DATA PROTECTION STATEMENT
ESSENTIAL THINGS YOU NEED TO KNOW
COVID CLAIMS is a trading style of MFN Claims Limited registered in England and Wales under registered number 10865060 and regulated by the Financial Conduct Authority in respect of regulated claims management activities, authorisation number FRN 837972.
- In order to process your claim or enquiry we need to ask you for personal information
- We will only ever collect the minimum amount of information possible
- We may need to share your information with third parties, such as our Forensic Accountant, Your Insurance Company and Broker, Financial Ombudsman Service and our Regulator (FCA).
- All phone calls to and from the office are recorded and are stored for, at least, 12 months
- We shall keep your information safe and secure at all times
- We will only keep your information for as long as we need to fulfil our legal obligations then securely destroy it
- You have a number of rights including the right to access your information and object to processing
- You can read full details of how we use your information and your rights on our Privacy Notice on our website http://www.covidclaims.uk.com/privacy-policy/
WHY SHOULD YOU READ THIS DOCUMENT?
COVID CLAIMS (MFN Claims Limited) is registered as a Data Controller under the Data Protection Act 2018 with the Information Commissioner’s Office under registration number ZA496740. We process your data in accordance with the General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA).
During the course of your dealings with us, we will ask you to provide us with detailed business, and personal, information relating to your existing circumstances, your financial situation and, in some cases, your health and family health history (Your Personal Data). This document is important as it allows us to explain to you what we will need to do with Your Personal Data, and the various rights you have in relation to Your Personal Data.
WHAT DO WE MEAN BY “YOUR PERSONAL DATA”?
Your Personal Data means any information that describes or relates to your personal circumstances. Your Personal Data may identify you directly, for example your name, address, date or birth, National Insurance number. Your Personal Data may also identify you indirectly, for example, your employment situation, your physical and mental health history, or any other information that could be associated with your cultural or social identity including an opinion about you.
In the context of providing you with assistance in relation to your COVID related business interruption claim your Personal Data may include:
- Title, names, date of birth, gender, nationality, civil/marital status, contact details, addresses and documents that are necessary to verify your identity
- Employment and remuneration information, (including salary/bonus schemes/overtime/sick pay/other benefits), employment history
- Bank account details, loans and credit commitments, personal credit history, sources of income and expenditure, family circumstances and details of dependents
- Health status and history, details of treatment and prognosis, medical reports (further details are provided below specifically with regard to the processing we may undertake in relation to this type of information)
- Any pre-existing pension products and the terms and conditions relating to these
- You may also be identified from other information such as your photograph and voice and this is also considered personal information.
THE BASIS UPON WHICH OUR FIRM WILL DEAL WITH YOUR PERSONAL DATA
When we speak with you about your COVID related business interruption claim we do so on the basis that both parties are entering a contract for the supply of services. Where you supply sensitive data to us, for example, about your finances, we initially rely on your explicit consent to record this.
When the contract between us, for whatever reason, comes to an end, we shall retain the information collected from you in order to comply with our legal obligations and in case of a query or complaint (to defend a legal claim). At some point in the future, we may also use data supplied to us for research purposes, however, the information will always be anonymised.
On occasion, we will use your personal data to comply with the legal obligations we owe our regulator, the Financial Conduct Authority, or for wider compliance with any legal or regulatory obligation to which we might be subject. As the provision of personal data is a contractual requirement in order for us to provide our services failure to provide all relevant personal data will prohibit our ability to provide our services and assist you in your claim.
PROCESSING YOUR SENSITIVE (SPECIAL CATEGORY) DATA
Where you ask us to assist you with a claim, we may ask you information about your financial history. We will record and use this Special Data only in order to support our claim in relation to a COVID related business interruption claim.
If you have parental responsibility for children under the age of 13, and that information is relevant to your claim, it is also very likely that we will record information on our systems that relates to those children and potentially, to their Special Data. Your consent will therefore include parental consent on behalf of children under the age of 13. Where you have responsibility for children over the age of 13 and that information is relevant to your claim we will require that they sign a separate data protection statement.
We will use special Data in the same way as Your Personal Data generally, as set out in this Data Protection Statement.
HOW DO WE COLLECT YOUR PERSONAL DATA?
We will collect and record Your Personal Data from a variety of sources, but mainly directly from you. You will usually provide information during the course of our initial meetings or conversations with you to establish your circumstances and needs and preferences in relation to a COVID related business interruption claim. You will provide information to us verbally and in writing, including email. All phone calls to and from the office are recorded.
