Arachas Corporate Brokers
Data Protection Privacy Statement/Notice
This Privacy Statement explains the information processing practices of Arachas Corporate Brokers Limited t/a Arachas, Capital IM, Capital Insurance Markets, Covercentre and its subsidiaries/related companies Arachas, Capital IM, Capital Insurance Markets, Covercentre (collectively, “Arachas”, “we”, “our” or “us”) in relation to the information we collect about you. The Arachas company which was originally responsible for collecting information about you will be principally responsible for your personal data (“controller”). If you have received a notification from Arachas Corporate Brokers Ltd of a transfer of trades to it, Arachas Corporate Brokers Ltd is the controller of your personal data. All Arachas companies are subject to this privacy statement.
This Privacy Statement does not apply to any third-party sites (not part of Arachas group companies) linked to from this website.
Should you wish to be provided with a hard copy of this Privacy Statement please contact us at firstname.lastname@example.org
The Data Controller is Arachas Corporate Brokers Limited, trading as Arachas, Capital IM, Capital Insurance Markets, Covercentre of The Courtyard, Carmanhall Road, Sandyford Business Estate, Dublin 18. Email: email@example.com.
Our Data Protection Officer is Bridget Anne Walsh and can be contactable by email at: firstname.lastname@example.org “Data Controller” and “Personal Data” have the meaning given in the General Data Protection Regulations 2018.
Arachas are committed to protecting and respecting your privacy. We wish to be transparent on how we process your data and show you that we are accountable with the GDPR (General Data Protection Regulation) in relation to not only processing your data but to ensure you understand your rights as a customer of ours.
- What information we process.
Information you provide to us:
- By requesting our services, you may give us information about you when you use our website www.arachas.ie or by corresponding with us by phone, email or otherwise. For example, you provide information when you search for a product, request a quotation on our website, submit a query or when you participate in other interactive functions such as entering competitions, availing of promotions, participating in surveys or reporting a problem with our website.
- The types of information you give to Arachas may include name, date of birth, marital status, home address, contact address, email address, phone number, dependants, health, employment details, payment details, financial details or photo ID. We may also collect sensitive health information and details of motoring /criminal convictions.
- When you provide personal information to us we will only use this information for the purposes described at point of collection such as for providing an insurance quote, arranging a policy or applying for career options.
- Special Category Data – If it is deemed necessary to collect any special categories of personal data, such as health details or sensitive information relating to criminal convictions, we will ensure we will only process what is necessary and proportionate for the purposes of providing an insurance service. Special Category data includes: racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, health data, data concerning a natural person’s sex life or sexual orientation and genetic/biometric data processed to uniquely identify a natural person.
Information we receive from third parties and other sources:
- We may receive information about you from other parties e.g. websites we operate or other services we provide. We also work closely and may receive information about you from third parties including but not limited to business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies.
- We receive technical information when you visit our websites and through email exchange. This could include your IP (Internet Protocol) address used to connect your computer to the internet, login information, browser type and version, time zone setting.
- By interacting with our websites through social media sites, browser plug-in types and versions or other applications we may receive statistical data about your browsing actions and patterns. We do not use this data to identify any individual, except if required by law. We use this information to better understand how our website is being used so that we can improve its performance.
- How we use the personal information we gather
We use information you give to us and information we receive about you from other sources in the following ways:
- Providing professional services for our clients
- Generate quotations and process applications and proposals for the products and services we offer
- Arrange insurance policies on your behalf
- Carry out our obligations arising from any contracts entered into between you and us and to provide you with the information, products and services that you request from us
- Administer the products and services that we supply to you
- Process claims
- To contact you if required or to respond to any communications that you might send to us
- Arachas may contact customers by phone who avail of our digital platform quotations to offer sales support
- To notify you about changes to our service
- To administer our site including data analysis, testing, research, statistical and survey purposes, including profiling
- Automated decision making
- To allow you to participate in interactive features of our service, when you choose to do so
- To keep our site safe and secure
- Sharing information with third parties
We may make your information available to third parties with whom we have a relationship to provide services on our behalf. We will only provide to those third parties the information that is necessary for them to perform the services and we take measures to protect your information.
