Close
Request a Call Back

    Enter Captchacaptcha

    In accordance with the General Data Protection Regulation and related UK data protection legislation, we are committed to protecting the confidentiality and security of the information that you provide to us.

    This Privacy Notice is designed to help you understand how we collect and use your information.

    We may collect information from you about other people, for example, family members who may drive your car or who may be included on a travel or household insurance policy. If you give us information about another person it is your responsibility to ensure and confirm that:

    • you have told the individual who we are and how we use personal information, as set out in this Privacy Policy; and
    • you have permission from the individual to provide that personal information to us and for us to use it, as set out in this Privacy Notice.

    Where we collect information directly from you it will usually be obvious as you will be answering questions that we ask. This may not be the case where we have used cookies to collect information from your computer or device, please see our cookies policy for more information.

    If you have any questions or queries about this policy please contact us.

    Cookie Policy

    We use a number of different cookies on our site. If you do not know what cookies are, or how to control or delete them, then we recommend you visit http://www.aboutcookies.org for detailed guidance. The list below describe the cookies we use on this site and what we use them for.

    Cookie Name Cookie Owner Cookie Description
    DYNSRV Hosting Company This cookie is believed to be used for load balancing to manage server traffic demand.
    _gat_gtag_UA_107257949_1 Google Analytics This is a pattern type cookie set by Google Analytics, where the pattern element on the name contains the unique identity number of the account or website it relates to. It appears to be a variation of the _gat cookie which is used to limit the amount of data recorded by Google on high traffic volume websites.
    _gid Google Analytics Used to distinguish users.
    _ga Google Analytics Used to determine a user’s inclusion in an experiment and the expiry of experiments a user has been included in.
    wordfence_verifiedHuman Wordfence Cookie set by the Wordfence Security WordPress plugin to protect the site against malicious attacks.
    wfwaf-authcookie Wordfence This cookie is set by the WordPress security plugin “Wordfence”. It is used to authenticate user’s login request.
    wfvt_ Wordfence This allows a security plugin we use to operate.
    wfvt_4109635659 Wordfence This allows a security plugin we use to operate.
    wp-settings-time- WordPress WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
    wp-setting- WordPress WordPress also sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
    wordpress_test_cookie WordPress WordPress sets this cookie when you navigate to the login page. The cookie is used to check whether your web browser is set to allow, or reject cookies.
    wordpress_sec WordPress Essential WordPress session management cookies for logged in users.
    wordpress_logged_in WordPress After login, wordpress sets the wordpress_logged_in_[hash] cookie, which indicates when you’re logged in, and who you are, for most interface use.
    gdpr_popup Photoshield This cookie is used to track who has already been shown the notice. The cookie has been set never to expire unless there is a change in the privacy policy.

    1. Introduction

    This Privacy Notice covers the information practices of the following Aston Lark group companies and their subsidiaries and associated companies, collectively referred to in this document as “Aston Lark”. Each group company is a Data Controller in its own right:

