In preparation for the 25 May 2018 we have undertaken a number of activities:

are GDPR ready

Training and support for our appointed representatives and partners

Any questions? Get in touch.

Defined our Legal Basis for Processing Data

Fish processes data for two purposes:

We have documented:

Insurance Legal Basis - Necessary for performance of a contract & public interest (special category and conviction data)

MarketingLegal Basis - Consent & Legitimate Interest

Introduction of email encryption

Undertaken information security review & attained recognised standard

IASME Governance Standard. This standard includes an assessment against the requirements of the GDPR.The IASME standard was recently recognised as the best cyber security standard for small companies.

To protect our customers all emails to policyholders, insurers and third party

organisations, which contain individual’s personal data, will be encrypted.

To support the organisations that work with us we have provided awareness training covering:

Background to the GDPRNew Rights for IndividualsChanges to the Data Protection PrinciplesHow GDPR impacts you dealing with Fish

Fish Insurance is a trading name of Fish Administration Ltd which is authorised and regulated by the Financial Conduct Authority under Firm Reference 310172. Fish Insurance is registered in England and Wales. Company Registration Number 4214119. Registered Office: 68 Lombard Street, London, United Kingdom, EC3V 9LJ.

Information factsheetResource links to the ICO website

@

Cleansed our data on all systems

Data stored in accordance with the agreed data mapsData outside agreed retention periods deleted

Conducted information audit and created data maps

What personal information we ask for and whyWhere we store the data and who has access to itWho we share the information withHow long we keep it for

To ensure all our people comply with the GDPR we have provided awareness training covering:

Additional support material:

Background to the GDPRNew Rights for IndividualsChanges to the Data Protection Principles

What Fish has been doing to become GDPR compliantHow GDPR impacts Fish

Changes to call structures

Updated the marketing and consent section within our call structures

Changes to our website

Marketing PreferencesCookie PolicyPrivacy Notice

Policy WordingsCustomer Terms of BusinessApplication Forms

Updated our policies & procedures

Data ProtectionInformation SecurityBreach Reporting Procedures

Call RecordingData Request, Change & Deletion (SAR)Marketing

Produced revised documentation

Privacy NoticePolicy WordingsApplication FormsCustomer Terms of Business

Insurer Terms of Business AgreementsAgent Terms of Business AgreementsAgent Bordereaux

Staff training

TRAINING

e

PROGRAMME

Support to our Independent Living policyholders

So our Independent Living policyholders understand the impact the GDPR has on them, as employers, we have provided:

GDPR Information factsheet.24/7 Employment Law Line provided by Peninsula Business Services.Updated employment documentation, including revised terms and conditions, have been created by Peninsula and will be readily available to our policyholders.

Becky RourkeBusiness Partnerships Manager

John TraynorBusiness Partnerships Executive

E: becky.rourke@fishinsurance.co.ukM: 07867 467 773

E: john.traynor@fishinsurance.co.ukM: 07867 467 775