What Personal Information will be collected, and how is it collected?
Personal Information provided by You:
This Personal Information can be collected in a variety of ways, for example, by use of Our website, completion of an application form, or completion of a claim form and sent by various methods including by post, email and by telephone.
The Personal Information You provide to Us might include:
- Basic personal identifiers, including Your name, address, email address and date of birth
- Additional lifestyle information, for example relating to Your hobbies or occupation
Information from other sources:
We may also acquire Your Personal Information from reputable third party companies who operate in accordance with UK data protection legislation. We will only take receipt of such Personal Information where You will have already submitted Your Personal Information to these companies and have specifically given permission to allow them to pass it on to other companies that provide similar or complementary products and services to Us. We may also obtain information from credit agencies, public sources, social media and similar online resources.
Information We collect through Our website (‘cookies’):
How Your Personal Information is used:
- To administer and manage the Services that We provide which may include underwriting, calculating and adjusting premiums, claims handling and policy renewals
- To perform ancillary business processes connected to Our Services, for example auditing, accounting, internal record keeping, planning and to comply with legal and regulatory obligations
- Research and statistical analysis in connection with improvement of Our Services and products
- To safeguard against criminal activity, crime and fraud
- To customise the website according to Your interests
- To contact You for market research
- To inform You about new products, special offers or other information which We think You may find interesting. We will only do this where You have indicated that You would like to receive such information.
This list is not necessarily exhaustive as changing business needs or external factors may influence the use of the information We hold. Should there be a need to use Personal Information for other reasons, We will update this Policy.
Who else might need to see the Personal Information held?
We may need to send Personal Information to other firms in connection with Our Services, including the following:.
- Firms that partly or wholly help Us to administer Our Services
- Payment and delivery services
- Analytics providers and search information providers
- Credit reference agencies
- Legal or regulatory organisations
- Our legal advisers in connection with obtaining legal advice or pursuing a claim
- Other insurers to recover for proportionate share of treatment costs following claims
- Law enforcement agencies and other third parties: Your Personal Information may be shared with other agents or databases for the purposes of preventing and detecting fraud.
Where will Personal Information be held?
The Personal Information that We collect from You may be transferred to, or processed or stored in any country, including those outside the European Economic Area. To ensure We meet Our obligation to adequately protect Personal Information We will:
- Ensure the purposes and processing associated with any such transfer will comply with all applicable data protection regulations in the UK and EU
- Ensure that any parties to whom We pass Your information agrees to treat Your Personal Information with the same level of protection as required by the data protection regulations in the UK and EU.
How long will Personal Information be held for?
As part of Our commitment to Your privacy, We will not hold Your Personal Information for any longer than is necessary. Your Personal Information will be retained in accordance with Our records retention policy, based on the relevant legal and business requirements and, accordingly, the retention periods for Personal Information will vary according to the nature of the information held. In most cases, information will be stored for six years, but longer periods may apply to comply with regulatory or legal requirements.
For record keeping purposes, We may retain a record to assist Us in determining future applications for insurance that You may wish to take.
In most cases, when We process Your Personal Information We will not contact You for consent, for example:
- When We are under a contract with You to provide Our Services
- When We are complying with a legal obligation
- When We believe it is in Our legitimate interests and proportionate to our objective, and that the use of the Personal Information is not overly intrusive.
However, if We require Personal Information that is considered ‘sensitive’, for example Your medical records, before applying for the Personal Information We will contact You for Your explicit consent. You will have the right to withdraw consent at any time by contacting our Data Protection Officer at the details below.
We are committed to ensuring that Your Personal Information is secure. To prevent unauthorised access or disclosure, We have put in place suitable physical, electronic and managerial procedures to safeguard and secure the Personal Information We collect online, including ISO 27001 accreditation.
Keeping Personal Information up to date
Please let us know if Your Personal Information changes as it is important that the information We hold about You is accurate and up to date. We will not be responsible for any errors or Personal Information losses because of not being informed of a change in Personal Information.
Automated decision making
We may also use Your Personal Information to automate some decision-making processes. We will inform You when decisions are made by this process, and You will have the right to ask for the decision to be reviewed in person, for example by having the option of referring a decision to an underwriter.
Your rights regarding Personal Information
You have the right under current legislation to request a copy of the Personal Information We hold about You, often known as a subject access request.
If You wish to request this Personal Information, please write or send an email to Our Data Protection Officer.
You also have a right to:
- Ask Us not to process Your Personal Information for marketing purposes. We will always ensure that You are happy for Us (or carefully selected third parties) to use Your Personal Information for such purposes. You can exercise Your right to prevent such processing by checking certain boxes on the forms We use to collect Your Personal Information. You can also exercise the right at any time by contacting our Data Protection Officer
- If Personal Information about You is wrong or incomplete, ask for this to be rectified
- Ask for Your Personal Information to be deleted or tell us You no longer agree to Us using Personal Information about You and ask us to stop, provided that We do not need to retain the Personal Information to provide You with the Services (or to keep a record that We have done so)
- Ask Us to send You the Personal Information that you have provided to Us or which We have generated as a result of providing the services that We have about You or ask Us to send it to someone else
In the event of a complaint regarding the Personal Information We hold, please refer to Our Complaints Procedure or contact Our Data Protection Officer.
Data Protection Officer
Telephone: 01392 351 972