Insurance Brokers
Insurance Brokers
We will ensure data is processed lawfully, fairly, and in an open and transparent manner and ensure appropriate security measures are in place against unauthorised or unlawful processing or accidental loss, destruction, or damage using appropriate technical or organisational measures. (such as restricting access to key people within our organisation for certain aspects of your information, and periodically checking the level of security we apply to prevent unauthorised use, accidental loss, or misuse of your information)
The contractual arrangements we have in place with our suppliers (such as the insurance companies we use, our customer database software provider, and similar
providers of services to us, including other third-party companies that use our
services) are governed by and shall be deemed to operate strictly in accordance with
the terms of such contracts. Importantly, these contracts set out to define how data will
be processed between us and providers of services to us, including the circumstances
wonder which we act as a processor or controller, as is required by the UK-GDPR. When we act as a controller of your data, we will, in certain circumstances, also process your data, and as a controller, also determine the purposes and means of processing that data; in particular, this will include the data processed by us as an agent of an insurer operating underwriting facilities and data processed by third parties, whose services we may use.
Lawful Basis
Collecting information about you
When we collect information about individuals, we may collect personal data which
may include a variety of information about an individual (e.g. their name, address of
residence, communication and contact details, and other personal information, such
as a date of birth). Where relevant to do so we may also collect information relating to
an individual, indirectly by reference to an identifier (e.g. an IP address, which is a
unique number identifying your computer, laptop or similar portable device).
Where required and appropriate to so, we will also collect more sensitive personal
information (such as details about an individual’s motoring or criminal convictions,
details of health, credit worthiness and other similarly sensitive information).
In certain circumstances (such as when an Insurance Company or similar provider of
services to us requires us to do so) we will collect information from a variety of different
sources (e.g. publicly available sources, such as social media and networking sites;
third party databases generally available to the financial services sector, and the wider
commerce and industry including, MGA’s, Lloyd’s of London, claims management firms,
loss adjusters and or other suppliers appointed in the process of handling a claim or
credit reference and similar agencies), this may also include information from you
regarding your past insurance policies and arrangements.
Using information about you
We will use information, including sensitive information, about individuals, and other
parties related to our insurance activities, because it is principally:
necessary for the performance of or to take steps for an individual to enter into a
contract of insurance; or it is necessary for compliance with a legal obligation; or it is
necessary to protect the vital interests of a data subject or another person; and
necessary for our own legitimate interests or those of other controllers or third parties
(e.g. to search at credit reference agencies, monitor e-mails, calls and other
communications or for market research, analysis and developing statistics) except
where such interests are overridden by the interests, rights or freedoms of the data
subject. These bases include, providing an insurance quotation, arranging and
placement of a policy or access to an underwriting facility, and providing administration
through-out the lifecycle of an insurance arrangement as well assisting with making a
claim.
In certain circumstances, such as when a quotation is requested, or changes are made
to an existing policy or at each renewal of an insurance arrangement, any or all of our
group companies assessment may involve an automated decision to determine
whether we are able to provide an insurance arrangement. Individuals can object to us
using an automated decision (see the individual rights section)
However, in those situations it may prevent us from being able to provide you with
insurance.
We will share information, including sensitive information, about you, and other parties
related to this insurance because it is:
necessary for the performance of or to take steps for you to enter into a contract of
insurance; or necessary for compliance with a legal obligation; or necessary to protect
your vital interests; or necessary for our own legitimate interests or those of other
controllers or third parties; and necessary for a task carried out in the public interest or
for an exercise of an official authority (e.g. a regulatory body). This includes sharing your
information with carefully selected third parties providing a service to us or on our
behalf, these include, the insurance companies with who we deal, (you can write to our
Compliance Department should you wish to view a list of all the insurance companies
with whom we have arrangements), and or our finance provider, Premium Credit Limited
(who is our selected finance provider governed by consumer credit legislations).
