Privacy notices
Griffiths & Armour, Griffiths & Armour Risk Management Ltd, Griffiths & Armour Global Risks Ltd and Griffiths & Armour Europe DAC (‘we’, ‘us’ or ‘our’) are committed to protecting and respecting your privacy.
This policy (together with our terms of use and any other documents referred to in it) sets out the basis for which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
Who we are
The data controller for your information will be either:
Griffiths & Armour
12 Princes Parade, Princes Dock, Liverpool, L3 1BG
ICO Registration Number Z5706221
Griffiths & Armour Risk Management Ltd
12 Princes Parade, Princes Dock, Liverpool, L3 1BG
ICO Registration Number ZA312771
Griffiths & Armour Global Risks Ltd
One America Square, 17 Crosswall, London, EC3N 2AD
ICO Registration Number Z8572727
Griffiths & Armour Europe DAC
Frascati Hall, Sweetman’s Avenue, Blackrock, Co. Dublin, Ireland
What information do we collect about you?
Information you give us. We may process information you have given us by filling in forms on our site www.griffithsandarmour.com (‘our site’) or by corresponding with us by phone, email or otherwise. This includes information you provide when you register to receive insurance updates and newsletters, search our site, request that we contact you, and when you report a problem with our site.
This information may include your name, address, e-mail address, phone number, employment details and insurance details.
Information we collect about you. With regard to each of your visits to our site we may automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the internet, your login information, browser type and version, time zone setting, browser plug-in types; and
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products viewed or searched for; page response times, download errors, lengths of visits to certain pages, page interaction (such as scrolling, clicks and mouse-overs), methods used to browse away from the page and any phone number used to call us.
Use of cookies on our website: A cookie is a small text file that is downloaded onto your computer when you visit certain websites and allows a website to recognise a user’s computer. Cookies are used to help users navigate websites more efficiently and to perform certain functions, as well as to provide information to the owners of the website. You can find more information about cookies at: www.allaboutcookies.org and www.youronlinechoices.eu.
Google Analytics: This website uses Google Analytics, a web analytics service provided by Google, Inc. Google Analytics sets a cookie in order to evaluate your use of our website and compile reports for us on activity of our website. More information on the cookies set by Google Analytics can be found here.
HubSpot: This website also uses HubSpot, who help us to analyse visiting patterns to certain areas of our website and track the flow of certain emails we issue. Details of the cookies they use can be found here.
Types of cookies used? The cookies used on Our website and by HubSpot have been categorised based on the categories found in the International Chamber of Commerce (ICC) UK Cookie guide. The cookies used include:
- Strictly necessary cookies – to enable you to move about the site or to provide certain features you have requested.
- Functionality cookies – enhance the functionality of the website by storing your preferences.
- Performance cookies – improve the performance of the website, providing a better experience for you.
- Targeting cookies – these will be used to help us tailor any material that is sent to you.
How can you restrict or delete cookies? The cookies we use are essential for parts of the website to operate, some may have already been set. You may delete and block all cookies from this website, but please be aware that restricting or deleting cookies may impact on the functionality of the website. Your web browser may allow you to restrict or delete cookies set by this website. The Help function within your browser should tell you how.
Information we receive from other sources. We may process information about you received from your usage of any of the other websites we operate or the other services we provide. We may also receive information about you from the third parties we work closely with (including, for example, business partners, sub-contractors in technical, payment and delivery services and analytical providers.
Please avoid supplying us with any other person’s personal data, unless we have requested you to do so.
Purpose – how will we use your personal information?
We will only use your information when it is fair and lawful to do so. Most commonly, we will use your personal information in the following circumstances:
- Where it is necessary for our legitimate interests (or those of a third party) namely providing you with information that you request and with updates and marketing materials and enabling the management of all matters relating to our business, but only where your interests and fundamental rights do not override those interests.
- Where you have given your consent and that consent has not subsequently been withdrawn by you.
