1 . Privacy Policy This Privacy Policy describes how we obtain and use your personal data, why we are allowed to do so by law, who has access to your personal data and what your rights are. Please review it carefully. We take your privacy seriously and use your personal data as further explained in this Privacy Policy. We are the "controller" of the personal data you provide to us. You have the right to object to us processing your personal data for our legitimate business interests or for direct marketing purposes (including any related profiling). For more information about your rights and how you can exercise them, please see the section 8. 2. The basics You may visit this website (“Site”) without revealing any personal information. However, if you request specific information, provide feedback or participate in a marketing initiative you will be disclosing personal data to us. This will be treated in accordance with the principles set out in the Data Protection Bill 2017 (“the Act”). We will take all reasonable steps to ensure your personal data is protected against unauthorised access and it will not be disclosed to another company or organisation without your consent. The only time we may disclose your personal data is when we are legally bound to do so or as required by our regulators. 3. The detail This Site is managed by CADIS MGA is committed to the protection of personal information supplied by users of this Site. This page contains the information gathering and use policies adopted by CADIS MGA in connection with this Site. CADIS MGA is not responsible for the privacy policies of third party sites to which links are provided. The privacy policies on such sites should be checked before providing any personal information. 4. Collection of information CADIS MGA will only collect and use personal data voluntarily and openly provided to this Site. A user may choose to provide CADIS MGA with limited personal data, as required, to register for certain services; once registered the information will only be used for the specified purpose(s). At the present time IP addresses of authorised users are not logged for either administrative or other purposes. It will normally be clear when personal information is being collected. The information required is the minimum necessary to enable CADIS MGA to deal with the services and products requested, but additional information may be requested for CADIS MGA to provide the most appropriate response. If such additional information is requested, it is highlighted and its provision is voluntary. We do not solicit sensitive personal data through the Site except where legally required to do so. Sensitive personal data includes gender, race or ethnic origin, political opinions, religious or other beliefs, trade union membership, physical or mental health, sexual life or criminal records. 5. Use of Cookies The Site uses technology known as 'cookies'. Cookies are small text files placed on the authorised user's hard drive that allow the Site to store tokens of information regarding use of the Site by allocation of an identifier to an authorised user while the Site is in use. Use of cookies would enable CADIS MGA to analyse the operation of the Site, thus permitting continuous improvement of the service that it provides, but cannot retrieve any other data from the hard drive of the authorised user's computer or capture the authorised user's e-mail address. In any event it is not intended to link personal data to information that may be contained in a cookie to determine or track the identity of any user of the Site. 6. Google Analytics We use Google Analytics to analyse our Site usage and create reports for internal use at CADIS MGA only. Like many services, Google Analytics uses first-party cookies to track visitor interactions. These cookies are used to store information, such as what time the current visit occurred, whether the visitor has been to the site before, and what site referred the visitor to the web page. Browsers do not share first-party cookies across domains. To find out more about how Google treats personal information, please see Google’s Privacy Policy. 7. How we use your personal data We use your personal data for the following purposes: To provide you with the services and products that you have requested We use your personal data to accept you as a new or returning customer to provide you with the products and services you have requested. To send you service communications We use the contact details you have provided to us so that we can communicate with you about the services and products that we provide, including to let you know about major changes to those services and products or to any related information. Direct marketing (including by third parties) If you have provided your consent or we otherwise have the right to do so, we may use your contact details to send you direct marketing and keep you informed of promotional offers by email, SMS, post or telephone relating to our products and services. You can unsubscribe from our direct marketing at any time by clicking the unsubscribe link in any of our emails or by contacting us. To track your usage of our Site, communications, services and products: We use cookies and similar technologies to track your activity on our Site so that we can provide important features and functionality on our Site, monitor its usage, and provide you with a more personalised experienced. To provide and improve customer support: We use your personal data to be able to provide and improve the customer support we provide to you (for example, where you have questions about our services and products). To maintain our records and improve data accuracy: Like any business, we process personal data in the course of maintaining and administering our internal records. This includes processing your personal data to ensure that the information we hold about you is kept up to date and accurate. To respond to enquiries, complaints and disputes: We use the personal data we hold about you to help us respond to any enquiries or complaints you have made, or deal with any dispute which may arise while providing our services and products to you in the most effective manner. To investigate, detect and prevent fraud and comply with our legal obligations: In certain circumstances, we use your personal data only to the extent required to enable us to comply with our legal obligations, including for fraud detection, investigation and prevention purposes. This may require us to provide your personal data to law enforcement agencies if they request it. 8. Legal bases for processing Data protection law requires us to only process your personal data if we satisfy one or more legal grounds. These are set out in data protection law and we rely on a number of different grounds for the processing we carry