FIS Privacy Group
Furness Insurance Services Ltd | having its registered office in London (UK), 106, Fenchurch Street EC3M 5JF, Register Code 07161867, in the person of its legal representative |
International Professional Risks Ltd | having its registered office in London (UK), 106, Fenchurch Street EC3M 5JF, Register Code 04935842, in the person of its legal representative |
Furness Underwriting Ltd | having its registered office in London (UK), 106, Fenchurch Street EC3M 5JF, Register Code 06308306, in the person of its legal representative |
CHP Legal Ltd | having its registered office in London (UK), 106, Fenchurch Street EC3M 5JF, Register Code 07359628, in the person of its legal representative |
International Professional Risks Europe Srl | having its registered office in Bruxelles (Belgio), Bastion Tower – Level 20 Place du Champ de Mars 5, 1050, Register Code 0696.787.028, in the person of its legal representative |
Furness Underwriting Europe Srl | having its registered office in Bruxelles (Belgio), Bastion Tower – Level 20 Place du Champ de Mars 5, 1050, Register Code 0696.787.325, in the person of its legal representative |
Furness Underwriting SRL | having its registered office in Milano (ITA), Via Cassanese 47, C.F. / Partita I.V.A. 13260310969, in the person of its legal representative |
CHP Legal SRL | having its registered office in Milano (ITA), Via Cassanese n. 47, C.F. / Partita IVA 03392081208, in the person of its legal representative |
Furness Iberia SL | having its registered office in Madrid (SPA), Calle Orense núm. 81, (28020), CIF B01663392, in the person of its legal representative |
Purpose of this notification
The company Furness Insurance Services, with registered office at 106 Fenchurch Street, London EC3M 5JF, United Kingdom, together with the other companies indicated in the epigraph, entered into a Joint Controllership Agreement for the processing of personal data on 1.2.2025, in accordance with current legislation on the protection of personal data pursuant to art. 26 of Regulation 2016/679/EU (hereinafter also “GDPR”) and the UK GDPR, with which the “FIS Privacy Group” was established (hereinafter also referred to simply as the “Group”), and the methods of processing personal data shared by the Group have been established, a single and common DPO has been appointed (lawyer Maria Sofia Amalfitano – pursuant to art. 37 of EU Regulation 679/2016 and UK GDPR), and the various responsibilities have been distributed, with the clarification, contained in the aforementioned agreement (art. 10, co. 2), for which “It is understood that each Joint Controller will be responsible for any sanctions imposed by the Authorities or for damages caused to third parties as a result of data processing carried out by the same individual Joint Controller not in accordance with the Data Protection Management System (DPMS) adopted by the Group”.
Furness Insurance Services Ltd (hereinafter also referred to simply as the “Data Controller” or “Joint Controller” in the FIS Privacy Group), has developed a secure website and web services (hereinafter the “Website”) which insurance intermediaries can access to enter various data, including data relating to the contracting parties and/or beneficiaries and relevant risks, submit a request for a quote, prepare insurance policies and certificates, notify and manage claims (hereinafter the “Services”).
With this policy, the FIS Privacy Group intends to provide some information on the processing of personal data relating to Users who visit or consult the website accessible electronically from the address www.fisg.co.uk (the “Website”).
The FIS Privacy Group is committed to respecting and protecting your privacy and informs you that the use and simple navigation on the Web/App platform implies acceptance, by the User, of the so-called “Technical and functionality cookies” necessary for the operation of the same.
Furthermore, the User may receive, subject to prior consent, profiling and third-party cookies during simple navigation/use of the Web/App Platform, which are also used for advertising purposes.
This “Cookie Policy” is an integral part of the personal data processing policy of the website/app.
THE FUNCTION OF COOKIES
As is well known, cookies are usually text strings that websites/apps (so-called publishers or “first parties”) visited by the user or different websites or web servers (so-called “third parties”) place and store – directly, in the case of publishers, and indirectly, i.e. through the latter, in the case of “third parties” – within a terminal device (e.g. personal computer, tablet, smartphone or any other information storage device) available to the user.
The software for browsing the internet and the operation of devices can memorize cookies and transmit them again to the sites/Apps that generated them the next time the same user browses, thus keeping track of his/her previous interaction with one or more websites/Apps.
The information encoded in cookies may include personal information such as: (i) IP address, (ii) username, (iii) unique identifier and (iv) e-mail address. They may also contain non-personal data, such as language settings or information on the type of device a person is using to browse the site/App.
