Skip to main content

Data Privacy & GDPR

Privacy Notice

We care about your personal data

Lime Risk Agency Limited (“We, “Us” “Our”), is an United Kingdom authorised Managing General Agent underwriting insurance products on behalf of certain insurers on a cross-border basis. Protecting your privacy is a key priority for us. This privacy notice explains how and what type of personal data will be collected, why it is collected and to whom it is shared or disclosed. Please read this notice carefully.

You can ask for further information about our use of your personal information or complain about its use, by contacting our Data Protection Officer at: Lime Risk Agency Limited 34 Lime Street London EC3M 7AT.

1. Who Is the data controller?
A data controller is the individual or legal person who controls and is responsible to keep and use personal data in paper or electronic files. Lime Risk Agency Limited is the data controller as defined by relevant data protection laws and regulation.

2. What personal data will be collected?
We may collect and process various types of personal data about You as follows:
• Surname, first name
• Address
• Date of birth
• Gender
• Identification document number
• Telephone numbers
• Email address
• Bank account details

3.How will we obtain and use your personal data?
We will collect and use the personal data that you provide to Us and that we receive about You (as explained in the table below) for a number of purposes and with your explicit consent unless applicable laws and regulations do not require us to obtain your explicit consent:
Essentially, for insurance contracts that do not include sensitive/special categories of personal data, consent is not required according to Article 6 (1)(b) GDPR; and for insurance contracts that do include sensitive / special categories of personal data, consent is required according to Article 9 (2)(a) GDPR.
We may process the personal data we receive about you from public databases, third parties such as brokers and business partners, other insurers, credit reference and fraud prevention agencies, advertising networks, analytics providers, search information providers, loss adjustors, surveyors, intermediaries, premium finance companies, delegated authorities, lawyers.
For those purposes indicated below where We have indicated that We do not require Your explicit consent or where We otherwise require Your personal data to underwrite Your insurance product and/or process Your claim, We will process Your personal data based on Our legitimate interests and/or to comply with Our legal obligations and/or the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity. When We process Your personal data based on Our legitimate interest We consider that such interests are not overridden by Your interests or fundamental rights and freedoms which require protection of Your personal data, in particular where the data subject is a child.
We will need Your personal data if You would like to purchase Our products and services. If You do not wish to provide personal data to Us, We may not be able to provide the products and services You request or that You may be interested in, or to tailor our offerings to Your particular requirements.

Purpose Your explicit consent required?
Insurance contract administration (e.g., quotation, underwriting, claims handling) No – Your consent is only required for the processing of sensitive personal data unless the processing can be done based on a legal obligation or the establishment, exercise or defence of legal claims or whenever courts are acting in their judicial capacity
To administer debt recoveries. No
To inform you, or permit Us and selected third parties to inform you, about products and services We feel may interest You in accordance with Your marketing preferences. You can change these at any time by contacting us as specified in section 9 below Yes
Fraud prevention and detection No
Meet any legal obligations (e.g., tax, accounting and administrative obligations) No
To redistribute risk by means of reinsurance and co-insurance No

4. Who will have access to Your personal data?

We will ensure that Your personal data is processed in a manner that is compatible with the purposes indicated above.

For the stated purposes, Your personal data may be disclosed to the following parties who operate as third party data controllers only on a “need to know” basis:

a) public authorities
b) other insurers, co-insurers, re-insurers
c) insurance intermediaries and brokers
d) banks
For the stated purposes, We may also share Your personal data with the following parties who operate as data processors under our instruction and limited to a “need to know” basis:
e) technical consultants
f) experts
g) lawyers
h) loss adjustors
i) other service companies to discharge operations e.g. claims, IT, postal, document management

Finally We may share Your personal data in the following instances:

1. in the event of any contemplated or actual reorganisation, merger, sale, joint venture, assignment, transfer or other disposition of all or any part of our business, assets or stock (including insolvency or similar proceedings) and

2. to meet any legal obligation, including to, if applicable, the relevant ombudsman or applicable supervisor authority if You make a complaint about the product or service We have provided to You

1. Keeping your information
We will keep your information for as long as required in providing Our products or services to You and/or to fulfil our legal of regulatory obligations to You.
We will keep your personal information only for as long as is reasonably necessary and to fulfil Our legal, regulatory, tax and accounting obligations.  We retain personal information for between 3 and 7 years after the expiry of Your policy.  In relation to personal information concerning claims, We retain data depending upon the nature of the claim.

2. Use and storage of your information
Your information will be stored and processed within the UK.
We or Our service providers may use cloud-based computer systems (i.e., network of remote servers hosted on the internet which process and store Your information) to which foreign law enforcement agencies may have the power to require access. We will endeavour to ensure that Our contracts with these firms will detail the necessary requirements to ensure your information is protected. We will assess these firms’ security arrangements from time to time ensuring that they are only using your information as agreed.

3. Dealing with others acting on your behalf
To help manage your insurance policy We will deal with individuals You nominate such as a broker, lawyer or accountant. However, We will need to speak to You directly, should You require changes to Your contact address or policy coverage, if You wish to make a claim or to cancel the policy.

4. Your Rights
You have a number of rights in relation to the information we hold about You, these rights include:

  • The right to a copy of Your personal information We hold
  • Objection to the use of the personal information
  • Withdraw permission You have previously provided
  • Complain to the Information Commissioner’s Office

There are times that We may not be able to delete your information, for example as a result of fulfilling Our legal or regulatory obligations or where there is a statutory requirement.

COMPLAINTS