We fully comply with the Data Protection Act and are registered with the UK Information Commissioner's Office. You can view our current Registration Certificate by clicking the link below.
In order to guarantee that the processing of personal data is explained to you in a transparent and understandable way, we would like to inform you about the various legal terms, which will also be used in this privacy declaration:
(1) The Term “You”
refers to you, as a user of our Site or our Service.
(2) The terms “we,” “us,” and “our,”
refer to MGA Encompass Limited.
(3) Personal data
“Personal data” means any information relating to an identified or identifiable natural person (hereinafter the "data subject"). A natural person is considered to be identifiable if the identity of the person can be determined, directly or indirectly, in particular by association with identifying information such as a name, ID number, location data, an online username, or one or more special characteristics that express the physical, physiological , genetic, psychological, economic, cultural or social identity of this natural person.
“Processing” means any process or series of operations related to personal data, such as collecting, gathering, organizing, sorting, storing, adapting or modifying, reading, querying, using, disclosure by transmission, dissemination or other form of provision, matching or linking, restriction, erasure or destruction, with or without the aid of automated procedures.
(5) Restriction of processing
“Restriction of processing” means the marking of stored personal data with the aim to limit their future processing.
“Profiling” means any kind of automated processing of personal data that consists in using that personal information to evaluate certain personal aspects relating to a natural person, in particular in order to analyse and predict aspects relating to job performance, economic situation, health, personal preferences, interests, reliability, behaviour, location or relocation of that natural person.
“Pseudonymisation” means the processing of personal data in such a way that personal data can no longer be attributed to a specific data subject without adding additional information, provided that such additional information is kept separate and subject to technical and organizational measures to ensure that the personal data cannot be assigned to an identified or identifiable natural person.
(8) Filing system
“Filing system” means any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis.
“Controller“ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.
“Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
“Recipient” means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing.
(12) Third party
“Third party” means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data.
“Consent” of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
“Site” refers to the Company’s website, which can be accessed at ‘www.MGAencompass.com’.
Refers to the Company’s services accessed via the Site, in which users can: View a broad description of our client services.
Lawfulness of processing
The processing of personal data shall only be lawful if there is a legal basis for processing. According to article 6, section 1 a – f GDPR, a legal basis can be as follows:
(1) The data subject has given consent to the processing of his or her personal data for one or more specific purposes;
(2) processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract;
(3) processing is necessary for compliance with a legal obligation to which the controller is subject;
(4) processing is necessary in order to protect the vital interests of the data subject or of another natural person;
(5) processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
(6) processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
(7) processing is necessary for the establishment, exercise or defence of legal claims, both in court proceedings and in an administrative or out-of-court procedure. The legal basis for this processing is the protection and assertion of our legal rights, your legal rights and the legal rights of others.
(8) processing is necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, fulfilment of tax obligations, or obtaining professional advice. The legal basis for this processing is the proper protection of our business against risks.
Collection of personal data when visiting our website
If using the website purely for information purposes, i.e. if you have not registered with us or are not forwarding information to us by another means, we shall only collect the personal data which your browser transmits to our server. If you wish to view our website, we collect the following data which is technically necessary for us to display our website to you and to guarantee stability and security (legal basis is art. 6, section 1, clause 1 lit. f GDPR):
· IP address
· Date and time of the query
· Time zone difference to Greenwich Mean Time (GMT)
· Content of the request (specific page)
· Access status / HTTP status code
· Data volume transferred in each instance
· Website from which the request originates (browser type)
· User’s operating system and user interface
· Browser software language and version.
Enquiry data, correspondence data and customer relationship data
MGA Encompass Limited may process information contained in any enquiry you submit to us regarding our services and products ("enquiry data"). If a user contacts us via email or via a contact form, the personal information transmitted by the user is automatically stored.
The personal information may include:
(1) the user’s contact information
(2) the user’s name
(3) the name of the user’s employer
(4) the user’s job title or role
(5) the metadata associated with the communication
(6) and information contained in communications between the user and MGA Encompass Limited.
Such personal data transmitted on a voluntary basis by a user to MGA Encompass Limited are stored for the purpose of processing or contacting the user, managing our relationships with customers, keeping records of communication with the user, and promoting our products and services to customers.
In general, the Personal Information you provide to us is used to help us communicate with you. For example, we use Personal Information to contact users in response to questions, solicit feedback from users, provide technical support, and inform users about promotional offers.
(1) With your consent, you can subscribe to our newsletter, with which we inform you about our current services and other information relating to the London Insurance Market. The advertised services are named in the declaration of consent. The legal basis is article 6, section 1, clause 1 a, GDPR.