The selected third parties that we may share your information with may include:
- Any insurer that is a party to an Arachas product that you have applied for or contracted for
- Any co-insurers for which we act as brokers
- Credit referencing agencies to assess your credit score where this is a condition of us entering into a contract with you and/or to other insurers through various databases to help us check information provided and also to prevent fraudulent claims
- Any prospective seller or buyer of any business or assets related to the site, an Arachas product or all or part of Arachas
- Any business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
- Selected third parties to provide you with information about goods and services that may interest you. You may opt out of receiving such offers or change your preferences at any time.
- Outsourced providers (regulated and unregulated)
We have a duty to disclose or share your personal information with a third party in order to comply with any legal obligation, or in order to enforce or apply our terms of business and other agreements, or to protect the rights, property or safety of our group of companies, Arachas insurers related to an Arachas product or others. This includes exchanging information with third parties such as Government agencies for the purposes of fraud protection, anti-money laundering, credit risk reduction or criminal activity.
If you hold insurance against a liability that may be incurred by you against a third party, where for whatever reason you cannot be found or you become insolvent, or the court finds it just and equitable to so order, then your rights under the contract will be transferred to and vest in the third party even though they are not a party to the contract of insurance. The third party has a right to recover from the insurer the amount of any loss suffered by them. Where the third party reasonably believes that you as policyholder have incurred a liability the third party will be entitled to seek and obtain information from the insurer or from any other person who is able to provide it concerning:
- the existence of the insurance contract,
- who the insurer is,
- the terms of the contract, and
- whether the insurer has informed the insured person that the insurer intends to refuse liability under the contract
We process information you give to us and information we receive about you from other sources. Note that we do not disclose personal information about you to third parties (including advertisers and marketing companies) unless you have consented to that disclosure. However, we may provide them with aggregate anonymised information about users of our site or customers of our products, for example, we may use categories such as men/women under 25, demographic breakdown of site users or the activities that users engage in when visiting our websites:
- To provide you with information about other goods and services that we offer which are similar to those that you have already purchased or enquired about
- For occasional market research and statistical purposes. You may ‘opt out’ of participating in such market research at any time.
- To provide, or permit selected third parties to provide you with information about goods and services that may interest you. If you do not wish us to use your information in this way, or to pass your details on to third parties for marketing purposes please tick the relevant box on the form on which we collect your information
- To send you offers, with your consent, for products which we feel are relevant to your needs
- To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you.
- Data Analytics
Part of our ongoing business strategy involves choosing the best products for our customers’ needs.
We may use analytics and search engine providers that assist us in the improvement and optimisation of our site. This is to ensure that content from our site is presented in the most effective manner for you and your computer.
- Automated Decision Making
- Prior to arranging an insurance product or service we may use automated (computer based) decision making. For example, before we can arrange an insurance product or service for you we must obtain a quotation from an Insurer’s Rating Engine which will carry out a real-time automated assessment to determine the insurance risks based on the information that you have supplied. This will be used to determine if the Insurer can provide you with a policy and to calculate the premium you will have to pay to arrange cover with them. The results of the automated decision making may limit the products or services that Arachas can provide to you. If you do not agree with the result or if you have any concerns you have the right to request to speak to a staff member to seek clarification.
- Legal Basis
In order to provide you with services such as: providing quotations, arranging policies, managing and administration of policies, claims handling or sharing personal details with insurers, other agents or any professional body such as medical or legal practitioners it is necessary for us to collect and process your personal data. We are required, therefore, to inform you of the legal bases for processing your personal data.
- One such legal basis is that processing is necessary for the performance of the advisory services contract (and any other contract) that we commit to in offering you our services, processing your requirements and fulfilling our obligations of the contract with you
- Another legal basis is that some processing is necessary for the purposes of the legitimate interest that we have, as a firm that is authorised and regulated by the Central Bank of Ireland, in the proper administration and correct operation of our firm. Arachas have a legitimate interest in effectively managing our business and our customers. We may process certain personal data for the following purposes: managing risk, seeking legal advice, auditing, prevention and detection of fraud, market research, direct marketing. Where we rely on this legal basis to collect and use your personal information we shall take appropriate steps to ensure the processing does not infringe your fundamental rights and freedoms.
- Compliance with legal and regulatory requirements of our regulator and other regulatory bodies.
- There may also be circumstances where the legal basis for processing your personal data is consent (where we have sought it and it has been provided to us), in which case that consent may be withdrawn at any time.
- Arachas may disclose information it has collected about you on our websites if required to do so by law or when necessary to protect the rights of Arachas or its employees.
In any event, Arachas are committed to ensuring that the information we collect and use is appropriate for this purpose, and does not constitute an invasion of your privacy.
