Privacy Policy
Pangea Life Privacy Policy
Fair Processing Notice
The privacy and security of your information is important to us. This notice explains who we are, the types
of information we hold, how we use it, who we share it with and how long we keep it. It also informs you of
certain rights you have regarding your personal information under current data protection law.
Because we value our customer relationships, we do not sell customer information. We will only share your
information for the purposes of providing services which you have instructed us to perform on your behalf,
such as placing your insurance and/or providing you with insurance-related products and/or services, as
applicable, and as otherwise permitted or required by law.

The terms used in this Fair Processing Notice relate to the Information Commissioner’s Office guidance.
Who are we?
Pangea Life Limited is the Data Controller of the information you provide us and is registered with the
Information Commissioner’s Office for the products and services we provide to you.
You can contact us for general data protection queries by email to enquiries@pangealife.co.uk or in
writing to The Data Protection Officer, Pangea Life, 25 Barnes Wallis Road, Fareham PO15 5TT.

Please advise us of as much detail as possible to comply with your request. For further information about
Pangea Life Limited please visit www.pangealife.co.uk
What information do we collect?
We will collect & process personal information about you as required by insurance companies or other
service providers, including, but not limited to:

Individual details – full name, address, email, telephone number, gender, marital status, family
details, date of birth, nationality, employer, salary, job title, job description, physical hobbies and
employment history, relationship to the policyholder or insured, personal information on any
chosen trustees or beneficiaries for Trust Documents.

Identification details - identification numbers issued by government bodies or agencies (e.g.
depending on the country you are in, social security or national insurance number, passport
number, ID number, tax identification number, driver’s license number).

Financial information - payment card number, bank account number and account details, income
and other financial information.

Insured risk - information about the insured risk, which contains Personal Data and may include,
only to the extent relevant to the risk being insured:

Health data - current or former physical or mental medical conditions, health status,
injury or disability information, medical procedures performed, relevant personal habits
(e.g. smoking or consumption of alcohol), prescription information, medical history,
family history and registered GP Surgery.

Criminal records data - criminal convictions, including driving offences.

Other Special Categories of Personal Data - racial or ethnic origin, political opinions,
religious or philosophical beliefs, trade union membership, genetic data, biometric data,
data concerning an individual’s sex life or sexual orientation.

Policy information - information about the quotes individuals receive and the policies they obtain.

Credit and anti-fraud data - credit history and credit score, information about fraud convictions,
allegations of crimes and sanctions details received from various anti-fraud and sanctions
databases, or regulators or law enforcement agencies.

Previous claims - information about previous claims, which may include health data, criminal
records data and other Special Categories of Personal Data (as described in the Insured Risk
definition above).

Current claims - information about current claims, which may include health data, criminal records
data and other Special Categories of Personal Data (as described in the Insured Risk definition
above).

Marketing data - whether or not the individual has consented to receive marketing from us and/or
from third parties.

Website and communication usage - details of your visits to our websites and information
collected through cookies and other tracking technologies, including, but not limited to, your IP
address and domain name, your browser version and operating system, traffic data, location data,
web logs and other communication data, and the resources that you access.

Online Services - In the event that we introduce online services on our site, such as live chat or
webcasts, we will ask for information about you such as your name, business, and e-mail address.
In cases where we use a third-party vendor to provide these online services, the vendor will agree
to keep your information confidential. For example, transcripts of live chat sessions may be
archived in a database by our vendor.
What is the source of your personal information?
We collect and receive personal information from various sources, including (depending on the service
provided):

From you directly, and any information from family members, associates or beneficiaries of
products and services online, face-to-face meetings, by telephone, electronic communications (e.g.
e-mail or video conferencing) or in written correspondence

Individuals’ employers or trade or professional associations of which they are a member

In the event of a claim, third parties including Medical Consultants, Medical Secretaries, Loss
Adjusters, Lawyers and Claims Handlers

Other insurance market participants, such as insurers, reinsurers and other intermediaries

Credit reference agencies (to the extent Pangea

Life Ltd is taking any credit risk)

Anti-fraud databases and other third party databases, including sanctions lists

Government agencies, such as Companies House and tax authorities

Claim forms

Open electoral registers and other publicly available information

Business information and research tools

Third parties who introduce business to us

Forms on our website and your interactions with our website

Information generated about you when you use our products and services

Pangea Life Ltd if you already have a product with them, have applied for one or have held a one
previously

