Tysers Ireland Ltd T/a Tysers Underwriting is committed to protecting and respecting your privacy. We wish to be transparent on how we process your data and show you that we are accountable with the GDPR in relation to not only processing your data but ensuring you understand your rights as a client.
It is the intention of this privacy statement to explain to you the information practices of Tysers Underwriting in relation to the information we collect about you.
For the purposes of the GDPR the data controller is:
- Tysers Underwriting
- Contact details of Tysers Underwriting is Castle House, Main Street, Rathfarnham, D14 XBH4, Dublin 14
- When we refer to ‘we’ it is Tysers Underwriting
Please read this Statement carefully as this sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.
2. Who we are?
Tysers Underwriting was established in 2006 and we are a Managing General Agent (MGA) who underwrite risks on behalf of Insurance Companies/Product Providers. As an MGA, Tysers Underwriting transacts only with other Insurance brokers and is non-client facing.
3. Purpose for processing your data
We collect Personal Data and, where necessary and in accordance with legal requirements and in order to distribute, arrange and administer insurance products on your behalf and on behalf of our Product Providers, to transact business, validate and settle any claims.
Where appropriate, we will use this information in the following way:
- To undertake a risk assessment and evaluation in line with underwriting protocols, determine the premium requirement and/or provide a quotation, to comply with our legal obligations and/or to bind cover on behalf of our Product Providers;
- To arrange Insurance for you as required
- To provide advice in relation to insurance products
- To set you up as a policyholder or record you as a party entitled to indemnity under the policy;
- To communicate with you as required;
- To administer and renew your policy;
- To communicate with you, your broker, advisor or any third party acting on your behalf;
- As part of our efforts to keep our websites safe and secure which is necessary for compliance with our legal obligations and for our legitimate business interest;
- For training and security purposes which is necessary for compliance with our legal obligations and for our legitimate business interest;
- To process your premium and other payments;
- For claims management including investigating, assessing, processing, undertaking dispute resolution, settling claims and bringing and/or defending legal proceedings;
- To make suggestions and recommendations to you and other users of our website about services that may interest you. This is necessary for our legitimate business interests and may be based on your consent where you have chosen to give it;
- To deliver information about insurance products and services to you or to enter you in promotional competitions, where you have subscribed to same and in accordance with your preferences and based on your consent where you have chosen to give it;
- To prevent, detect and investigate insurance fraud, as well as other offences including money laundering, and to assist An Garda Síochána (or other law enforcement agencies) or any other authorised investigatory body or authority with any inquiries or investigations;
- For staff training and quality assurance purposes;
- To manage and investigate complaints;
- To establish and defend legal rights, to protect our operations or those of our Group companies, Product Providers or business partners;
- To comply with regulatory requirements;
- For reinsurance purposes;
- To check against international/economic or financial sanctions laws or regulated listings to comply with legal obligations or otherwise to protect our legitimate business interests and/or the legitimate interests of our Product Provider and others.
4. Why we are processing your data? Our legal basis.
In order to provide you with our Insurance services it is necessary for us to collect and process your personal data. We are required, therefore, to inform you of the legal bases for processing your personal data. One such legal basis is that the processing is necessary for the performance of the advisory services contract (and any other contract) that we commit to delivering to you from time to time. Another legal basis is that some processing is necessary for the purposes of the legitimate interest that we have, as a firm that is authorised and regulated by the Central Bank of Ireland, in the proper administration and correct operation of our firm. There may also be circumstances where the legal basis for processing your personal data is consent (where we have sought it and it has been provided to us), in which case that consent may be withdrawn at any time.
In any event, Tysers Underwriting are committed to ensuring that the information we collect and use is appropriate for this purpose and does not constitute an invasion of your privacy.
5. How will Tysers Underwriting use the personal data it collects about me?
Tysers Underwriting will process (collect, store and use) the information you provide in a manner compatible with the EU’s General Data Protection Regulation (GDPR).
We will endeavour to keep your information accurate and up to date, and not keep it for longer than is necessary.
6. Special Categories of personal data
If we collect any special categories of personal data (e.g. health, religious beliefs, racial, ethnic origin – financial information is not classified as special categories of personal data) – we will ensure the below
- we will obtain your explicit consent
7. Who are we sharing your data with?
We may make your information available to third parties with whom we have a relationship to provide services on our behalf. We will only provide to those third parties the information that is necessary for them to perform the services and we take measures to protect your information. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide on your behalf. When they no longer need your data to fulfil this service, they will dispose of the details in line with Tysers Underwriting procedures.
