As required by the General Data Protection Regulation
Who we are
We (and “us” and “our”) are Lexham Insurance Consultants Ltd (an independent insurance intermediary also trading as Marble Arch for claim handling) and LXM Management Ltd (a provider of loans), both regulated by the Financial Conduct Authority.
Information about you
Most of the information we hold about you (and any other named person insured) will have been provided by you, or by someone acting on your behalf. We may also collect some data from other sources, such as;
- insurance databases or companies to check previous claims;
- agencies to verify such things as identity and address, County Court Judgements or HM Treasury sanctions;
- credit checks (these are “soft” checks that do not affect your credit rating);
- other openly available sources of data and social media where appropriate (e.g. to help verify claims-related data)
Please ask if you would like more details relating to your data.
Sensitive personal information
This includes information relating to health, disability, and criminal convictions. Such data will be used only in connection with an insurance quotation or the administration of an insurance contract (e.g. in connection with a claim).
What this information is used for and the basis for using it
This information is used to assess your insurance risk in order to provide a quotation, to administer any insurance and loan arranged, to deal with a claim and provide appropriate services, to recover debt, etc (contractual necessity). It will also be used to check for possible fraud, money laundering, or other crime (legal obligation). We and your insurer will not be able to provide the requested services without this data.
We may also send you marketing material about other related services available from the Lexham group of companies (this is known as legitimate interests), but you may opt out of this at any time – see contact details below.
We guarantee that we will never sell any information about you to anyone else or collect unnecessary information. We respect the information you have provided and it will be used only as described.
Who we may pass your information to
Potential insurers to enable them to provide quotations or cover.
In order to deal with a claim, for example, various service providers such as vehicle damage assessors and repairers, replacement vehicle providers, and solicitors may need to be supplied with information about you.
Other insurers or insurance industry databases (to help prevent fraud).
The Motor Insurance Database (as required by law).
Government agencies such as DVLA.
A loan company (LXM Management Ltd) and a direct debit operating company (Bexhill UK Ltd), if you arrange a loan through us, and a debt recovery agency if you default on the loan.
Anyone who you may have asked us to deal with.
It is possible some of these organisations may transfer your data overseas and this may mean it may not be as secure as in the UK (e.g. a foreign government may forcibly access data), but our contracts with them require that they provide the same level of protection as we do.
How long we keep your information
We only keep information about you if necessary for reasons as outlined above. Normally, we will delete it by 14 months after you have requested a quotation but not arranged cover, or 7 years after any insurance you have arranged has expired (in case any claim or legal action arises).
Other persons involved with your contract
If you provide personal data about another person (such as a named rider covered by your insurance, a loan guarantor, or a passenger injured in an accident), it is your responsibility to ensure you have their agreement to do so and, to inform them of all relevant matters relating to their data, to the terms of any insurance and loan arranged. Or you may arrange for them to contact us.
Insurers’ rating procedures are partly computer-based and your personal data will be used by such processes to assess the risk and provide any quotation.
Your rights regarding your personal data we hold
To receive a copy of this data.
To ask us to rectify any inaccurate or incomplete data.
To ask us to stop sending you any marketing communication.
To complain about our use or storage of it.
Where we rely on your consent to use this data, to ask us to stop using it or to limit its use or to delete it.
Our contact details relating to data
If you have any query regarding the storage, use, or accuracy of data we hold about you, or to exercise any of your rights, please contact us specifying your request as follows:
The Data Protection Officer, Lexham Insurance, Gilray Road, Diss, Norfolk IP22 4NG or firstname.lastname@example.org
We will tell you if we are unable to comply with your request, or how your request might impact you when you contact us.
If after contacting us as above you remain dissatisfied, you have the right to refer the matter to the Information Commissioner's Office ("ICO") - https://ico.org.uk/global/contact-us/
Effective date: 03/05/2022
- What information we may collect about you;
- How we will use the information we collect about you;
- Whether we will disclose your details to anyone else; and
- Your choices and rights regarding the personal information you have provided to us.
The Services may contain links to services owned and operated by third parties. We may also use some third-parties software or products to provide you with the Service properly. If we do so and provide third parties of any personal data, you can be sure the transfer is legal and secured. These third-party services may have their own privacy policies and we recommend that you review them. They will govern the use of personal information that you submit, or which is collected by cookies and other tracking technologies whilst using these services. We do not accept any responsibility or liability for the privacy practices of such third-party services and your use of these is at your own risk.