Publically available directories and information (for example, telephone directory, social media,
internet, news articles), debt recovery and/or tracing agents, other organisations to assist in
prevention and detection of crime, police and law enforcement agencies
Children’s Online Privacy Protection Act (COPPA)
We do not knowingly collect online information from children under the age of 13. Our services are
marketed towards adults. If we are notified that we have collected personal information, as defined by the
Children’s Online Privacy Protection Act (COPPA), of a child under the age of 13, we will delete the
information as expeditiously as possible
Online Tracking 
Click Streams
We may capture click streams to help us learn what parts of our Web site are most popular and among
which audiences. We may also use them to help us optimize our user interface, to analyze site usage
statistically, to improve content, and to customize our Web site's content and layout. In short, we use this
information to allow us to tailor our Web site and to meet your needs better. We analyze click stream data
to track trends and behaviors, not individuals. We are interested in our audience size, return visit rate, and
similar data on an aggregate basis. We also capture date and time information of visits, pages visited, and
the time you spend with us.
Cookies
Cookies are pieces of information that a Web site transfers to your computer's hard drive for recordkeeping
purposes. They can make the site more useful by storing information about your preferences at our
Web site. It is almost standard for any interactive Web site to use cookies. Cookies do not identify a user,
but they do identify a user's computer. Most browsers are set up to accept cookies. If you prefer, you can
set your browser to refuse cookies, but some online services on our Web site will not function without
them.

We do not use cookies to track or report on activity when you are not on our Web site or to provide such
information to other parties for their own marketing use. We do not use cookies to collect personal
information such as your e-mail address, and we do not combine information collected through cookies
with your Confidential Information. We make no attempt to look at or examine other cookies or
information that may be stored on your computer.
Do Not Track Signals
We honor your web browser’s “Do Not Track” signal.
Links to Other Sites
We may provide links to other Web sites not owned or controlled by us that we think might be useful or of
interest to you. We are not, however, responsible for the privacy practices used by other Web site owners
or the content or accuracy contained on those other Web sites. Links to other Web sites do not constitute
or imply endorsement by us of those Web sites, any products or services described on those Web sites or
any other material contained in them. Contact those Web sites directly for their individual privacy policies.
How do we use your personal information?
We will use your personal information to:

Assess and provide the products or services that you have requested

Communicate with you

Develop new products and services

Undertake statistical analysis


We may also take the opportunity to:

Contact you about products that are closely related to those you already hold with us

Provide additional assistance or tips about these products or services

Notify you of important functionality changes to our websites

When do we share your information?
Broking and Claims Functions
In order to carry out the broking services, we require to share your information with other Insurers,
Intermediaries and Reinsurers that need to process the information in order to undertake their role in the
insurance market (including underwriting and claims). At times this will involve third parties delivering
some of the products or provide all or part of the service requested by you. In these instances, while the
information you provide will be disclosed to these companies, it will only be used for the provision and
administration of the service provided (for example claims loss adjustors, claims processing, underwriting
and risk surveyors).


Statutory, Regulatory & Compliance Functions
Statutory and Regulatory Authorities require checks on businesses and individuals to prevent financial crime
or recording of information. These will include submission of your personal details to undertake searches
including:


Companies House

Employer’s Liability Tracing Office (ELTO)

Sanctions Searches


We may of course be obliged by law to pass on your information to the police or other law enforcement
body, statutory or regulatory authority.


Finance Functions
In order to provide or facilitate finance agreements, we will be required to process and share personal
information with finance service providers. This will include conducting a search with credit reference
agencies or contacting other firms involved in financial management regarding payment.


Operational Functions
Throughout our general operational functions other organisations and businesses who provide services to
us such as back up and server hosting providers, IT software and maintenance providers, document storage
providers and suppliers of other back office functions may be provided with personal information but only
where required to perform the business functions. Additionally, we may disclose your Confidential
Information in the event of a reorganization, merger, or sale.


We may aggregate information and statistics on website usage or for developing new and existing products
and services, and we may also provide this information to third parties. These statistics will not include
information that can be used to identify any individual.


If we provide information to a third party we will require it and any of its agents and/or suppliers to take all
steps reasonably necessary to ensure that your data is treated securely and in accordance with this fair
processing notice. We may also share your information with anyone you have authorised to deal with us on
your behalf.
What are the legal grounds for our processing of your personal information
(including when we share it with others)?
In all instances, we must identify the “legal grounds” on which we rely to process and share this
information.
For existing clients these generally fall in to one of the following categories:

Performance of our contract with the individual or business

Legitimate interests of Pangea Life Ltd including:

To ensure risk profile meets acceptable standards and assist in crime & fraud prevention

To review risk profile to build and assess risks/necessary cover and ensure appropriate
insurer/insurance product

To correspond with beneficiaries and claimants in order to facilitate placing of and claims
under insurance policies

To recover debts due to us

Ensuring our clients are able to meet their financial obligations

To assist our clients in assessing and making claims

To assist with the prevention and detection of fraud

To correspond with clients to facilitate the continuation of insurance cover

To give clients relevant offers

To take pre-emptive steps to ensure legal and regulatory compliance

To correspond with clients in order to provide consultancy services

To monitor and to keep records of our communications with you and our staff

For management and auditing of our business operations including accounting

To facilitate the sale of one or more parts of our business



In instances where sensitive personal data is required to undertake the performance of our
contract we will look to obtain consent.

There are circumstances where the processing and sharing of this sensitive personal data has legal
ground by means of substantial public interest such as criminal records information or to establish,
defend or prosecute legal claims.


