Arthur J. Gallagher
Global Privacy Notice

This privacy notice describes how GALLAGHER COMMUNICATION LIMITED  (‘we’, ‘us’, ‘OUR’) may collect, handle and process personal information in relation to your access to or use of the services.

This privacy notice applies to all of the services, websites and apps offered by Gallagher Communications Limited collectively, the “Services“), but excludes Services which have separate privacy notices that do not incorporate this privacy notice.

1. Personal information we use

We may collect personal information about you from a variety of sources, including information we collect from you directly (e.g., when you contact us) and from other sources, described below.

Note that we may be required by law to collect certain personal information about you, or as a consequence of any contractual relationship, we may have with you. Failure to provide this information may prevent or delay the fulfillment of these obligations. We will inform you at the time your information is collected if the provision of certain personal information is compulsory and the consequences of the failure to provide such personal information.

1.1 Information we collect directly from you

Depending on the service, website or app that you are using, the categories of information that we may collect directly from you include:

  • personal details (e.g., name, date of birth);
  • contact details (e.g., phone number, email address, postal address or mobile number);
  • government issued identification details (e.g., social security and national insurance numbers, passport details);
  • health and medical details (e.g., health certificates);
  • policy details (e.g., policy numbers and types);
  • online log-in information (e.g., username, password, answers to security questions);
  • information relating to any claims;
  • other information we receive from you on applications or required questionnaires (e.g., occupation, current employer); and
  • information we collect automatically from you (e.g., click stream data, personal information and other data collected using cookies and other device identifying technologies (‘Cookies’)). Further information about our use of Cookies is available at Annex A below.

We do collect personal information about your online activities over time and across third-party websites or online services.  When we see a browser set to “do not track”, signals transmitted from web browsers do not apply to our sites, and we do not alter any of our data collection and use practices upon receipt of such a signal.

1.2 Information we collect from other sources:

The categories of information that we may collect about you from other sources are:

  • personal details (e.g., name, date of birth, job title);
  • contact details (e.g., phone number, email address, postal address or mobile number);
  • government issued identification details (e.g., social security and national insurance numbers, passport details);
  • financial contributions to a pension scheme;
  • policy details (e.g., policy numbers and types).

We may receive such information via other insurers, consumer-reporting agencies, our affiliated companies, or other third parties in the course of conducting our business.

1.3 Sensitive personal information

We may also collect certain information about you which is considered more sensitive under local applicable laws, such as:

  • information about your race, ethnic origin, and, membership of professional or trade associations, gender identity or where appropriate; and
  • health, biometric or disability information required to administer policies or process claims.
1.4 How we collect personal information

We may collect personal information in different ways, including:

  • Data you give to us via face to face meetings
  • When you talk to us on the phone
  • In email communication and letters
  • In application forms or insurance claims
  • In financial reviews
  • In customer surveys

2. How we use your personal information and the basis on which we use it

We may use your personal information to:

  • provide, maintain, protect and personalize our services including our insurance products, consulting and broking services;
  • deal with your enquiries and requests;
  • cooperate with regulators and law enforcement bodies;
  • personalize the marketing messages we send you to make them more relevant and interesting and to customize and enhance your website or app experience;
  • resolve complaints, as well as handle requests for data access or correction;
  • protect your, our or others’ rights and interests; and
  • communicate with you regarding your account or changes to our policies, terms and conditions.

Some jurisdictions require a legal basis to use or process your personal information. In most cases the legal basis will be one of the following:

  • to fulfill our contractual obligations to you in connection with your policy or contract with us, for example using your contact details to reply to your requests. Failure to provide this information may prevent or delay the fulfillment of these contractual obligations;
  • in order to comply with our legal obligations, for example to keep records of the services we provide you with as required by applicable law or regulation, or to comply with any governmental, quasi-governmental or court orders or subpoenas;
  • where there is a public interest in the processing, for example where it is necessary in order to prevent and detect fraud; and
  • to meet our or a third party’s legitimate interests, for example to understand how you use our services and to enable us to derive knowledge from that to develop new services, to protect our rights or the rights of third parties, or to resolve any disputes. When we process personal information to meet our legitimate interests, we put in place robust safeguards to help ensure that your privacy is protected and that our legitimate interests are not overridden by your interests or fundamental rights and freedoms.

