Privacy Policy
This Privacy Policy sets out how Henderson Claims Ltd t/a ‘Hendersons’, collects, uses and protects your information when you use this website or our services, in accordance with the Data Protection Act 2018 and the General Data Protection Regulation 2016 (GDPR).
Hendersons is the controller and is responsible for your personal data. We are committed to ensuring that your privacy is protected. By using our website, you may be providing us with some of your personal information and we want to make sure that we do not use your data in a way that you would not expect. Hendersons assures you that your personal information will only be used in accordance with this privacy statement and in compliance with the latest privacy regulations.
Hendersons may change this policy in future by updating this page. You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from January 2021.
Personal Information We Collect
Personal information is any information about an individual from which that person can be identified. It does not include data which has been anonymised.
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:We may collect, use, store and transfer different kinds of personal data about you which we have grouped together as follows:
- Contact information: Name, current and previous addresses (including postal, email and IP addresses) and telephone numbers.
- Identity Data includes first name, maiden name, last name, username or similar identifier, marital status, title, date of birth and gender.
- Financial Data: includes (but not limited to) previous lenders, financial institutions and financial advisors used by you and the financial products, services and/or advice taken.
- Usage Data includes information about how you use our website, products and services.
- Marketing and Communications Data includes your preferences in receiving marketing from us and our third parties and your communication preferences.
- Special Category Data: We will only process special category data where you have provided this to us and given your explicit consent to store it or we have a legal/regulatory obligation to. This includes race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health and genetic and biometric data.
This list may not include all the information we require when providing our service/s. The information we ask you for will relate to your specific enquiry and will only consist of the information we need to carry out our service. If you contact us other than via our website, we may keep a record of that correspondence and a copy of call recordings.
We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose. Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website feature. However, if we combine or connect Aggregated Data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this privacy policy.
If you fail to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with goods or services). In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
Method of Data Collection
- Direct interactions: By you filling in forms on our website or social media or by corresponding with us by post, phone, email or otherwise.
- Third parties or public sources: We may receive information about you from various reputable third-party lead providers, from regulators or from publicly available data. We will always inform you where we have obtained your information from if requested by you.
Cookies
A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. As you interact with our website, we may automatically collect Technical Data and Usage Data about your equipment, browsing actions and patterns. We collect this personal data by using Third-Party cookies, specifically Google Analytics. You can view Google’s privacy policy here: www.google.com/policies/privacy.
Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. You will be asked to provide your consent for us to use cookies upon every visit to our website.
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. Also, to opt out of being tracked via Google Analytics, you can use Google’s opt-out browser add-on: https://tools.google.com/dlpage/gaoptout
If you disable or refuse cookies, please note that some parts of this website may become inaccessible or not function properly.
The basis on which we process your information
The legal grounds for processing your personal information depend upon the nature of our relationship with you and the context of processing and are as follows:
- Processing is necessary for the performance of a contract with you, or to take steps prior to entering into a contract with you.
- Processing is necessary for the purposes of your legitimate interests or our legitimate interests, where your fundamental rights and interests do not override those interests. In order to determine this we shall undertake a Legitimate Interests Assessment, which we keep a record of and review on an annual basis or, at any point where it is deemed necessary to review and/or update it.
- Processing is necessary for compliance with mandatory legal or regulatory obligations to which we are subject to.
- Processing is undertaken after you have given us your express consent.
What we use your personal information for
| We collect/store or use your information to… | Legal basis |
|---|---|
| provide the service you have requested | Contract |
| send to our third-party service provider partners | Consent, Legitimate Interest, Contract |
| send you information regarding our products and services | Legitimate Interests & Consent |
| provide annual statistics and information to our regulator | Legal Obligation |
| resolve complaints against us | Legitimate Interest & Legal Obligation |
| gather feedback to enable us to improve our products and services | Legitimate Interest & Consent |
| verify your identity where we receive requests to access or change the information we hold about you | Legal Obligation |
| maintain our accounts and records | Legal Obligation |
| research and analyse trends to better understand how users are using the services in order to improve them | Legitimate Interests |
| inform you about changes in our services, Privacy Policy and important service related notices, such as security and fraud issues | Legal Obligation |
Marketing
You are provided with choices regarding marketing and we record your preferences in relation to this and how we communicate with you.
We may rely on consent when we use your personal information for direct marketing. This will be where you have specifically consented to us or a third party that you are happy to receive marketing contact from us.
