At Volante we are dedicated to safeguarding and preserving your privacy when visiting our site or communicating electronically with us.
This Privacy Notice provides an explanation as to how we use your personal information and will update any previous information we have given you about using your personal information (also referred to as personal data). We do update this Notice from time to time so please review it regularly.
In this Privacy Notice, ‘we’ and ‘us’ means Volante Capital Holdings (Bermuda) Ltd, Volante Global Ltd and their subsidiary companies, which are listed below. ‘Group’ means that group of companies or its members. The Volante Global companies trading at the date of this Notice are:
- Volante Capital Holdings (Bermuda) Ltd
- Volante Global Ltd
- Horizon Managing Agency AG
- Volante International Ltd
- Bridge Underwriting AB
- Volante Global (Services) Ltd
We are what the General Data Protection Regulations refer to as a ‘controller’ of the personal data that we gather and use.
You have rights over your personal data, including the right to know what personal data we hold about you and the right to object to how we use it. You can also ask us to correct inaccuracies, delete or restrict personal data about you, or to ask for your personal information to be provided to someone else. We’ve set out more details of these rights at the end of this Notice.
We have not appointed a dedicated ‘Data Protection Officer’ but our Chief Legal Officer will deal with any data protection enquiries and any requests you make to exercise your rights. Details of how to contact us are set out at the end of this Notice.
You also have the right to complain to the Information Commissioner’s Office if you are not satisfied with how we respond to you on matters relating to your personal data and you can find out more about this at https://ico.org.uk.
Information we collect
We collect and process the following data about you:
- Information that you provide to us when you communicate with us, whether by email, via this website, by telephone, in writing or in other communications. This includes the information you provide to us when requesting insurance, amending your cover, or making a claim. We may supplement the information that you provide to us with information that we receive or obtain from other legal sources, such as credit reference agencies.
- Details of your visits to our website and the resources that you access, including, but not limited to, traffic data, location data, weblogs and other communication
- We may also gather certain information about you when you use our website including details of your domain name and IP address, operating system, browser, version and the website that you visited prior to our site. We may do this by way of a cookie as described below.
How we use your information (‘processing’ your personal data)
The Volante Global Group is committed to meeting its obligations under applicable local privacy and data protection laws.
Group companies will observe the law in all collection and processing of data and will meet any subject data access request in compliance with the law. In the UK, this includes the General Data Protection Regulations (“GDPR”) and the UK Data Protection Act 2018 (the “Act”). Equivalent law applies in other EEA jurisdictions.
Data will only be used for: the purposes stated in the company’s literature, including this privacy notice; purposes relevant to carrying out the company’s responsibilities under the insurance and/or reinsurance contract; and, where required, overriding requirements such as criminal investigations.
All necessary steps will be taken in the collection and storage of any sensitive data to ensure that the data is secure and all staff will do their utmost to keep all data accurate, up-to-date and secure.
Group companies are committed to making staff aware of the requirements under relevant privacy and data protection legislation. All staff are aware that personal or sensitive data can only be disclosed in limited circumstances
The information that we collect and store relating to you will used (‘processed’) for the following purposes:
- to meet our contractual commitments to you;
- where we outsource any part of providing our products and services to you, we may permit the agents or contractors providing that outsourced activity to use your data under the terms of their contract with us (which shall include a strict requirement to keep your personal data confidential and to process it only in accordance with all applicable laws);
- to provide you with information requested from us, relating to our products or services;
- to analyse how you are using our products and services and/or our website and other communications, with the aim of improving them;
- to notify you about any changes to our products, services or website, such as improvements or service/product changes, that may affect our service; and
- if you have consented to receiving marketing communications from us, we may contact you with information about our products and services that may be of interest to you.
Our lawful basis for processing your personal data
We only use your personal information in accordance with the law and the Act requires us to have an express ‘lawful basis’ for the ways in which we use your personal data. Depending on the type of data we are processing in a given situation, our lawful bases are:
- where we have your consent (in situations where consent is the only lawful basis we would have);
- where we need to use the information to comply with our legal obligations (such as to comply with insurance regulation);
- where we need to use the information to perform a contract with you (such as your insurance policy); and/or
- where it is necessary for us to process the information for an insurance purpose (such as settling a claim) and the information is personal data concerning health, or revealing genetic data, racial or ethnic origin, religious or philosophical beliefs or trade union membership.
Where the lawful basis for us to process your personal data is your consent, you have the right to withdraw your consent: please refer to the section headed “Your rights over the personal data we process” below.
Storing your personal data
Data that is provided to us is stored on secure servers. Details relating to transactions, if any, entered into on our site will be encrypted to ensure its safety. We will take all reasonable steps to make sure that your data is treated securely and in agreement with this Privacy Notice.
We do not hold your personal data for any longer than we need it in order to carry out the lawful basis we have for processing it, but this can be for a relatively long period of time. For example, we will hold information that you provide to us when entering into a policy of insurance with us until the statutory limitation period for litigation based on the policy has expired – this is typically 6 years after the date that the contract expires, but can be longer.
The transmission of information via the internet is not completely secure and therefore we cannot guarantee the security of data sent to us electronically: transmission of such data is therefore entirely at your own risk. You accept the inherent security risks of providing information and dealing on-line over the internet and will not hold us responsible for any breach of security unless this is due to our negligence or wilful default.
Use of your information outside the European Union
We may need to transfer your personal information to countries outside the European Union that may not protect your personal information as extensively as the United Kingdom. If we do so we will keep control of the information or require anyone to whom we pass it to treat it to UK data protection standards.
Cookies help us to understand how you use our website. The information that they send us will not identify you personally; it is statistical data about our visitors and their use of our site.
All computers have the ability to decline cookies. This can be done by activating the setting on your browser which enables you to decline the cookies. Please note that should you choose to decline cookies, you may be unable to access particular parts of our website.
For more information about cookies, including how to decline them and to delete cookies that may already be saved on your computer, visit www.allaboutcookies.org or go to the help menu within your internet browser.
We may also use web beacons in our emails to you. These are transparent image files that can be used to see if an email was read or forwarded to someone else. If you object to web beacons in emails, we recommend that you follow the same procedure for deleting existing cookies and disabling future cookies (see how to do this at www.allaboutcookies.org). We will still know how many of our emails are opened and we will automatically receive your IP address, a unique identifier of your device or other access device; but we will not be able to identify you as an individual.
Third Party Links
You might find links to third party websites on our website. These websites should have their own Privacy Policies which you should check. We do not accept any responsibility or liability for their Policies whatsoever as we have no control over them.
Your rights over the personal data we process
The UK Data Protection Act 2018, or equivalent legislation in your country implementing the European Union’s General Data Protection Regulations, gives you the following rights over your personal data. If you would like to exercise any of these rights in relation to personal data that we hold, please see how to contact us, below.
Request access to your personal data (commonly known as a “data subject access request”). This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
Request correction of the personal data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
Request erasure of your personal data. This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your personal data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
Object to processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
Request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:
- if you want us to establish the data’s accuracy;
- where our use of the data is unlawful but you do not want us to erase it;
- where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
- you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.
Request the transfer of your personal data to you or to a third party. We will provide to you, or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
Withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
T +44 (0)20 3795 2976 E email@example.com
By post: Data Protection Enquiries, Chief Legal Officer, Volante Global Limited, 20 St Dunstan’s Hill, 5th Floor, London, EC3R 8HL
On behalf of Volante Global: 20 St Dunstan’s Hill, 5th Floor, London, EC3R 8HL, UK
© Volante Global Limited 2018. All Rights Reserved.