CLASSIFICATION OF COOKIES AND TRACKING TOOLS USED BY THE DATA CONTROLLER
The Data Controller uses cookies and tracking tools with different characteristics in terms of time (session and/or permanent) and in terms of the user.
The Data Controller uses cookies for various purposes, in order to offer you a fast and secure digital experience, for example, allowing you to keep the connection to the protected area active while browsing through the pages of the site.
Among the categories of cookies in use, we highlight: TECHNICAL AND FUNCTIONAL COOKIES. Technical cookies are used by the Data Controller to store the user’s session and to carry out other activities that are strictly necessary for the functioning of the site, for example in relation to the distribution of traffic. These cookies are installed directly by the Data Controller without the prior consent of the user. The user must be aware that the refusal of technical and functionality cookies could lead to a decrease in the level of functionality of the Site. THIRD PARTY COOKIES. Users may receive third party cookies while browsing the Site, i.e. cookies from sites, social networks and external platforms of third party companies also used for advertising purposes. If the user chooses to receive cookies from third-party companies, the communications that they will send in the future will be more responsive to the user’s interests. Below we report the third-party cookies and the links to express your consent to their installation. If you make no choice and decide to continue browsing the Website, you consent to the use of cookies. MAILCHIMP (The Rocket Science Group LLC). Mailchimp allows you to manage a database of email contacts, telephone contacts or any other type of contact used to communicate with the User. These services may also allow us to collect data relating to the date and time the messages are displayed by the User, as well as to the User’s interaction with them, such as information on clicks on the links inserted in the messages. Personal Data collected: surname, Cookies, Usage Data, email and name. Place of processing: United States – Privacy Policy. Subject adhering to the Privacy Shield. GOOGLE TAG MANAGER (Google Ireland Limited). Google Tag Manager is a tag management service provided by Google Ireland Limited that is functional to the centralized management of the tags or scripts used on this Website, allowing the flow of User Data through them and, if necessary, their retention. Personal Data collected: Cookies and Usage Data. Place of processing: Ireland – Privacy Policy. Subject adhering to the Privacy Shield. FACEBOOK MENEGER CUSTOMER CHAT (Facebook, Inc.). Facebook Messenger Customer Chat is a service for interacting with the Facebook Messenger live chat platform, provided by Facebook, Inc., which allows interaction with live chat platforms, managed by third parties, directly from the pages of this Website. This allows the User to contact the support service of this Website or for this Website to contact the User while he/she is browsing its pages. In the event that an interaction service with live chat platforms is installed, it is possible that, even if the Users do not use the service, it collects Usage Data relating to the pages in which it is installed. Furthermore, live chat conversations may be recorded. Personal Data collected: Cookies, Data communicated while using the service and Usage Data. Place of processing: United States – Privacy Policy. Subject adhering to the Privacy Shield. GOOGLE RECAPTCHA (Google Ireland Limited). Google reCAPTCHA is a SPAM protection service provided by Google Ireland Limited, which allows the traffic of this Website, potentially containing Personal Data of Users, to be analyzed in order to filter it from parts of traffic, messages and content recognized as SPAM. Use of the reCAPTCHA system is subject to Google’s privacy policy and terms of use. Personal Data collected: Cookies and Usage Data. Place of processing: Ireland – Privacy Policy. Subject adhering to the Privacy Shield. FACEBOOK SIMILAR AUDIENCE (Facebook, Inc.). Facebook Similar Audience is an advertising and behavioral targeting service provided by Facebook, Inc. which uses Data collected through Facebook’s Custom Audience service to show advertisements to Users with behavior similar to Users who are already on a Custom Audience list based on their previous use of this Website or their interaction with relevant content through Facebook applications and services. Based on this data, personalized ads will be shown to users suggested by similar Facebook audiences. Users can choose not to use Facebook cookies for ad personalization by visiting this opt-out page. Personal Data collected: Cookies and Usage Data. Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant. FACEBOOK REMARKETING (Facebook, Inc.). Facebook Remarketing is a remarketing and behavioraltargeting service provided by Facebook, Inc. that connects the activity of this Website with the Facebook advertising network. Users can also choose not to participate in certain advertising features through the corresponding device configuration options, such as the advertising configuration options of the mobile device or the generic advertising configuration. Personal Data collected: Cookies and Usage Data. Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant. FACEBOOK CUSTOM AUDIENCE (Facebook, Inc.). Facebook Custom Audience is a remarketing and behavioral targeting service provided by Facebook, Inc. that connects the activity of this Website with the Facebook advertising network. Users can choose not to use Facebook cookies for ad personalization by visiting this opt-out page. Personal Data collected: Cookies and email. Place of processing: United States – Privacy Policy – Opt Out. Privacy Shield participant. GOOGLE ANALYTICS USER ID EXTENSION (Google Ireland Limited). Google Analytics on this Website uses a feature called User ID. This allows for more accurate tracking of Users by assigning a unique ID to each User for various sessions and devices, but in such a way as to not allow Google to personally identify an individual or permanently identify a specific device. The User ID extension also allows you to connect Data from Google Analytics with other User Data collected by this Website. The opt-out link below will only disable tracking for the device you are currently using, but does not prevent the Owner from performing tracking activities via other means. If you wish to opt-out of all tracking by the Owner, please contact the Owner via the contact email address. Personal Data collected: Cookies. Place of processing: Ireland – Privacy Policy – Opt Out. Subject adhering to the Privacy Shield. GOOGLE ANALYTICS (Google, Inc.). Google Analytics is a web analysis service provided by Google Inc. (“Google”). Google utilizes the Personal Data collected for the purpose of tracking and examining the use of this online space, compiling reports and sharing them with other services developed by Google. The IP address is anonymized so that it is not possible to re-identify the user. Personal data collected: various types of personal data, including usage data, as specified in Google’s privacy policy. Place of processing: Ireland – Privacy Policy – Opt Out. Subject adherent to the Privacy Shield. FACEBOOK ADS CONVERSION MONITORING (Facebook pixel) (Facebook, Inc.). Facebook Ads conversion monitoring (Facebook pixel) is a statistics service provided by Facebook, Inc. that links data from the Facebook ad network with actions performed on this Website. The Facebook pixel tracks conversions that can be attributed to ads on Facebook, Instagram and Audience Network. Personal Data collected: Cookies and Usage Data. Place of processing: United States – Privacy Policy. Subject adhering to the Privacy Shield. GOOGLE MAPS WIDGET (Google Ireland Limited). Google Maps is a map visualization service provided by Google Ireland Limited that allows this Website to incorporate content of this kind on its pages. Personal Data collected: Cookies and Usage Data. Place of processing: Ireland – Privacy Policy. Privacy Shield participant.
HOW TO SETTING COOKIES
In addition to what is indicated in this document, the user can manage preferences related to Cookies directly within his browser and prevent – for example – that third parties can install them. Through the browser preferences it is also possible to delete Cookies installed in the past, including the Cookie in which the consent to the installation of Cookies by this Site is eventually saved. It is important to note that disabling all Cookies may compromise the functioning of this Site. The user can find information on how to manage Cookies in his/her browser at the following addresses:
Google Chrome https://support.google.com/chrome/answer/95647?hl=en&p=cpn_cookies
Mozilla Firefox https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
Safari https://support.apple.com/en-us/HT201265
Microsoft Explorer http://windows.microsoft.com/en-us/windows-vista/block-or-allow-cookies
The cookies stored on your terminal cannot be used to retrieve any data from your hard disk, transmit computer viruses or identify and use your e-mail address. Each cookie is unique in relation to the browser and device you use to access the Website or use the Company App. In general, the purpose of cookies is to improve the functioning of the website and the user’s experience when using it, although cookies can be used to send advertising messages (as specified below). For more information on what cookies are and how they work, you can consult the website “All about cookies” http://www.allaboutcookies.org.
Notwithstanding the above, the User may use the information provided by EDAA (EU), Network Advertising Initiative (USA) and Digital Advertising Alliance (USA), DAAC (Canada), DDAI (Japan) or other similar services. With these services it is possible to manage the tracking preferences of most advertising tools. The Owner, therefore, advises Users to use these resources in addition to the information provided in this document.
HOW CAN I BLOCK COOKIES?
All browsers allow you to delete cookies from your computer’s hard drive, to receive a warning when they are saved or to disable them altogether. For information on how to do this, please refer to the instructions or help screen of your browser. To withdraw your consent, you can also refer to the third-party websites that can be reached through the following link: http://www.allaboutcookies.org/manage-cookies/index.html.
The FIS Privacy Group uses the services of the Provider “123 Reg” (https://www.123-reg.co.uk/) for the calculation, storage and database of personal data. Personal Data collected: Cookies and Usage Data. Place of processing: mainly EU, UK and United States.
METHOD OF ACQUIRING CONSENT USING COOKIES AND APPLICABLE REGULATIONS
The Data Controller, as regards technical and functionality cookies, is obliged towards the User to provide only the information and is not required to acquire the consent of the interested party, as they are necessary for mere navigation on the Web Platform/App.
