Please read the following notice to understand how we will collect and use your information and the rights you have in relation to your information. References in this notice to "your information" are also to personal information that you provide to us. Any significant changes to this notice will be clearly indicated on our home page. Iris Insurance Brokers Ltd is the Data Controller of any information provided via our website, and our contact details, together with details of our registration with the UK Information Commissioner’s Office are set out below or email

Privacy policy 

Iris Insurance Brokers Ltd is a privately owned insurance intermediary, authorised and regulated by the Financial Conduct Authority. In order to arrange insurance and reinsurance cover and to handle claims, we are required to obtain and use Personal Data from our clients.

The way insurance operates means that clients’ information may be shared with and used by a number of third parties in the insurance sector – for example, insurers, agents, other brokers, loss adjusters, sub-contractors, regulators, law enforcement agencies, fraud and crime prevention agencies and compulsory insurance databases. We will only ever disclose your personal information in relation to the insurance cover that we have arranged for you and to the extent permitted or required by law.

The table below sets out how we collect, use and process information, the legal basis for our doing so and the disclosures which may be made when carry out the process of arranging an insurance contract on your behalf

Purpose of Processing

Legal basis for using the data

Possible Disclosures

Quotation and inception



Establishing a client relationship/Evaluating risk to be covered/Carrying out initial client on-boarding checks

· Performance of the contract

· Complying with a legal obligation

·Legitimate interest to Iris (ensuring client is within our risk profile)

·Substantial public interest (insurance purposes)




Anti-Fraud databases

Credit reference agencies

Insurance intermediaries

Insurance broking platform administrators/advisers



Policy Administration



General servicing of the client account, including communication with client, collection and payment of premiums. Claims and adjustments and facilitating other payments

· Performance of the contract

· Legitimate interest to Iris

· Substantial public interest (insurance purposes, prevention of crime)




Debt recovery providers

Legal advisers

Insurance intermediaries

Premium finance providers


Claims Processing



Managing insurance claims/Defending or prosecuting legal claims/Investigating and prosecuting fraud

· Performance of the contract

· Legitimate interests to Iris (to assist client in assessing and making claims, to assist with the detection and prevention of fraud)

· Complying with a legal obligation

In respect of special categories of Personal Data (e.g. health information and criminal records data):

·Substantial public interest (insurance purposes)

·To establish, prosecute and defend legal claims)


Claims handlers

Loss adjusters



Third party administrators

Law enforcement agencies

Anti-fraud agencies

Third parties involved in investigations or prosecutions such as private investigators





Contacting our clients (nominated individuals)

· Performance of the contract

· Legitimate interest to Iris (to assist client in assessing and making claims, to assist with the detection and prevention of fraud)



Insurance intermediaries

Other parties in the insurance chain of communication

Throughout the contract



Marketing analytics/Risk modelling/Complying with our legal obligations/Reviewing claims/investigating fraud/preventing financial crime/Transferring books of business

·Performance of the contract

·Legitimate interest to Iris (to assist with the detection and prevention of fraud)




Legal advisers


Insurance, data protection and other regulators

Legal enforcement agencies

Website activities



To communicate with users of the website

· Legitimate interest to Iris (to maintain the quality and legality of our website)

IT service providers


Personal information

You are not required to provide any personal information on the public areas of this website, however, you may choose to contact us and provide information to us. If you do not provide us with the necessary information, we may not be able to offer you some, or any, of our services as an insurance or reinsurance broker.

We also obtain personal information from your IP address, operating system and web browser that you use to access our website. Please see section ‘Collection of additional information’ below for more details about this. You may also provide us with personal information if you contact us by email, telephone or letter.

The personal information which we collect may include any or all of the following data, and what we collect will depend upon the type of insurance cover we have been asked to arrange:

  • Individual details (such as name, address, proof of address, e-mail and telephone details, marital status, family details, date and place of birth, job title, employment history, relationship to other parties in the insurance chain).
  • Identification details (e.g. id numbers issued by certain government bodies or agencies, national insurance numbers, social security numbers, tax id numbers, driving license number – these details will vary between different jurisdictions)
  • Financial Information (e.g. payment card details, bank account details)
  • Insured or reinsured risk, which may comprise:
    • Health data (current or previous medical conditions, health status, injury or disability information, medical procedures performed, relevant personal habits e.g. smoking or alcohol consumption.
    • Criminal records data (including driving convictions)
    • Special Categories of Personal Data (such as racial or ethnic origin, political opinions, trades union membership, biometric data, genetic data, data concerning an individual’s sex life or sexual orientation)

When we collect and use Special Categories of Personal Data, we will usually rely on the basis of consent and you will be asked to provide your consent for us to process such data. Where you are providing Special Categories of Personal Data on behalf of another party, we will ask for evidence from you that you have obtained the necessary consent from the party about whom or on whose behalf the disclosure is being made.

