Direct Healthline Limited are specialist Health Benefits Intermediaries offering products of more than one insurer and act on behalf of Private and Company Clients in arranging insurance cover. Our Services include identifying your insurance needs, outlining costs, arranging your insurance cover with insurers to meet your requirements and processing renewals. We provide on-going administrative and claims support. We are authorised and regulated by the Financial Conduct Authority (FCA) (Firm Reference No. 309495).
We are committed to protecting and respecting the privacy of Individuals. Under the General Data Protection Regulation (GDPR) we are required to provide information about what Personal Data we collect and hold and how we use it. This Policy sets out the basis on how we will process any Personal Data that is provided to us in the course of providing the above Services to our Clients.
The Purpose for Processing Personal Data
In order to be able to effectively provide the above Services and meet our obligations under FCA regulatory guidelines, we need to process the Personal Data of Individual Private Clients who make an enquiry about or are enrolled under an insurance policy. We also process the Personal Data of Individuals who are Employees of our Company Clients. This Privacy Notice applies to any Individual whose Personal Data we process in the course of providing our Services.
What is the Lawful Basis for Processing Personal Data
The Lawful Basis for processing any Personal Data received or collected by us is for our Legitimate Interest in:
Ensuring that the Services we provide are appropriate to our Client’s requirements
Providing advice on and setting up Health Benefits
Maintaining accurate transaction records
Managing our business in an efficient way
Complying with our legal and regulatory obligations
In order to provide our Services, Insurers and Benefit Providers will receive Individual Private Client and Company Employee Personal Data that has been collected by or provided to us. They will also act as independent Controllers and will be responsible for processing the data in accordance with the GDPR. They will have their own Privacy Notices and documentation setting out how and why they process this Personal Data.
What Personal Data Do We Collect
Personal Data is information that relates to an identifiable individual – either a Private Client or a Company Employee and any family members to be covered under a policy. We only collect and process Personal Data that is relevant to the provision of the Services that we offer. This may be provided to us verbally, by post or e-mail and by completing Application Forms. See Appendix 1 for a list of the Personal Data that we process in a way that is compatible with and relevant to the Lawful Basis outlined above.
How Will We Use this Personal Data
We will only use Personal Data to:
Conduct due diligence
Provide our Services (including providing quotations and arranging or renewing policies)
Perform administrative activities in connection with the provision of our Services
Notify Clients about changes to our Service
Monitor or prevent fraud
Exercise, defend or protect our legal rights or the rights of our Clients
Comply with legal, professional and contractual obligations
Co-operate with Regulatory bodies
Who We Share Personal Data With
We may disclose relevant Personal Data to third parties such as Insurers, Benefit Providers, Company Clients and Intermediary or Business Partners for the purposes of providing our Services and fulfilling our contractual or regulatory obligations. We will request consent to process certain information, such as claims or medical information, when it is necessary to do so.
We may also provide Personal Data to other relevant agencies for the purpose of preventing or investigating fraud.
If Direct Healthline Limited or substantially all of its assets are acquired by a third party, Personal Data held about our Clients will be one of the transferred assets.
How We Protect Personal Data
We have implemented appropriate technical and organisational measures to protect the Relevant Personal Data in our possession against unauthorised or unlawful processing and against accidental loss, misuse, unauthorised access, destruction, damage, alteration or disclosure in accordance with Data Protection Regulations. We evaluate these measures on a regular basis to ensure the security of the processing.
Access to Personal Data and Correction
We want to make sure that your personal information is accurate and up to date. We collect relevant Personal Data when you register with us, when you contact us with any change in circumstances and again at a policy renewal. You have the right to request the information that we hold about you. If you would like a copy of this, please email or write to us at the below address. You can ask us to correct or remove information you think is inaccurate. If you fail to provide relevant information to us, or request that any Personal Data we already hold is erased or restricted, this may affect the Services that we provide and our ability to manage them.
Data Retention Periods
The Right to Complain
We are committed to working to resolve any complaint or concern about privacy. If you feel that we have not been able to assist with this, you have the right to make a complaint to the Information Commissioner’s Office at www.ico.org.uk/concerns
How to Contact Us
T. 00 44 (0) 1666 860086