Last Updated 12th April 2023
The data controller is LHK Group referred to as “we”, “us”, “our” or LHK in this policy.
What personal data we collect
Personal data means any information relating to you which allows us to identify you, such as your name, date of birth, contact details, payment details and information about your access to our website.
The information stored in cookies can include personal data, such as that listed above, but it may also contain non-personal data such as language settings or information about the type of device a person is using to browse the site. Advertising IDs, user IDs and other tracking IDs may also be contained in cookies.
Under current regulations, we are permitted to store cookies on your device if they are strictly necessary for the operation of this site. For all other types of cookies, we need your permission. You can, at any time, change or withdraw your consent by accessing the ‘Manage Cookies Consent’ function provided on the footer of our website. Here you can Accept All or Reject All cookies (except ‘necessary cookies’ that enable the website to function correctly), review the cookies we use, and select or deselect categories of cookies.
Today, web browsers provide you with control over whether you allow cookies to be collected. You can also delete or clear cookies from your browser at any time. www.allaboutcookies.org shows you how to see what cookies have been set on your browser and how you can manage them.
Special Categories of Data
If we collect any special categories of personal data (e.g. health, religious beliefs, racial, ethic origin) we will ensure we will obtain your explicit consent, ensure the personal data is necessary for employment rights or obligations and/or is necessary for the legitimate activities with appropriate safeguards. The Data Protection Bill 2018 expressly allows for the processing of criminal history data for risk assessment and fraud prevention.
Why do we need to collect and store personal data?
Our principal business is to provide advice and arrange transactions on behalf of clients in relation to general insurance and financial services products. To provide you with relevant information and respond to your requests, we sometimes ask that you provide us with information about yourself (this can range from name, date of birth, to claims history etc). This personal data is used for legitimate business purposes. We are committed to ensuring that the information we collect and use is appropriate for this purpose, is the minimum data that is needed for the particular purpose, is not retained for any longer than required under legal requirements (Consumer Protection Code 2017) and does not constitute an invasion of your privacy. We will retain all that data on our secure client management software platform for the next annual renewal date so that you are not asked to provide the information again and at that stage the information can be updated if needs be.
Use of the information we gather
When we collect information about you, we intend to tell you why we are asking for the information and what we intend to do with it. You will have the option of not providing the information, in which case you may still be able to access other parts of this website, although you may not be able to access certain services. In certain areas of our website, we may, where appropriate, enable you to ‘opt in’ to certain uses of your information e.g. personal data and direct marketing.
The information we collect about you or your computer is used to run the website, respond to your requests or process any transactions you have requested. It may also be used to verify your identity, send you information or contact you in relation to an LHK Group product or service that you are using or that we believe may be of interest to you after you have chosen to ‘Opt in’ to receive such communications.
Retention of your personal data
Data will not be held for longer than is necessary for the purpose(s) for which they were obtained. Credit card transactions will be held for the duration of the transaction and general client details will be held while you are a customer. We will process personal data in accordance with our retention schedule. This retention schedule has been governed by our regulatory body (Central Bank, Revenue Commissioner) and our internal governance. When we no longer need your personal data, we will securely delete or destroy it. We will also consider if we can anonymise your personal data so that it can no longer be associated with you or identify you, in which case we may use tat information without further notice to you.
Sharing Information with Third Parties
In certain instances, we may make your information available to third parties with whom we have a relationship where that third party is providing services on our behalf. We will only provide those third parties with information that is necessary for them to perform the services and we take measures to protect your information. We require all third parties to have appropriate technical and operational security measures in place to protect your personal data, in line with Irish and EU law on data protection rules. When they no longer need your data to fulfil this service, they will dispose of the details in line with our procedures.
- Insurance Companies, Wholesale Brokers, loss assessors, finance providers
- Solicitors, company accountant and business consulting partners
- Our accounting software provider
- Our secure client management software provider
- Our online credit card payment provider
If we transfer your personal data to a third party or outside the EU, we as the data controller will ensure the recipient (processor or another controller) has provided the appropriate safeguards and on the condition that enforceable data subject rights and effective legal remedies for you the data subject are available.
The intent of LHK Group is to strictly protect the security of your personal information; honour your choice for its intended use; and carefully protect your data from loss, misuse, unauthorised access or disclosure, alteration or destruction. The personal data you share with us on our website is protected by an SSL (Secure Socket Layer) certificate. SSL is the industry standard method of encrypting personal information so that it can be securely transferred over the internet. We have taken appropriate steps to safeguard and secure information we collect online, including the use of encryption when collecting or transferring sensitive data such as credit card information. LHK use Worldnet’s secure online payment services. Worldnet’s SSL certificate and Payment Card Industry Data Security Standards (PCI DSS) ensure the highest level of security. Multiple layers of security are incorporated into overall IT security strategy for LHK including Multi Factor Authentication, Microsoft Intune Device Management.
Data Subjects Rights
We facilitate you, our clients, rights in line with the data protection policy and the subject access request procedure. This is available on request by contacting us at the contact details found at the end of this statement. A copy of our customer data access request form is available on our website.
At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:
- Right of access – you have the right to request a copy of the information that we hold about you.
- Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
- Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records.
- Right to restriction of processing – where certain conditions apply to have a right to restrict the processing.
- Right of portability – you have the right to have the data we hold about you transferred to another organisation.
- Right to object – you have the right to object to certain types of processing such as direct marketing.
- Right to object to automated processing, including profiling – you also have the right to be subject to the legal effects of automated processing or profiling.
- Right to judicial review: in the event that we refuse your request under rights of access, we will provide you with a reason as to why. You have the right to complain as outlined in below.
All of the above requests will be forwarded on should there be a third party involved as we have indicated in the processing of your personal data.
How to update and/or amend the personal information you have provided
You are entitled to know whether we hold information about you and, if we do (subject to certain limitations), to have access to that information and have it corrected if it is inaccurate or out of date. To exercise your Right of Access or to update your details under your Right of Rectification or Erasure please email your request to the contact address below with proof of identity.
If we are relying on your consent to process your data you can withdraw this at any time – this does not affect the lawfulness of processing based on your consent before its withdrawal.
In the event that you wish to make a complaint about how your personal data is being processed by LHK Group (or third parties as described above), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and LHK Group data protection representatives at the contact details below.
Our website contains links to other websites. LHK Group is not responsible for the privacy practices or the content of such websites. LHK Group uses pixels, transparent GIF files and other methods to help manage online advertising.
If you have any questions or comments about our privacy notice or practices, please contact us.
Phone: (01) 2055600