Privacy and Data Protection Policy
1. Who we are
In the EU/EEA our legal entity is Rising Edge (Europe) GmbH, a company located at Friedensstraße 7, 60311 Frankfurt am Main, Germany, and registered at the Frankfurt Chamber of Commerce under HRB 114691.
In the UK, our main legal entity is Rising Edge Ltd (“Rising Edge”, also referred to in this Notice as “we", "us", or "our”), authorised and regulated by the FCA with firm reference number 979522.
We are committed to protecting the confidentiality and security of the information that you provide to us, in accordance with:
The UK’s updated Data Protection Act 2018 (‘DPA’), which was initially the UK’s enactment of the EU GDPR;
The UK retained provisions of the EU’s General Data Protection Regulation (‘UK GDPR’) (retained by virtue of the European Union (Withdrawal) Act 2018);
Regulations based on wider EU legislation such as the Privacy and Electronic Communications Regulations (EC Directive) 2003 (‘PECR’) and future updates; and
Wider guidance from the Information Commissioners Office – www.ico.org.uk
This Privacy and Data Protection Policy is designed to help you understand how we collect and use your information.
If you have any questions or queries about this policy, please contact us.
2. How to contact us
For any questions or concerns relating to this Privacy and Data Protection Policy or our data protection practices, or to make a subject access or any other request regarding the information we hold, please contact us at:
For EU/EEA - Rising Edge (Europe) GmbH, Friedensstraße 7, 60311 Frankfurt am Main, Germany
For UK - Rising Edge Ltd, 3 Lloyds Avenue, London, EC3N 3DS, United Kingdom
email: info@amaniki.com or team@risingedge.co
Tel: +44(0)330 088 9637
Website: www.risingedge.co
In person: By visiting our office in the UK at 3 Lloyds Avenue, London, EC3N 3DS, United Kingdom or our office in the EU, Friedensstraße 7, 60311 Frankfurt am Main, Germany
Our Data Protection Officer is Owen Dacey: owen.dacey@risingedge.co
3. Nature of personal information
Personal data is any information that may identify a living individual.
We collect personal information such as name, contact details, financial details, employment details and other personal details depending on the nature of the insurance and other services we offer.
We may collect, use and store sensitive personal information such as legal proceedings and medical conditions as necessary in relation to insurances, underwriting and employment relations risk management. This information may be shared with insurers, and our third-party service providers. Where necessary, we shall obtain your consent to the processing of such information.
4. Why we need and how we use your personal information
Legal basis: We only collect, use and store your information where we have lawful grounds and legitimate business reasons to do so.
We rely on one or more of the following legal bases:
Performance of a contract with you: Where we need to perform the contract we are about to enter into or have entered into with you.
Legitimate interests: We may use your personal data where it is necessary to conduct our business and pursue our legitimate interests, for example to prevent fraud and enable us to give you the best and most secure customer experience. We make sure we consider and balance any potential impact on you and your rights (both positive and negative) before we process your personal data for our legitimate interest. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
Legal obligation: We may use your personal data where it is necessary for compliance with a legal obligation that we are subject to. We will identify the relevant legal obligation when we rely on this legal basis.
Consent: We rely on consent only where we have obtained your active agreement to use your personal data for a specified purpose, for example if you subscribe to an email newsletter.
What we do with the data: We collect, use and store your personal information in order to fulfil requests for quotes, products and services as part our insurance broking, claims handling and risk management business. It may also be used to verify your identity, to administer payments and to enable us to carry out anti-money laundering and other financial crime checks where required. If you pay by instalments your information may also be used to arrange credit.
The use of your data is essential for us to check your identity, to enable you to enter into an insurance contract and for the insurance to operate (in the event of a claim, for example). We may also use it to keep our records up to date, to notify you about changes to our service and to help us in develop new products and services.
If you do not provide the information required, we are unlikely to be able to arrange your insurance and may not be able to provide certain services to you.
We and/or other parties may use your information for purposes such as statistical and trend research and analysis which may include computerised processes which profile you. Automatic profiling helps us understand, predict and forecast customer preferences and to improve the products and services we offer and to assess which products might be most suitable for you.
We may monitor calls, emails, text messages and other communications with you. When you contact us, we may keep a record of that correspondence, and any information provided to us during that or any subsequent communication.
5. Marketing
We may send marketing materials to you on the basis of our legitimate interests or, where necessary, having obtained the consent of the individual concerned, provided we are otherwise permitted to do so by law. You can ask to stop sending you marketing communications at any time by following the opt-out links within any marketing communication sent to you or by contacting us (details above). If you opt out of receiving marketing communications, you will still receive service-related communications that are essential for administrative or customer service purposes.
6. Sharing information
We will only supply your personal information to other parties where such a transfer is a necessary part of the activities that we undertake, where you give us consent or where we are required to do so by law or regulation (e.g. where the disclosure is necessary for the purposes of the prevention and/or detection of crime).
