We take our duty to safeguard your data seriously. Our Privacy Policy sets out our privacy commitment to our customers, potential customers, business partners, employees, and other individuals whose data we may process, and explains your rights.
This Privacy Policy relates to all International Financial Group Limited (“IFGL”) companies, with the exception of IFG Pensions Limited.
IFGL is headquartered in the Isle of Man. IFGL and our Data Protection Officer can be contacted in writing at International House, Cooil Road, Douglas, Isle of Man, IM2 2SP, British Isles or by email at DPO@ifg-ltd.com.
This Privacy Policy explains how International Financial Group Limited (IFGL) and its subsidiaries collect, use and store personal data (we call it personal information) if you are an IFGL customer (or prospective customer), a beneficiary of an IFGL product, their family members, claimants and other parties involved in a claim, appointed adviser or IFGL employee. When we refer to personal information, this means any personal information we obtain and use in connection with the products and services we provide for any living individual who is identifiable by us.
At IFGL, protecting your personal information is extremely important to us. We want you to be confident about how we use your personal information and take our responsibilities for the security and management of personal information very seriously. That is why we invest in our systems, processes and staff training to make sure the way we collect, use, share and store the information meets both regulatory and our own high standards.
We may amend this Policy from time to time, for example to keep it up to date or to comply with legal requirements. You should regularly check this Policy for updates. If there are any significant changes made to the use of your personal information in a manner different from that stated at the time of collection, we will notify you by posting a notice on our websites.
Under data protection law, you have rights we need to make you aware of. The rights available to you depend on our reason for processing your information.
You have the right to:
We only collect personal information that we need and we have robust controls to keep it safe. We collect personal information to provide and administer our products and services to you. Without the personal information we collect, it may delay or prevent us from fulfilling our contract with you or doing what we must do by law.
Personal information we collect will be held in digital and / or paper files. We collect personal information such as name, address, date of birth, tax identification number, telephone number, email address, occupation or special category data about health, also known as sensitive personal data.
We collect contact details about you and any other individual linked to your contract with us or claim when you:
When you apply for a policy or make a claim, we may ask you to provide information about your health and to verify your identity. The personal information we collect will be used by us, and we may share it with other IFGL subsidiary companies to provide operational services. We may also share your personal information with third parties who process personal information on our behalf. These third parties may include:
We never sell your personal information to anyone else.
You have the right not to be subject to a decision which is based on automated profiling and which produces a legal (or similarly significant) effect on you. We will tell you about any automated decision making that affects you. You have the right to:
These rights are not absolute. They do not apply if the decision is:
IFGL may carry out automated processing on some policies or contracts, for example where underwriting is required or if an application is submitted online. Where an automated decision results in an outcome of non-standard rights or risk, human intervention is always undertaken.
By law, we must have a legal justification to process your personal information for the purposes described in this Privacy Policy.
We collect personal information to carry out our contractual obligations with you, for example, where you own the policy or contract. This includes arranging, underwriting, ongoing administration and handling of claims in accordance within the terms of the policy or contract.
Our legal and regulatory obligations include meeting responsibilities we have to our regulators, tax authorities and law enforcement, and any other legal responsibilities, such as the prevention, detection and reporting of financial crime (including the financing of terrorism or fraud).
We will process personal information for our legitimate interests, when we have a business reason to do so. This includes but is not limited to:
If we need consent to process personal information, for example if we require information about your health, we’ll ask for this first. This consent can be withdrawn at any time.
You have the right to opt-out at any time from legitimate interest-based processing, unless we can demonstrate a compelling legitimate ground, e.g. fraud detection. In the case of marketing, you always have the right to opt-out.
We will process special category personal data to protect the vital interests of the customer or other individuals connected to the contract (for example a life assured on a policy) and for the purposes of arranging, underwriting and administering IFGL products and services, handling claims and complying with rights and obligations in connection with the terms of the contract.
To help us prevent and detect financial crime, we evaluate your conduct accessing our products or services if processing of your personal information:
This activity is essential to allow us to decide whether there is a risk of financial crime, which may result in us declining the product or service you have requested or to stop providing existing services to you.
We may transfer personal information outside the Isle of Man, United Kingdom, European Economic Area (EEA) or country of data collection for the purposes of processing, storage, administration or any other use stated in this Policy. The purposes and processing associated with any such transfer will comply with all applicable data protection regulations, and with our obligation to adequately protect and secure your personal information.