We may also use your personal information in the following circumstances, which are likely to be rare:
- Where we need to protect your interests (or someone’s interests).
- Where it is needed in the public interest.
The information we collect about you may be used in the following ways,
Information you give us:
- to carry out our obligations to you and to provide you with the information and services that you request from us;
- to invite you to events or seminars that may be of interest to you;
- to provide you with updates about the insurance and other topics that may be of interest to you;
- for marketing and advertising purposes;
- to clarify any particular query; and
- to ensure that content for our site is presented in the most effective manner for you and for your computer.
Information we collect about you. We will use this information:
- to administer our site and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
- to improve our site to ensure that content is presented in the most effective manner for you and for your computer;
- to allow you to participate in interactive features of our service, when you choose to do so;
- as part of our efforts to ensure the security of our website and services.
Information we receive from other sources. We may use this information combined with information you give to us and information we collect about you for the purposed set out above (depending on the types of information we receive).
Disclosure of your information
We may share your personal information with any member of our Group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006, where this is reasonably necessary, for the purposes set out in the policy.
We may share your information to third parties where this is reasonably necessary, for the purposes set out in the policy including:
- Business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you.
- Analytics and search engine providers that assist us in the improvement and optimisation of our site.
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If we or substantially all of our assets are acquired by a third party, in which case personal data held by it about its clients and contacts will be one the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of business and other agreements from time to time; or to protect the rights, property, or safety of us, our clients, or others. This includes exchanging information with other companies and organisation for the purposes of fraud protection and credit risk reduction.
Transfer and storage of data
The personal information you provide to us may be transferred and stored outside of the United Kingdom(‘UK’) and/or the European Economic Area (‘EEA’) for the purposes of things such as carrying out administration, the fulfilment of your order, the processing of your payment details and the provision of support services although we are attempting to bring as much as possible into the UK. Any personal information transferred will receive an adequate level of protection as required by the Data Protection laws. Third parties will only process your personal information on our instructions and in the agreement that the information is kept secure and confidential.
Any personal information transferred will receive an adequate level of protection as required by the Data Protection laws. Where any transfer is made to a country outside of the UK/EEA and an adequacy decision in relation to the laws of that country we will ensure that appropriate safeguards are in place prior to any transfer of your data. Those safeguards are likely to consist of either the use of standard data protection clauses adopted or approved by the UK/European Commission or an equivalent self-certification regime.
Data Subject Rights
Under certain circumstances, the law permits that you have the right to:
- Access your information.
You are entitled to request access to the information we hold about you (known as a ‘data subject access request’). You are entitled to receive a copy of the personal information we hold about you and to check that it is being lawfully processed. - Correct your information.
If the information we hold for you is incomplete or incorrect, you have the right to request a correction. - Request erasure.
Where there are no reasons for continuing the processing of your personal information, you are able to request the removal or deletion of the personal information. - Object to processing.
Where we rely on legitimate interest for the processing of your personal information, or for the purposes of direct marketing, you have the right to object to the processing. - Request the restriction of processing
You are entitled to request for a suspension for the processing of your personal information, for example, if you are awaiting the reasons for the processing of the information or require us to establish its accuracy. - Transfer your personal information.
You may be able to request the transfer of your personal information to another party.
There may be occasions where we are unable to delete records. We will discuss this with you when we receive a request for any data to be deleted.
It is important that the personal information we hold for you is accurate and up to date. If you would like to review, verify, correct or request erasure of your personal information, object to the processing of your personal data or request that we transfer a copy of your personal information to another party, please contact:
groupcompliance@griffithsandarmour.com
No fee
These rights are available to you at no cost; however we may charge a reasonable fee where a request is deemed to be excessive or unfounded. In such circumstances, we may otherwise refuse to comply with the request.
How long is your personal data retained?
Personal information that we process for any purposes will be kept for no longer than is necessary for the purposes for which it was collected.