What we will not do with your information
Unless required to do so by law, or for other similar reasons, other than those outlined
(see sharing your information) we will never otherwise share personal information
without good reason and without ensuring the appropriate care and necessary
safeguards are in place; we will in any other event ask for your consent to share that
information and explain the reasons.
How long we will keep information
We will only keep and or maintain information about an individual for as long as is
necessary in providing our products and services or for compliance with a legal or
regulatory obligation, including our legitimate interests or of a controller (e.g. Stow
Insurance Brokers Ltd when acting as an agent of insurer for a placement facility)
This means, we will only keep, information that is necessary to keep so that we can
sufficiently deal with administrative issues, queries, claims and or for compliance with
legal reasons; usually we will keep information for a minimum retention period of 7
years and or maximum period of 40 years, after cessation of a product or service we
have provided.
However, we will keep information for much shorter periods if that information related
merely to a quotation which did not then result in a contract of insurance being
arranged; in these circumstances we will keep information for a minimum retention
period of 12 months and or maximum period of 18 months unless such information
becomes manifestly out-of-date in which case we may keep quotation information for
shorter periods.
In any event all information shall be stored in strict compliance with the UK-GDPR
legislation at all times; and using appropriate technical or organisational measures we
will regularly:
review the length of time we keep and or maintain information about you; consider the
purpose or purposes why we hold the information about you in deciding whether (and
for how long) to retain it; securely delete information about you that is no longer needed
for this purpose or these purposes; and update, archive or securely delete information
about you if it goes out of date.
Sensitive Data
In carrying out our duties as Data Controller and Data Processor we will collect
sensitive information, about you, and other parties related to this insurance because it
is:
necessary for the performance of or to take steps for you to enter into a contract of
insurance; or necessary for compliance with a legal obligation necessary to protect your
vital interests; necessary for our own legitimate interests or those of other controllers or
third parties; an necessary for a task carried out in the public interest or for an exercise
of an official authority (e.g. a regulatory body) What we mean by sensitive data includes
information such as:
about an individual’s health including medical conditions; motoring or other criminal
convictions; and racial or ethnic origin or religious beliefs. We will always apply
additional organisational and technical measures for this category of data, including
restrictions to access this data (this is where data may be secured with additional layers
of security to prevent misuse and protect personally identifiable information).
Use and storage of your information overseas
We will never knowingly transfer, store, or process information about you or an
individual, outside the European Economic Area (EEA). The EEA consists of all EU
member states, plus Norway, Iceland, and Liechtenstein. This means that your personal
data will be fully protected under the EU GDPR and/or to equivalent standards by law.
Transfers of personal data to the EEA from the UK are permitted without additional
safeguards. In any event, if we are compelled to transfer your information outside the
EEA (e.g. because it is an insurance arrangement with an Insurance Company who is
outside the EEA or part of a larger group of companies who pass information outside the
EEA) it shall be in compliance with the conditions for transfer set out in the GDPR and or
restricted to a country which is considered to have adequate data protection laws. All
reasonable steps shall typically have been undertaken to ensure the firm to which
information is being transferred has suitable standards in place to protect such
information
Using our Website and Cookies
You will be asked to accept a cookie, which is a small file of letters and numbers that is
downloaded on to your computer when you visit any of our group of companies’
websites. This will be clearly explained to you when you visit the website and you will
typically have to accept the cookie to benefit from the services the website can offer.
Cookies are operated in strict accordance with Privacy and Electronic Communications
Regulations 2011 (PECR) and are widely used by many websites and primarily enable
the website to remember an individual’s preferences, recording information the
individual may have entered into the web pages.
These same rules also apply if any individual accesses or uses any other type of
technology to gain access to information stored electronically by us (e.g. Stow
Insurance Brokers Ltd quote facility or app using a smartphone or similar portable
device).
