Privacy policy

This privacy statement explains how we collect, store and use your personal data in compliance with applicable data protection law including, where relevant, (as amended from time to time) the General Data Protection Regulation (EU) 2016/679 ("EU GDPR"), the EU GDPR as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 No. 419 ("UK GDPR") and the UK Data Protection Act 2018. Additional supplemental provisions relating to specific offices are set out at the end of this statement.

This Privacy Policy explains how IGNITE CARGO CLIMS S.L.P. (“we”, “us”, “our”) uses personal data when you:

visit our website;
contact us (for example by email, telephone, post, or via website forms); and
interact with us in connection with business insurance claims and related legal services.

We provide this information to meet transparency requirements under data protection law.

Who we are and how to contact us

Controller: IGNITE CARGO CLIMS S.L.P.
We are the controller for the personal data described in this Policy (meaning we determine why and how your personal data is processed).

Registered address: Av. Diagonal 640 - 08017 Barcelona (Spain) Despacho 655
Main telephone: +34.93.184.73.93
Data protection contact email: icc@ignitecargoclaims.com
Post: Av. Diagonal 640 - 08017 Barcelona (Spain) Despacho 655

Who this Policy applies to

This Policy applies to personal data we process about:

website visitors;
people who enquire about our services;
client contacts (for example employees/representatives of corporate clients, insurers, brokers);
individuals whose personal data we handle in claims or disputes (which may include claimants, witnesses, experts, and counterparties).

Where we receive personal data about you from someone else (for example, from an insurer or corporate client), additional notice information may also be provided at the appropriate time.

What personal data we collect

The personal data we may collect or receive depends on how you interact with us. It commonly includes:

Website and device information

IP address and basic device/browser information;
website usage information (for example pages visited), where collected via cookies or similar technologies;
cookie choices and consent records (where relevant).

Enquiry and communications information

name, organisation, job title (where provided), and contact details;
content of messages you send us and our correspondence with you.

Legal services and claims information

information needed to assess, progress, and advise on business insurance claims and disputes (this may include information about the claim circumstances, relevant individuals and organisations, evidence, and communications with insurers, brokers, experts, and other parties).

Where we get personal data from

We may obtain personal data:

directly from you (for example, if you contact us);
from our clients (for example, corporate policyholders or insurers) and their representatives;
from third parties involved in claims/disputes (for example brokers, experts, counsel, counterparties, courts/tribunals, and publicly available sources where relevant).

Where personal data are not obtained directly from you, Article 14 requires that specified information be provided within certain timeframes, subject to defined exceptions.

How we use personal data and our lawful bases

We only process personal data where we have a lawful basis.
Below are typical purposes for a small business insurance claims law firm; replace or edit to match your firm.

Enquiries and relationship management

Purpose: Responding to enquiries; arranging meetings/calls; maintaining professional communications.
Lawful basis: Legitimate interests and/or steps prior to entering a contract (depending on context).

Client onboarding, conflict checks, and compliance

Purpose: Checking conflicts; verifying identity and instructions; meeting professional and legal obligations; preventing fraud and protecting our services.
Lawful basis: Legitimate interests and/or legal obligation (as applicable).

Providing legal services in business insurance claims

Purpose: Taking instructions; advising; negotiating; dispute resolution; litigation; instructing experts and counsel; corresponding with relevant parties.
Lawful basis: Performance of a contract (where applicable), legitimate interests, and/or legal obligation (depending on the relationship and context).

Website operation and security

Purpose: Operating the website; maintaining security; preventing misuse and fraud; troubleshooting.
Lawful basis: Legitimate interests (site security and service integrity).

Analytics and improvements (where used)

Purpose: Understanding website performance and improving user experience.
Lawful basis: Consent for non-essential cookies and similar technologies, where required.

Who we share personal data with

We may share personal data with the following categories of recipients where needed for the purposes above:

clients and prospective clients (including insurers and brokers, where relevant to instructions);
expert witnesses and professional advisers (for example counsel, experts, translators);
courts, tribunals, mediators, ombudsmen, regulators, and law enforcement (where required/appropriate);
our service providers (for example IT hosting, email, practice management systems) under contractual and security controls.

Your privacy information must describe recipients or categories of recipients.

How long we keep personal data

We keep personal data only for as long as necessary for the purposes described in this Policy, including to meet legal, regulatory, professional, and claims-related requirements. We either state retention periods or the criteria used to determine retention.

Placeholder (complete to match your retention schedule):

Enquiry records (no engagement): [e.g., 12 months]
Client/matter files: [e.g., X years after file closure, subject to limitation periods and professional obligations]
Website logs: [e.g., X months]
Cookie preferences/consent logs: [e.g., X months]

Your rights

Subject to legal limits and exemptions, you may have rights to:

access your personal data;
correct inaccurate personal data;
request erasure in certain circumstances;
restrict processing in certain circumstances;
object to processing (including an unconditional right to object to direct marketing);
data portability in certain circumstances; and
withdraw consent where processing is based on consent.

The UK GDPR requires controllers to facilitate rights, respond within required timeframes, and communicate clearly. The ICO also emphasises that the right to object should be brought to people’s attention clearly and separately.

How to exercise your rights

To make a rights request, contact us at icc@ignitecargoclaims.com or write to Av. Diagonal 640 - 08017 Barcelona (Spain) Despacho 655.

We may ask for information to confirm your identity and to clarify your request. We respond without undue delay and within the timeframe required by applicable law (and may extend where permitted, depending on complexity and volume).

Complaints

If you have concerns, please contact us first so we can try to resolve them. You also have the right to lodge a complaint with the UK supervisory authority (the Information Commissioner) if you consider that our processing infringes data protection law.

Security

We use appropriate technical and organisational measures designed to protect personal data against unauthorised or unlawful processing and against accidental loss, destruction, or damage. Measures may include access controls, encryption in transit where appropriate, staff confidentiality obligations, and secure configuration and monitoring of systems.

Effective date: 10 February 2026
Last reviewed: 10 February 2026