If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your explicit consent, unless we are legally required to do otherwise.
We have a duty to disclose or share your personal information with a third party in order to comply with any legal obligation, or in order to enforce or apply our terms of business and other agreements, or to protect the rights, property or safety of our group of companies, Tysers Underwriting insurers related to a Tysers Underwriting product or others. This includes exchanging information with third parties such as Government agencies for the purposes of fraud protection, anti-money laundering, credit risk reduction or criminal activity.
If you hold insurance against a liability that may be incurred by you against a third party, where for whatever reason you cannot be found or you become insolvent, or the court finds it just and equitable to so order, then your rights under the contract will be transferred to and vest in the third party even though they are not a party to the contract of insurance. The third party has a right to recover from the insurer the amount of any loss suffered by them. Where the third party reasonably believes that you as policyholder have incurred a liability the third party will be entitled to seek and obtain information from the insurer or from any other person who is able to provide it concerning:
- the existence of the insurance contract,
- who the insurer is,
- the terms of the contract, and
- whether the insurer has informed the insured person that the insurer intends to refuse liability under the contract
The data protection and other laws of these countries may not be as comprehensive as those in Ireland or the EU, but in these instances, we will take steps to ensure that your privacy rights are respected and you agree that we may transfer your personal data on that basis.
If we transfer personal data to a third party or outside the EU we, as the data controller, will ensure the recipient (processor or another controller) has provided the appropriate safeguards and on condition that enforceable data subject rights and effective legal remedies for you, the data subject, are available.
8. Data Subjects Rights:
Tysers Underwriting facilitate you, our clients, rights in line with our data protection policy and the subject access request procedure. This is available on request.
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling
- Right to judicial review: in the event that Organisation Name refuses your request under rights of access, we will provide you with a reason as to why.
All of the above requests will be forwarded on should there be a third party involved as we have indicated in the processing of your personal data.
9. Automated decisions
You have the right to obtain human intervention for any of our automated decisions – detailed below. If you object to an automated decision, we may not be able to offer you an insurance quotation or renewal.
10. Additional information we are providing you with to ensure we are transparent and fair with our processing
10.1 Retention of your personal data
Data will not be held for longer than is necessary for the purpose(s) for which they were obtained. Tysers Underwriting will process personal data in accordance with our retention schedule. This retention schedule has been governed by our regulatory body (Central Bank of Ireland) and our internal governance.
In the event that you wish to make a complaint about how your personal data is being processed by Tysers Underwriting or how your complaint has been handled, please contact Tysers Underwriting’s GDPR Owner by emailing email@example.com
You may also lodge a complaint with the Data Protection Commission in Ireland, whose details are:
Data Protection Commission
Co. Laois, R32 AP23
Phone: + 353 57 868 4800 / + 353 761 104 800
Fax: + 353 57 868 4757
10.3. Failure to provide further information
If we are collecting your data for a contract and you cannot provide this data the consequences of this could mean the contract cannot be completed or details are incorrect.
10.4 Automated Decision Making and Profiling
Automated decision-making takes place when an electronic system uses Personal Data to make a decision without human intervention.
We may use automated decision making, including profiling, in the following situations:
We use the information provided by you and obtained from third party sources about you, including your claims history, occupation and other factors relating to the risk proposed such as your address to undertake a risk assessment and to determine the appropriate premium on behalf of our Product Providers.
During the underwriting process we may send some of your Personal Data to third party contractors in order to validate and obtain additional information relevant to the risk being proposed. We may also send your address details to a third-party contractor to determine information about the area in which you live in order to assess any environmental risks (such as the potential flood risk). This is done in order to properly assess your risk profile which determines your premium and the insurance cover to be provided to you.
Underwriting is the process by which an insurance company assesses, accepts or rejects risks and classifies those selected, in order to charge an appropriate premium. The underwriting factors that must be evaluated to complete the underwriting process depend on the insurance product the customer is interested in; each product requires different categories of information to assess the risk profile of the proposer.
Where a decision is based on solely automated decision making, you will always be entitled to have a person review the decision so that you can contest it and to elaborate on your specific circumstances and make a personal representation.
10.5. Contact Us
Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on +353 49 432 7740 or email firstname.lastname@example.org.