Collection of additional information on our website

Occasionally, when you connect to our site we may use "cookie" technology and IP addresses to automatically collect certain technical non-personally identifiable information. This might include your type of internet browser or computer, the domain name of your internet service provider, number of page visits and the character and duration of such visits. We also track the number of visitors to our website in an aggregate form. Personally identifiable information is not extracted in this process. This information helps us keep our website fresh and interesting to our visitors and tailor content to a visitor's interests. You may set your computer browser to disable cookies or to alert you when cookies are being sent. If you disable cookies, we may be unable to optimise your visit to our website and certain features may not be available.


Where we hold your contact details for the purposes of informing you about new products or for providing you with newsletters and updates which we believe may be of interest to you, we do so based on your informed consent to our retention of this information. Any companies with whom this information is shared in order to generate the newsletter or marketing material will themselves be fully compliant with the data protection regulations and will only use the contact details we supply for the purposes for which we have supplied them. You may withdraw your consent to receiving this information at any time by ticking the appropriate box at the foot of the communication or by contacting us at any time to inform us that your consent has been or is being withdrawn.


All information provided to us is stored on our secure servers. We use up-to-date data storage and security techniques to protect your personal information from unauthorised access, improper use or disclosure, unauthorised modification or unlawful destruction or accidental loss. All our employees and any third parties we engage to process your personal information are obliged to respect the confidentiality of your information. However, the transmission of information via the internet is not completely secure. Although we will do our best to try and protect your information, we cannot guarantee the security of your information transmitted to our website; any transmission is at your own risk.

We store your data in the United Kingdom and do not transfer it outside of the United Kingdom other than for continuity of service in extreme circumstances where for example; UK backups fail. You agree that we may transfer any Protected Data to countries outside the European Economic Area (EEA), provided all transfers by Us of Protected Data are effected using the Appropriate Safeguards and in accordance with Data Protection Laws.

Other sites

This site may contain links to other web sites that we do not own or operate. We do not control, recommend or endorse and are not responsible for these sites or their content, products, services or privacy policies. Downloading material from certain sites may risk infringing intellectual property rights or introduce viruses into your system. You should note when you leave this site and read the privacy policies and terms of these other sites. You should also independently assess the authenticity of any website which appears or claims that it is one of our sites (including those linked to through an email).

Your rights

You have the right to access any personal information we hold about you and to request the following:

  • Details of what Personal Data we hold about you
  • The purpose(s) for which we are processing it
  • The recipients to whom the data has been or will be disclosed
  • How long we intend to store your personal data
  • Details of the sources of the data if we did not collect it from you


In addition, you may request the following:

  • That we correct or complete any incorrect or incomplete data we hold about you
  • That your personal data be erased
  • That our processing of your personal data be restricted (where applicable) in accordance with the data protection laws
  • That your data be provided or moved to another Data Controller (data portability)


When we receive a data subject request, we will take the necessary steps to verify the identity of the requester to ensure that the data is not released to an unauthorised party.

Where we hold your data on the basis that you have provided your consent for us to do so, you have the right to withdraw such consent at any time

Contact information

If you have any questions in relation to this notice please contact The Data Protection Officer at:

The Baxter Building, 80 Baxter Avenue, Southend-on-Sea,

Essex, SS2 6HZ

Telephone: +44 (0) 2031 787872

Fax: +44 (0) 1702 431 644


Changes to this Privacy Notice

This privacy notice may be changed at any time. Where we have an agreement in place with you, we will notify you of any changes to our Privacy Notice in accordance with the terms of this agreement. Otherwise we will publish the revised Privacy Notice on our website.

Iris Insurance Brokers Ltd is registered with the UK Information Commissioner’s Office under the following ICO Registration Number: Z9220063 (ICO website

Iris Insurance Brokers Ltd Registered in England and Wales Number 4072404 Registered office: The Baxter Building, 80 Baxter Avenue, Southend-on-Sea, Essex, SS2 6HZ Iris Insurance Brokers Ltd is authorised and regulated by the Financial Conduct Authority (FCA) No. 310825 All email messages sent to and from Iris Insurance Brokers Ltd may be monitored to ensure compliance with internal policies and to protect our business.