The General Data Protection Regulation (GDPR) is a new EU regulation which came into effect on 25th May 2018. GDPR provides you with greater control over your personal data and places greater accountability on organisations who process it.
Please read this Privacy Statement to understand:
- How and why we use your personal data
- Your data privacy rights
For further information contact our Data Protection Officer (details are provided below).
A copy of this Privacy Statement can be downloaded from here.
Acorn Life DAC, part of Acorn Life Group, is a 100% Irish owned life assurance company providing insurance, savings, investment and pension products to the Irish public. To enable us to provide these products & services we process your personal data, such as financial and medical records. We need to process most of this personal data under the terms of a contract we have with you (your policy) or to meet legal obligations.
We process data for the following reasons:
- Consultations and marketing e.g. contact information.
- Regulatory checks e.g. proof of identity and address to comply with Anti-Money Laundering law and screening customers against Financial Sanctions and Politically Exposed Persons (PEP) lists.
- Assessing insurance and financial needs to provide product recommendations and quotes e.g. health questionnaire, your financial details, marital status and family members including children.
- Assessing insurance risks – underwriting e.g. medical assessment/evidence.
- Setting up and managing your policies e.g. communications about your policies and products/service history.
- Receiving and making payments e.g. bank and direct debit details.
- Assessing claims e.g. circumstances of an illness, medical assessment/evidence and where necessary fraud prevention.
- Safety and security reasons - if you visit our offices, we may record CCTV footage.
We process your data where:
- You have agreed and provided consent (you may withdraw your consent at any time) e.g. when we communicate with you for marketing purposes.
- It is necessary for a service or contract you have entered into e.g. when we provide you with a product recommendation/quote and you buy an insurance policy.
- There are legal or regulatory reasons e.g. where regulators require us to maintain records about our dealings with you or carry out checks for anti-money laundering reasons.
- We have a legitimate interest to do so (and to which you may object). This means a business reason to use your data which takes into account your rights e.g. recording of phone calls for customer service reasons.
- Under the Irish Data Protection Act 2018 health data can be processed if it is necessary for insurance, life assurance or pension related reasons.
- Directly from you e.g. phone conversations or meetings with our staff and tied insurance intermediaries, letters, emails or data entered via a form on our website.
- Via tied insurance intermediaries (financial advisors) who meet with you to assess your financial needs, provide you with quotes and product recommendations, and to assist you when you purchase a policy.
- From others e.g. doctors/healthcare professionals as part of the underwriting or claims process and third parties who carry out searches on our behalf of publicly available information for Financial Sanctions/PEP screening purposes.
We record and monitor calls for training, verification and to meet regulatory requirements. We will let you know if a call is being recorded at the start of the call, so you can decide to continue or not.
If you choose not to provide us with your personal data, it may mean we are not able to:
- Provide requested products or services to you
- Continue to provide existing products or services
We will tell you when we ask for information which is not a contractual requirement or is not needed to comply with our legal obligations.
We only keep your information for as long as there is a business reason, or where regulations say we must. Typically, this is for 6 years after our relationship with you ends. But, it will vary depending on the type of data we hold, and the type of products/services provided to you.
We share your information with the following types of recipients:
- Acorn Life Group companies e.g. for marketing purposes.
- Doctors and healthcare professionals e.g. where needed for underwriting and claims.
- Fraud prevention investigators - who assist us in some specific cases in identifying, investigating and preventing fraud.
- Legal advisors
- Service providers e.g. third parties who provide services on Acorn Life’s behalf including: IT, mail printing/delivery services, Financial Sanctions and PEP screening.
- Statutory and regulatory bodies e.g. Central Bank of Ireland, Irish Revenue and law enforcement authorities.
- Tied insurance intermediaries (financial advisors) who meet with you to provide advice and product recommendations.
- Your authorised representatives e.g. where you have asked us to share your data with them.
These data transfers are mainly within Ireland but may go to other countries within the European Economic Area (EEA). Sometimes these recipients might transfer data outside of the EEA. If they do, we will take steps to ensure appropriate safeguards are in place e.g. contracts to protect your privacy.
We contact you for marketing purposes where you have consented. If you also consent to it, we will also share your contact details within Acorn Group. You may opt out of this marketing at any time by contacting firstname.lastname@example.org
- At any time you may:
- Ask us for a copy of your personal data
- Correct and update mistakes/incomplete personal data
- Raise a complaint with the Data Protection Commissioner
- In certain circumstances, you may:
- Delete your personal data
- Restrict use or object to us processing your data e.g. for marketing purposes
- Take your personal data to another provider
- Exercise a right not to be subject to solely automated decisions
- Where you have consented to the use of your data, you have the right to withdraw this consent at any time.
If you have any further questions or you wish to exercise your rights, contact our Data Protection Officer using one of the following:
- In writing to Acorn Life DAC, St. Augustine Street, Galway, H91 PN80
- By telephone - 091 535700
- By email - email@example.com
Where a request relates to one of your rights we ask that you provide the following:
- Name, address and any further contact details such as email or phone number that you would like us to use.
- A description of your request e.g.what types of personal data you would like a copy of.
- Policy number (where applicable). This will make it easier for us to identify you and your personal data.
Where relevant we may also ask for further proof of identify and address.
We would like it if you contacted us first to see if we can resolve the issue. But, if you have an issue with how we are processing your personal data, you have the right to raise this with the Data Protection Commission at any time (Tel: 057 8684800 or https://www.dataprotection.ie).
We do not use website analytics technologies. Any cookies that are written by the site are necessary for the operation of the services on this site.
Privacy practices in relation to this website:
- We are not responsible for the content or privacy practices of other external websites which we may link to from time to time. Any external links to other websites will be clearly identifiable as such.
- You do not have to provide us with any personal data to use our website.
- Where you choose to give us your personal data through online feedback or enquiry forms, we will treat your personal data as outlined in this Privacy Statement. This will mean:
- Processing this data to service your request/instruction. This can include passing this data on to other employees/intermediaries within Acorn Life Group.
- Maintaining a record of these communications.
Last updated Jan 2019