Privacy Notice

JSBCA T/A Low.ie is committed to protecting and respecting your privacy and would like you to feel safe when you give us your personal details. Our principal business is to provide advice and arrange transactions on behalf of clients in relation to Life, Pension and Investment products. To provide you with relevant information, provide a financial services product, and respond to your requests, we will request that you provide us with information about yourself and the products/service you require.

JSBCA Limited complies with EU General Data Protection Directive (GDPR) for the collection, use, and retention of all personal data.

Suite 28
20 Harcourt Street
Dublin 2
D02 H364

Phone: 019017760
Email: info@low.ie

When we refer to we/us, we mean Low.ie

Please read this Privacy Notice carefully as this sets out the basis on which any personal data, we collect from you, or that you provide to us, will be processed by us.

Who are we?

Our principal business is to provide advice and arrange transactions on behalf of clients in relation to Life, Pension and Investment products. To provide you with relevant information, provide a financial services product, and respond to your requests, we will request that you provide us with information about yourself and the products/service you require.

Our GDPR Owner can be contacted directly here:

• Name: JSBCA ltd/Low.ie
• Email address: Info@low.ie
• Phone number: 01 901 7760

How do we collect your information and what information do we collect?

The personal information we collect varies depending upon the nature of our services. We will endeavour to provide you with an overview of those categories of personal data our organisation collects and our purpose for using that data.

Our organisation collects personal data in the following ways, if you:

• request a service from us; e.g., Apply for quotes online or by email and phone. Ongoing servicing of your policy and annual reviews.
• Complete any of our online applications through our website.
• use our website and it installs cookies or other tracking technologies onto your device.
• engage with us on social media; LinkedIn, Twitter, Facebook, Instagram.
• contact us with a complaint or query.
• apply for a position with us.

What information do we collect?

When we collect personal information about you, we tell you why we are asking for the information and what we intend to do with it. You will have the option of not providing the information, although in these instances, you may not be able to access certain products/services.

The information we collect about you includes the following:

• Information about you – such as your name, age, gender, date of birth, work/profession, hobbies, and nationality.
• Contact information – for example, your address, Eircode, email address, and phone numbers.
• Government identifiers – data from your identification documents, such as your driving license, PPS number or passport.
• Demographic details, age, date of birth, gender, marital status, lifestyle details, dependents, photo ID, Proof of address as well as collecting personal information about you, we may also use personal information about other people, for example, family members you wish to insure on a policy. E.g., your children/spouse.
• Health information such as information about your health status, medical records, and medical assessment outcomes. We collect medical information relating to personal habits (e.g., smoking and consumption of alcohol), medical history. We may also process certain special categories of information, for example, information about your personal characteristics (biometric information) or disability information. We gather only the medication information that is required for Underwriting purposes for the product required- EG. Life Insurance, Mortgage Protection, Serious Illness Cover, Income Protection, Cancer Cover.
• Family and Beneficiary Data, e.g., dependents, next of kin or nominated beneficiaries, Power of Attorney, Enduring Power of Attorney. Details of Solicitor/Tax Advisor/Accountant.
• Employment information e.g., role, employment status (such as full/part time, contract), salary information, employment benefits, and employment history. This information is necessary for our Fact Find with our clients.
• Publicly available sources: e.g., Information about you in the public domain such as Director information from the Companies Registration Office.
• Pensions and Insurance Benefits information such as current benefits, pension entitlement information, date of retirement, and any relevant matters impacting your benefits such as voluntary contributions, PAO.
• Financial details e.g., bank account details, salary, benefits, and entitlement data.
• Call Recording- all of our calls are recorded for training and quality purposes.
• Marketing preferences: we will only send you direct marketing if you explicitly consent.
• Online information: e.g., information about your visits to our websites.
• Social media information (e.g., likes and posts) with our social media presence; this includes LinkedIn, Twitter, Facebook.
• Searches that we undertake in relation to sanctions, money laundering, and credit checks. List PEP/AML/Sanctions search providers that you use.
• Calculators on our website. We use this data to perform calculations to prepare quotations for life insurance or mortgages. Name, Date of Birth, Smoker status are used to provide an accurate quote.