out. These are as follows: Consent In certain circumstances, we process your personal data after obtaining your consent to do so for the purposes of: sending you marketing communications about our products and services; sharing your name, email address, postal address and telephone number with our trusted business partners so that they may market to you about their own similar products and services; conducting marketing research; obtaining your credit score so that we can establish the best possible payment terms we are able to offer to you. Necessary for the performance of a contract and to comply with our legal obligations. It is necessary for us to process your basic contact details, payment details and information about you or the business you represent for the performance of the services and products that we provide. In particular we rely on this legal ground to: provide you with the services and products; communicate with you about the services and products that we provide to you, including to let you know about major changes to those services and products or to any related information; and provide and improve customer support If you choose not to give some or all of the aforementioned information to us, this may affect our ability to provide our services and products to you. In certain circumstances, we also use your personal data only to the extent required in order to enable us to comply with our legal obligations, including to detect, investigate and prevent fraud. Necessary for the purposes of our legitimate business interests or those of a third party It is sometimes necessary to collect and use your personal data for the purposes of our legitimate interests as a business, which are to: provide you with services and products that are as useful and beneficial as possible, including by personalising our contact with you and making sure we tell you about all the offers that are relevant to you; better understand our customer base so that we can improve our services and products and marketing activities (which could also benefit you); comply with our contractual obligations to third parties; develop and improve our Site to enhance the customer experience; train our staff so that we can provide you with a better customer service; respond to any enquiries or complaints you have made, or deal with any dispute which may arise in the course of us providing our services and products to you; and to ensure that content from our Site is presented in the most effective manner for you and for your computer; ensure effective operational management and internal administration of our business, document retention, compliance with regulatory guidance and exercise or defence of legal claims. Where we think there is a risk that one of your interests or fundamental rights and freedoms may be affected we will not process your personal data unless there is another legal ground for us to do so (either that we have obtained your consent to the processing or it is necessary for us to perform our contract with you or to comply with our legal obligations). 9. Who we share your personal data with We may provide your personal data to our suppliers and service providers, including other companies in our group, who provide certain business services for us and act as "processors" of your personal data on our behalf. In addition, we may disclose your personal data if we are under a duty to disclose or share your personal data to comply with any legal obligation, or to protect the rights, property, or safety, of our business, our customers or others. This includes, in specific cases, exchanging information with other organisations for the purposes of fraud protection. 10. Accuracy of information CADIS MGA assumes responsibility for keeping an accurate record of personal data once it has been submitted, but not for confirming the ongoing accuracy of the personal information. If CADIS MGA is advised that the personal data is no longer accurate, it will be amended (where practicial) 11. Retention of information We retain your personal data for no longer than is necessary for the purposes(s) for which it was provided. What this means in practice will vary between different types of data. When determining the relevant retention periods, we consider factors including: Legal obligation(s) under applicable law to retain data for a certain period; Statute of limitations under applicable law; Potential or actual disputes; and guidelines issued by relevant data protection authorities. Otherwise we securely erase your personal data from our systems when it is no longer needed. 12. Security of information CADIS MGA has implemented accepted standards of technical measures and security policies that are aimed at protecting the personal data it has under its control from: Unauthorised access; Improper use or disclosure; Unauthorised modification; Unlawful destruction or accidental loss. All CADIS MGA personnel are required to keep personal information confidential and only authorised persons have access to such information. 13. Your Rights You have the following rights regarding your personal data: (i) Right to access: the right to request copies of your personal information from us; (ii) Right to correct: the right to have your personal information rectified if it is inaccurate or incomplete; (iii) Right to erase: the right to request that we delete or remove your personal information from our systems; (iv) Right to restrict our use of your information: the right to ‘block’ us from using your personal information or limit the way in which we can use it; (v) Right to data portability: the right to request that we move, copy or transfer your personal information; (vi) Right to object: the right to object to our use of your personal information including where we use it for our legitimate interests or where we use your personal information to carry out profiling to inform our market research. 14. How to contact us If you would like to exercise your data protection rights or if you are unhappy with how we have handled your personal data, please feel free to contact us by using the details set out on our Site. If you're not satisfied with our response to any enquiries or complaint or believe our processing of your personal data does not comply with data protection law, you can make a complaint to the Information Commissioner's Office (ICO) by: writing to: Information Commissioner's Officer, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF; calling: 0303 123 1113; or submitting a message through the ICO's website at: ico.org.uk 16. Other matters Please note that the Site contains links to other sites, which are not governed by this privacy statement. This Privacy Policy is subject to periodic review and any changes will be included in this section of the Site. This Privacy policy was last updated on 06 02 2019.