Privacy Notice

This privacy notice has been written in conjunction with ICO guidelines and the data protection legislation including Articles 12, 13 and 14 of the GDPR.

We are Mercury Claims Limited, a claims investigation company operating in the capacity of ‘data processor’ with claims management authority from our clients, the ‘data controllers’.

We process data for our clients, as data processors, under their data controller status and as such all data is processed in accordance with their processing requirements and all data protection legislation including the Data Protection Bill and the General Data Protection Regulations (GDPR). Should consumers wish to access the privacy policy of the data controller (our client, typically an insurance company) this should be sought directly from them.

All data is processed in accordance with data protection legislation. We will comply at all times with the Data Protection Act (DPA) 1998 until this is superseded in May 2018 when we will comply at all times with the General Data Protection Regulations from 25th May 2018 (incorporating the Data Protection Bill).

The DPA can be found at:- https://www.legislation.gov.uk/ukpga/1998/29/contents

We act as data controller only in our capacity as an employer. Information on privacy for our employees is an internal document only.
Our commitment to you:

  • We aim to operate in a clear and transparent way at all times where possible.
  • We will collect and process data fairly and lawfully.
  • We will only use data in a way that people would reasonably expect.
  • If you are contacting us via the contact details provided by our website or LinkedIn and are not previously known to us and are not a customer of our clients, your data will be processed in accordance with your request and for the purposes of your enquiry only (for example, job applicants).
  • Data you send to us will be processed internally in order to handle your request in the relevant department, and may be held on file with your consent for a period of time (for example if we are not currently recruiting but are interested in your profile we may keep your cv and personal details for future reference). We will obtain your consent to hold information on file and this can be withdrawn by the individual in writing at any time.
  • If you are contacting us to apply for a vacancy or submitting your cv, we may research and access publically available information on the internet including social media in pursuance of your application.
  • If you are contacting us as a customer of our clients, we are acting as data processors in accordance with the requirements of our client, the data controller. It is the duty therefore of our data controllers to provide full privacy notice information and this can be requested directly from them. We act for many data controllers; for information on the data controller responsible for your case (usually your insurance company), including identity and contact details, please telephone us on: 023 8048 0222 or email us at: enquiries@mercuryclaims.com
  • As a customer of our clients, if you refuse to provide information to us this may affect the processing of your claim.
  • We will not share any data with any third parties nor transfer it outside the UK.
  • The recipients of the data we process will be our data controllers. We do not pass on information to any third parties however we retain the right to pass information on to any authorities who required us to do so by law as governed by the relevant legislation applicable in the UK.
  • The purpose of processing your data is determined by the data controllers we are acting for and based on their instructions to us.
  • The categories of personal data we process are determined by the data controllers we are acting for and based on their instructions to us. Personal data will either be presented to us by our data controllers based on information you have provided to them, or will be obtained directly from you in our dealings with you (conversations and written communication) or may be obtained by publicly accessible sources.
  • The retention period (how long we will keep your data) is determined by our data controllers.
  • Each data subject (you) has rights as set out by the Data Protection Act 1998 until May 2018 when this is replaced by the GDPR (new laws from the EU) including the right to lodge a complaint.
    Your rights under the GDPR can be found at: https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/
  • If a data subject requests to see the data we hold about them, this request (Subject Access Request) must be made in writing and will be forwarded to the data controller for handling.
  • You have a right to be forgotten under data protection legislation however this might adversely affect our ability to provide services to your insurance company or solicitor. This right is not automatic and may be declined depending upon circumstances. Any right to be forgotten requests should be directed to the data controller handling your claim. For full information on the right to be forgotten please see; https://ico.org.uk/for-organisations/data-protection-reform/overview-of-the-gdpr/individuals-rights/the-right-to-erasure/
  • We will not use any of your data for marketing purposes.
    If this information is required in any other format please contact us at: enquiries@mercuryclaims.com with your requirements and we will aim to assist where reasonably practicable.