This data processing policy sets out how Ellis Whittam uses and protects any personal information that you give Ellis Whittam when you commission our services.
Ellis Whittam is committed to ensuring the confidentiality, integrity and availability of the data that we process.
Ellis Whittam may change this policy from time to time by updating this page.
You should check this page from time to time to ensure that you are happy with any changes. This policy is effective from November 2017.
Post holder responsible for policy: Chief Technology Officer
ICO Registration Name: Ellis Whittam Ltd
ICO Registration Number: Z2442783
Data Protection Officer: Steve Clark
This policy sets out the basis on which any data we collect from or on behalf of you, or that you provide to Ellis Whittam, will be processed by Ellis Whittam.
Data that we collect
Ellis Whittam process personal data on behalf of our Clients, with this processing necessary in order to provide our services.
In order to assess the terms of the insurance contract or administer claims that arise, we or the Insurer may need to collect data that both the Data Protection Act and the GDPR define as sensitive, such as medical history or criminal convictions. By proceeding with the Contract you signify your consent to such information being processed by us, the Insurer or our agents and subcontractors.
We may collect the following information:
- Personal Details relating to our Clients, their employees and associated third parties and consultants:
- Contact Details
- Email Address
- Telephone number(s)
- Employment Details
- Job Title
- Role responsibilities
Why we collect this data
We require this data for the provision of our services.
Data security is very important to Ellis Whittam: we are committed to ensuring that your data is secure. We are committed to working within the guidelines of the Data Protection Act and also the GDPR.
We will use various technical and organisational measures to safeguard all data that we store and process: In order to prevent unauthorised access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the data that we process.
Our data centres are based in the U.K. and we do not transfer data outside of the EEA without explicit consent. Personal data will be systematically redacted within a reasonable time after the termination of a contract.
Distribution of your personal data
We will not sell, distribute or lease your personal data to third parties unless we have your permission or are required by law to do so.
Subject Access Requests and Data accuracy
You may request details of personal information which we hold about you.
If you would like a copy of the information held on you contact email@example.com or write to Ellis Whittam, Church Lane, Aldford, Cheshire CH3 6JD.
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.