For prospective business clients these fall in to:


Consent or Explicit Consent for direct marketing communications

Legitimate interests of Pangea Life Ltd and providing the contact is a worker for the targeted
company


We only collect and process personal data (including sensitive data) where it is critical for the delivery of a
product or service and without which the product or service cannot be provided. We will therefore not seek
explicit consent to process this information as the processing is legitimised by its criticality to the service
provision. If you object to use of this information then we will be unable to offer you the product or service
requested.


We will disclose Personal Data for the purposes we explain in this notice to service providers, contractors,
advisers, agents and PangeaLife Ltd companies that perform activities on our behalf.

Securing your personal information
We have in place physical, electronic, and procedural safeguards appropriate to the sensitivity of the
information we maintain. These safeguards will vary depending on the sensitivity, format, location, amount,
distribution and storage of the Personal Data, and include measures designed to keep Personal Data
protected from unauthorized access. If appropriate, the safeguards include the encryption of
communications, encryption of information during storage, firewalls, access controls, separation of duties,
and similar security protocols. We restrict access to Personal Data to personnel and third parties that
require access to such information for legitimate, relevant business purposes
Be aware that e-mail messages sent in clear text over the public Internet can be observed by an unintended
third party. Non-encrypted Internet e-mail communications may be accessed and viewed by other Internet
users without your knowledge and permission while in transit to us. If you wish to keep your information
private, please do not use electronic mail to communicate information to us or request information from us
that you consider to be Confidential and/or proprietary. If you wish, you may contact us instead via
telephone at 02382 354354.


We have in place procedures and a policy to deal with any potential data security breaches, and data
subjects and any applicable regulators will be notified where we are legally required to do so.
Transfer of Data Outside the EEA
The data we collect about you may be transferred to, and stored at, a destination outside of the European
Economic Area (“EEA”). It may also be processed by staff operating outside of the EEA who work for us or
for one of our suppliers. Such staff may be engaged in, amongst other things, the provision of information
you have requested.

These countries’ data protection laws do not always offer the same level of protection for Personal Data as
offered in the EEA. We will, in all circumstances, safeguard Personal Data as set out in this Privacy Notice.
Certain countries outside the EEA have been approved by the European Commission as providing essentially
equivalent protections as EEA data protection laws. EU data protection laws allow Pangea Life to
freely transfer Personal Data to such countries.

If we transfer Personal Data to other countries outside the EEA, we will establish legal grounds justifying
such transfer, such as individuals’ consent, or other legal grounds permitted by applicable legal
requirements.
How long do we keep your information for?
We will not keep your personal information longer than is necessary for the purpose for which it was
provided unless we are required by law or have other legitimate reasons to keep it for longer (for example if
necessary for any legal proceedings).

We will normally keep information for no more than 6 years after termination or cancellation of a product,
contract or service we provide. In certain cases, we will keep your information for longer, particularly where
a product includes liability insurances or types of insurance for which a claim could potentially be made by
you or a third party at a future date, even after your contract with us has ended.

Your rights
Under data protection law you have the right to change or withdraw your consent and to request details of
any personal data that we hold about you.
Where we have no legitimate reason to continue to hold your information, you have the right to be
forgotten.
Under certain conditions, individuals have the right to request Pangea Life to:


Provide further details on how we use and process their Personal Data

Provide a copy of the Personal Data we maintain about the individual

Update any inaccuracies in the Personal Data we hold

Delete Personal Data that we no longer have a legal ground to process

Restrict how we process the Personal Data while we consider the individual’s enquiry


In addition, under certain conditions, individuals have the right to:


Where processing is based on consent, withdraw the consent

Object to any processing of Personal Data that Pangea justifies on the “legitimate interests” legal
grounds, unless our reasons for undertaking that processing outweigh any prejudice to the
individual’s privacy rights

Object to direct marketing (including any profiling for such purposes) at any time


These rights are subject to certain exemptions to safeguard the public interest (e.g., the prevention or
detection of crime) and our interests (e.g., the maintenance of legal privilege).
We will respond to most requests within 30 days.
If we are unable to resolve an enquiry or a complaint, individuals have the right to contact the UK data
protection regulator, the Information Commissioner’s Office.
If you would like to correct the Personal Data you have provided to us, or to request that we remove your
information from our records, e-mail us at enquiries@pangealife.co.uk or contact our corporate
headquarters with the correction or removal request.
Further details of your rights can be obtained by visiting the Information Commissioner’s Office website at
https://ico.org.uk/.

Changes to Our Privacy Policy
This Privacy Notice is subject to change at any time. It was last changed on 23rd May 2018. If we make
changes to this Privacy Notice, we will update the date it was last changed. Where we have an engagement
with you, we will notify you of any changes we make to this Privacy Notice in accordance with the notice
provisions in the terms of our engagement. In other circumstances, we will publish the revised Privacy
Notice on our website
Share by: