PRIVACY STATEMENT

Welcome to the Privacy Policy

Introduction

This Policy applies to our websites, application, products or services that link to this policy or do not have a separate privacy policy (collectively our “Services”).

This purpose of this privacy policy is to give you a better understanding of:
what information we collect;
how we use that information;
how this information is shared;
your rights; and
other useful privacy and security related matters.

We hope you take the time to read this policy. It is important to check back often for updates to this policy. If we make changes we consider to be important, we will let you know by placing a notice on the relevant Service and/or contact you using other methods such as email.

Who is the Data Controller?

The Halligan Insurances, Good Insurance data controller is Halligan Life & Pensions Limited of William Norton House, 575 North Circular Road, Dublin 1.

Who is the Data Protection Officer (DPO)?

Halligan Insurances, Good Insurance have an appointed a Data Protection Officer (‘DPO’). While our DPO can be reached at dataprotection@halligan.ie, our Customer Service team will be your initial point of contact if you wish to exercise your rights. Please see the ‘Your Rights’ section below.

Information we collect

When you use our Services, we collect the following types of information:
Information you provide us:
We collect information about you during the account registration process for any of our Services. This information may include, but is not limited to your name, postal address, e-mail address, phone number, credit/debit card details and any other details as might be requested from you for the purpose of registration and/or continued use of our Services.

We may also collect information from you if you request information or customer support.

Additional Information collected:

We may also collect the following information:
name, contact information and message if you contact us or participate in a survey, contest or promotion;
details such as traffic information, location data and other communication data (including IP address and browser type) collected by your availing of the Services;
device information including unique device identified;
pages visited and content viewed, links and buttons clicked, URLs visited before and after you use our Service. For more information about cookies and how to manage them please see our Cookie Policy;
information and communications on the websites;
your payments, payment method and other account transactions – these are routinely analysed to assist us in improving the Services we provide to you;
your telephone conversations – either to renew/update a policy or a customer service call;
your response to marketing campaigns from us or through our third parties i.e. open/click on such emails;
your social media profile details (name, profile photo and other information you make available to us) when you connect with or contact us through a social media account;
information derived based on profiling activity (see below); and
information from third party databases to comply with our legal and regulatory obligations.
Third Party and Publicly Available Sources

Not all the personal information we hold about you will always come directly from you. We may also collect information from third parties such as our partners, service providers and publicly available websites (i.e. social media platforms), to comply with our legal and regulatory obligations, offer Services we think may be of interest, to help us maintain data accuracy and provide and enhance the Services.

Cookie Collection

We collect browser and cookie information when you first navigate to our websites. We use cookies to give you a better customer experience and for use of access. Certain cookies will allow you to leave and re-enter our Websites without re-entering your password (where applicable). This will be monitored by a web server.

We may also use personal information to enforce our terms and conditions.
Personalisation: We use personal information to deliver and suggest tailored content to personalise your experience with our Services. This is processing which is necessary for the purpose of our legitimate interests in delivering or presenting relevant content to our customers.

Marketing and events: Subject to any preferences you have expressed (where applicable), we use personal information to deliver marketing and event communications to you across various platforms, such as email, telephone, text messaging, direct mail, online, push notification or otherwise. We will do this during the period of your relationship with us and, unless specifically instructed otherwise by you, for a reasonable period of time after the relationship has ended in order to inform you about products, services, promotions and special offers which we think may be of interest to you.

If we send you a marketing email or SMS, it will include instructions on how to opt out of receiving these marketing communications in the future. Please remember that even if you opt out of receiving marketing emails, we may still send you important Service information related to your insurance accounts and policies.

Most browsers and applications also allow you to control notifications settings. Please refer to your browser/app settings for full details.

We will, from time to time, send you marketing material which may of particular interest to you based upon your interests. These marketing messages will provide you with information about the products, services, active promotions or offers available to you by any trading name within the company.

Except where we use your personal data for marketing purposes on the basis of your prior written consent and subject to any opt out preferences you notify to us in respect of electronic direct marketing communications, we process personal data for marketing purposes as necessary for the purpose of our legitimate interests in promoting our products and services.

We may publish, with approval, customer names, along with any winnings and prizes received, on our websites in accordance with our legitimate interests.

Risk Management: In order to provide the Services to you and for our legitimate purposes, we process personal data to evaluate and manage risks to our business.

Show and measure ads and Services: We use a combination of information collected such as advertising cookies, your email address and your onsite activity to show you targeted and relevant advertisement on a selection of whitelisted websites across the world wide web and social media websites. This information can also be used to measure and analyse the effectiveness and reach of these ads, to help us improve and refine our marketing strategy in accordance with our legitimate interests.

Surveys and polls: If you choose to participate in a survey or poll, any personal information you provide may be used for marketing or market research purposes in accordance with our legitimate interests.

Diagnostics, research and development: We use personal information for internal research and development purposes, to help diagnose system problems, to administer our websites, to improve and test the features and functions of our Services, to develop new content, products and services. To carry out testing and analysis. This processing is necessary for the purpose of our legitimate interests.