Consequences of not providing information under Contract or Statutory Requirement
If we are collecting your data for a statutory requirement or to fulfil a contract of insurance and you cannot provide this data, the consequences of this could mean the contract cannot be completed.
- Your rights regarding your personal data
Arachas facilitate your, our customers, rights in line with our data protection policy and the subject access request procedure which is available on request.
At any point while we are in possession of, or processing your personal data, you, the data subject, have the following rights:
- Right of access-you have the right to request a copy of the information that we hold about you
- Right of rectification-you have a right to correction of data that we hold about you that is inaccurate or incomplete
- Right to be forgotten-in certain circumstances you can ask for the data we hold about you to be erased from our records
- Right to restriction of processing-where certain conditions apply to have a right to restrict the processing
- Right of portability-you have the right to have the data we hold about you transferred to another organisation
- Right to object-you have the right to object to certain types of processing such as direct marketing
- Right to object to automated processing, including profiling-you have the right to request a manual review
- Right to judicial review-in the event that Arachas refuses your request under rights of access, we will provide you with a reason as to why
All of the above requests will be forwarded on should there be a third party involved as we have indicated in the processing of your personal data.
- Additional Information
- Retention of your personal data
Data will not be held for longer than is necessary for the purpose(s) for which it was obtained. Arachas will process personal data in accordance with our retention schedule.
b. Data Security
Arachas’ intent is to strictly protect the security of your personal information, to honour your choice for its intended use and to carefully protect your data from loss, misuse, unauthorised access or disclosure, alteration or destruction. We have taken appropriate steps to safeguard and secure information that we collect online or from you personally, including the use of encryption when collecting or transferring sensitive data. However, you should always take into consideration that the internet is an open forum and that data may flow across networks with little or no security measures, and therefore such information may be accessed by other users other than those you intended to access it.
- We may pass your personal data on to third-party service providers contracted to Arachas in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide on your behalf. When they no longer need your data to fulfil this service, they will dispose of the details in line with Arachas procedures.
- The data protection and other laws of these countries may not be as comprehensive as those in Ireland or the EU, but in these instances, we will take steps to ensure that your privacy rights are respected and you agree that we may transfer your personal data on that basis.
- If we transfer personal data to a third party or outside the EU we, as the data controller, will ensure the recipient (processor or another controller) has provided the appropriate safeguards and on condition that enforceable data subject rights and effective legal remedies for you, the data subject, are available.
- All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. All of our staff are provided with training to ensure that your information will be used only in adherence with our privacy statement and the data protection laws applicable. Employees who misuse customer information are subject to disciplinary action
- Data saved on our digital platform will be saved on our existing back office software systems. Our legal basis for processing remains the same.
- Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
- Business Relationships
Our website may contain links to other websites. Arachas is not responsible for the privacy practices or the content of such websites.
- How to update/amend the personal information you have provided
You are entitled to know whether we hold information about you and, if we do (subject to certain limitations), to have access to that information and have it corrected if it is inaccurate or out of date.
To exercise your rights under the GDPR please contact the Data Protection team at Arachas Corporate Brokers Limited, The Courtyard, Carmanhall Road, Sandyford Industrial Estate, Dublin 18 with proof of identity or email us at email@example.com
You must contact us if any of your details change so that we can keep your information accurate and up to date.
- How to lodge a complaint
In the event that you wish to make a complaint about how your personal data is being processed by Arachas or how your complaint has been handled you have the right to lodge a complaint with the Data Protection Officer whose contact details are firstname.lastname@example.org
You may also lodge a complaint with the Data Protection Commission in Ireland who can be contacted at Data Protection Commission, 21 Fitzwilliam square South, Dublin 2, D02 RD28 or Canal House, Station Road, Portarlington, Co. Laois R32 AP23
Phone +353 57 868 4800 / +353 761 104 800
- Contacting us
Your privacy is important to us. If you have any comments or questions regarding our privacy notice, please contact us at +35312135000 or email email@example.com.
- 10. Changes to our Data Protection Notice
Arachas may modify or update this privacy notice from time to time without prior notice. When a change is made we will post a revised version online. Changes will be effective from the point at which they are posted. It is your responsibility to review this privacy notice periodically so that you are aware of any changes. We encourage you to check this notice often so that you can continue to be aware of how we are protecting your personal information. Your continued use of our website constitutes your consent to the contents of this privacy notice.
This privacy notice was last reviewed in May 2021