It is not always possible to specify in advance the length of time your personal information will be retained. The retention of your personal data will be determined based on statutory authority, the nature of your relationship with us, the nature and sensitivity of the personal information, the purposes for which the information is being processed and whether there are other means to achieve those purposes.
Personal information may be retained for as long as necessary to comply with our legal obligation, or in order to protect yours or another person’s vital interest.
Security
We understand the importance of protecting your privacy and we will ensure your data is safeguarded and held securely in accordance with our obligations under the Data Protection laws. Appropriate technical and organisational measures have been implemented to ensure personal information is protected and to prevent your personal data from being lost, used, accessed in an unauthorised way, altered or disclosed. We also limit access to your personal information to those employees, contractors and other third parties who have a business need to know.
We have in place procedures and a policy to deal with any potential data security breaches, data subjects and any applicable regulators will be notified where we are legally required to do so.
Third party websites
Our website includes external links to other websites, which may be operated by third parties. Clicking on these links may allow the collection or sharing of personal data about you in ways which may differ from the terms set out here. We are not responsible for the privacy policies, contents or practices of third party websites, and encourage you to read the privacy policies of every external website you visit from our website.
Complaints
If you consider that our processing of your personal information infringes the Data Protection laws, you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
How to contact us
By email at groupcompliance@griffithsandarmour.com or write to the Group Compliance Director at, Griffiths & Armour, 12 Princes Parade, Princes Dock, Liverpool L3 1BG.
Revisions to our Privacy Notice
We reserve the right to revise this Notice or any part of it from time to time and will provide you with a new Privacy Notice where any substantial updates are made. We may also notify you through other means, about the processing of your information.
October 2023
Griffiths & Armour, Griffiths & Armour Risk Management Ltd, Griffiths & Armour Global Risks Ltd and Griffiths & Armour Europe DAC (‘we’, ‘us’ or ‘our’) are committed to protecting and respecting your privacy.
This privacy notice sets out the basis for which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
Who we are
The data controller for your information will be either:
Griffiths & Armour
12 Princes Parade, Princes Dock, Liverpool, L3 1BG
ICO Registration Number Z5706221
Griffiths & Armour Risk Management Ltd
12 Princes Parade, Princes Dock, Liverpool, L3 1BG
ICO Registration Number ZA312771
Griffiths & Armour Global Risks Ltd
One America Square, 17 Crosswall, London, EC3N 2AD
ICO Registration Number Z8572727
Griffiths & Armour Europe DAC
Frascati Hall, Sweetman’s Avenue, Blackrock, Co. Dublin, Ireland
What information do we collect about you?
All client data will be held by us in our manual and automated filing systems.
This may include:
- contact details (including names, postal addresses, email addresses and telephone numbers);
- bank details;
- Identification documents, proof of address and proof of tax reference number (if you wish to take advantage of certain premium finance);
- other details/records that may be necessary to assist us in placing your insurance needs potentially including special categories of personal data such as health and criminal convictions.
How is your personal information collected?
Your personal information may be collected directly from you during the process of setting you up as a client of ours or during the course of taking instructions from you or providing you with advice. We may also collect information from third parties including, background check agencies, credit reference agencies and other online sources.
Purpose – how will we use your personal information?
We will only use your information where it is necessary for our legitimate interests to administer your insurance contract or help you make a claim. Where we need to pass information to other firms, it will only be for that purpose. These firms will be insurers, other insurance brokers and firms handling or assisting in the handling of claims. It includes finance providers and firms that process or administer our records.
If we place your insurance cover in the London Market a specific ‘Core Uses Information Notice’ highlights how your data may be used. We recommend you review this notice also.
Should you wish to take advantage of a premium credit facility we may need to provide the finance company with certain identification documents, proof of address, and/or proof of tax reference number.
When we contact you, it will either be for the above reason, or because we have a legitimate interest in marketing related products e.g. to provide you with information about our services; to invite you to events or seminars that may be of interest to you; to provide you with updates about the law and other topics that may be of interest to you.