2. Information we may collect about you
We collect and process the following information which may include your personal data.
Your name, last name, email address, phone number, contact data, device’s ID, your user preferences as well as all the data (including personal data) you supply to us, and information provided by you when using the Service or website.
3. Collecting, processing, and using personal data
We only store and process your personal data when you have voluntarily supplied us with it such as by filling in a contact form or signing up to the Service. Your personal data will only be disclosed or otherwise transmitted if this is necessary to implement the contract, render our Services or you have given your prior consent.
4. Why we collect information about you - purpose of processing
5. Cookies and Web Beacons
6. Log files
During every access of our website user data is transmitted by the respective Internet browser and stored in protocol files, the so-called server log files. The datasets stored here may contain such data as date and time of access, name website, IP address, referrer URL (original URL from which you arrived at the website), the amount of data transmitted, product and version information of the browser used.
7. Geo-location data
In case geo-location is opt-in by you, please be aware we may have access to your geo-location data as we collect and process IP address of all devices using our Services. Collecting and processing your geo-location data refers to mobile devices as well as computers.
8. Children personal data
We do not collect personal information from anyone under the age of 16. If you notice we collect and process personal data of anyone under this age, please contact us. We encourage parents and legal guardians to monitor their children’s Internet usage and to help enforce this Policy by instructing their children never to provide personal information through the websites or Services.
9. Data sharing
Required by law: In addition, we may disclose your information to the extent that we are required to do so by law (which may include to government bodies and law enforcement agencies); in connection with any legal proceedings or prospective legal proceedings; and in order to establish, exercise or defend our legal rights.
10. Data transmission
Your data is transmitted safely by using encryption. We secure our website and other systems with technical and organisational measures against the loss, destruction, access, change or dissemination of your data by unauthorised persons.
11. Your rights
You have the following rights over the way your personal data are processed.
To make a request, please let us know by sending an email to email@example.com.
- a) You have the right to request a copy of the personal information we process about you and to have any inaccuracies corrected.
- b) You can ask for supplying, correcting, or deleting personal information held about you.
- c) You can ask us to restrict, stop processing, or to delete your personal data.
- d) You can withdraw your consent for data processing.
- e) Obtain a copy of your personal data, which you can use with another service provider
- f) Make a complaint to a Supervisory Authority.
Whilst visiting our website your security is always our primary concern. We aim to always ensure that you never need to worry about privacy or security, the same should be for any website you visit – large or small. The cookies we use on our site do not store or collect any personally identifiable information about you.
A cookie is a small file that asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes, and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyse data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
We take your privacy very seriously and comply with the recent UK and EU law on handling cookies and provide (you) the user with means to remove such cookies or prevent your computer from accepting them in the future.
We collect user data through analytics features and interest-based functions via third-party sites, such as Google, Twitter, and Facebook. This data is used to optimise our website, ads, and online marketing through Display Advertising (incl. Remarketing), Conversion Tracking, and Statistical Analysis.
Users can opt out of Analytics using the ‘Privacy Settings’ found on third-party sites. We have provided links below:
Third-party vendors may show our ads on sites across the internet.
Lexham Insurance and third-party vendors, use first-party cookies (such as the Google Analytics cookie) and third-party cookies together to inform, optimise, and serve ads based on visitor's interactions on our website. We also use these cookies to report how our ads perform including impressions and interactions in order to improve them and make them more efficient.
Google Analytics and Google Signals will collect visitation information from our website and/or apps from Google accounts of signed-in users who have consented to ad personalisation. This Google information may include end-user location, search history, YouTube history, and data from sites that partner with Google—and is used to provide aggregated and anonymized insights.
Google Signals compiles multi-platform and cross-device data reports on Google users that have enabled personalised advertising in their Google accounts.
To know how to review your Google ad settings visit > Control the ads you see.
Find out more
You’ll find more information about cookies at https://ico.org.uk/for-the-public/online/cookies/, which gives details on how to delete cookies from your computer. For information on how to do this on your mobile phone browser, please see your handset manual.