    Data Controller

    Registered Number

    Registered Address

    Aston Lark Limited

    02831010

    8th Floor, Ibex House, 42-47 Minories, London, EC3N 1DY

    Aston Scott Ltd

    01341849

    Malling House, Town Hill, West Malling, Kent, ME19 6QL

    Aston Lark Employee Benefits Limited

    02792080

    8th Floor, Ibex House, 42-47 Minories, London, EC3N 1DY

    Robertson Low Insurances Ltd

    338916

    10 The Courtyard, Kilcarbery Park, Nangor Road, Dublin 22

    Jobson James Insurance Brokers Limited

    7117949

    8th Floor, Ibex House, 42-47 Minories, London, EC3N 1DY

    Highworth Insurance Limited

    07980064

    8th Floor, Ibex House, 42-47 Minories, London, EC3N 1DY

    Pharos Insurance Brokers Limited

    716939

    Malling House, Town Hill, West Malling, Kent, ME19 6QL

    Protean Risk Limited

    06390043

    8th Floor, Ibex House, 42-47 Minories, London, EC3N 1DY

    Wright Group Brokers Ltd

    410781

    The Bushels, Cornmarket, Co.Wexford

    Isca Barum Insurance Brokers Limited

    02713714

    8th Floor, Ibex House, 42-47 Minories, London, EC3N 1DY

    Buckland Harvester Insurance Brokers

    05402834

    8th Floor Ibex House, 42-47 Minories, London EC3N 1DY

    Brunel Professions Limited

    05071851

    3 Temple Quay, Temple Back East, Bristol BS1 6DZ

    Dunsby Associates Insurance Brokers Ltd

    09676327

    Granville House, 2 Tettenhall Road, Wolverhampton WV1 4SB

    RiskAlliance Limited

    03317097

    8th Floor Ibex House, 42-47 Minories, London EC3N 1DY

    RiskAlliance Internationals Ltd

    03633199

    8th Floor Ibex House, 42-47 Minories, London EC3N 1DY

    Incepta Risk Management Ltd

    07285254

    8th Floor Ibex House, 42-47 Minories, London EC3N 1DY

    Bruce Stevenson Insurance Brokers Limited

    SC073638

    76 Coburg Street, Edinburgh, EH6 6HJ

    Sennocke International Insurance Services Limited

    02489110

    6 Pembroke Road, Sevenoaks, Kent TN13 1XR

    Venture Insurance Brokers Limited

    07544321

    Bank House, 1 Burlington Road, Bristol BS6 6TJ

    Inet3 Limited

    02694581

    3 Whiting Street, Bury St Edmunds, Suffolk IP33 1NX

    Constabulary Travel Club Limited

    01596058

    Salisbury House, Salisbury Road, Cambridge, CB1 2LA

    Right to Health

    06521982

    Crown House, Home Gardens, Dartford DA1 1DZ

    DNA Insurance Services Ltd

    4537209

    Northside House, Mount Pleasant, Barnet, England, EN4 9EE

    We have appropriate safeguards in place, in accordance with our data protection obligations, for the protection of any Personal Data which we process. Our security controls are aligned to industry standards and good practice, providing a control environment that effectively manages risks to the confidentiality, integrity and availability of your information. Additionally, we ensure that our staff remain aware of our data protection obligations and are required to undertaken annual training and testing. We take the protection of your privacy and the confidentiality of your personal information (“Personal Data”) seriously. This Notice sets out how we meet our obligations regarding data protection and the rights of our customers, prospective customers, and former customers (“Data Subjects”) in respect of their Personal Data as defined under relevant data protection legislation (including the Data Protection Acts of 1998 and 2018 [“the DPA”], the General Data Protection Regulation effective from 25 May 2018 [“the Regulation”] and any subsequent data protection legislation).

    The Regulation defines Personal Data as any information relating to an identified or identifiable natural person (a Data Subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or by one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

    Aston Lark is committed not only to the letter of the law, but also to the spirit of the law and places high importance on the correct, lawful, and fair handling of all Personal Data, respecting the legal rights, privacy, and trust of all individuals with whom we deal.

    This Privacy Notice should be read in conjunction with our Cookie Policy and the Terms and Conditions of Use of any of the Aston Lark websites you access.  Any information you provide about you, and, where applicable, others, within any website operated by Aston Lark will be processed as set out in this Privacy Policy.

    2. Assessing privacy risk

    We have identified the Personal Data types that we process and the methods by which we process such Personal Data. We have assessed the inherent risk associated with each particular data type and process, and have in place practices and controls to minimise the risks of loss or damage through accident, negligence or deliberate actions. As well as reviewing this internally we also consider the processing activities of those third parties with whom we share data in order to meet our obligations to customers, staff, insurers, and those individuals that we deal with in our day-to-day activities.

    3. How we will collect information about you

    We will collect information from you, your agents or representatives, as well as information received from:

    • insurers and their agents;
    • your employer (where appropriate);
    • generally available sources such as information about you in the public domain (for example information on directors held at Companies House), online and from third party data processors (provided that it is fair to do so); and
    • searches that we undertake in relation to sanctions, money laundering, and credit checks.

    This will include data that you input into our webpages, whether this is in relation to raising an enquiry with us, obtaining a quotation (even if this process is discontinued before being finished), or requesting documentation.

    The information obtained could include; your name, contact details (including address and e-mail address, telephone number), date of birth, gender, marital status, financial details, details of occupants of your property, employment details and benefit coverage, and details of your visits to and usage of our website (please see our Cookie policy). We may also collect ‘special categories’ of Personal Data (such as health, ethnic or racial origin or trade union membership) and criminal convictions data about you, and information about your family including children. (A full list of special categories of Personal Data is set out in the Regulation).

    We will process Personal Data for and only to the extent necessary for the specific purpose(s) outlined in this document.

    4. How we will use your information for the provision of our broking services

    The Data Controllers shall ensure that all Personal Data processed is kept secure and protected against unauthorised or unlawful processing and against accidental loss, destruction or damage.

