Privacy Policy

MHG Insurance respects the privacy of its users.
Privacy Policy

The purpose of this Privacy Policy is to explain what personal data MHG Insurance may collect, store or process that has been provided by individuals or third parties, the ways in which we protect and secure your data and what rights you have to access the data we store about you.

We take your privacy very seriously, and are fully committed to securing and protecting your privacy in any way that we can. If however, after reading this policy you believe that it could be improved, we would very much welcome to hear your thoughts and experiences.

The personal data that we collect

We are a general insurance broker and offer products from a range of insurers, including the Lloyd’s market, to authorized and registered intermediaries, and when required direct to customers.

We therefore receive personal data either by way of a completed form via e-mail or post, or through our web portal and this data is processed to either apply for insurance coverage, renew coverage or support a claim against an existing policy. This may be from the individual directly or on their behalf from a third party.

The personal information that we collect on individuals may include but is not restricted to:

Name Height Employer
Date of Birth Weight Job Title
Nationality Details of other insurance policies Date Employment Started
Correspondence Address Details of medical history Bank details
Residential Address Present state of health Credit card details
Country of residence Details of medical treatment received Date Married
Mobile Phone Number Details of planned future medical treatment Signature
Other phone number Information relating to accidents  
E-mail address Details of medical practitioner  
The lawful basis on which we collect personal data

In most circumstances a company will apply for insurance coverage on behalf of its employees; however, it is not uncommon for an individual to apply for insurance or to make a claim against their policy. Where we engage directly with an individual, the lawful basis on which we process personal data is by way of contract. However, if the information is supplied by a third party on behalf of the individual, the lawful basis on which we process personal data is legitimate interest.

Due to the nature of our business, it is necessary from time to time to collect medical information in relation to individuals, whether to support an application or a claim. We classify this information as Special Category Data for the purpose of General Data Protection Regulation (‘GDPR’) and is only supplied with the consent of the individual concerned or for the provision of health care.

Other data we might collect

When you visit an internet website you disclose certain information about yourself such as your Internet Protocol (IP) address, the time of your visit, and the referring location. We, like many other sites, record this basic information about visits to our sites. Whenever you voluntarily disclose personal information online, your information can be collected and used by others. Although we try to protect your personal information, we cannot ensure or warrant the security of any information you transmit to us and thus, you do so at your own risk. You are solely responsible for maintaining the secrecy of any passwords you set up and/or any account information.

Obtaining this information helps us to understand the number of people who are visiting our website and the pages of our website that they are visiting. As the information is collected in the aggregate, personal identifiable information is not stored.

Cookies are small text files that are placed on your computer by the websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. The use of cookies is now standard for most websites. If you are uncomfortable with the use of cookies, you can manage and control them through your browser, including removing cookies by deleting them from your ‘browser history’ (cache) when you leave the site.

Who we might share information with

The process of obtaining and managing an insurance policy involves a number of parties, and therefore there are circumstances where it is necessary for us to share your personal data.

The parties that we may share your data which include, but are not limited to:

Other MHG Insurance offices;

Wholesale brokers (through whom we access certain underwriters);

Underwriters and insurance companies;

Medical practitioners;

Assistance Companies (appointed by the underwriters to provide claims service) and Your employer.

Whenever information is shared, particularly medical information, we ensure to the best of our ability that this is carried out in a secure way, whether that be using encryptions, passwords or secure networks.

We do not sell the data that we collect.

How we use your information

Your information is filed within a secure piece of software which can only be accessed by us.

We operate a paperless office and therefore a clear desk policy; however, from time to time we may hold personal information in a paper format. To ensure that your information cannot be accessed by unauthorized persons, this paper is locked away when not being used. When no longer required, the paper is shredded and removed and destroyed by industry experts.

How long we retain your information

It is our intention not to hold your information for any longer than is necessary, particularly once our working relationship has ended with you. However, we reserve the right to retain your information for statistical research purposes.

This will allow both our in-house analysis and third party underwriters to use your information, along with all other customers, to assist in the calculation of future premiums for the insurance industry. In these circumstances we ensure that your information is anonymised so that you cannot be identified.

How can I access the information you hold about me ?

You have the right to request the information we hold about you. If you do wish to request information, please contact us using information found here contact us

In your request for information, please detail the information that you wish to access. Where possible, we will provide you with the information you have requested within one month of the request. Alternatively, if we are not able to process your request, we will also respond within one month and provide the reason why we are not able to provide the information.

If the event that the information we provide you is not correct, please inform us immediately so that we can ensure that the information we store about you is accurate and up to date.

It is our intention to restrict the processing of the incorrect information until it has been corrected, and inform you when this has occurred.

How can I make a complaint about the information you hold about me ?

Our lead data protection supervisory authority is the Isle of Man, therefore should you wish to make a complaint, please contact the Isle of Man Information Commissioner’s Office. You can find their full contact details at