Privacy Policy

The protection of your personal information is important to us. We respect your privacy and want you to understand how we use the information that you provide to us. This Privacy Notice and the SBC Group's Privacy Policy together with our terms and conditions, sets out the basis in which we may collect, share and use your personal information. In accordance with the relevant legislation and privacy principles applicable to each jurisdiction in which we operate, SBC is committed to respecting and protecting the confidentiality and security of the information that you provide to us.

This Privacy Notice is to provide you, whether you are a customer, a partner or employee of a customer or other individual about whom we control data, with helpful information about the types of data we process and what we do with that data. If you have any questions, or if you want any further information, please contact us using the contact details below.

Contact details

Website: www.southbritishcapital.com
Telephone: +64 276432966
Email: [email protected]

The data we handle

We are data controllers. The data we process concerns people with whom we have business relationships, including the directors, partners and employees of our customers and potential customers and other third parties who interact with us. In the course of providing products and services we may also process some personal data in respect of the customers of our customers.

We may obtain personal data directly from the individuals concerned, from our customers, potential customers, from third parties involved in matters we act on for our customers, and from other third parties (including publicly available information).

The types of data we process are varied and will include detailed data about our customers' businesses, including personal data about directors, partners, employees and affiliates. We may record full names, contact details, and associated personal data. If we do so, and we cannot avoid processing such personal data, this Privacy Notice will apply to the individuals concerned.

In some circumstances we may handle special category personal data (sensitive information) and information about criminal convictions, in which case we take particular care to only process such data in accordance with legal constraints. Where necessary, we will obtain the express consent of the data subject to processing such data. Special category data can include information about the health, racial or ethnic origin, religious or political beliefs, trade union membership, sex life or sexual orientation; genetic or biometric data; or philosophical beliefs of an individual.

We will only collect personal information (other than sensitive information) about you where the information is reasonably necessary for the activities or functions we undertake with or for you and/or as otherwise permitted by the relevant jurisdiction legislation. These activities and functions usually involve the issue of, or activities associated with the issue of, a surety product to or on your behalf and/or the settlement of a claim. If you are providing a personal guarantee to us related to a surety product, we may need information about your financial status. This may require us to collect personal information such as your name, age, gender and your employment details. If you are applying for a job with us, we may need personal information such as your qualifications and past occupations.

We will collect sensitive information about you if you consent and the information is reasonably necessary for the activities or functions we undertake with or for you and/or as otherwise permitted by the relevant legislation. This may require us to collect sensitive but relevant information such as your credit information. If you are applying for a job with us or if you are providing a personal guarantee to us, we may need sensitive information such as details of any criminal record.

What we do with data

We process personal data for the purpose of providing surety products and associated activities to our customers and also for our own general business purposes which may include:

administering our customers' accounts, billing and tracing and collecting any debts.
reporting to any relevant corporate entity relevant to your business.
managing our business performance and assessing customer satisfaction (such as asking for customer feedback, monitoring customer records, testing and updating our systems, networks, applications or software, and general improvement of our services).
advertising, marketing and public relations, including sending direct marketing communications (subject to the restrictions of the relevant law and regulation).
ensuring the safety and security of our people and premises.
disclosures to our auditors and our own legal and other professional advisors.
fraud prevention, anti-money laundering, anti-bribery and for the prevention or detection of crime.

Our basis for processing

We will only process personal data where we have a lawful basis for doing so. In general, our lawful basis will be one or more of the following:

the processing is necessary for the assessment and potential issue of a surety product or associated activity on your behalf or at your request prior to entering a contract.
the processing is necessary for compliance with our legal obligations.
the processing is necessary for the purposes of pursuing our legitimate interests (this includes carrying out our business of providing surety products to corporate and individual customers and pursuing our general business interests).
the processing is necessary for the establishment, exercise or defence of surety and/or legal claims.

In addition, in some circumstances we may process personal data on the basis that an individual has provided their express consent, for example, for marketing to an individual by email or SMS or for the processing of special category data. Please note that the individual concerned may withdraw their consent at any time by contacting us using the contact details above.

Direct Marketing

We may send marketing materials to you as prospective customers introduced to us via corporate wholesale distribution channels, having firstly obtained the consent of the corporate body with whom you have a commercial relationship, provided we are otherwise permitted to do so by law. Individuals and firms will always have the right to unsubscribe from any marketing. Instructions on how to opt-out will be included within the communication concerned. Alternatively, please use the contact details above.

Who we share data with?

In providing our services and in complying with our legal obligations, we may share the personal data that we obtain, insofar as we are required or permitted by law to do so, with the following third parties:

insurers used by us in providing the product or service you have asked us to provide, details of which can be made available on request.
service providers used by us in processing any claim including loss adjustors and claims management providers, document storage facilities and IT service providers such as cloud providers of software, data room and IT servers.
our auditors, our own legal and other professional advisors, our insurers and insurance brokers.
government agencies, regulators, the police/law enforcement agencies and other authorities (including the Insurance Ombudsman).
financial organisations, debt collection, credit reference and tracing agencies, and related investigators.
any relevant corporate entity relevant to your business that you require us to disclose information to (such as a franchisor or trade supplier in the case of franchise bonds).

We may also share your personal data with anyone you have authorised to deal with us on your behalf.

Where data may be sent

The data we collect may be transferred to, and stored at, a destination outside of your local jurisdiction. It may also be processed by staff operating outside of the local jurisdiction who work for one of our suppliers. If we provide information to a third party, we will ensure that it and any of its agents and/or suppliers take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Fair Processing Notice.

How long we keep data

We will keep personal information no longer than is necessary for the purpose for which it was provided unless we are required by law or have other legitimate reasons to keep it for longer (for example if necessary for any legal proceedings). These retention periods depend on the nature of our relationship with the individual and the information involved. For instance, we generally retain relevant personal data for the duration of our business relationship and for up to one year after that relationship has concluded, or the time for any possible claim has expired.

How we maintain data

We will take reasonable steps to ensure that personal information we collect, hold, use and disclose is accurate, up-to-date, complete and relevant. We are committed to keeping secure the personal information provided to us. We will take all reasonably necessary steps to protect the personal information we hold about you from misuse, interference and loss and from unauthorised access, modification or disclosure. We have a range of practices and policies in place to provide a robust security environment. We will ensure the ongoing adequacy of these measures by regularly reviewing them. Our security measures include but are not limited to:

Ongoing education of our staff as to their obligations with regard to your personal information.
A data security management policy and processes.
A data breach notification management policy and processes.
Employing physical and electronic means including access controls to protect against unauthorised physical access.
Use of passwords when accessing our systems.
Restricting access to electronic records on a “need to know” basis.
Daily back-up of our data to minimise chance of data loss.
Employing firewalls, intrusion systems and virus scanning tools to protect against unauthorised persons and viruses from entering our systems.
Entering into confidentiality agreements with employees and third parties.
Lockable secure storage for physical records containing personal information.

Complaints

All persons about whom we hold or process personal data (data subjects) have the right to lodge a complaint with the relevant Ombudsman or Information Commissioner in respect of our processing of their personal data.

To raise a complaint with us in the first instance, please contact us using the contact details above.

Individuals' rights under UK Data Protection law and regulation

All persons about whom we hold or process personal data (data subjects) have rights under data protection laws to request from us access to or rectification of their personal data. We will erase any or all of your personal data upon your specific request where we have no legitimate reason to continue to hold your information. You also have the right to request the restriction of any processing or to object to our processing of your personal data. You also have the right to data portability. Please use the contact details above to exercise your rights.