    Your Personal Data will be used to enable us to fulfil our contractual obligations in relation to your insurance cover and the provision of any ancillary risk management services. Our processing of your Personal Data will include:

    • assessing your circumstances and insurance needs;
    • presenting such details to insurers for the purpose of obtaining quotations and placing cover;
    • arranging premium finance arrangements;
    • processing claims;
    • undertaking checks to guard against fraud, money laundering, bribery and other illegal activities;
    • handling complaints; and
    • analysing data, identifying trends, and developing and improving our services to you, including passing your name and e-mail address to Feefo Holdings Limited for the purpose of inviting you to submit a review in respect of our service

    To ensure that our processing of your data is lawful, such processing will only be undertaken if:

    • it is necessary for the performance of a contract to which you are, or will be, a party; or
    • you have given your consent; or
    • you confirm that any personal information you give to us about another person is given with their informed consent
    • processing is necessary for compliance with a legal obligation to which we are subject; or
    • processing is necessary to protect your vital interests; or
    • to perform a task carried out in the public interest or in the exercise of official authority vested in us; or
    • processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your fundamental rights and freedoms which require protection of Personal Data, in particular where the Data Subject is a child.

    We will process special category and criminal conviction data we collect about you for the performance of our contract with you, which is deemed to be necessary for reasons of substantial public interest. This allows us to quote for and provide you with insurance products and services, to process claims and renewals and to administer your policy.

    Where Personal Data about you is obtained from publicly available sources, we will only use such data fairly, meaning for legitimate purposes as would be anticipated of (and reasonably expected as) the activities of an insurance broker, or employee benefits consultant as appropriate, and not further processed in a manner that is incompatible with those purposes.

    5. Sharing your data

    Aston Lark seeks to offer clients a wide range of insurance broking and employee benefit consulting services. The Data Controllers will therefore share Personal Data with each other in order to inform you of other similar contracts and services provided by our other group companies that we believe you may benefit from. We only share limited Personal Data to enable this, typically name, contact details and type of insurance / investment / pension contracts you have effected and its associated renewal date. We will not share special categories of Personal Data (as defined in the Regulation), criminal convictions data or children’s data between Aston Lark group companies.

    As a Data Controller, each entity is responsible for safeguarding your Personal Data. Where we have a specific Non-Disclosure Agreement in place with you, your data will only be shared with your explicit prior consent in accordance with its terms.

    We may share your information with third parties only to the extent necessary to provide our services to you.  These third parties may include:

    • Your agent, adviser or employer
    • Support companies for the delivery of the products and services we offer to you including but not limited to: insurers; other insurance brokers, loss adjusters and loss assessors; risk managers, administrators, incident management firms; professional advisors; premium finance companies; IT providers, internet service providers and mailing/fulfilment houses;
    • Feefo to enable us to receive feedback on the services we have provided (their privacy notice can be found at: https://www.feefo.com/business/gb_en/privacy-policy
    • Our regulators and supervisory authority e.g. the Financial Conduct Authority (FCA) and the Information Commissioner’s Office for the UK (the ICO)
    • Law enforcement, credit and identity check agencies for the prevention and detection of crime
    • HM Revenue & Customs (HMRC) e.g. for the processing of tax relief on pension payments or the prevention of tax avoidance

    We do not sell, rent or trade our mailing lists, phone numbers or email addresses.

    6.  Marketing

    Existing Customers

    Aston Lark may contact you about relevant products and services offered by Aston Lark which may be of interest to you as part of your insurance and risk management strategy and also to provide news or information related to our business and the wider insurance market that we believe may be of interest to you in accordance with our legitimate interests.

    Former or prospective customers

    You may have provided Personal Data to us (including Personal Data provided for a quotation not taken up) or we may have obtained details about you from publicly available Personal Data.  Furthermore, you may have effected a contract with us but you subsequently cease to have a relationship with us (for example by having no active policies with us). In these circumstances we will retain this data for a period not exceeding 3 years from the date of our last contact or engagement, and will use this data in order to contact you with regard to your insurances and to provide news or information related to our business and the wider insurance market that we believe may be of interest to you in accordance with our legitimate interests.

    7.  Opting out of marketing

    We want to make it easy for you to make your own choices as to what information you receive from us and how we contact you. Therefore, whether you are an existing, former or prospective client we will always remind you of your right to opt out of future marketing related communications each time we send such correspondence to you. You can elect not to receive any marketing related communications from us at all, or request that you only receive certain types of communication.

    PLEASE REFER TO SECTION 13 BELOW FOR DETAILS OF THE DIFFERENT WAYS YOU CAN CONTACT US.

    8. Motor Insurance Database

    Where we have contracted with you for this service, we have outsourced this service to Motor Data Solutions (MDS) who may add Information relating to your motor insurance policies to the Government’s Motor Insurance Database (MID) managed by the Motor Insurers’ Bureau (MIB). MID and the data stored on it may be used by Insurers, the Police, DVLA/DVANI, the Insurance Fraud Bureau or other bodies permitted by law for purposes including, but not limited to:

    • Electronic Vehicle Licensing;
    • Continuous Insurance Enforcement;
    • Law enforcement (prevention, detection, apprehension and or prosecution of offenders);
    • Obtaining information if you are involved in a road traffic accident (either in the UK, the EEA or certain other territories).