If you hold insurance against a liability that may be incurred by you against a third party, where for whatever reason you cannot be found or you become insolvent, or the court finds it just and equitable to so order, then your rights under the contract will be transferred to and vest in the third party even though they are not a party to the contract of insurance. The third party has a right to recover from the insurer the amount of any loss suffered by them. Where the third party reasonably believes that you as policyholder have incurred a liability the third party will be entitled to seek and obtain information from the insurer or from any other person who is able to provide it concerning:
- the existence of the insurance contract,
- who the insurer is,
- the terms of the contract, and
- whether the insurer has informed the insured person that the insurer intends to refuse liability under the contract.
Failure to provide personal information
Failure to provide certain information when requested may result in us being unable to perform both our legal obligations and our contractual duties to you, such as making payments to and on your behalf.
Disclosure of data
We may share your personal information with third parties, where this is reasonably necessary, for the purposes set out in the policy. Third parties may include other brokers, insurers, auditors, loss adjusters, solicitors, regulatory bodies (such as the Financial Conduct Authority), our data processors providing business support services, law enforcement agencies and any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006. We may also disclose your personal information with other third parties, for example in the context of the possible sale or restructuring of the business.
Data may also be disclosed if we are under a duty to share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of business and other agreements from time to time; or to protect the rights, property, or safety of Griffiths & Armour, our clients, or others. This includes exchanging information with other companies and organisation for the purposes of fraud protection and credit risk reduction.
Transfer and storage of data outside the EU
The personal information you provide to us may be transferred and stored outside of the United Kingdom(‘UK’) and/or the European Economic Area (‘EEA’) for the purposes of things such as carrying out administration, the fulfilment of your order, the processing of your payment details and the provision of support services although we are attempting to bring as much as possible into the UK. Any personal information transferred will receive an adequate level of protection as required by the Data Protection laws. Third parties will only process your personal information on our instructions and in the agreement that the information is kept secure and confidential.
Any personal information transferred will receive an adequate level of protection as required by the Data Protection laws. Where any transfer is made to a country outside of the UK/EEA and an adequacy decision in relation to the laws of that country we will ensure that appropriate safeguards are in place prior to any transfer of your data. Those safeguards are likely to consist of either the use of standard data protection clauses adopted or approved by the UK/European Commission or an equivalent self-certification regime.
Where any transfer is made to another broker or insurer outside of the UK/EEA we will usually do this on the basis that the transfer is necessary for the performance of our contract with you.
Data Subject Rights
Under certain circumstances, you have the right to:
- Access your information.
You are entitled to request access to the information we hold about you (known as a ‘data subject access request’). You are entitled to receive a copy of the personal information we hold about you and to check that it is being lawfully processed. - Correct your information.
If the information we hold for you is incomplete or incorrect, you have the right to request a correction. - Request erasure.
Where there are no reasons for continuing the processing of your personal information, you are able to request the removal or deletion of the personal information. - Object to processing.
Where we rely on legitimate interest for the processing of your personal information, or for the purposes of direct marketing, you have the right to object to the processing. - Request the restriction of processing.
You are entitled to request for a suspension for the processing of your personal information, for example, if you are awaiting the reasons for the processing of the information or require us to establish its accuracy. - Transfer your personal information.
You are able to request the transfer of your personal information to another party.
There may be occasions where we are unable to delete records. We will discuss this with all clients who request any data to be deleted.
It is important that the personal information we hold for you is accurate and up to date. If you would like to review, verify, correct or request erasure of your personal information, object to the processing of your person data or request that we transfer a copy of your personal information to another party, please contact:
groupcompliance@griffithsandarmour.com
No fee
These rights are available to you at no cost; however we may charge a reasonable fee where a request is deemed to be excessive or unfounded. In such circumstances, we may otherwise refuse to comply with the request.
How long is your personal data retained?