On the other hand, with regard to profiling cookies and other tracking tools, the Data Controller may use them after acquiring the consent of the interested party, in any case expressed in a clear, specific and unequivocal way. Therefore, the Data Controller may use specific configurations of computer programs or devices whose usability by the user is clear and simple.
In this regard, the Data Controller can acquire consent regarding profiling cookies from the interested party through a positive and unequivocal act (opt-in) with which the interested party expresses their free, specific, informed and unequivocal intention to accept the processing of personal data concerning them. This will be possible because the Data Controller has provided for the selection of a specific box within the Web Platform/App with which the interested party can select profiling cookies and/or other tracking tools such as to make navigation more suited to their needs and interests.
The legal basis for the processing applicable to profiling and third-party cookies is constituted by Directive 2002/58/EC (so-called ePrivacy Directive), by art. 122 of Legislative Decree no. 196/2003 (for ITALY), the Regulation, specifically concerning the notion of consent as per articles 4, point 11) and 7 and recital 32, as last interpreted by the WP29 Guidelines adopted on April 10, 2018, ratified by the European Data Protection Board (hereafter, EDPB) on May 25, 2018 and last replaced by the Guidelines 05/2020 on consent under Regulation 2016/679 adopted on May 4, 2020.
Precisely with reference to aspects concerning the protection of personal data, pursuant to art. 33 of the GDPR, users are invited to report to the Company any circumstances or events that could result in a potential “personal data breach” in order to allow for an immediate evaluation and the adoption of any actions aimed at countering such an event by sending a communication to dpo@fisg.co. uk or by contacting the data controller or the DPO.
COMMUNICATION AND TRANSFER OF DATA ACQUIRED THROUGH COOKIES
For data acquired through the use of technical and functional cookies, as well as profiling and/or third-party cookies, the Data Controller may communicate and process the personal data of users/customers in Italy and abroad to third parties with whom we have relationships, where these third parties provide services at our request. We will only provide these third parties with the information necessary to perform the services requested, taking all measures to protect your personal data. The data may be transferred outside the European Economic Area if this is necessary for the management and operation of the Web/App platform. In this case, the recipients of the data will be subject to protection and security obligations equivalent to those guaranteed by the Data Controller. In the case of using services offered directly by Partners, we will only provide the data strictly necessary for their execution. In any case, only the data necessary for the fulfillment of the intended purposes will be communicated and, where required, the guarantees applicable to the transfer of data to third countries will be applied. Furthermore, personal data may be communicated to the competent public bodies and authorities for the purpose of fulfilling regulatory obligations or ascertaining responsibility in the event of computer crimes against the site, as well as communicated to, or allocated to, third parties (as managers or, in the case of electronic communication service providers, as autonomous owners), that provide IT and telematic services (e.g.: hosting services, website management and development) and that the Company uses to perform tasks and activities of a technical and organizational nature that are essential to the functioning of the website. The subjects belonging to the above categories operate as separate Data Controllers or as Managers appointed for this purpose by the Company.
Furthermore, personal data may be accessed by the Data Controller’s employees/consultants who are specifically trained and appointed as Data Processors or External Data Processors.
The categories of recipients to whom the data may be communicated are available by contacting the Data Controller and the DPO at the addresses indicated below.
Rights of data subjects
You may exercise your legal rights at any time, as indicated in the Privacy Policy of which this is an integral part.
Responsibility for data processing
The data controller is Furness Insurance Services Ltd, with registered office in London (UK), 106, Fenchurch Street EC3M 5JF, Registration Code 07161867, in the person of the legal representative Mr. BERNARDO GOZZI, E-mail info@fisg.co. uk, Tel. +44 (0)20 3384 0084.
FIS Privacy Group – dpo@fisg.co.uk
DPO, Maria Sofia Amalfitano, Lawyer
email sofia.studiolegalefalanga_ext@fisg.co.uk
Use of the Website, including the versions designed for tablets and/or smartphones, by the User implies full knowledge and acceptance of the content and any indications included in this version of the information published by the Data Controller at the time the site is accessed. The Data Controller informs that this policy can be modified without notice, by informing Users on this page and, if possible, on this Application as well as, if technically and legally feasible, by sending a notification to Users through one of the contact details held by the Data Controller. If the changes affect processing activities performed on the basis of the User’s consent, the Owner will collect new consent from the User, where necessary. It is strongly recommended to check this page often, referring to the date of the last modification indicated at the bottom.
Data Controller
Furness Insurance Services Ltd