Insurance Services - Privacy Notice

This privacy notice sets out how we collect and process your personal data when we deal with claims for and against Dartford Borough Council.

Claims for damages to vehicles caused by potholes, highways’ vegetation cutting equipment or gritting lorries in the Borough of Dartford, are to be referred to Kent County Council.

Compensation claims for injuries caused by public roads or pavements in the Borough of Dartford, are to be referred to Kent County Council.

Processing activity - In general terms, we process personal information relating to:

  • claims for and against Dartford Borough Council
  • the provision of insurance cover for:
    • business continuity - reduction in gross revenue and/or additional cost of working suffered in consequence of material damage
    • business travel - cover for employees for losses incurred whilst on a business trip
    • computer - for Council computer equipment and records
    • employer’s liability (third party claims) - the Council’s legal liability to employees for death, injury or disease arising out of their employment
    • fidelity guarantee - loss of money or property through theft or fraud by Council employees
    • land charges - financial loss arising from errors or omissions of fact concerning land or buildings
    • libel & slander - loss suffered as a result of defamation
    • material damage - ‘All Risks’ or fire and selected perils for property owned or managed by the Council – including general property, housing stock and commercial property
    • money - loss of money and personal injury arising from robbery or assault on Council owned premises
    • motor - motor vehicles under the Council’s control including owned, hired and leased cars, commercial vehicles and motorised plant/tools of trades
    • officials’ indemnity - protection for employees against liabilities incurred as a result of breaches of duty, trust or authority arising out of their responsibilities as Council officials
    • personal accident (first party policy) - cover for employees and members for death or disablement suffered as a result of an accident at work or on Council duties
    • professional indemnity - claims for damages brought against the Council arising from dishonesty or breach of professional duty
    • public liability - third party injury or property damage
    • specified all risks - high value, portable items
    • third party hirers - accidental damage to property by hirers or third party injury during period of hire

Information requirements – our processing activities may include:

  • name, address, telephone, email address
  • date of birth
  • gender
  • occupation
  • financial information
  • convictions’ information
  • GP/hospital records
  • medical experts’ reports
  • sickness records
  • litigation
  • information about other individuals eg: children or vulnerable adults on whose behalf you are acting.

Failure to provide your personal data may result in us being unable to provide our insurance service.

Lawful bases1 - our lawful bases for processing your personal information are:

  • UK GDPR Article 6(1)(b) - where it is necessary to fulfil our contractual obligations with you
  • UK GDPR Article 6(1)(c) - our legal obligation(s) under relevant legislation when responding to claims against us e.g. personal injury claims under the Health and Safety at Work etc. Act 1974 or the Defective Premises Act 1972 (obligation to maintain or repair premises)
  • UK GDPR Article 6(1)(e ) and DPA  2018, section 8(c)  - where needed for the performance of a task carried out in the public interest or in the exercise of official authority vested in us and the task or function has a clear basis in law
  • UK GDPR Article 9(2)(g) and DPA 2018, Schedule 1, paras.6(1) & (2)(a) and 20 - special category personal data - where processing is necessary for the reasons of substantial public interest         
  • UK GDPR Article 10 as supplemented by DPA 2018 section 10(5) & Schedule 1, Part 2, paras. 6(1) and (2)(a) and 20 and Schedule 1, Part 3, para. 33 - criminal convictions and offences - where processing is necessary for reasons of substantial public interest

We have a Data Protection Policy that sets out how this information will be handled.

Data sharing - we may share and receive information from:

  • our department(s)
  • Government agencies
  • Courts/tribunals
  • Cabinet Office (as part of the National Fraud Initiative)
  • service providers
  • professional advisers eg: lawyers acting on your behalf
  • internal and external auditors
  • law enforcement authorities
  • Her Majesty’s Revenue and Customs
  • insurance providers, brokers and claims’ handlers
  • family members (acting on your behalf)

We may lawfully disclose information to and check the information you provide with fraud prevention agencies and databases including the Claims Underwriting and Exchange Register and the Insurance Fraud Bureau, in order to prevent and detect fraud. We do not share the information with other organisations for commercial purposes.

We may also rely on a number of exemptions, which allow us to share information without needing to comply with all the rights and obligations under the Data Protection Act 2018. Please refer to the Kent and Medway Information Agreement for further details on our sharing arrangements.

Retention period - we keep your personal information for the minimum period necessary. The information outlined in this Privacy Notice will be kept in accordance with the retention periods referred to in our Asset Information Register (Financial Services). All information will be held securely and disposed of confidentially.

Anonymisation - your personal information may be converted ('anonymised') into statistical or aggregated data in such a way that ensures that you cannot be identified from it. Aggregated data cannot, by definition, be linked back to you as an individual and may be used to conduct research and analysis, including the preparation of statistics for use in our reports.

Right to object - where processing your personal information is required for the performance of a public interest task (see our lawful bases above), you have the right to object on ‘grounds relating to your particular situation’. We will have to demonstrate why it is appropriate for us to continue to use your personal data.

Changes to this Privacy Notice - we review this Privacy Notice regularly and will place updates on our website.

Please refer to our Corporate Privacy Notice for further details of how we process your personal information.

-----------------------------------------------------

1Note that we may process your personal information on more than one lawful basis depending on the specific purpose for which we are using your information

GDPR Insurance Services Privacy Notice