Portman Health and Protection Ltd is an appointed representative of Premier Choice Healthcare Ltd (PCH), a company authorised and regulated by the Financial Conduct Authority (FCA), and its Financial Services Register number is: 312878. PCH is an independent healthcare specialist intermediary and network, authorised by the FCA. Premier Choice Healthcare Limited is part of the Global Risk Partners Limited (GRP) Group of Companies.

Portman Health and Protection Ltd and GRP are committed to protecting your personal information. This Privacy Notice is issued by Portman Health and Protection Ltd and the GRP Group of Companies (collectively referred to as “GRP”, “we”, “us” and “our” in this Privacy Notice) that operate in the United Kingdom. For a full list of GRP trading companies please visit www.grpgroup.co.uk. For any questions or concerns relating to this Privacy Notice or our data protection practices, or to make a subject access request, please contact us at:

Portman Health and Protection Limited, 329 Burncross Road, Burncross, Sheffield, South Yorkshire, S35 1SB. Alternatively, please contact us at the address below:

Company Secretary, Premier Choice Healthcare Limited, 7th Floor, Corn Exchange, 55 Mark Lane, London, EC3R 7NE.

Services to clients

Portman Health and Protection Ltd provides services to clients in the following ways:

1. Portman Health and Protection Ltd provides advisory services to its clients. In these circumstances Portman Health and Protection Ltd is a data controller of any personal data which we collect from or about our clients in connection with the provision of our services.

2. PCH is a network, which means that it provides administration support and compliance services to businesses which operate under its network service agreement.

Portman Health and Protection Ltd operates as an appointed representative of PCH under an appointed representative contract for services, trading under their own business name. Portman Health and Protection Ltd is authorised by the FCA under PCH. We are data controllers in relation to the work we carry out for our clients (Data Subjects). In our contractual relationship with PCH we are Joint Data Controllers as both parties have a degree of independence in processing the ‘Data Subjects’ personal data. Please note that for the purposes of this notice, the Data Controller is defined as a person that determines the purposes for which, and the manner for which, any personal data are processed, in line with article 4(7) of the General Data Protection Regulation ((EU) 2016/679).

Where other companies and/or third parties provide support services to Portman Health and Protection Ltd and to PCH such as I.T. development and maintenance there may be occasions where data is accessible to such parties. Portman Health and Protection Ltd and PCH have the appropriate safeguards and agreements in place with each service provider to ensure data is protected and meets General Data Protection Regulation requirements

Information we collect and from whom

We will receive personal information about you, when you contact us for example by requesting or obtaining a quote, purchasing a product from us or from one of our partners or using one of our websites. The information could include:

Individual details ►

Name, address (including proof of address), other contact details (e.g. email and telephone numbers), gender, marital status, date and place of birth, nationality, employer, job title and employment history, and family details, including their relationship to you.

Identification details ►

Identification numbers issued by government bodies or agencies, including your national insurance number, passport number, tax identification number and driving licence number.

Financial information ► 

Bank account, income or other financial information.

Risk details ►

Information about you (and others insured under the policy) which we need to collect in order to assess the risk to be insured and provide a quote. This may include data relating to health, criminal convictions, or other special categories of personal data (see below). For certain types of policy, this could also include telematics data.

Policy information ►

Information about the quotes you receive and policies you take out.


Credit and anti-fraud data ►

Credit history, credit score, sanctions and criminal offences, and information received from various anti-fraud databases relating to you.

Previous and current claims ►

Information about previous and current claims, (including other unrelated insurances), which may include data relating to your health, criminal convictions, or other special categories of personal data (see below) and in some cases, surveillance reports.

In certain circumstances we collect special categories of data including health, criminal convictions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric, or data concerning sex life or sexual orientation.

We will collect personal information about you from you directly but also potentially from your family members, employer or representative, other insurance market participants, credit reference agencies, anti-fraud databases, sanctions lists, court judgements and other judicial databases, government agencies such as the HMRC, open electoral register and any other publicly available data sources.

Cookies – Where you visit our website

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. For example, cookies are used to remember users’ preferences and to help navigate between pages efficiently. Our websites may use cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our site. For more information about Cookies visit www.allaboutcookies.org. Further information on how we use cookies please refer to our website Terms & Conditions.

How and why we use this information

We will process any personal data lawfully under one or more of the following bases:

  • Performance of a Contract: the processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
  • Compliance with a Legal obligation: the processing is necessary for us to comply with the law (not including contractual obligations).
  • Legitimate interests: the processing is necessary for our legitimate interests pursued by us. In such cases our legitimate interests are as follows:
    • To add value to your product by offering you other general insurance products
    • To provide excellent service to our customers by ensuring they are fully informed about all of our products.
    • To engage in activities to improve and adapt the range of products and services we offer and to help ourbusiness grow
    • To investigate and prevent potential fraudulent and other illegal activity
  • Consent: where you have given clear consent for us to process your personal data for a specific purpose. In circumstances where we need your consent to process data we will make this clear, unambiguous and you will have to pro-actively agree to the processing. We can seek your consent within a written or electronic document or verbally. Where processing is based on consent, you can withdraw your consent to processing at any time so that we stop that particular processing.
  • Necessary for reasons of substantial public interest: under the UK Data Protection Act 2018 processing for an insurance purpose is included within this basis when processing special category and conviction data. This enables us to process certain special category data without your explicit consent.