We will hold your information for a minimum of seven years after your relationship with us ends. Personal information may be retained for as long as necessary to comply with our legal obligation, or in order to protect yours or another person’s vital interest.
Security
We understand the importance of protecting your privacy and we will ensure your data is safeguarded and held securely in accordance with our obligations under the Data Protection laws. Appropriate technical and organisational measures have been implemented to ensure personal information is protected and to prevent your personal data from being lost, used, accessed in an unauthorised way, altered or disclosed. Details of these measures are available upon request. We also limit access to your personal information to those employees, contractors and other third parties who have a business need to know. This access will be granted on a confidential basis and processing of the information will only take place subject to our instruction.
We have in place procedures and a policy to deal with any potential data security breaches, and data subjects and any applicable regulators will be notified where we are legally required to do so.
Complaints
If you consider that our processing of your personal information infringes the Data Protection laws, you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
How to contact us
By email at groupcompliance@griffithsandarmour.com or write to the Group Compliance Director at, Griffiths & Armour, 12 Princes Parade, Princes Dock, Liverpool L3 1BG.
Revisions to our Privacy Notice
We reserve the right to revise this Notice or any part of it from time to time and will provide you with a new Privacy Notice where any substantial updates are made. We may also notify you through other means, about the processing of your information.
October 2023
Griffiths & Armour, Griffiths & Armour Risk Management Ltd, Griffiths & Armour Global Risks Ltd and Griffiths & Armour Europe DAC (‘we’, ‘us’ or ‘our’) are committed to protecting and respecting your privacy.
This privacy notice sets out the basis for which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.
Who we are
The data controller for your information will be either:
Griffiths & Armour
12 Princes Parade, Princes Dock, Liverpool, L3 1BG
ICO Registration Number Z5706221
Griffiths & Armour Risk Management Ltd
12 Princes Parade, Princes Dock, Liverpool, L3 1BG
ICO Registration Number ZA312771
Griffiths & Armour Global Risks Ltd
One America Square, 17 Crosswall, London, EC3N 2AD
ICO Registration Number Z8572727
Griffiths & Armour Europe DAC
Frascati Hall, Sweetman’s Avenue, Blackrock, Co. Dublin, Ireland
What information do we collect about you?
As a contact of ours your data will be held by us in our manual and automated filing systems.
This may include:
- contact details (including names, employment details, postal addresses, email addresses and telephone numbers) and
- details of your interests.
How is your personal information collected?
Your personal information may be collected directly from you by you providing us with a business card or other similar source of information about yourself, through our registration process, feedback forms or by corresponding with us by phone, email or otherwise. We may also obtain your details from public sources.
Purpose – how will we use your personal information?
We will only use your information when it is fair and lawful to do so. Most commonly, we will use your personal information in the following circumstances:
- Where it is necessary for our legitimate interests (or those of a third party) namely providing you with updates and marketing materials and enabling the management of all matters relating to our business, but only where your interests and fundamental rights do not override those interests.
- Where you have given your consent and that consent has not subsequently been withdrawn by you.
We may also use your personal information in the following circumstances, which are likely to be rare:
- Where we need to protect your interests (or someone’s interests).
- Where it is needed in the public interest.
The situations where we will process your personal data are listed below:
- to provide you with information about our services;
- to provide you with newsletters, updates about insurance and other topics that may be of interest to you;
- to invite you to events or seminars that may be of interest to you;
- for marketing and advertising purposes.
Disclosure of data
We may share your personal information with third parties (including business partners, suppliers and sub-contractors), regulatory bodies (for example the Financial Conduct Authority) or any member of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries, as defined in section 1159 of the UK Companies Act 2006, where this is reasonably necessary, for the purposes set out in the policy.
We may disclose your personal information to third parties:
- In the event that we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets.
- If we or substantially all of our assets are acquired by a third party, in which case personal data held by it about our clients and contacts will be one of the transferred assets.
