Italiano | English | Français | Español
International Professional Risks (the “Data Controller”) is committed to ensuring that any personal data received from the users of this website (“Website”), and through other processing methods, from any individual (such as customers, employees, consultants, service users, etc.), is protected and handled in accordance with applicable data protection laws.
In general, any information and data provided to the Data Controller over the Website – and with other processing modalities – acquired in the use of services such as: the registration procedure, the request for products and services, information or estimates, access to the registration procedure (which is reserved for users who have the quality of insurance brokers or intermediaries), filling out the forms provided in order to notify a claim or to request any of the insurance services provided through the Website (“Forms”) or which is otherwise gathered via the Website by the Data Controller in the context of the use of the Data Controller’s services (“Services”), will be processed by the Data Controller in a lawful, fair and transparent manner.
The Data Controller, as identified at the top of this Privacy Policy, is the Data Controller regarding all personal data processing carried out through the Website.
When you use the Website – or provide data in other ways – the Data Controller will collect and process information regarding you (as an individual) which allows you to be identified either by itself or together with other information which has been collected. The Data Controller may also be able to collect and process information regarding other persons in this same manner, assuming you choose to provide it to the Data Controller.
This information may be classified as “Personal Data” and can be collected by the Data Controller when you choose to provide it (e.g., when you sign up for an account to receive the Data Controller’s Services).
Personal Data that can be processed by the Data Controller through the Website or in other ways are as follows:
a. Name, contact details and other Personal Data
In various sections of the Website – in particular, if you decide to create an account on the Website or when you fill out a Form – you will be asked to submit information such as your name, phone number, e-mail address, gender, date of birth, country of residence and address, as well as, in certain cases, information related to the company you currently work for and your position in that company.
In addition, whenever you participate in surveys that may be available on the Website, as well as whenever you communicate with the Data Controller through the contact details provided on the Website, the Data Controller may collect additional information that you choose to provide. This is also the case regarding any information you choose to disclose in certain sections of the Website which allow you to fill out a Form or to contact the Data Controller directly.
b. Job applications
When registering to apply for a position within the Data Controller, in the “Careers” section of the Website (where available), you will also be asked to provide different types of Personal Data, including professional and employment details (e.g. resume, cover letter, professional qualifications, availability to start, professional social media URLs, etc.).
You are also asked to provide other job-specific information, including your marital status, gender and date of birth, which may help to give more insight of you as a candidate – however, this is entirely optional and not mandatory.
c. Special categories of Personal Data
Certain areas of the Website provide you with some free text fields where you can describe to the Data Controller some information that you need to communicate to the Data Controller as required in the Forms, or otherwise allow you to post various types of content on the Website, which may contain Personal Data.
You may use such areas to disclose (inadvertently or not) some sensitive (“particular”) categories of Personal Data, such as data revealing your racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership. The content you upload in these fields may also (inadvertently or not) include other types of particular information relating to you, such as your genetic data, biometric data or data concerning your health, sex life or sexual orientation or any disabilities you may have.
The Data Controller asks that you do not disclose any particular Personal Data in these free text fields on the Website unless it is strictly necessary. If so, please mind that the Data Controller needs your explicit consent to process this type of Personal Data (e.g. by declaring that you consent in the free text field), if you decide, nonetheless, to share it.
d. Other persons’ Personal Data
As mentioned in the previous section, certain areas of the Website and of the Forms include specific fields as well as free text fields where you can write messages to the Data Controller, or otherwise allow you to insert various types of data on the Website. These messages and content may (inadvertently or on purpose) include Personal Data related to other persons.
In other sections of the Website, you are asked to submit Personal Data related to third parties, such as other contacts in your company, colleagues, clients, policyholders, claimants, counterparties and/or insurers.
In any situation where you decide to share Personal Data related to other persons, you will be considered as an independent data controller regarding the Personal Data and must assume all inherent legal obligations and responsibilities. This means that you must fully indemnify the Data Controller against any complaints, claims or demands for compensation for damages which may arise from the processing of this Personal Data, brought by the third parties whose information you provide through the Website.
As the Data Controller does not collect this information directly from third parties (but rather collects them, indirectly, from you), you must make sure that you have the third parties’ consent before providing any information regarding them to the Data Controller; if not, then you must make sure there are some other appropriate grounds on which you can rely to lawfully give this information to the Data Controller.
e. Browsing Data
The Websites operation, as is standard with any websites on the Internet, involves the use of computer systems and software procedures, which collect information about the Websites users as part of their routine operation. While the Data Controller does not collect this information to link it to specific users, it is still possible to identify those users either directly via that information, or by using other information collected – as such, this information must also be considered Personal Data.
