Quote
Professional data protection and privacy security with blue-toned corporate design

Privacy Policy

We are committed to protecting your personal data and respecting your privacy. This notice explains how we collect, use, and safeguard your information.

Introduction & Who We Are

Aserto Insurance Brokers Limited ("we", "us", "our", or "Aserto") is an independent insurance broker regulated by the Financial Conduct Authority (FCA). This privacy notice sets out how we collect, use, and process your personal data when you interact with us, whether through our website, when requesting quotes, purchasing policies, filing claims, or any other engagement with our services.

We are committed to processing your personal data fairly, transparently, and in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection laws. We take your privacy seriously and have implemented appropriate technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction.

What Personal Data We Collect

We collect personal data to enable us to provide insurance brokerage services effectively. The categories of personal data we collect include:

Personal Identifiers & Contact Details

  • Name, address, email address, telephone number, date of birth
  • Company name, business address, business contact details

Policy & Claims Information

  • Insurance type and coverage requirements, policy details, claims history
  • Details of assets, property, vehicles, business operations, and risk exposures
  • Claim details, incident information, and correspondence regarding claims

Financial Details

  • Payment information, banking details, premium payment records
  • Financial information relevant to underwriting and claims assessment

Health & Criminal Data

  • Health or medical information when necessary for underwriting life or income protection insurance
  • Criminal conviction information where relevant for certain insurance underwriting or claims assessment purposes

Website & Technology Data

  • IP address, browser type, pages visited, time spent on website, cookies and device identifiers
  • Analytics data to understand how our website is used and improve your experience

Communication Data

  • Records of communications with you including emails, phone call notes, and messages
  • Preferences regarding communications and marketing communications received

When We Collect Data

We collect personal data at various points in our relationship with you:

  • When you request a quote: We collect information about you and your insurance needs to provide an accurate quotation
  • When you purchase a policy: We collect detailed information required to arrange your insurance
  • When you contact us: We record information from your enquiries, telephone calls, and correspondence
  • When you file a claim: We collect comprehensive information about the incident and loss claimed
  • When you visit our website: We automatically collect data through cookies and analytics tools
  • When you subscribe to communications: We collect preferences and manage your marketing communications

How We Use Your Data & Lawful Bases

We process your personal data for the following purposes, based on the lawful grounds indicated:

Primary Purposes

  • Arranging and underwriting insurance: To assess risk, provide quotes, arrange policies, and manage your coverage. Lawful basis: Performance of contract and legitimate interests.
  • Managing policies and claims: To administer your policy, process claims, conduct investigations, and manage settlements. Lawful basis: Performance of contract and legal obligation.
  • Fulfilling legal and regulatory obligations: To comply with FCA regulations, insurance legislation, tax requirements, and other legal obligations. Lawful basis: Legal obligation and legitimate interests.
  • Preventing fraud: To detect, investigate, and prevent fraudulent claims and activities. Lawful basis: Legitimate interests and legal obligation.
  • Internal administration: To manage our business operations, maintain records, send invoices, and process payments. Lawful basis: Performance of contract and legitimate interests.
  • Marketing and communications: To send you information about our services, product updates, and promotional materials (only where you have consented). Lawful basis: Consent and legitimate interests.

Sensitive Personal Data

Under UK GDPR, health data, criminal conviction information, and other "special category data" receive additional protection. We may collect such data only when:

  • It is necessary for underwriting purposes, claims assessment, or risk management
  • You have given explicit consent for such processing
  • Processing is required to establish, exercise, or defend legal claims
  • Processing is carried out by insurers and brokers in the course of legitimate insurance business

When we process sensitive personal data, we apply strict safeguards and limit access to authorised personnel only. We will never sell or share such data beyond what is necessary for insurance purposes.

Sharing Your Data

To provide our insurance brokerage services, we share your personal data with third parties who help us arrange and manage your insurance. These recipients include:

  • Insurance companies and underwriters: To arrange your policy and manage your coverage
  • Reinsurers: Who provide cover to our underwriting partners
  • Brokers and underwriting agencies: To assist with placement and administration
  • Loss adjusters and surveyors: To assess claims and provide expert opinions
  • Risk assessment and management specialists: To provide risk advice and analysis
  • Credit reference agencies: To conduct credit checks and verify creditworthiness where appropriate
  • Payment processors: To securely process insurance premium payments
  • IT service providers and cloud hosting providers: To securely store and manage data
  • Regulators and law enforcement: When required by law or to prevent fraud
  • Professional advisors: Such as accountants, lawyers, and consultants (where necessary and with appropriate confidentiality agreements)

All third parties who receive your data are contractually obliged to protect your information and use it only for the purposes we specify. We do not sell your personal data to marketers or other commercial organisations.

