Premex Services Limited Privacy Notice – Injured Parties
Who We Are
Premex Services Limited (also trading as Premex+ and Pagin8) “we” are a provider of specialist outsourcing services to the insurance and legal industries.
We have been asked to contact you by your insurer or solicitor, to carry out the following service:
Facilitate in the creation of an independent medical report following a recent legal claim that has been made by you or a third party.
The Purpose for Processing:
We will need to process your personal data, and in particular personal data relating to your health, for the following reasons:
To facilitate in the creation of an independent medical report. This can include sourcing relevant medical records, identifying a suitably qualified medical expert and, where required, arranging a face to face assessment for you.
To provide you with service updates or important notices that we think may impact on our ability to deliver services to you.
In order to form a defence of any legal claim that may be brought against us.
To process your personal data in line with any legal obligations we are required to comply with. This will include our obligations to you in relation to the processing of your personal data.
To carry out market research to help us improve our services and product offerings, however we will ask for separate consent prior to this.
We can assure you that we will only ever process the minimum personal data required to carry out the services identified above.
Lawful Basis for Processing
We will process your personal data in line with the following lawful bases:
We believe that we have a genuine and legitimate reason to process your personal data and we do not feel that processing your personal data will harm any of your rights and interests.
We operate on the basis that you are already actively aware of our involvement in this process and you fully expect us to provide this service to the insurer/solicitor that we have received our instructions from.
We may be required to process your personal data to comply with our legal obligations. This can include complying with a subject access request you have made or supplying personal data to public authorities once we have verified a request.
Categories of Personal Data Collected
We will have received the following information from your insurer/solicitor prior to us getting in touch with you:
Your name and contact details
Basic information relating to your claim
We may also be provided with instructions on the particular type of medical expert, especially in cases where specialist medical experts are required.
Information relating to your health, this can include your medical records and we will also have sight of the medical report.
Categories of Recipients
We will never share your information with any third parties that intend to use your personal data for their own purposes, other than what they are required to by law.
We will be required to transfer your personal data to the nominated medical expert as they will need this to be able to create the independent medical report.
We will also share your personal data with selected third parties who assist us in our service provision to you.
All third parties are fully vetted to ensure that your data is only shared and stored with companies that comply with all applicable Data Protection Regulations, including the General Data Protection Regulation and the Data Protection Act.
Your personal data will not be shared or stored outside the European Economic Area unless we have been specifically instructed to do this by your solicitor/insurer. In these exceptional cases we will ensure that all appropriate safeguards are in place and third parties comply with all applicable Data Protection Regulations, including the General Data Protection Regulation and the Data Protection Act.
We will retain your personal data:
- During the course of our service provision
- For a further 7 years following the settlement of your claim
- We will only use your personal data to the extent necessary to comply with our legal obligations (for example for HMRC financial accounting obligations as well as to enable us to defend any claim that may be brought against us in respect of the work we undertake as a business).
- Under the Data Protection Act you have the following rights in relation to your personal data.
- Right to Access - You have a right to request a copy of your personal data.
- Right to Rectification - You have the right to ask us at any time to make any corrections or remove any personal data that you believe is inaccurate.
- Right to Erasure - You have the right to request the erasure of the personal data. However we may still need to retain personal data to comply with our legal obligations. In the event of a request we will provide you with full details of the personal data that we are required to retain.
- Right to Restriction - You have the right to request a restriction in the processing of your personal data.
- Right to Objection - You have the right to object to the processing of your personal data.
We will aim to respond to any requests relating to your rights without undue delay and in any case within 30 calendar days of receipt of your request. We may ask you to confirm your identity so that we can validate a request. If you would like to make a request, please email or write to us using the contact details provided below. We will also notify your insurer/solicitor if we receive a request from you.
If you are unhappy about any aspect of our process and you would like to file a complaint please contact us using the details below.
Alternatively if you would like to make a complaint or report a concern about the way in which we have processed your personal data then please contact the Information Commissioner’s Office who will be able to provide further assistance.
If you have any further questions or would like to raise any concerns about the way in which your personal data has been processed, please feel free to contact our Data Protection Officer using the information provided below:
Email: email@example.com – Please indicate in the header of the email that the email is intended for the Data Protection Officer.
Write to us:
Data Protection Officer
Legal and Compliance Dept
Premex Services Limited
Futura Park Middlebrook