INTERNATIONAL
GENERAL INSURANCE

Navigation Menu

INTERNATIONAL GENERAL INSURANCE

International General Insurance Holdings Limited's Privacy Notice

Introduction and background

The purpose of this Notice is to outline how IGI has established measures to protect your privacy and information rights.  To view the full detailed Data Protection Policy, please follow the link.

 

Your rights

We recognise that you have rights as a ‘data subject’, and that we have an obligation to uphold these. 

This Privacy Notice aims to outline how we maintain these rights.  In particular, it outlines:

  • How we collect and process your information
  • Why we do this
  • How you can exercise your rights;
  • Who to contact in the event you’re unhappy with our performance.

Your information rights

Right

Explanation

Right to be informed

This encompasses the obligation for us to be transparent in how we collect and use your personal data.

Right of access

You have the right to access your personal data and supplementary information.

Right to rectification

If the information we hold on you is inaccurate or incomplete, you can request we correct this.

Right to erasure

You can request we delete or remove personal data where there is no compelling reason us to continue processing

Right to restrict processing

You have the right to request we cease processing your data, if:
  • You consider it inaccurate or incomplete;
  • Where you object to processing and we are considering whether we still have a legitimate interest to process it.
  • Where we don’t need the data for the original reason we collected it, but may need it to support a legal claim

Right to data portability

Where you have consented to our processing your data, or where the processing is necessary for us to deliver a contract, you can request a copy of that data be provided to a third party in electronic form. 

Right to object

You have the right to object to our processing under certain circumstances.

 

 

This Privacy Notice should outline how we are transparent in our processing. Please get in touch with us through the ‘contact details’ section to find out more or to exercise your information rights. 

Information we collect

Please find in the following link Data Protection Policy under Appendix 1.

 

Transfer of data

We may pass your personal data on to third-party service providers contracted to IGI in the course of dealing with you. Any third parties that we may share your data with are obliged to keep your details securely, and to use them only for the legitimate reasons they were obtained for originally. When they no longer need your data, they will dispose of the details in line with IGI’s procedures as set out in the contracts signed with them. If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do otherwise.

Data transfers out of the EEA: The data we receive may be sent to countries outside the European Economic Area (‘EEA’). When they do, there will be a contract in place to make sure the recipient protects the data to the same standard as the EEA. This may include following international frameworks for making data sharing secure.

 

Retention of data

IGI retains information in accordance with our data retention requirements.  We may keep   such information for up to 7 years in accordance with regulatory requirements. If you object to this retention, please contact us – details provided in the ‘Contact’ section.

Securing your information

International General Insurance Group places great importance on the security of all personally identifiable information associated with our customers. We have security measures in place to attempt to protect against the loss, misuse and alteration of customer data under our control. While we cannot ensure or guarantee that loss, misuse or alteration of data will not occur, we use our best efforts to prevent this through implementing the following:

  • IGI has achieved the Cyber Essentials accreditation.
  • IT Security Policy and Procedures.
  • IT Risk and Control Register.
  • Active directory group policy with access control, password complexity/history controls, patching, windows updates and auditing policies.
  • Physical protection of IGI Data Center and workplace.
  • Data center monitoring and notification system
  • Cisco firewalls with limited and controlled access, VPN site-to-site connections between offices and the use of Cisco AnyConnect VPN client for end users, DMZ network for internet facing services like website and email traffic.
  • Kaspersky total security license with (endpoint protection, server protection, email protection and anti-spam, SharePoint protection, web filtering) in addition to venerability scanning and fixing.
  • File server access controls.
  • Individual file protection with windows RMS.
  • Removable storage blocking for user PCs.
  • Hardware and software Vendor SLAs, signed NDA when required.
  • Security Penetration testing and venerability assessment by a third party.
  • Backup data encryption.

 

Non-personal information

We may collect non-personal information about you such as the type of internet browsers you use or the Website from which you linked to our Website. You cannot be identified from this information and it is only used to assist us in providing an effective service on this Website. We may disclose aggregate statistics about our Website users to prospective partners, advertisers and other reputable third parties, but these statistics will include no personally identifying information.

 

Use of Cookies 

Cookies are pieces of information that a Website transfers to your internet browsing device to store and sometimes track information about you. Most web browsers automatically accept cookies, but if you prefer, you can change your browser to prevent that. However, you may not be able to take full advantage of a website if you do so. Cookies are specific to the server that created them and cannot legally be accessed by other servers, which means they cannot be used to track your movements around the web. We use cookies to estimate our audience size and patterns; control how often visitors see similar ads; and track preferences and to improve and update our Website. Please see our cookies section on the cookies we use and how we use cookies.

Below is a full list of the cookies used by IGI along with a description of what they are used for. Where a cookie is a third party cookie, visit the providers’ website for more information.

Cookie Name

Cookie Description

_ga

Google Analytics - Uses cookies to:
  • Determine which domain to measure
  • Distinguish unique users
  • Remember the number and time of previous visits
  • Remember traffic source information
  • Determine the start and end of a session
  • Remember the value of visitor-level custom variables

__atuvc

This cookie is associated with the Add This social sharing widget which is commonly embedded in websites to enable visitors to share content with a range of networking and sharing platforms. It stores an updated page share count.

_gid

Google Analytics - Uses cookies to:
  • Determine which domain to measure
  • Distinguish unique users
  • Remember the number and time of previous visits
  • Remember traffic source information
  • Determine the start and end of a session
  • Remember the value of visitor-level custom variables

__RequestVerificationToken

Used as an antiforgery token to protect form data

_gat

Google Analytics - Uses cookies to:
  • Determine which domain to measure
  • Distinguish unique users
  • Remember the number and time of previous visits
  • Remember traffic source information
  • Determine the start and end of a session
  • Remember the value of visitor-level custom variables

 

Personal Data Breach

With regard to Personal Data Breach caused by IGI, IGI shall:

  • In accordance with GDPR Article 33 and 34, (i) notify you without undue delay in the event of any Personal Data Breach involving Personal Data and (ii) provide reasonable assistance to you when you are required to communicate a Personal Data Breach to a Data Subject.
  • Use reasonable efforts to identify the cause of such Personal Data Breach and take those steps as IGI deems reasonably practicable in order to remediate the cause of such Personal Data Breach.
  • Provide reasonable assistance and cooperation as requested in the furtherance of any correction or remediation of any Personal Data Breach.

Complaints

In the event that you wish to make a complaint about how your personal data is being processed by IGI (or third parties as described in our Data Protection Policy), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority and IGI’s Data Compliance Officer (DCO) at Group.Compliance@iginsure.com or Complaints@iginsure.com.

 

Contact details

We recognise that you may have questions on how we process and/or store your data, or may want to change either the data we hold on you or how we communicate with you in the future. 

If you have given consent for processing, you are free to withdraw that consent. To do so, please contact the DCO at Group.Compliance@iginsure.com

If you have any questions in respect of this Notice, or would like to exercise your rights as a data subject (for example, to correct data or to exercise your right to access) please contact the DCO at Group.Compliance@iginsure.com

If you are unhappy that we have responded to your query adequately, of if you have a further complaint, The Information Commissioner’s Office can be contacted on 0303 123 1113 (local rate – calls to this number cost the same as calls to 01 or 02 numbers). If you're calling from outside the UK, you may not be able to use the 03 number, so please call +44 1625 545 700.

Other Websites

This Website contains links to other Websites and you may have linked to this Website from another Website. We are not responsible for the Privacy Notice or the content of such Websites. Other associated Websites to International General Insurance Holdings Ltd may contain a Privacy Notice that is different from this Privacy Notice. This Privacy Notice relates to this Website only. When visiting other associated Websites please make sure that you read their Privacy Notices so that you can understand what personal information will be collected through or in relation to that Website and for what purposes.