We may also obtain your consent to collect and use certain types of personal information, including when we are required to do so by law (for example, in certain jurisdictions where consent is always required to collect personal information, or in relation to our direct marketing activities or use of Cookies and Tracking Technologies, or when we process sensitive personal information about you). If we ask for your consent to process your personal information, you may withdraw your consent at any time by contacting us using the details at the end of this privacy notice.

3. Your rights over your personal information

You may have certain rights regarding your personal information, subject to local law. These include rights in certain circumstances to:

  • access your personal information;
  • request proof of the authorization or previous consent given to us to perform the collection and processing of the personal information;
  • rectify the information we hold about you;
  • erase your personal information;
  • restrict our use or disclosure of your personal information;
  • object to our use or disclosure of your personal information, for example you may object to direct marketing;
  • request information about the use and processing of your personal information by [Gallagher Group];
  • receive your personal information in a usable electronic format and transmit it to a third party (right to data portability);
  • revoke the consent given by you for the processing of your personal information; or
  • lodge a complaint with your local data protection authority.

If you would like to discuss or exercise such rights, as applicable under local law, please contact us at the details below.

We encourage you to contact us to update or correct your information if it changes or if the personal information we hold about you is inaccurate.

We will contact you if we need additional information from you in order to honor your requests.

4. Automated decisions about you

We may automatically process your personal information to make decisions or conduct ‘profiling’ about you. This involves using software that is able to evaluate your personal aspects and predict risks or outcomes. We carry out this automatic processing for the purposes of presenting important and relevant information. The processing may involve decisions about you that relate to your eligibility to access certain services. The significance of our actions in this connection is that is that it may have legal or similar effects for you, namely the services you are entitled to. The logic involved is dependent on the services you are entitled to based on data provided.

We will only make these kinds of automated decisions about you where:

  • such decisions are necessary for entering into a contract. [For example, we may decide not to offer Services to you, or we may decide on the types of Services that are suitable for you, or how much to charge you for our Services based on your credit history and other financial information we have collected about you];
  • such decisions are required or authorized by law, [for example for fraud prevention purposes]; or
  • you give your consent to us carrying out automated decision-making.

Subject to local legal requirements and limitations, you can contact us to request further information about automated decision-making, object to our use of automated decision-making, or request an automated decision to be reviewed by a human being.

We also make automated decisions about you based on your personal information in the following circumstances:

  • to select personalized offers, discounts or recommendations to send you based on the services you are entitled according to data provided to us, subject to any applicable laws or regulations.

These types of decisions will not have legal or similar effects for you, but you can still contact us for further information.

5. Information sharing

We may share your personal information with third parties for the purposes described in this privacy notice under the following circumstances:

  • Service providers and business partners. We may share your personal information with our service providers and business partners that perform marketing services and other business operations for us. For example, we may partner with other companies to process secure payments, fulfill orders, optimize our services, send newsletters and marketing emails, support email and messaging services and analyze information.
  • Our group companies. We work closely with other businesses and companies that fall under [the Gallagher Group]. We may share your personal information with other [Gallagher Group] companies for marketing purposes (subject to applicable laws or regulations), internal reporting and other purposes as described in this privacy notice. A list of companies within our group can be found here: https://www.ajg.com/about-us/
  • Law enforcement agency, court, regulator, government or quasi-governmental authority or other third party. We may share your personal information with these parties where we believe this is necessary to comply with a legal or regulatory obligation, to enforce or apply any agreements between us and you, to resolve any disputes, or otherwise to protect our rights or the rights of any third party.
  • Asset purchasers. We will not sell your personal information to third parties other than to the extent reasonably necessary to proceed with the consideration, negotiation, or completion of a merger, reorganization, or acquisition of our business, or a sale, liquidation, or transfer of some or all of our assets. Should such a sale or transfer occur, we will use reasonable efforts to try to ensure that the entity to which we transfer your personal information uses it in a manner that is consistent with this privacy notice.

Because we operate as part of a global business, the recipients referred to above may be located outside the jurisdiction in which you are located (or in which we provide the Services). See the section on “International Data Transfer” below for more information.

When required by applicable law, when we share personal information with corporate third parties we will ensure that such third parties maintain a comparable level of protection of the personal information as set out in this privacy notice by using contractual or other means. To the fullest extent permitted by applicable law, we exclude all liability arising from the use of your personal information by third parties. When required by applicable law, data transfers will be logged and documented, identifying the recipient of the data, the purpose of the transmission, and the type of data that was transmitted. Where required by law to do so, we can on request confirm the name of each third party that personal information is, or will be, transferred to.

