We’re prepared for GDPR

By Ryan Smith on May 8, 2018

Every lead we generate and distribute complies with FCA regulations.

This blog gives you a quick overview of the actions Lead Tech has taken in order to prepare for the GDPR. All of this work has been carried out with the advice and support of our Compliance Consultant, Chartered Insurance Practitioner Karen Malin FCII CeRCC, Managing Director at TheGIConsultant.com Limited.

In this blog, to avoid confusion or ambiguity, we will use the same terms as the GDPR principles:

  • We will refer to our individual customers as data subjects.
  • We will refer to their details as personal data.

What Lead Tech is Doing

We work hard to ensure that we always generate and distribute leads in a way that is 100% compliant with FCA regulations.

In preparation for GDPR, we have been working closely with our compliance consultant to give our partners the peace of mind that all of the leads they buy from Lead Tech adhere to the EU data protection rules.

This blog highlights the important areas that you should know.

Lead Submission Forms

In line with GDPR requirements, we have added extra text to all of our forms, across all Lead Tech sites.

This additional text appears next to the submit button on the forms, ensuring data subjects are clearly informed that they will be connected with an adviser and that the Lead Tech brand they are dealing with may also contact them.

The privacy policy is also easily accessible from the forms. This gives data subjects advanced disclosure of our data processing and customer service contact policies.

Privacy Policy Detail

As stated above, our privacy policy is easily accessible from all forms.

We have amended our privacy policy to ensure it adheres to GDPR, and this updated version has been approved by our compliance consultant.

In summary, it details:

  • The service that we provide to data subjects
  • Who will contact data subjects and why they will be contacted
  • By what method of communication they will be contacted
  • How Lead Tech  capture, process and store their personal data
  • Our robust data security processes
  • How to contact Lead Tech in order to exercise their rights under the GDPR

Partner Contract Updates

At the start of May, before the GDPR came into effect, we circulated updates to our partner contracts. These are essential updates specifically relating to the GDPR.

They include:

  • All customer and partner communications that are included in our Lead Agreement
  • Usage of your data
  • Data security
  • Use of your data after the contract is signed

Where is our data stored?

All personal data is stored in a cloud-based security solution. This means that it is stored across multiple data storage centres throughout the EU, which is recognised as being the ultimate protection from all conventional forms of cyber-attack.

Lead Distribution

We take data protection very seriously, and we invest heavily in our state of the art lead performance and management system, Lead Tech Connect. The way we inform partners about their leads, and how they now access those leads, has been updated and streamlined to bring it into line with the requirements set out in the GDPR.

Lead Tech Connect is built on Salesforce, an enterprise level data security platform which stores and manages our data at the highest level of data encryption, as secure as that of multinational corporations.

Gaining Consent – Our Service

We use explicitly clear and concise messaging on all our forms and, more importantly, within our privacy policy.

This ensures that our data subjects are made fully aware of the communications they will receive by submitting their details on one of our brand’s forms.

These communications are deemed an intrinsic part of the service that we provide, which allows for pre-contract negotiations with the adviser that we plan to connect the data subject with.

Partners will be responsible for obtaining additional consent for any further marketing or sales communications beyond this initial enquiry.

Gaining Consent for Marketing

Lead Tech do not send any marketing or sales communications to any data subject or business to which we have not obtained clear and explicit permission to do so.

This permission is called ‘opt-in’. When we ask for ‘opt-in’, we clearly explain:

  • The type of communications we offer
  • The online channels we will use in our communications

All opt-ins are recorded and, in compliance with the GDPR, data subjects have the ability to manage their preferences, including being removed from our database altogether if they so wish.

Is your lead provider GDPR-compliant?

Lead Tech provides high-quality, GDPR and data compliant leads for the financial advice, equity release, retirement and private medical insurance markets.

Keep Reading

Introducing James Story, senior content manager

Lead Tech is pleased to welcome James Story as our senior content manager ... More

By James Story on March 12, 2020