When our organisation collects sensitive personal data as defined within the GDPR we will ensure that we require this information, and we have your explicit consent and/or authorisation prior to our collection. Please see the further information contained in this Privacy Notice that outlines special categories of personal data.

Information we automatically collect.

We sometimes automatically collect certain types of information when you visit our websites and through e-mails when we communicate with you. Automated technologies may include the use of web server logs to collect IP addresses, "cookies" and web beacons. Other cookies such as functional cookies, marketing cookies, and analytical cookies will only be used with your expressed consent. Further information about our use of cookies can be found in our Cookie Notice at the footer of our web page.

How do we use your personal data?

Your Personal Data will be used to enable us to fulfil our regulatory obligations in relation to your request for protection, pension products, investment products, and quotes.

1. Performing services for our clients and prospective clients – when you require protection/investment products, we use your data to enable us to recommend the most suitable product and to further service these products as and when is needed.
   • Make changes to your policy on your behalf.
   • Obtain copies of your documentation to look after your policy.
   • Use designated online portals to manage your policy.
2. Statutory and other regulatory requirements – we are required to carry out various obligations which include:
   • AML/Sanction checking
   • Knowing your customer “Fact Find”
   • Adherence to the Consumer Protection Code
3. Identifying vulnerable customers to help determine whether we need to take further steps to ensure these customers are not disadvantaged in any way.
4. Communicate and marketing to you – Please include how you communicate and market. Each Broker will have different processes.
5. To contact you if required or to respond to any communications that you might send to us.
6. To administer our site including data analysis, testing, research, statistical and survey purposes.
7. Carry out our obligations arising from any contracts entered between you and us and to provide you with the information, products, and services that you request.
8. Handling complaints.
9. To notify you about changes to our service.

Legal Basis

We need to ensure that we process your personal data lawfully. We rely on the following legal grounds to collect and use your personal data.

• Legal obligation: We use your personal data and special category data, where necessary, to comply with legal obligations including:
  • Establishing your identity, residence, and tax status in order to comply with laws and regulations on taxation and the prevention of money laundering, fraud, and terrorist financing.
  • Providing you with statutory and regulatory information and statements.
  • Complying with the requirements of Legal and Regulatory bodies e.g., the Revenue Commissioners, the Central Bank of Ireland, the Data Protection Commission, and the Financial Services and Pensions Ombudsman.
  • Keeping proper books and records and risk management governance to ensure the company stays financially sound.
  • Carrying out internal reporting, quality checking, compliance controls, and audits to help meet these obligations.
  • Reporting to and, where relevant, conducting searches on industry registers. This includes screening all customers against sanction lists and Politically Exposed Persons lists.
  • Complying with court orders.
• Consent: Sometimes we may rely on consent as a legal basis for processing your information. Sometimes if you refuse to provide information that we reasonably require to provide the services, we may be unable to offer you the services and/or we may terminate the services provided with immediate effect. We rely on your consent to send direct marketing to you. We will ensure that we present this to you concisely. We will also ensure that we use clear and plain language, and if you give us your consent, you can withdraw this easily at any time.
• Legitimate interests: Where we rely on this legal basis to collect and use your personal information, we shall take appropriate steps to ensure the processing does not infringe the rights and freedoms conferred to you under the applicable data privacy laws.

If you require further information on any of the above bases for processing your data, we can provide you with further details.

How we share your data

When required, we may make your information available to third parties with whom we have a relationship, where that third party is providing services on our behalf. We will only provide those third parties (data processors) with information that is necessary for them to perform the services. We will take measures to protect your information, such as putting in place Standard Contractual Clauses and confidentiality agreements.