    Persons (including his or her appointed representatives) pursuing a claim in respect of a road traffic accident (including citizens of other countries) may also obtain relevant information which is held on the MID.

    9. Disclosure of your personal information

    Where we use third parties to undertake functions on our behalf, as per examples provided in Section 5, above, we will only share relevant information with such third parties as is strictly necessary to enable them to perform those functions.

    Information may also be supplied to our external auditors and professional regulatory bodies if required by them and to other parties if required or permitted by law.

    It is our policy to retain documents and information about you, including insurances placed on your behalf, in electronic or paper format for a minimum of seven years or such longer period as appropriate having regard to when a claim or complaint may arise in connection with our processing of your information. The legal basis for this processing is that it is necessary to meet contractual, legal or regulatory obligations.  After seven years, these may be destroyed or erased without notice to you. You should therefore retain all documentation issued to you.

    10. Your rights

    You have the right to:

    • Know how we process your Personal Data;
    • access the data we hold about you, which will be provided to you within one month of your request, and is free of charge unless we reasonably believe that your request is manifestly unfounded or excessive;
    • have incomplete or inaccurate data rectified without undue delay;
    • the deletion or removal of Personal Data where there is no compelling reason for us to continue to process it (where you object to Aston Lark processing your Personal Data based on our legitimate interests, we shall cease such processing forthwith unless we have another lawful basis for such processing that overrides your interests, rights and freedoms; or the processing is necessary for the conduct of legal claims);
    • restrict our processing of your Personal Data (although we will still be permitted to store it where we have a legitimate interest in doing so, for example to address future disputes, in which case access to such Personal Data will be restricted as appropriate);
    • data portability (we will provide your data in a format that allows you to move, copy or transfer Personal Data easily from one IT environment to another in a safe and secure way, without hindrance to usability);
    • object to our processing your data (this can be in relation to only certain types of processing if you wish, so that other types of processing necessary for the performance of our contractual obligations can continue) where we do so in connection with our legitimate interests, or in relation to our profiling your data or using it for marketing purposes.

    If you would like to exercise any of your rights above you may do so by contacting us – PLEASE SEE SECTION 13 BELOW FOR CONTACT DETAILS.

    11. Transferring personal data to a country outside the EEA

    The Data Controllers may from time to time transfer (‘transfer’ includes making available remotely) Personal Data to countries outside of the EEA where this is necessary for us to provide our services to you. This will take place only if one or more of the following applies:

    1. The transfer is to a country, territory, or one or more specific sectors in that country (or an international organisation), that the European Commission has determined ensures an adequate level of protection for Personal Data;
    2. The transfer is to a country (or international organisation) which provides appropriate safeguards;
    3. The transfer is made with the informed consent of the relevant Data Subject(s);
    4. The transfer is necessary for the performance of a contract between the Data Subject and the Company (or for pre-contractual steps taken at the request of the Data Subject);
    5. The transfer is necessary for important public interest reasons;
    6. The transfer is necessary for the conduct of legal claims;
    7. The transfer is necessary to protect the vital interests of the Data Subject or other individuals where the Data Subject is physically or legally unable to give their consent; or
    8. The transfer is made from a register that, under UK or EU law, is intended to provide information to the public and which is open for access by the public in general or otherwise to those who are able to show a legitimate interest in accessing the register.

    12. How to make a complaint

    We will always strive to collect, use and safeguard your personal information in line with data protection laws. If you believe we have not handled your information as set out in this Privacy Notice, or that we have processed your personal information in a manner that is not consistent with your rights, please contact us and we will do our utmost to make things right.

    PLEASE REFER TO SECTION 13 BELOW FOR CONTACT DETAILS

    If you are still unhappy, you can complain to the Information Commissioner’s Office. Their contact details are:

    Information Commissioner’s Office
    Wycliffe House
    Water Lane
    Wilmslow
    Cheshire
    SK9 5AF

    Tel: 0303 123 1113 (local rate) or 01625 545 745

    Website: www.ico.org.uk

    13. How to contact us

    If you need to contact us relating to any matter associated with this Privacy Notice, our contact details are listed below:

    Phone: Aston Lark Compliance Team, telephone number 01732 389 915

    Email: compliance@astonlark.com

    Post: Data Protection Compliance Officer – Aston Lark Limited, Ibex House, 42-47 Minories, London, EC3N 1DY

    Alternatively, if you are an existing client of Aston Lark, please feel free to contact your usual advisor directly.