We may also rely on legitimate interests for our direct marketing. Our legitimate interests are to inform individuals about products or services which may be of interest to them and our commercial interests in operating our business, which includes acquiring new customers, providing additional services to existing or previous customers and, expanding our operations.
You may also receive marketing communications from us if you have previously purchased similar goods or services from us and, in each case, you have not opted-out of receiving that marketing. This is known as a ‘soft opt-in’.
Such marketing communications may be in relation to claims management, financial advice/services and legal services which could be done by post, email, SMS or telephone.
To opt out of receiving future marketing from us under a soft opt-in or under legitimate interest, please opt-out using the details in the ‘General’ section of this Privacy Policy.
If you require any further information about the lawful basis we have relied on to send direct marketing to you, please also contact us using the details in the ‘General’ section.
How long do we keep your personal information
We retain your information for as long as is necessary for the purpose for which it was originally obtained. We also have some legal and regulatory obligations to hold certain pieces of information for specific timeframes for example, we are required to keep a copy of telephone call recordings for a period of 12 months after our last contact with you.
Where we have provided a service to you, we will hold all information relevant to this for 6 years to enable us to address any claims/complaints made about our service. Information relating to any complaints will be held for a further 3 years.
We also need to keep some of your information for our accounting and reporting requirements.
Your contact details will be held for the purposes of direct marketing for 2 years, this is to enable us to let you know about new products or services that may be of interest to you as detailed above.
Your Rights
You provide us with details of what we ‘can do’ with your data and you have the right to opt-in and importantly to opt-out, which you can do by using the contact details below. You have the following rights:
- To know that your data is being processed
- To access your personal data free of charge
- To have your information corrected if inaccurate (Including ensuring any third party puts right any inaccuracy)
- To request that your data be erased
- To restrict processing
- To request transfer of your data
- To object to processing; and
- To rights relating to automated decision making
Where you send us a request to access your data, this will usually be free of change and sent to you within one month (unless your request is complex). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
We may need to request specific information from you to help us confirm your identity before we are able to process your request.
Security
Hendersons recognise the personal nature of the information we collect, process and store. As we are committed to ensuring that your information is secure we have put in place suitable physical, electronic and managerial procedures to prevent loss, unauthorised access, misuse or disclosure and to make sure that your information is safe and secure. If password access is required for certain parts of our website/application, you are responsible for keeping this password confidential.
Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which may be collected or you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
Disclosure / transfer of data
Hendersons may share or disclose personal information in the following situations:
- External third party service providers: We may use external printers, accountants, admin companies, call centres, compliance consultants and legal service providers (such as solicitors firms and barrister chambers) who may process your data on our behalf. Any external processors are subject to a data processing agreement to ensure the safety and protection of your data. None of our processors are allowed to use your data for any other purposes than instructed by us.
- If we merge with or acquire a business, the business is restructured, or if our assets are acquired by a third party, any personal data held by Hendersons may be transferred, in which case you will be contacted by us to notify you of the transfer.
- If we are under a duty to disclose or share your personal data to comply with any legal or regulatory obligation.
- To enforce or apply our terms of business and other agreements.
- To protect the rights, property, or safety of our company, other customers and others. This includes exchanging information with organisations for the purposes of fraud protection and credit risk reduction.
Where possible in some circumstances as described above, we may be able to minimise your personal data so that you are not identifiable as the data subject.
General and ‘opt out’ details
You may not transfer any of your rights under this Privacy Policy to any other person. We may transfer our rights under this Privacy Policy where we reasonably believe your rights will not be affected.
If any court or competent authority finds that any provision of this Privacy Policy (or part of any provision) is invalid, illegal or unenforceable, that provision or part-provision will, to the extent required, be deemed to be deleted, and the validity and enforceability of the other provisions of this Privacy Policy will not be affected. Unless otherwise agreed, no delay, act or omission by a party in exercising any right or remedy will be deemed a waiver of that, or any other, right or remedy.
If you have any queries relating to our Privacy Policy or the personal data we hold about you, or you wish to invoke any of your legal rights, including opting out of receiving our marketing, you can contact us by:
Email: contact@trusthendersons.co.uk
Telephone: 0161 359 7140
Write to us at: Henderson Claims Ltd t/a Hendersons, Unit 2, Longstone Rd, Manchester, M22 5LB
Complaints
You have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues at www.ico.org.uk.
We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance using the contact details set out above.