(2) We use the ‘double-opt-in-process’ for the registration to our newsletter. This means that after your registration we will send you an e-mail to the given e-mail address, in which we ask you for confirmation that you wish the newsletter to be sent. If you do not confirm your registration within 24 hours, your information will be blocked and automatically deleted after one month. In addition, we will store your IP addresses and times of registration and confirmation. The purpose of the procedure is to confirm your registration and, if necessary, to clarify any possible misuse of your personal data.
(3) The only required information for sending the newsletter is your e-mail address. Entering additional, separately marked data is voluntary and will be used to address you personally. After your confirmation, we will save your e-mail address for the purpose of sending you the newsletter.
(4) You can revoke your consent to the transmission of the newsletter at any time and unsubscribe from the newsletter. You can declare the cancellation by clicking on the link provided in each newsletter e-mail or by sending a message to the contact details stated in this legal notice below.
Use of external tools on our website
We have integrated the following tools into our website, which allow us to evaluate user behaviour or to establish links with other websites.
· Google Analytics
The controller has integrated the component Google Analytics (with anonymisation function) on this website.
Google Analytics is a web analytics service. Web analysis is the gathering, collection and analysis of data about the behaviour of visitors to websites. Among other things, a web analysis service collects data on which website a data subject has come to a website from (so-called referrers), which subpages of the website were accessed or how often and for which period of time a subpage was viewed. A web analysis is mainly used to optimize a website and for the cost-benefit analysis of Internet advertising.
The operator of the Google Analytics component is Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA.
As IP anonymization is activated on our website, your IP address will be shortened by Google within Member States of the European Union or other states in agreement with the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by a Google server in the USA. On behalf of the operator of the website, Google will use this information to evaluate your use of the website, compile reports on website activity and to provide further services related to website and internet use to us. The IP address transferred through your browser to Google Analytics will not be combined with other data held by Google.
In addition, this website may use the Analytics feature ‘UserID’ to track interaction data. This User ID will be additionally anonymized and encrypted and will not be linked with other data.
You can prevent the storage of cookies by a corresponding setting of your browser software; however, please note that if you do this, you may not be able to use all the features of this website to the fullest extent possible.
In addition, you may prevent the collection of the data generated by the cookie and related to your use of the website (including your IP address) by Google as well as the processing of this data by Google by downloading and installing the browser plug-in available under the following link: https://tools.google.com/dlpage/gaoptout?hl=en
In addition, a cookie already set by Google Analytics can be deleted at any time via the Internet browser or other software programs.
Further information and Google‘s applicable privacy regulations can be found at https://policies.google.com/privacy?hl=en and https://marketingplatform.google.com/about/ The following link provides a further explanation of Google Analytics https://marketingplatform.google.com/about/.
Our website also uses Google Analytics performance reports relating to demographics and interests and reports on Google Display Network impressions. You can disable Google Analytics for display advertising and customize the ads on the Google Display Network by visiting the ad settings at this link: https://adssettings.google.com.
· Google Tag Manager
This website uses Google Tag Manager. Through this service so-called website tags can be managed centrally via a user interface. Google Tag Manager only implements tags. No cookies are used, and no personal information is collected.
However, Google Tag Manager will not access these data. If deactivation has been implemented for certain domains / websites or cookies, it will remain in effect for all tracking tags as far as they are implemented with the Google Tag Manager.
This data processing is based on art. 6 section 1.f GDPR for the protection of our legitimate interests, namely the optimization of our website.
Your data protection rights against Encompass Insurance Brokers Limited
If you are a resident of the EEA, you have the following data protection rights:
If you wish to access, correct, update, or request deletion of your personal information, you can do so at any time by emailing ‘Keith.Julian@MGAencompass.com’.
In addition, you can object to the processing of your personal information, ask us to restrict the processing of your personal information or request portability of your personal information.
You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the "unsubscribe" or "opt-out" link in the marketing emails we send you. To opt-out of other forms of marketing, please contact us by emailing 'Keith.Julian@MGAencompass.com’.
Similarly, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect the processing of your personal information conducted in reliance on lawful processing grounds other than consent.
You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws.
Links to other websites
We may update this policy from time to time by publishing a new version on our website. You should check this page occasionally to ensure you are happy with any changes to this policy. We may notify you of significant changes to this policy by email or by placing a prominent notice on our site. Significant changes will go into effect 30 days following such notification. Non-material changes or clarifications will take effect immediately. You should periodically check the Site and this privacy page for updates.
This website is owned and operated by MGA Encompass Limited. We are registered in the U.K. under registration number 09633411.
DATA PROTECTION OFFICER
Our data protection officer's contact details are: Keith.Julian@MGAencompass.com