- If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our terms of business and other agreements from time to time; or to protect the rights, property, or the safety of us, our clients, or others. This includes exchanging information with other companies and organisation for the purposes of fraud protection and credit risk reduction.
Transfer and storage of data outside the EU
The personal information you provide to us may be transferred and stored outside of the United Kingdom(‘UK’) and/or the European Economic Area (‘EEA’) for the purposes of things such as carrying out administration, the fulfilment of your order, the processing of your payment details and the provision of support services although we are attempting to bring as much as possible into the UK. Any personal information transferred will receive an adequate level of protection as required by the Data Protection laws. Third parties will only process your personal information on our instructions and in the agreement that the information is kept secure and confidential.
Any personal information transferred will receive an adequate level of protection as required by the Data Protection laws. Where any transfer is made to a country outside of the UK/EEA and an adequacy decision in relation to the laws of that country we will ensure that appropriate safeguards are in place prior to any transfer of your data. Those safeguards are likely to consist of either the use of standard data protection clauses adopted or approved by the UK/European Commission or an equivalent self-certification regime.
Data Subject Rights
Under certain circumstances, you have the right to:
- Access your information.
You are entitled to request access to the information we hold about you (known as a ‘data subject access request’). You are entitled to receive a copy of the personal information we hold about you and to check that it is being lawfully processed. - Correct your information.
If the information we hold for you is incomplete or incorrect, you have the right to request a correction. - Request erasure.
Where there are no reasons for continuing the processing of your personal information, you are able to request the removal or deletion of the personal information. - Object to processing.
Where we rely on legitimate interest for the processing of your personal information, or for the purposes of direct marketing, you have the right to object to the processing. - Request the restriction of processing.
You are entitled to request for a suspension for the processing of your personal information, for example, if you are awaiting the reasons for the processing of the information or require us to establish its accuracy. - Transfer your personal information.
You are able to request the transfer of your personal information to another party.
There may be occasions where we are unable to delete records. We will discuss this with you when we receive a request for any data to be deleted.
It is important that the personal information we hold for you is accurate and up to date. If you would like to review, verify, correct or request erasure of your personal information, object to the processing of your personal data or request that we transfer a copy of your personal information to another party, please contact:
groupcompliance@griffithsandarmour.com
No fee
These rights are available to you at no cost; however we may charge a reasonable fee where a request is deemed to be excessive or unfounded. In such circumstances, we may otherwise refuse to comply with the request.
How long is your personal data retained?
We will generally hold your personal data for a minimum of seven years or for as long as is necessary for the purposes for which it was collected thereafter or whenever you tell us you no longer want to remain on our contact list. Personal information may be retained for as long as necessary to comply with our legal obligation, or in order to protect yours or another person’s vital interest.
Security
We understand the importance of protecting your privacy and we will ensure your data is safeguarded and held securely in accordance with our obligations under the Data Protection laws. Appropriate technical and organisational measures have been implemented to ensure personal information is protected and to prevent your personal data from being lost, used, accessed in an unauthorised way, altered or disclosed. Details of these measures are available upon request. We also limit access to your personal information to those employees, contractors and other third parties who have a business need to know. This access will be granted on a confidential basis and processing of the information will only take place subject to our instruction.
We have in place procedures and a policy to deal with any potential data security breaches, data subjects and any applicable regulators will be notified where we are legally required to do so.
Complaints
If you consider that our processing of your personal information infringes the Data Protection laws, you have the right to make a complaint at any time to the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection issues.
How to contact us
By email at groupcompliance@griffithsandarmour.com or write to the Group Compliance Director at, Griffiths & Armour, 12 Princes Parade, Princes Dock, Liverpool L3 1BG.
Revisions to our Privacy Notice
We reserve the right to revise this Notice or any part of it from time to time and will provide you with a new Privacy Notice where any substantial updates are made. We may also notify you through other means, about the processing of your information.
October 2023