As an intermediary we must disclose personal information to insurance companies, business partners and other parties in order to provide our products and services and to enable you to enter into insurance contracts. Examples of other parties include other insurance intermediaries, our auditors, our own legal and professional advisors, loss adjusters, regulatory bodies, legal and accountancy firms involved in the claims handling process. Such service providers are contractually restricted from using or disclosing the information we give them except as necessary to perform services on our behalf or to comply with legal requirements.
We may also share your personal information with fraud prevention agencies, government agencies, regulators, and police/law enforcement agencies and other authorities (including the Information Commissioner and Ombudsman). We may pass information relating to your insurance policy to the operators of these registers, their agents and suppliers.
We only share your information if we are satisfied that our partners or suppliers have sufficient measures in place to protect your information in the same way that we do.
We may also disclose personal information to new owners of our business in the event that we are subject to a merger or acquisition. Disclosure may also be made to enable company audits, regulatory inspections or to investigate a complaint, suspicion of fraud or a security threat.
We never share your information outside our organisation for marketing purposes.
You understand that we may disclose the information you provide to relevant other parties for the purposes described in this Notice.
7. Transfer of personal data outside the UK or EEA
Certain personal information held on our Information Technology systems may be transferred across geographical borders in accordance with applicable law.
By providing us with your information, you consent to the collection, international transfer, storage, and processing of your information. These transfers are governed by European Union (EU) standard contractual clauses or equivalent data transfer agreements to protect the security and confidentiality of personal information.
8. Information from other sources
We may use legal public sources such as the electoral roll and other third-party sources to obtain information about you, for example to verify your identity or to carry out sanctions checks.
Some personal information may be provided to us by third parties such as insurance companies and other insurance intermediaries. In some cases you will have previously submitted your personal information to them and given them approval to pass this information on for certain purposes.
Such information will only be obtained from reputable sources which operate in accordance with the General Data Protection Regulation.
9. How long we keep information about you:
We will keep your information for as long as it is required to enable us to provide quotations, administer your insurances, offer renewal and respond to any claims or complaints (which may arise after the period of insurance has expired). This will usually be a minimum period of seven years or otherwise as determined by law, commercial considerations, or regulation. Once we decide that we no longer need your information it will be securely and confidentially destroyed.
10. Your data protection rights
You have certain legal rights under UK and EU/EEA data protection law and regulations, summarised as follows:
The right to be informed about our data processing activities, including through notices such as this one.
The right of access to the personal information we hold about you. To request a copy of this information you must make a subject access request in writing to us.
The right of rectification. You may ask us to correct any inaccurate or incomplete data within one month.
The right to erasure and to restrict processing. You have the right to have your personal data erased and to prevent processing except where we have a legal obligation to process your personal information. You should bear in mind that by exercising this right you may hinder or prevent our ability to provide products and services.
The right to data portability. On your request, we will provide you with your personal data in a structured format.
The right to object. You have particular rights in relation to automated decision making and profiling to reduce the risk that a potentially damaging decision is taken without human intervention. You can object to your personal data being used for profiling, direct marketing or research purposes.
If you want to invoke any of these rights, please write to us:
Rising Edge Ltd, 3 Lloyd’s Avenue, London EC3N 3DS or Rising Edge (Europe) GmbH, Friedensstraße 7, 60311 Frankfurt am Main, Germany or email: team@risingedge.co
We will respond to your request within one month, as required by law. If we need more time to process your request, we will inform you of the delay and the reason.
11. Withdrawal of consent
Where you have provided your specific consent to the use of personal data, you may withdraw that consent by contacting us:
Rising Edge Ltd, 3 Lloyds Avenue, London, EC3N 3DS, United Kingdom or Rising Edge (Europe) GmbH, Friedensstraße 7, 60311 Frankfurt am Main, Germany
email: info@amaniki.com or team@risingedge.co
Tel: 0330 088 9637
In person: By visiting our office at 3 Lloyds Avenue, London, EC3N 3DS, United Kingdom or Friedensstraße 7, 60311 Frankfurt am Main, Germany
12. How to make a complaint
UK
If you wish to make a complaint about how we hold or use your data, please contact us:
Rising Edge Ltd, 3 Lloyds Avenue, London, EC3N 3DS, United Kingdom
email: complaints@risingedge.co
Tel: 0330 088 9637
If you are dissatisfied with how we deal with your complaint, you may contact the Information Commissioner’s Office. The Information Commissioner Wycliffe House Water Lane Wilmslow Cheshire, SK9 5AF; Phone: 0303 123 1113, Website: www.ico.gov.uk. We are registered with the ICO under the reference ZA093595.
EEA
If you wish to make a complaint about how we hold or use your data, please contact us:
Rising Edge (Europe) GmbH, Friedensstraße 7, 60311 Frankfurt am Main, Germany
Email: eucomplaints@risingedge.co
Tel: 0330 088 9637
In the EEA, please contact your local authority which you can find here: https://edpb.europa.eu/about-edpb/board/members_en
We may amend this Privacy and Data Protection Policy from time to time for example, to keep it up to date or to comply with legal requirements.
Review date: 17 February 2025