Where required under applicable laws we will take measures to ensure that personal data handled in other countries will receive at least the same level of protection given in the Isle of Man, United Kingdom, EEA or country of data collection. We will continue to protect your privacy rights either by ensuring that the country has equivalent data protection standards or by putting contracts in place with the recipients of the personal information.
The personal information we have collected about any customer or third party or representative may be shared with crime and fraud prevention agencies, including their members, law enforcement and other relevant organisations. IFGL and its subsidiaries use various techniques to assess and validate product applications and claims and will use personal information to prevent financial crime and fraud and to verify your identity. If financial crime or fraud is detected, we have the right to decline applications, stop providing existing services to you, cancel any contracts you may have with us, retain any premiums paid and not pay claims.
If we obtain your details from your financial or investment adviser, personal information will be shared between us and the adviser. This may include contract details, claims or payment information, suspected fraud and other financial crime information, and any other personal information the adviser may process as part of their relationship with you. Information may be transferred between IFGL and your adviser but we will ensure this is done securely and in compliance with regulatory requirements.
Security measures are in place to protect against unauthorised access or damage to, disclosure of, or loss of personal information. Unless encrypted, communications over the internet, such as emails, are not secure and anything you send is done at your own risk. Care should also be taken submitting personal information on third party websites that contain links to IFGL. These will be subject to their own privacy policies that might be different to IFGL.
We do not carry out marketing campaigns and will only contact you in relation to your contract, or where we have important company, fund related or servicing information to share with you.
We may send you information by email, post, telephone and / or SMS about our products, services and business updates from IFGL. We may use your postal address, telephone numbers and email address to contact you. We do not use special category data about health for marketing purposes.
We use other companies to provide some services, e.g. reinsurers or legal service providers. They will be given the personal information they, or their sub-contractors, need to provide their service.
Where applicable, if you apply for a policy, make a claim and give us consent, we may require medical information from the relevant health provider, e.g. doctor or hospital, to set up your policy or to assess your claim.
Where applicable, we collect and use personal information about claimants (including children under the age of 18), in order to process a claim. This may include the receipt of relevant medical and treatment reports. These reports may need to be shared with other medical experts or treatment providers for assessment of the claim.
Where applicable, an insured party on your policy (a life or lives assured) may notify us of a claim against your policy.
We can only talk to you about the contract you have with us, or someone we’re satisfied that you have authorised to contact us on your behalf, after we’ve carried out data security checks.
When you contact us, personal information you give us will be recorded and stored on our systems. Calls may be recorded. This helps us improve our customer service, train our staff, respond to complaints and prevent fraud and other financial crime. Communications will usually be in English.
We will keep your personal information for as long as you have a product, are using a service from us or are employed by us, and up to ten years after, to make sure we meet our statutory and regulatory obligations, defend any legal proceedings, allow us to manage complaints and claims and to prevent fraud or crime. In exceptional cases, we may need to keep personal information for longer, for example when requested by a court of law or if the party, to whom the personal information relates, provides their consent.
If you contact us by telephone and the call is recorded, we will keep a copy of the call recording for up to seven years for the same purposes.
Following expiry of the retention period, personal information is destroyed or anonymised permanently and securely so that we nor anyone else can no longer use it.
If you wish to know what personal data we hold about you, we will treat this as a Data Subject Access Request. We will provide you with details of the personal data that we hold free of charge* in a structured, commonly used and machine readable format. We aim to provide your personal information within one month of receiving your request or within three months for more complex requests. If we are going to take longer than one month we will let you know why we need more time or why we cannot provide the personal information.
*We reserve the right to charge for such requests, for example if we consider the request to be excessive or repetitive.
Cookies are small text files that websites place on your computer or other device when you visit to improve the experience or to remember aspects from current or previous visits. This can include choices you’ve made or preferences you have chosen during that visit. We use cookies to:
Our websites may not perform as expected if you opt to block or delete cookies. Please see our Cookies Policy on our website or visit AboutCookies.org for more information.
If you are unhappy about how we process your personal information or how we have responded to a Data Subject Access Request or complaint, you have the right to make a complaint to the Isle of Man's data protection regulator. You can find more details about how to contact them on their website https://www.inforights.im/
You may also have the right to complain to your local data protection regulator depending on your country of residence. Please contact us if you would like to find out more about this.
If you want to find out more about our obligations to protect your personal information, or to exercise your rights, such as making a Data Subject Access Request, please contact us by writing to: Data Protection Officer, IFGL, Cooil Road, Douglas, Isle of Man, IM2 2SP, or by email at DPO@ifg-ltd.com.