Legal and regulatory obligations: We may be required to use and retain personal information for legal and compliance reasons, such as the prevention, detection, or investigation of a crime; or fraud. We may also use personal information to meet our internal and external audit requirements, information security purposes, and as we otherwise believe to be necessary or appropriate: (a) under applicable law, which may include laws outside your country of residence; and (b) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside your country of residence.

Profiling: In accordance with our legitimate interests detailed below or to comply with our legal obligations, we carry out profiling and analysis based upon your location data, age and interests
for the following purposes:
Customer segmentation to offer you tailored products and services, and more relevant marketing.
Other purposes: We may be required to use and retain personal information for; loss prevention; and to protect our rights, privacy, safety, or property, or those of other persons in accordance with our legitimate interests.

How is the information shared

Your personal information may be transferred or disclosed to the Company or, subject to appropriate agreement, to third parties, for the processing of that personal information based on our instructions and in compliance with this policy and any other appropriate confidentially and security measures.

Third parties for legal reasons:

We will share personal information when we believe it is required, such as:
To comply with legal obligations and respond to requests from government agencies, including law enforcement and other public authorities, which may include such authorities outside your country of residence;
In the event of a merger, sale, restructure, acquisition, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings); and
To protect our rights, users, systems, and Services.

Regulatory body

Your personal information including, but not limited to, your registration details, records of payments, device information etc., may also be disclosed to any regulatory body in connection with policing the integrity and detection of crime and where the Company considers that there are reasonable grounds to suspect that you may be involved in a breach of such rules or the law. The Regulatory body may then use your personal information to investigate and act on any such breaches in accordance with their procedures.

Your rights

Under the General Data Protection Regulation, you, as a data subject have a number of rights which are detailed below. Some of these only apply in specific circumstances and are qualified in several respects by exemptions in data protection legislation. We will advise you in our response to your request if we are relying on any such exemptions.

Access to personal data: You have a right to request a copy of the personal information that we hold about you. Should you wish to make such a request, please see the Contact Us section for information on how to contact us.

You should include adequate information to identify yourself and such other relevant information that will reasonably assist us in fulfilling your request. Your request will be dealt with as soon as possible.

Correction of personal data: You can request us to rectify and correct any personal data that we are processing about you which is incorrect. We provide you with account settings and tools to access the information associated with your account.

Right to withdraw consent: Where we have relied upon your consent to process your personal data, you have the right to withdraw that consent.

To opt out of marketing, you can use the unsubscribe link found in the marketing communication you receive from us. For other further details, when you log into your account or the “Contact Us” option.

Right of erasure: You can request us to erase your personal data where there is no compelling reason to continue processing. This right only applies in certain circumstances, it is not a guaranteed or absolute right.

Right to data portability: This right allows you to obtain your personal data that you have provided to us with your consent or which was necessary for us to provide you with our products and services in a format which enables you to transfer that personal data to another organisation. You may have the right to have your personal data transferred by us directly to the other organisation, if this is technically feasible.

Right to restrict processing of personal data: You have the right in certain circumstances to request that we suspend our processing of your personal data. Where we suspend our processing of your personal data we will still be permitted to store your personal data, but any other processing of this information will require your consent, subject to certain exemptions.

Right to object to processing of personal data: You have the right to object to our use of your personal data which is processed on the basis of our legitimate interests. However, we may continue to process your personal data, despite your objection, where there are compelling legitimate grounds to do so or we need to process your personal data in connection with any legal claims.

Rights relating to automated decision making and profiling: You have the right not to be subject to a decision which is based solely on automated processing (without human involvement) where that decision produces a legal effect or otherwise significantly affects you. This right means you can request that we involve one of our employees or representatives in the decision-making process. We are satisfied that we do not make automated decisions of this nature.

How to contact us

For any requests related to your personal information or any of your rights referenced above, please feel free to contact us in one of the following ways:

Call: 01 8797100

Email: info@halligan.ie

Post: Customer Services, Halligan Life & Pensions Ltd, William Norton House, 575 North Circular Road, Dublin 1.

Filing a complaint

If you are not satisfied with how we manage your personal data, you have a right to make a complaint to your local Data Protection Authority.

Other useful privacy & data security related matters

Retention

We retain personal information for as long as we reasonably require it for legal or business purposes. For the unregulated jurisdictions in which operate, and subject to us not having a legal or regulatory requirement or a risk management reason for retaining your information for a longer period, your information will not be kept for longer than 7 years post account closure.

Security

We recognise that online security and data protection is an area of vital importance for all our customers, so it is important to us that you have confidence in the security of your personal details before you register an account. We are committed to employing security measures to protect your information from access by unauthorised persons and to prevent accidental or unlawful processing, disclosure, destruction, loss, alteration and damage. Our technological security solutions are very advanced and are governed by a mature framework. Our approach is focused on preventing risks. In order to help us in this regard, we employ pseudonymization and encryption whenever possible to reduce the impact of any potential incidents. As the security of some communications via the internet is not completely secure, we cannot guarantee the security of any information that you disclose using your internet connection. You accept the inherent security implications of using the internet and the Group will accept no liability for any direct, consequential, incidental, indirect, or punitive losses or damages arising out of such an occurrence.

Published on 23rd May 2018