This information includes several parameters related to your operating system and IT environment, including your IP address, location (country), the domain names of your computer, the URI (Uniform Resource Identifier) addresses of resources you request on the Website, the time of requests made, the method used to submit requests to the server, the dimensions of the file obtained in response to a request, the numerical code indicating the status of the response sent by the server (successful, error, etc.), and so on.
These data are used to compile statistical information on the use of the Website, as well as to ensure its correct operation and identify any faults and/or abuse of the Website.
f. Cookies
Cookies are small text files that may be sent to and registered on your computer by the websites you visit, to then be re-sent to those same sites when you visit them again. It is due to these cookies that those websites can “remember” your actions and preferences (e.g. login data, language, font size, other display settings, etc.), so that you do not need to configure them again when you next visit the website, or when you change pages within a website.
For more details, please refer to our Cookies Policy.
The Data Controller intends to use your Personal Data, collected through the Website, for the following purposes:
Your Personal Data may be shared with the following list of persons / entities (“Recipients”):
Your Personal Data may be transferred to Recipients located in several different countries. The Data Controller implements appropriate safeguards to ensure the lawfulness and security of these Personal Data transfers, such as by relying on adequacy decisions from the European Commission, standard data protection clauses adopted by the European Commission, or other safeguards or conditions considered adequate to the transfer at hand.
We will retain your personal information for as long as is reasonably necessary to fulfil the relevant purposes set out in this Privacy Policy. The retention period will be primarily determined by relevant legal and regulatory obligation and/or duration of our business relationship with you, your employer, or another associated party. We maintain and regularly update our Data Retention Policy with a detailed retention schedule. We will securely delete or erase your personal information if there is no valid business reason for retaining your data. In exceptional circumstances, we may retain your personal information for longer periods of time if we reasonably believe there is a prospect of litigation, in the event of any complaints or if there is another valid business reason the data will be needed in the future.
You have certain rights as a data subject which you can exercise in relation to the information, we hold about you. If you make a request to exercise any of your rights, we reserve the right to ask you for a proof of your identity. We aim to acknowledge your request as soon as possible and will address your query within one month from your request.
You have the following rights:
The right to access
If we are processing your data, you are entitled to a confirmation, a copy of your data, and information about purposes of processing – who we disclose it to, whether we transfer it abroad and how we protect it, how long we keep it for, what rights you have, where your data is from and how you can make a complaint.
The right to rectification
If you believe that the personal information we hold about you is inaccurate or incomplete, you can request for it to be rectified.
The right to erasure
If you withdraw your consent, terminate a contract with us or you believe the personal information is no longer necessary for the purposes for which it was collected, you may request for your data to be deleted. However, this will need to be balanced against other factors, for example, there may be certain regulatory obligations which mean we cannot comply with your request.
The right to restrict processing
You can ask us to restrict (i.e. keep but not use) your personal data, but only where:
We can continue to use your personal data following a request for restriction, where we have your consent; to establish, exercise or defend legal claims; or to protect the rights of another natural or legal person.
The right to data portability
If we have collected your information under a contract or your consent, you could request us to transfer your personal information to provide it to another third party of your choice.
The right to object
You have the right to object at any time the processing of your personal data where it is necessary for the performance of a task carried out in the public interest, or in the exercise of an official authority vested in the controller. You may also object where the processing is necessary for the purposes of the legitimate interests, except where such interests are overridden by your interests or fundamental rights and freedoms – in particular, if you are a child.
The right to withdraw consent
If we have processed your personal information under your consent, you could withdraw it at any time.
We do not have to comply with a request where it would adversely affect the rights and freedoms of other individuals.
You can also exercise your rights described above by sending a written request to the Data Controller at the following address: dpo@fisg.co.uk.
Qualora Lei non fosse soddisfatto della nostra risposta o ritenesse che i Suoi dati non siano stati trattati in conformità con i requisiti legali, potra’ presentare un reclamo all’Autorità per la protezione dei dati personali competente.
This Privacy Policy entered into force on 25/05/2018. The Data Controller reserves the right to amend this Privacy Policy partly or fully, or simply to update its content, e.g., due to changes in applicable law. The Data Controller, therefore, invites you to regularly visit this Privacy Policy to acquaint yourself with the latest, updated version of the Privacy Policy, so that you may remain constantly informed on how the Data Controller collects and uses Personal Data.