We have updated our Privacy Notice to reflect the changes made under EU General Data Protection Regulation (GDPR) and Data Protection Act 2018 (DPA 2018).
This Privacy Notice (the "Notice") relates to the following AED Group Companies: AED Adjusting, AEDes First, AED Connect, Equine First, and Pet First ("we", "our", or "us"; also known as the "Data Processor"), and is for Data Subjects ("you") who, directly or indirectly, use our services - typically, Policyholders and Third Party Claimants. We are based at Faversham House, Wirral International Business Park, Old Hall Road, Bromborough, CH62 3NX.
This Notice outlines our approach to the privacy and fair processing of the information ("data") we need to collect, hold and otherwise process about you during the provision of our claim services; details of which can be viewed via our website (www.theaedgroup.com). We recommend that you read our Online Privacy Notice which governs the use of our website.
We receive and collect data from a variety of sources depending on the nature of the service we are providing, including from some, or all, of the following:
This list is not exhaustive, and, in specific circumstances, we may need to collect additional data for the purposes set out in this notice.
We may also record and monitor telephone calls for training, regulatory compliance, quality evaluation and verification of information provided and received.
The data which we process falls within one of three data categories referred to in the GDPR.
This is any data relating to an identifiable person and, depending upon the type of claim or service we provide, may include: Name, Address, Date of Birth, Risk Address, Contact Telephone Numbers, Email Address, Occupation, Mortgage provider, VAT status/number, Bankruptcy Information, CCJs, Previous Insurance and Claims History, Current Policy Details, Police Crime Numbers, and Details of Loss/Damage sustained.
Due to the nature of the services we provide, any Special Category Data that we process is limited and normally restricted to health and/or medical data, where such information is relevant; for example, a personal injury claim.
Occasionally the circumstances of a claim may necessitate the processing of data relating to criminal convictions, offences, or related security measures.
In most circumstances/cases, the primary legal basis under which we process Personal Data is our legitimate interest to do so in assisting our Clients with the performance of an Insurance Contract. Other circumstances and the relevant legal basis for processing Personal Data are outlined below:
If it becomes necessary to request Special Category Data and/or Criminal Convictions and Offences Data, for the purposes of handling your claim and/or enabling our Clients to ensure that the risk information they hold is correct, our legal basis for processing will depend on the nature of the information requested and the circumstances of the individual case.
Normally, we rely on the consent of the Data Subject to process these types of data; but where alternative legal grounds are adopted, these will be clearly recorded on our claim file.
If asked to provide consent, Data Subjects should be aware of their rights, in the absence of a legal duty to provide the data, to decline or withdraw their consent at any time; and where the absence of consent may hinder Insurers in the performance of the Insurance Contract, this will be discussed with the Data Subject on a case by case basis.
Details of how a Data Subject can exercise their rights are detailed in the "Your Statutory Rights" section of this Notice.
We are committed to ensuring that Your Data is secure and have put in place suitable organisational and technical measures to safeguard and secure all information we hold, including; physical, electronic (aligned with the Government’s Cyber Essentials Scheme) and procedural safeguards appropriate to the sensitivity of the information we process.
Aligned with our Data Protection Policy and Procedures, we may share Your Data with the following parties for the purposes set out above:
We will not sell, distribute or lease Your Data to Third Parties for marketing purposes.
We do not normally share Your Data with companies, or individuals, based in other countries who may not be subject to the laws of the UK, but should this become necessary we will take all reasonable steps to ensure that Your Data is treated securely and in accordance with this Notice; including putting in place agreements with those we send your information to, requiring them to treat Your Data with similar protections to those that apply in the UK.
Under the GDPR, and the DPA 2018 you have certain rights which you may exercise by contacting our Customer Services Manager:
Sometimes, for legitimate reasons, we will be unable to stop using your information when you ask us to, but if this should be the case we will explain the reason(s) why.
To satisfy contractual, industry and regulatory standards, Your Data will be retained for no longer than the appropriate legal limitation period applicable in the UK; unless contractual requirements dictate otherwise.
When Your Data is no longer needed it will be securely destroyed and/or erased.
Any questions you may have about this Notice, or requests to exercise any of your rights, should be directed to our Customer Service Manager, who can be contacted by writing to:
We would encourage you, in the first instance, to raise any complaint you may have relating to the processing of Your Data with our Customer Service Manager.
However, if we are unable to resolve an enquiry or complaint you do have the right to complain to the Information Commissioner's Office about how we treat Your Data, by contacting them at https://ico.org.uk/global/contact-us/
We may update this Notice from time to time; and will notify you of the changes where we are required by law to do so