Business - Light.jpg

Latest Information from LifeQuote about GDPR

 

General Data Protection Review (GDPR) legislation will be introduced on 25th May 2018 and replaces existing Data Protection requirements.

Please see below for updates from LifeQuote. 

 

For general LifeQuote updates please click here

Latest Update

GDPR - The Final Update 

As the GDPR deadline arrives this week, I want to provide a final update and also a brief summary for you. 

Our apply journeys have been updated for some time and, whilst we'd recommend the speed and convenience of using LifeQuote to apply online, for those few paper applications received we will ask you to confirm you have obtained consent when submitting any form of paper application to us - an  updated cover sheet is available from your Case Manager and will shortly be on the LifeQuote portal. 

We're updating our LifeQuote password functionality, as confirmed in a recent separate email, and we will roll this out over the next few weeks. This will make the LifeQuote portal easier to use and improve password robustness for you. 

Our due diligence pack as proven very popular in providing the required outsourcing assurances for you and please let me know if you still need a copy. 

To summarise, we have made these changes to ensure we are ready for the GDPR deadline: 

  • The application journey
  • Customer and adviser communication
  • Contracts
  • Internal processes and training 
  • Data that we hold 
  • Completed risk assessments 

We have kept you up to date on progress and actions and if you do have any questions, please let me know. 

And remember we are here to help with any future questions or queries, particularly from customers about their rights (as per LifeQuote Update 6) by using the email compliance@lifequote.co.uk

Ryan Mustchin, Head of Compliance and Agency

In the meantime if you require more information, please use the sources below or alternatively contact us at: 

Ryan Mustchin, Head of Compliance and Agency, ryan.mustchin@lifequote.co.uk

Nathan Wehrly, GDPR Support, nathan.wehrly@lifequote.co.uk


ICO – GDPR 12 steps
ICO Blogs

GDPR - Customer Requests and Some General Reminders 

In this update, I'll explain what to do if you, as the data controller, receive customer requests or enquiries under the new legislation and how LifeQuote will work with you to complete them together with some reminders as the GDPR deadline approaches. 

As you know, our privacy notice has been updated and is in place. This makes it clear how we are handling your customers' data and is a good starting point for any enquiries. Customer rights are enhanced under GDPR and include the following:

Access - Customers can access all data held about them which will need to be supplied within 30 days from the request, free of charge - we will summarise all data pertaining to the customer and liaise with you to provide this to them as required. 

Rectification - Customers can have inaccurate personal data rectified, or completed if it is incomplete - much like the current process if a customer informs you of a change to their personal data. You will simply need to inform us so we can update our records and pass this information to the relevant insurer. 

Erasure - A right for customers to have their personal data erased, which is commonly known as the 'right to be forgotten'. If an application has been made we will have a legal requirement to keep the data under our agreed retention period for the establishment, exercise or defence of potential legal claims. We have some wording to help manage such requests. 

Restriction - Customers have the right to restrict the processing of their personal data in certain circumstances. This means that an individual can limit the way that an organisation uses their data. This is an alternative to requesting the erasure of their data - if a customer requests their data to be restricted we will immediately cease the processing of this data and inform the insurer of the customer's request. Restriction will involve still holding the data on our systems but with notes to confirm that the processing has been restricted. 

Objection - Individuals have the right to object to the processing of their data. Our legal basis for processing the data is to fulfill a contract (on your behalf) but again we will immediately cease the processing of this data and inform the insurer of the customer's request. This will involve us holding the data on our systems but with notes to say the customer has withdrawn consent. 

Data Portability - The right to data portability allows individuals to obtain and reuse their personal data for their own purposes across different services. We will liaise with advisers and insurers in such circumstances. 

Quote simply, all you need to do is let us know at compliance@directlife.co.uk when you get a request and we'll work together to complete it and ensure this dovetails with how you are handling requests for the data you also hold. We will contact you if we receive any sort of Data Protection related request from your customer and in the unlikely event of any data breach, we will contact you immediately and liaise on the appropriate action. 

As per previous updates, contractual changes are nearing completion. The majority are via a variation clause in our agreement which means there is no need to sign anything and we'll simply confirm the required clause changes to meet the new legislation. If a formal contract change is needed for any reason, we'll have been in touch. 

Our proposed LifeQuote log in/password changes will also be confirmed shortly; these will make the system easier to use, enable you to choose your own password and make the passwords more robust. 

Finally, our due diligence pack has proved very popular and useful in ensuring evidence of appropriate oversight and if you do want a copy, please let me know. 

Ryan Mustchin, Head of Compliance and Agency

In the meantime if you require more information, please use the sources below or alternatively contact us at: 

Ryan Mustchin, Head of Compliance and Agency, ryan.mustchin@lifequote.co.uk

Nathan Wehrly, GDPR Support, nathan.wehrly@lifequote.co.uk


ICO – GDPR 12 steps
ICO Blogs

 

Previous Updates

GDPR - The Final Update - May 2018 Article 7

As the GDPR deadline arrives this week, I want to provide a final update and also a brief summary for you. 

Full update

GDPR - Customer Requests and Some General Reminders - April 2018 Article 6

In this update I'll explain what to do if you, as the data controller, receive customer requests or enquiries under the new GDPR legislation and how LifeQuote will work with you to complete them together with some reminders as the GDPR deadline approaches. 

Full update

LifeQuote announces GDPR policy - April 2018

LifeQuote's GDPR policy will involve holding advisers' electronic data and physical documents for the time being and as it records all calls, these will be retained under the same policy. 

Full update

GDPR - Contract Changes - March 2018 Article 5

In this update I'll explain what LifeQuote are doing to ensure the appropriate contractual changes are now in place ahead of GDPR Legislation. 

Full updates

GDPR - Data Held and Handling Requests - February 2018 Article 4

In this update we explain how we will deal with the GDPR's requirement to ensure customers know what data will be collected, for what reason and how it will be treated, plus how we will respond to requests to see the information held, change it and erase it. 

Full update

GDPR - Relationships and Obligations Update - January 2018 Article 3

In this short update I want to explain what our relationship is from a Data Handling and GDPR point of view. 

LifeQuote's mission is to make our service transparent and open to all concerned and support you by taking the hassle away. The key stages and obligations in our relationship are:

Full update

Viewpoint: GDPR - 20 million reasons to start listening - November 2017

General Data Protection Regulation is a complex issue - but one which financial advisers can't afford to ignore as it emerges on the horizon. Neil McCarthy (pictured) of LifeQuote, the protection services provider, outlines some of the main issues and some hints at what organisations should do in the run-up to implementation.

Full update

GDPR – what it means to you when working with LifeQuote - November 2017 Article 2 

With GDPR looming you’ll need to check with any outsourced services such as LifeQuote to ensure the consents and access to data all work for you, and that we as a supplier are trusted to look after your client’s data on your behalf.

Full update

GDPR – Working with LifeQuote - October 2017 Article 1 

General Data Protection Review (GDPR) legislation will be introduced on 25th May 2018 and replaces existing Data Protection requirements. It’s the most significant change in this area over the past 20 years, placing greater emphasis on a firm’s ability to demonstrate strong data privacy procedures to protect personal data and minimise any potential harm to individuals.

 Full update

 

 

 

 

 

 

For any enquiries, please contact Ryan Mustchin, Head of Compliance and Agency via ryan.mustchin@lifequote.co.uk or Nathan Wehrly, GDPR Support via nathan.wehrly@lifequote.co.uk

01243 791039