Insurance Privacy Policy

This privacy notice sets out how Ashford Borough Council's (ABC) Insurance department may collect, use and share your personal information.

ABC and its Data Protection Officer can be contacted at: The Data Protection Officer, Ashford Borough Council, Civic Centre, Tannery Lane, Ashford, TN23 1PL or you can email FOI@ashford.gov.uk.

The processing of personal data is governed, in the UK, by the General Data Protection Regulation (the "GDPR") 2016 and any national implementing laws (Data Protection Act 18), regulations and secondary legislation, as amended or updated from time to time, and the regional supervisory authority is the Information Commissioner's Office.

We are registered with the Information Commissioner's Office with registration number Z8344724.

Processing activities

We will need to process your personal data during the handling and determination of your insurance claim and for the prevention and detection of fraud. We may also need to process your data in order to investigate any concerns or complaints you have about the services you receive from us.

What personal information we hold

Depending on the specific claim we will need to collect certain personal information about you, which could include, but not be limited to, your name, address, phone numbers, email address, date of birth, vehicle information, medical and health records or details on vulnerabilities, and financial information.

Lawful bases for processing

Your personal information is used by the Insurance department, in order to carry out its function. The legal basis for our use of your personal information will generally be one or more of the following:

We need to process your personal information to carry out a task in the public interest or in the exercise of official authority in our capacity as a public body
We need to process your personal information to satisfy our obligations under law in representing the council in a legal transaction under the Local Government Act

How we get your information and data sharing

We predominantly collect information from you when you fill in any forms, set up an account, or when you contact us in writing, speak to us on the phone, by email, or communicate with us in any other way. In addition, some of the information we hold about you may come from third party sources such as the Department of Work and Pensions, HM Revenue and Customs and other third party partners and credit reference agencies.

Your information may be shared with various internal teams relevant to each claim, the council's appointed claims handlers, insurers, external solicitors and brokers in order that they consider all relevant information and reach a decision regarding liability in relation to the claim made.

In addition, where required by law or to carry out a public task under the official authority of the council, we may share your personal information with:

Private investigators
Local and central government
Ombudsman and regulatory authorities
Professional advisers and consultants
Courts and tribunals
Regulatory bodies
Law enforcement and prosecuting authorities
Legal representatives, defence solicitors

This authority is under a duty to protect the public funds it administers. In order to prevent and detect fraud, we may, in liaison with our insurers, share information about you with other organisations including the police, check and/or share your details with fraud prevention and detection agencies (Kent Intelligence Network) or bodies responsible for auditing and administering public funds. If false or inaccurate information is provided and fraud is identified, details will be passed to fraud prevention agencies to prevent fraud and money laundering.

Retention period

The length of time that your personal information will be retained will depend on several different factors, including the type of claim and the age of the claimant.

Generally we will hold your personal information for up to six years, in line with the Limitation Act 1980. In personal injury claims involving a child, the six year period does not start until the child reaches the age of 18 and so children's personal information will be held for longer.

How we protect your data

The data you provide is protected by rigorous measures and procedures to make sure it can't be seen, or accessed by, or disclosed to anyone who shouldn't be allowed to see it. We provide training to staff who handle personal data and treat it as a disciplinary matter if they misuse or do not look after your personal data properly.

Your rights

Unless subject to an exemption under data protection legislation, you have the following rights:

the right to access;
the right to rectification;
the right to erasure;
the right to restrict processing;
the right to object to processing;
the right to data portability;
the right to complain to a supervisory authority;
the right to withdraw consent

For further information about your individual rights, including how to contact Ashford Borough Council's Data Protection Officer, please see our data protection pages.

Right to Complain

We set ourselves high standards when it comes to protecting your personal data. For this reason, we take any complaints we receive from you about our use of your personal data very seriously and request that you bring any issues to our attention.

Where you are communicating with us for the purpose of making a complaint, we will only use your personal data to handle, investigate and respond to the complaint and to check on the level of service we provide.

If, having exhausted the complaint process, you are not content that your request or review has been dealt with correctly, you can appeal to the ICO to investigate the matter further by writing to:

Information Commissioner's Office
Wycliffe House
Water Lane
Wilmslow
Cheshire
SK9 5AF