharing with Other Companies with whom we have business arrangements
    • We believe it may help you if we know whether you have products and services provided by other companies or if other services may be of interest to you. We will use this to provide you with additional services with your consent.

 

Consent and How to Withdraw Consent

If we process your personal data based on consent, you have the right to withdraw that consent in certain circumstances. The opt-out methods will depend on how the consent was collected and will be explained when you give us your consent, e.g. you can change your mind using the opt-out link in any direct marketing emails sent to you.

You can also withdraw consent by contacting us directly.

How and where do we get your personal Data?

You provide us with your personal data directly when you contact us, complete our forms, speak with us or visit our websites, and social media accounts. For more information on what personal data is collected and used on our website please review this document. We also get personal data from insurance companies, solicitors, employers or regulators (where relevant).

We also create new personal data about you based on data you have given us and through your interactions with us such as noting your online preferences,

To whom do we pass your data to?

  • Data Processors:
    • For quotations and insurance contracts, we use several GDPR compliant insurance companies. All data is transferred securely and is not used by other parties without consent.
  • Trustees:
    • Appointed in connection with the Policy/Contract.
  • Investment Service Providers:
    • We pass limited personal data to investment service providers where you want to access these services through your policy e.g. Stockbroker or Online Trading Platform.
  • Regulators:
    • Regulators and the Revenue Commissioners or as needed to comply with regulations and laws.
  • Other Companies:
    • We pass your personal data to third parties, including other companies within the Insurance sector, with your consent.

 

Do we transfer your personal data outside of the EU?

Your data may be transferred to a country which falls outside the EU Commissions list of adequate countries, however your insurer will have the necessary safeguards in place to ensure that all recipients are GDPR compliant.  For full details of how your personal data is used and stored by your insurer you can contact us by email dpo@dibl.ie or in writing to

 

Data Protection Officer
Dolmen Insurance,
Butterly Business Park,
Artane,
Dublin 5

 

How long do we keep your personal data for?

We keep and use your personal data for as long as you have a relationship with us. We also hold it after this where we need to for complaints handling, for system back-ups needed for disaster recovery and for as long as necessary under the relevant regulations.

Purpose

The purpose of this policy is to specify Dolmen guidelines for retaining different types of data.

 

Scope

The scope of this policy covers all company data stored on company-owned, company-leased, and otherwise company-provided systems and media, regardless of location.

Note that the need to retain certain data can be mandated by local, industry regulations and will comply with EU General Data Protection Regulation (GDPR) and the Data Protection Act 1988 and the Data Protection (Amendment) Act 2003.

 

Policy

 

Subject Access Request:

Subject access requests must be made in writing to the Data Protection Officer. You must give any details needed to help you identify and locate all the data we may have (e.g., previous addresses, customer account numbers). Dolmen may also ask to verify your identity. In certain circumstances you may be asked to pay a reasonable fee.

 

Reasons for Data Retention

Dolmen does not wish to simply adopt a “save everything” approach. That is not practical or cost-effective and would place an excessive burden on company and IT Staff to manage the constantly-growing amount of data.

Some data, however, must be retained in order to protect Dolmen’s interests, preserve evidence, and generally conform to good business practices. Some reasons for data retention include:

 

  • Litigation
  • Accident investigation
  • Security incident investigation
  • Regulatory requirements
  • Intellectual property preservation

 

Retention of Data

The length of time we hold your data depends on a number of factors, such as regulatory rules and the type of financial product we have provided to you.

 

Those factors include:

  • The regulatory rules contained in laws and regulations or set by authorities like the Central Bank of Ireland, for example, in the Consumer Protection Code.
  • The type of financial product we have provided to you.
  • Whether you and Dolmen are in a legal or some other type of dispute with another person or each other.
  • The type of data we hold about you.
  • Whether you or a regulatory authority asks us to keep it for a valid reason.
  • Whether we use your data for long-term statistical modelling, provided that such modelling does not affect any decision we make about you.
  • As a general rule, we keep your data for a specified period after the date on which a transaction has completed or you cease to be a customer.

 

 

Retention of Encrypted Data

Encryption keys must be retained for the same period as the data that they are used decrypt.

 

Data Destruction

Data destruction is a critical component of a data retention policy. Data destruction ensures that Dolmen will use data efficiently thereby making data management and data retrieval more cost effective. Exactly how certain data should be destroyed is covered in the Data retention Policy.

When the retention timeframe expires, Dolmen must actively destroy the data covered by this policy. If an employee feels that certain data should not be destroyed, he or she should identify the data to his or her supervisor so that an exception to the policy can be considered. Since this decision has long-term legal implications, exceptions will be approved only by a member of the board.

Dolmen specifically directs employees not to destroy data in violation of this policy. Destroying data that an employee may feel is harmful to himself or herself is particularly forbidden, or destroying data in an attempt to cover up a violation of law or company policy.

 

Applicability of Other Policies

This document is part of Dolmen cohesive set of security policies. Other policies may apply to the topics covered in this document and as such the applicable policies should be reviewed as needed.

 

Right of Rectification or Erasure

If we hold incorrect data about you, you have the right to have the data amended. Further, you have the right for any data you have given us to be deleted. We are not required to rectify or erase data that would prevent you from meeting your contractual obligations or where we are required to process (including retaining) your personal data for a lawful purpose in accordance with regulations, laws or data protection acts.

 

Children’s Privacy

Our website does not address anyone under the age of 13 (“Children”). We do not knowingly collect personal identifiable data from children under 13 directly. If you are a parent or guardian and become aware that we may have collected Personal Data from a child without parental consent, please contact us immediately so we can take steps to remove the data from our servers.

How to contact Dolmen Underwriting

We welcome your views about our website and our Privacy Policy. If you would like to contact us with any queries or comments please send an e-mail to dpo@dibl.ie

Changes to this privacy policy

Dolmen reserves the right to modify this Privacy Statement. If and when our data collection practices change, we will modify this Privacy Statement and will notify you were required by applicable law. We encourage you to check this page frequently for any material changes or other modifications to this Privacy Statement. For more information contact us by writing to Dolmen Insurance Brokers, Butterly Business Park, Artane, Dublin 5.

 

You Can

Contact us at any time to:

  • Request access to Data that Dolmen has about you
  • Correct any data Dolmen has about you.
  • Delete certain data that Dolmen has about you
  • If you have any additional questions about Dolmen collection and storage of data, please contact us at:

Tel: (01) 8672121

 

Fax: (01) 8672123

 

Email: dpo@dibl.ie

 

Write to:

 

Data Protection Officer

Dolmen Insurance,

Butterly Business Park,

Artane,

Dublin 5

 

Website(s):

www.dolmen-insurance.ie

www.cusafe.ie

www.indianinsurance.ie

www.camper.ie

www.asianinsurance.ie

 

Registered in Ireland under Company Registration Number 293180

Dolmen Insurance Brokers Ltd T/A Cusafe, Asian Insurance and Dolmen Underwriting is regulated by the Central Bank of Ireland.