WHAT HAPPENS TO YOUR PERSONAL DATA WHEN IT IS DISCLOSED TO US?
In the course of handling Your Personal Data, we will:
- Record and store Your Personal Data in our paper files and on our computer systems (websites, email, hard drives, and cloud facilities). This information can only be accessed by employees and consultants within our Firm and only when it is necessary to provide our service to you and to perform any administration tasks associated with or incidental to that service
- Submit Your Personal Data to various third parties (see next section for details) both in paper form and on-line via a secure portal. The provision of this information to a third party is essential in allowing us to progress any enquiry or claim made on your behalf and to deal with any additional questions or administrative issues that may
- Use Your Personal Data for the purposes of responding to any queries you may have in relation to any COVID related business interruption claim, or to inform you of any developments in relation to a COVID related business interruption claim of which we might become aware
SHARING YOUR PERSONAL DATA
From time to time Your Personal Data will be shared with:
- Forensic Accountant, Your Insurance Company and Broker, Financial Ombudsman Service and our Regulator (FCA).
- Third parties who we believe will be able to assist us with your enquiry or claim, or who are able to support your needs as identified. These third parties will include but may not be limited to, our Compliance Advisers and providers of legal services such as solicitors (in each case where we believe this to be required due to your particular circumstances).
In each case, your Personal Data will only be shared for the purposes set out in this customer privacy notice, i.e. to progress your COVID related business interruption claim enquiry and to provide you with our professional services.
Please note that this sharing of Your Personal Data does not entitle such third parties to send you marketing or promotional messages: it is shared to ensure we can adequately fulfil our responsibilities to you, and as otherwise set out in this Customer Privacy Notice.
We do not envisage that the performance by us of our service will involve your Personal Data being transferred outside of the European Economic Area.
SECURITY AND RETENTION OF YOUR PERSONAL DATA
Your privacy is important to us and we will keep Your Personal Data secure in accordance with our legal responsibilities. We will take reasonable steps to safeguard Your Personal Data against it being accessed unlawfully or maliciously by a third party or accidently lost or damaged.
We also expect you to take reasonable steps to safeguard your own privacy when transferring information to us, such as not sending confidential information over unprotected email, ensuring email attachments are password protected or encrypted and only using secure methods of postage when original documentation is being sent to us.
Your Personal Data will normally be retained by us either electronically or in paper format for a maximum of 7 years. However, where we have legal right, a legal obligation or where the possibility of a claim exists we shall retain your information for a longer period, or even indefinitely, at all times keeping it secure.
YOUR RIGHTS IN RELATION TO YOUR PERSONAL DATA
You have a number of rights in connection to your personal data, some of which are absolute rights, for example, if you ask us to stop sending you marketing materials. In other cases there may be reasons why we cannot fully comply with your request, for example if you ask us to erase your information.
In broad terms, you can:
- request copies of Your Personal Data that is under our control
- ask us to further explain how we use Your Personal Data
- ask us to correct, delete or require us to restrict or stop using Your Personal Data
- (details as to the extent to which we can do this will be provided at the time of any such request)
- ask us to send an electronic copy of Your Personal Data to another organisation should you wish
- change the basis of any consent you may have provided to enable us to market to you in the future (including withdrawing any consent in its entirety)
- make a compliant to the Information Commissioner, and if we misuse your information make a request for compensation, although this is only enforceable through the courts
HOW TO MAKE CONTACT WITH OUR FIRM IN RELATION TO THE USE OF PERSONAL DATA
If you have any questions or comments about this document, or wish to make contact in order to exercise any of your rights set out within it please contact:
Southgate Centre Two, 321 Wilmslow Road, Heald Green, Cheadle, SK8 3PW
If a lawful reason exists allowing us to not comply with your request, or to action it in different way, we will inform you of this at the time.
You should also make contact with us as soon as possible on you becoming aware of any unauthorised disclosure of Your Personal Data, so that we may investigate and fulfil our own regulatory obligations.
If you have any concerns or complaints as to how we have handled Your Personal Data you may lodge a complaint with the UK’s data protection regulator, the ICO, who can be contacted through their website at https://ico.org.uk/global/contact-us/ or by writing to Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
Get In Touch
Please send us a message and one of our team will respond within 48 hours.