6. Information security and storage

We implement technical, organizational, administrative and physical measures to help ensure a level of security appropriate to the risk to the personal information we collect, use, disclose and process. These measures are aimed at ensuring the on-going integrity and confidentiality of personal information. We evaluate these measures on a regular basis to help ensure the security of the processing. Please be aware that, despite our ongoing efforts, no security measures are perfect or impenetrable.

We restrict access to your personal information to those who require access to such information for legitimate, relevant business purposes.

We will keep your personal information for as long as we have a relationship with you. Once our relationship with you has come to an end, we will retain your personal information for a period of time that enables us to:

  • maintain business records for analysis and/or audit purposes;
  • comply with record retention requirements under the law;
  • defend or bring any existing or potential legal claims;
  • deal with any complaints regarding the Services; and

We will delete your personal information when it is no longer required for these purposes. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the personal information.

6.1 Secure communications

Please be aware that e-mail messages sent in clear text over the public internet can be observed by an unintended third party. Non-encrypted Internet e-mail communications may be accessed and viewed by other internet users without your knowledge and permission while in transit to us. If you wish to keep your information private, please do not use electronic mail to communicate information to us or request information from us that you consider to be confidential and/or proprietary. If you wish, you may contact us instead via telephone at the phone number provided:  https://gallaghercommunication.com/contact/.

6.2 Third-party vendors

For certain services on our website, such as live chat or webcasts, we will ask for information about you such as your name, business, and e-mail address. In cases where we use a third-party vendor to provide online services, the vendor has agreed to keep your information confidential. For example, transcripts of live chat sessions may be archived in a database by our vendor for review by our operators.

7. Links to other sites

We may provide links to other websites not owned or controlled by us that we think might be useful or of interest to you. We are not, however, responsible for the privacy practices used by other website owners or the content or accuracy contained on those other websites. Links to other websites do not constitute or imply endorsement by us of those web sites, any products or services described on those websites or any other material contained in them. We advise that you contact any third party websites directly for their individual privacy policies.

8. International data transfer

We may transfer certain personal information across geographical borders to our subsidiaries or service providers (working in conjunction with us or on our behalf) worldwide. Such transfers are made in accordance with applicable law.

Where you are based in the European Union you should be aware that your personal information may be transferred to, stored, and processed in a country that is not regarded as ensuring an adequate level of protection for personal information under European Union law.

Where you are based outside of the European Union, you should be aware that your personal information may be transferred to, stored, and processed in a jurisdiction that is not your home jurisdiction. You consent to the transfer, disclosure, storage and/or processing of your personal information outside the jurisdiction in which the information was originally collected.

We have put in place appropriate safeguards (such as contractual commitments) in accordance with applicable legal requirements to ensure that your personal information is adequately protected. For more information on the appropriate safeguards in place, please contact us at the details below.

9. Contact us

If you wish to exercise any of your rights detailed in section 3, our Data Protection Officer can be contacted at UK_GDPR@ajg.com.

We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you may have the right to make a complaint to the data protection authority in your country of residence.

10. Changes to the privacy notice

You may request a copy of this privacy notice from us using the contact details set out above. We may modify or update this privacy notice from time to time, under applicable local laws.

Where changes to this privacy notice will have a fundamental impact on the nature of our processing of your personal information or otherwise have a substantial impact on you, we will give you sufficient advance notice so that you have the opportunity to exercise any rights you may have under applicable law (e.g. to object to the processing).

Last Updated: 24/05/2018

Cookies Policy

1. We may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalized service. They enable us to:

  • estimate our audience size and usage pattern;
  • store information about your preferences, and so allow us to customize our site according to your individual interests;
  • speed up your searches; and
  • recognise you when you return to our site.

2. You may refuse to accept cookies by activating the setting on your browser which may allow you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site unless otherwise prohibited by applicable law.

3. We do not use cookies to track or report on activity when you are not on our website or to provide such information to other parties for their own marketing use. We do not use cookies to collect personal information such as your e-mail address, and we do not combine information collected through cookies with your personal information. We make no attempt to look at or examine other cookies or information that may be stored on your computer.

Last Updated: 24/05/2018