Privacy Statement

About Us

This Privacy Statement is provided by C&C Insurance Brokers Ltd  Bridge House, 80-82 Compstall Road, Romiley, Stockport, Cheshire SK6 4DE. Our main switchboard number is 0161 406 4800.

We are acting as a Controller in respect of your personal data and it is therefore our responsibility to ensure that any sharing or processing of this data is compliant with the General Data Protection Regulations.  If you have any questions about this Privacy Statement please contact the Compliance Manager Marianne Moors at the above address or you can e mail her on

How we obtain data from you

We may obtain and process personal data from you via our website, from you directly by telephone, face to face, or e mail or written correspondence such as a claim form. Occasionally we may obtain your personal data from your employer, third party organisations or individuals with whom you have agreed to share your information. We may also receive it from insurers, other insurance intermediaries, firms handling claims and finance providers.

The data that we hold

Depending on the products or services we supply to you, or your employer or the nature or capacity within which we access, receive or administer your products or services, we may hold the following data:

Name, address, contact details including email, telephone, gender, marital status, date and place of birth, racial or ethnic origin. Employer detail, job title and employment history will be obtained and details of beneficiaries or claimants in relationship to the policyholder. Driver’s licence, social security, national insurance and passport details will be taken where necessary

Bank account number, income, tax identification and other financial information will be retained and any fraud or criminal convictions or allegations of crime, including driving offences. Sanctions relating to anti-fraud databases or law enforcement agencies may be obtained. Current and previous claims information including health data.

Medical conditions, health status, injury, disability and medical procedures performed may be obtained relating to relevant policies. Details relating to habits such as smoking or alcohol consumption may be obtained, as well as prescription and medical history. Where insurers require genetic or biometric data this may also be obtained.

Purpose of processing and lawful basis

In providing your personal data you acknowledge we will process your data for the specific purpose of obtaining and administering insurance products and other related services from us or insurers. This processing is necessary for yours or your employer’s legitimate interests to enable us to administer these policies on your behalf. It is also necessary to enable us to take specific steps before you enter into a contract.

We may also process your data if it is necessary for your legitimate interests unless there is a good reason to protect your personal data which overrides those legitimate interests.

We will process your personal data for the purpose of marketing either our own or carefully selected third party providers, only if you have consented to receive this or we believe it is in your legitimate interest.

Special category data will only be obtained and processed for reasons of substantial public interest or with your consent

How we use your personal data

We use your personal data for the following purposes:

To provide insurance quotations which may include fraud, anti-money laundering and sanctions checks, and subsequently accepting cover on your behalf.

For the general administration of policies, including the collection or refunding of premiums, paying of claims, processing and facilitating other payments.

Managing any claims including the defence or prosecution in any litigation, investigating and prosecuting fraud.

Contacting you in order to arrange the renewal of a policy

These activities will involve us sharing your personal data with insurers, and may involve our sharing it with other insurance intermediaries, advisers, agents, contractors, and service and finance providers.

We may retain and disclose your personal data in order to comply with any statutory, legal or regulatory obligations. We are required to report any suspicious transactions to the Serious Organised Crime Agency and may need to provide them with information including your personal data or related organisations. Similarly, we may also need to disclose information about our clients, including personal data, to certain bodies that have statutory powers, for example, the Department of Work and Pensions.

We may use you data to provide you with marketing, newsletters or promotional materials, if you have opted to receive these communications.

We do not sell your personal data to any other organisations or transfer it outside the EU and we do not use automated decision making including profiling.

Retention period

We will retain your personal information for the period necessary to fulfil the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.

Individual’s rights

You have the right to obtain from us the personal information we hold about you and if required we will move, copy or transfer that data to another business in a safe and secure way without hindrance.

You have the right to have your personal data rectified if you feel it is inaccurate or incomplete.

You have the right to block or restrict the processing of your personal data which will prevent any further processing but not storage. However, in consideration, should we feel there are legitimate grounds to override your request we will inform you.

You have the right to request the erasure of your personal data when it is no longer necessary in relation to the purpose it was intended for.  We have the right to deny this request if your data is required to comply with a legal obligation for the performance of a public interest task, or the exercise or defence of legal claims.

Should you wish to obtain, transfer, update, rectify or delete your data please contact the Compliance Manager. Upon receipt, your request will be actioned within one calendar month.


The security of your personal information is important to us. We have in place appropriate safeguards relevant to the sensitivity of the information we maintain. We restrict Personal Data access to personnel and third parties and data will only be provided to those who lawfully require information for legitimate and relevant business needs. 

How to complain

We are committed to complying with all relevant data protection legislation including the General Data Protection Regulations and Privacy and Electronic Communications Regulations

Should you wish to make a complaint about any aspect of the processing of your personal data please contact the Compliance Manager.

If you are not happy with our response, you may contact the ICO directly on 0303 123 1113 or via their website