Individual Rights
Individuals have a number of rights relating to the information we hold these rights
include but are not limited to:
a copy of the personal information we hold (once requested, we have a maximum of one
month to give an individual such information); rectify information, if it is inaccurate or
incomplete; request the deletion or removal of an individual’s personal data where
there is no compelling reason for its continued processing; suppress processing of an
individual’s personal data, when processing is restricted, we are permitted to store the
personal data, but not carry out further processes. We will retain sufficient information
about the individual to ensure that the restriction is respected in future (see Marketing);
object to certain uses of an individual’s personal information (see Marketing); in certain
circumstance to not be subject to a decision when it is based on automated processing;
and or it produces a legal effect or a similarly significant effect on an individual;
withdraw any permission you or an individual may have previously provided; and
complain to the Information Commissioner’s Office at any time if you or an individual is
not satisfied with our use of such information.
Individuals can request a copy of the personally identifiable information we hold by
contacting us about them, including the right to have such information in a portable
form ‘a right to data portability’ so we will normally, not only provide the information free
of charge (however we may apply a charge where information requests are excessive)
but we will provide that information in a format that is easily accessible, sometimes in a
CSV format, should an individual require it in that format to ensure information can be
exchanged easily with other organisations.
If you would like further information or wish to make a Subject Access Request (SAR)
you can: Email: info@stowib.co.uk Write to: Compliance Department, Stow Insurance
Brokers Ltd 5 Pine House Stow-On-The-Wold Cheltenham GL54 1AF Call: 01451 870779
Marketing
When marketing to you as an individual (including, individual sole traders and
partnerships), we will either rely on the permission we have (if we are able to do so) or
we will ask for your permission (consent) to contact you, including the means to contact
you (such as by phone, or e-mail, push notifications, SMS text, or post) to tell you about;
new products or services we have or are developing; trialling products and services
which we think may improve our service to you or our business processes; offer you
rewards enter you into a competition; We will typically ask for permission when you first
contact us, (usually but not limited to our websites), however, you will maintain the right
to easily withdraw such consent when-ever you wish (unsubscribe).
We will regularly review any such consent to check that your relationship with us and
any processing including the purposes have not changed.
In all situations where we market to a business we will observe both the market
standards and those rules and guidelines of the Privacy and Electronic Communication
regulations (PECR).
We have in place such a process to ensure we refresh your consent at appropriate
intervals, including any parental, or third-party consents (where relied upon) and act on
withdrawals of consent (unsubscribe) as soon as we can and not penalise you if you not
choose to give and later decide to withdraw your consent.
Research and analysis
Personal information we hold may be converted into statistical or aggregated data (e.g.
this is data which cannot be traced back to an individual) to produce or undertake
statistical or analytical research and development work, which may be shared with
Stow Insurance Brokers Ltd who provide the underwriting services that we access to
enable us to provide suitable insurance arrangements to the insurance market now and
in the future.
We may continue using personally identifiable information we may hold, specifically
relating to an individual’s past insurance arrangements or policies, after cessation of
any insurance arrangement with us for further processing (e.g. research and analysis)
If you wish to raise a complaint, please refer to our official complaints procedure here;
Insurance Brokers
Copyright © 2025 by STOW. All Rights Reserved.
Insurance Brokers
A: No. 5 Pine House, The Square, Stow On The Wold, Gloucestershire, United Kingdom, GL54 1AF
Registered in England & Wales No 15134395. Registered Office: No 5 Pine House, The Square, Stow On The Wold, Gloucestershire, United Kingdom, GL54 1AF. Stow Insurance Brokers Ltd is an Appointed Representative of Momentum Broker Solutions Limited, which is authorised and regulated by the Financial Conduct Authority.
Registered in England & Wales No 15134395. Registered Office: No 5 Pine House, The Square, Stow On The Wold, Gloucestershire, United Kingdom. GL54 1AF. Stow Insurance Brokers Ltd is an Appointed Representative of Momentum Broker Solutions Limited, which is authorised and regulated by the Financial Conduct Authority.
Insurance Brokers
Copyright © 2025 by STOW. All Rights Reserved.
Insurance Brokers