International Transfers

Your personal data may be transferred to and processed in countries outside the UK and EEA, including to insurers and service providers located internationally. Where such transfers occur, we ensure appropriate safeguards are in place to protect your data:

  • Standard Contractual Clauses: Where appropriate, we use standard contractual clauses approved by the UK and EU authorities to govern data transfers
  • Adequacy decisions: Where the UK government has deemed a country to have adequate data protection
  • Your explicit consent: Where we transfer data with your knowledge and explicit consent to do so

By using our services, you consent to such transfers as necessary to provide insurance brokerage services.

Data Retention

We retain your personal data only for as long as necessary to fulfil the purposes for which we collected it or as required by law. Retention periods are determined by:

  • Active policy period: While you hold an insurance policy with us, we retain your data to manage the policy
  • Legal and regulatory requirements: We are required to retain certain insurance records for at least 6 years after policy termination for regulatory compliance and potential claims
  • Statute of limitations: We retain data for the duration of any potential legal claim period
  • Business purposes: Longer retention may be necessary for fraud prevention and risk management

After the applicable retention period expires, we securely delete or anonymise your personal data so it cannot be identified as belonging to you.

Your Rights

Under UK GDPR and the Data Protection Act, you have the following rights regarding your personal data:

  • Right of access: You can request a copy of the personal data we hold about you at any time
  • Right to rectification: You can request correction of inaccurate or incomplete data held about you
  • Right to erasure ("right to be forgotten"): You can request deletion of your data in certain circumstances, subject to our legal obligations to retain it
  • Right to restrict processing: You can ask us to limit how we use your data in certain circumstances
  • Right to object to processing: You can object to our processing of your data, including direct marketing, subject to legal grounds
  • Right to data portability: You can request your data in a structured, commonly-used format and have it transferred to another provider
  • Right to withdraw consent: Where processing is based on your consent, you can withdraw that consent at any time
  • Right to lodge a complaint: You have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have breached your data protection rights

To exercise any of these rights, please contact our Data Protection Officer using the contact details at the end of this notice.

Marketing & Preferences

We will only send you marketing communications, newsletters, or promotional material if you have opted in to receive them. You can manage your marketing preferences at any time:

  • Opt out of marketing emails: Every email we send includes an unsubscribe link allowing you to opt out
  • Update your preferences: Contact us directly to update your communication preferences
  • Manage preferences online: You can update your communication preferences through our website or by contacting us

Please note that even if you opt out of marketing communications, we will continue to send you essential policy and claims-related information.

Cookies & Technology

When you visit our website, we use cookies, web beacons, and similar tracking technologies to:

  • Remember your preferences and login information
  • Understand how visitors use our website and improve user experience
  • Measure website performance and analytics
  • Personalise your experience based on your interests

For detailed information about our use of cookies and how to manage your cookie preferences, please refer to our Cookie Policy. You can manage or disable cookies through your browser settings, though this may affect your experience on our website.

Changes to This Notice

We may update this privacy notice from time to time to reflect changes in our data processing practices, legal obligations, or other operational reasons. We will post any significant changes on our website and, where appropriate, notify you directly. Your continued use of our services after such changes constitute your acceptance of the updated privacy notice. We encourage you to review this notice periodically to stay informed about how we protect your personal data.

Contact Information

If you have questions about this privacy notice, wish to exercise your data rights, or have concerns about our handling of your personal data, please contact us:

Aserto Insurance Brokers

Office Address:
Aserto Insurance Brokers
123 Business Street
London, United Kingdom

Telephone: +44 (0)203 0111806 (London) or +44 (0)121 2710806 (Birmingham)

Data Protection Officer: For privacy queries and data rights requests, please contact our Data Protection Officer through our contact form or by telephone.

Regulatory Authority: If you wish to lodge a complaint about our data handling practices, you can contact the Information Commissioner's Office (ICO) at www.ico.org.uk or by telephone on +44 (0)303 123 1113.

We will respond to privacy-related enquiries and data rights requests within 30 days in accordance with UK GDPR requirements.