Insurance Partners where we need to manage the services provided to you such as Product Providers and insurance underwriters and reinsurers. You can refer to their privacy statements on their website for more information about their privacy practices.

EU Law enforcement bodies, when required to do so by law and/or regulation, or another legal request.

Public authorities, regulators and government bodies, where necessary for us to comply with our legal and regulatory obligations, or in connection with an investigation of suspected or actual illegal activity.

Internal and external auditors or legal person where necessary for the conduct of company audits or to investigate a complaint or legal issue.

Other Service Providers such as IT service providers where necessary for the investigation of a security threat or in other IT processes.

Security

JSBCA LTA/ Low.ie intent is to strictly protect the security of your personal information, only use the data for the purpose that is was collected for and carefully protect your data from loss, misuse, unauthorized access or disclosure, alteration or destruction. We have taken appropriate steps to safeguard and secure information we collect from you.

Retention

Data will not be held for longer than is necessary for the purpose(s) for which they were obtained – upon lapsing or cancellation of a policy our company policy is to retain our client data for 7 years in order to fulfil our obligations under the Central Bank of Ireland's Consumer Protection Code 2012 and our obligations under the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010.

Personal data will be disposed of securely.

Data Subjects Rights:

You are entitled to know whether we hold information about you and, if we do, to have access to that information and have it corrected if it is inaccurate or out of date. JSBCA LTD T/A Low.ie will facilitate your rights in line with our data protection policy.

Your rights as a data subject: At any point while we are in possession of or processing your personal data, you, the data subject, have the following rights:

• Right of access – you have the right to request a copy of the information that we hold about you.
• Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete.
• Right to be forgotten – in certain circumstances, you can ask for the data we hold about you to be erased from our records. (The erasure of such data will be dependent on our other legal obligations, and whether the data is subject to legal privilege).
• Right to restriction of processing – where certain conditions apply, you have a right to restrict the processing.
• Right of portability – you have the right to have the data we hold about you transferred to another organization.
• Right to object – you have the right to object to certain types of processing such as direct marketing.
• Right to object to automated processing, including profiling.
• Right to make a complaint: if we refuse your request under rights of access, we will provide you with a reason as to why.

Complaints

If you wish to make a complaint about how your personal data is being processed by JSBCA TA/Low.ie or how your complaint has been handled, you have the right to lodge a complaint with our GDPR Owner.

You may also lodge a complaint with the Data Protection Commission (DPC) in Ireland, whose details are:

• Data Protection Commission
• 21 Fitzwilliam Square South,
• Dublin 2.
• D02RD28
• Web: www.dataprotection.ie
• Email: info@dataprotection.ie

See website for updated contact details to reach the appropriate section within the DPC.

Failure to provide further information.

If we are collecting your data for a contract and you cannot provide this data, the consequences of this could mean the contract cannot be completed or details are incorrect.

When you fail to provide us with information, we require fulfilling our obligations to you, we may be unable to offer our services to you.

Special Categories of personal data

Special categories of data are sensitive in relation to your fundamental rights and freedoms and therefore require specific protection when processed as these could create significant risks to the rights and freedoms of individuals.

If we collect any special categories of personal data, such as health data, we will either obtain your explicit consent or we will adhere to the Data Protection Act 2018. This Act allows us to process special categories of personal data for insurance and pension purposes. We will ensure we have suitable and specific measures in place to safeguard the rights and freedoms of you and the processing of your data. These measures relate to the below:

• a policy of insurance or life assurance,
• a policy of health insurance or health-related insurance
• an occupational pension, a retirement annuity contract, or any other pension arrangement
• the mortgaging of a property

Contact Us

Your privacy is important to us. If you have any comments or questions regarding this statement, please contact us on 01 901 7760 or email info@low.ie.

Privacy Notice

When we update this Privacy Notice/Statement, we will post a revised version online. Changes will be effective from the point at which they are posted. We would encourage you to review our Privacy Notice so that you are aware of updates.

Effective Date: July 2023