We will use personal information about you primarily in connection with the provision of insurance, namely:

  • Establishing and maintaining communications with you;
  • Arranging insurance cover (issuing quotations, renewals, policy administration);
  • Handling claims;
  • Undertaking anti-fraud, sanction, anti-money laundering and other checks to protect against fraud, suspicious orother illegal activities;
  • Processing transactions through service providers;
  • Credit assessments and other background checks;
  • Where we believe it is necessary to meet legal, security, processing and regulatory requirements;
  • Business transfers where we sell whole or part of our business and/or assets to a third party purchaser to allowthe purchaser to administer your insurances;
  • Marketing and client profiling;
  • Allowing our group and associated companies to notify you of certain products or services offered by them;
  • Research and statistical analysis; and
  • Building databases for use by us and others we may share information with.

We may monitor calls, emails, text messages and other communications with you. When you contact us we may keep a record of that correspondence and any information provided to us during that or any subsequent communication.Please make sure that anyone else who is insured under your policy has provided you with consent to provide their personal information to us. It is important that you show this Privacy Notice to anyone else who is insured under your policy, including, for example, any named drivers under a motor policy or anyone living at the property insured under a household policy.

How we share this information

In using personal data for the above purposes, we will disclose personal data to third parties including insurers, reinsurers, intermediaries or other brokers; outsourcers, sub-contractors, agents and service providers; claim handlers; professional advisers and auditors. Third parties to whom we disclose personal data are required by law and contractual undertakings to keep personal data confidential and secure, and to use and disclose it for purposes that a reasonable person would consider appropriate in the circumstances, in compliance with all applicable legislation.

We may share and aggregate information about you from across the GRP Group, including personal information held within the GRP Group relating to other policies held with us, quotes or claims details and, we may use this information to:

  • help us identify products and services that could be of interest to you, to tailor and package our products and services; to determine pricing and/or offer available discounts; and
  • conduct customer research and develop marketing campaigns.

We and/or other parties to whom we disclose personal data, may use your information for purposes such as statistical and trend research and analysis which might include computerised processes which profile you. Automatic profiling helps firms to understand, predict and forecast customer preferences and to improve the products and services they offer and to assess which products might be most suitable for you.

Retention of your personal data

We will keep your personal data only for so long as is necessary and for the purpose for which it was originally collected. In particular, for so long as there is any possibility that either you or we may wish to bring a legal claim under this insurance, or where we are required to keep your personal data due to legal or regulatory reasons.

We will endeavour to keep your information accurate and whenever you inform us about any changes we will update this information at the earliest opportunity. Please help us to do this by letting us know whenever there are changes to your personal data. If you are providing information about someone else you confirm that they have appointed you to act for them, to consent to the processing of their personal data including special categories of personal data and that you have informed them of our identity and the purposes (as set out in this Privacy Policy) for which their personal data will be processed.

Data Transfers

We may need to transfer your data to other organisations which are located outside of the European Economic Area (EEA). These countries’ data protection laws may not offer the same level of protection for personal data as offered in the EEA. Those transfers would always be made in compliance with relevant data protection legislation and we would ensure that appropriate safeguards to protect your personal data were put in place.

Your rights and contact details of the ICO

If you have any questions or complaints in relation to our use of your personal data or you wish to withdraw your consent to processing, please contact the data protection contact named at the top of this Notice or contact us at rob@portmanhealth.co.uk. Alternatively, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk or 0303 1231113 (local rate)/01625 545745 (national rate).

Under certain conditions, you have the right to require us to:

  • provide you with further details on the use we make of your personal data/special category of data;
  • provide you with a copy of the personal data that you have provided to us;
  • update any inaccuracies in the personal data we hold;
  • provide you with your personal data in a structured format
  • delete any special category of data/personal data that we no longer have a lawful ground to use;
  • where processing is based on consent, to withdraw your consent so that we stop that particular processing;
  • object to any processing based on the legitimate interests ground unless our reasons for undertaking thatprocessing outweigh any prejudice to your data protection rights; and
  • restrict how we use your personal data whilst a complaint is being investigated.

In certain circumstances, we may need to restrict the above rights in order to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege).

Changes to our privacy notice

Any changes we may make to our Privacy Notice in the future will be posted on our website. Please check back frequently to see any updates or changes to our Privacy Notice.