1. Information we may collect about you
We may collect and process the following personal data about you: – Information provided to us through enquiry, application or claims forms, including:
- information such as your name, address or contact details;
- sensitive information (e.g. details of any criminal or fraudulent behaviour or medical information) obtained either through you or third parties;
2. Why we collect personal data
We are required by data protection laws to have a legitimate reason to process and use your personal data. The main purpose for processing your personal data is for the provision and performance of an insurance contract e.g. reviewing your application, setting you up as a policyholder, administration and maintenance of your insurance policy or in order to process a valid claim. You can find out more about our legitimate business interests and the legal basis under which we collect and use your personal information here. With regards to ‘Special Category’ data i.e. sensitive information, we must obtain your consent at the point of collecting your personal data (i.e. when you input your details online or when completing a form) in order to process the data unless an exemption for insurance purposes is applicable. In some circumstances, if we do not have your consent to process your data, it may impact our ability to issue you with insurance cover or to handle any claims. We may also gather personal data for the following purposes: – In order to prevent, identify and investigate fraud or any activity that is in the public interest; – To defend ourselves against or make any legal claims; – Where we have lawful purpose for processing your data e.g. for maintaining our accounts and records, gathering market intelligence in order to develop and improve our products and services. We will ensure that the processing of your personal data does not affect your rights under applicable data protection laws; – To comply with a legal or regulatory obligation e.g. where we are required to maintain records of any transactions with you, or for compliance with international legal and regulatory authorities.
3. How we use your data
We will use information of your visits to our website and app and review how you use our services so that we can devise ways of improving the layout of the website and create new services to make the experience more enjoyable and the website easier to use. This information also allows us to understand the demand for our services at different times of the day and to make sure it always performs quickly. Additionally, we may contact you by email, mobile, or via the phone to ask you for your direct feedback on your experience of using our website and services. We will keep this information for a maximum of 18 months. – To carry out research We will keep this information for a maximum of 18 months. – To provide an insurance policy We will keep this information for a maximum of 6 years. – For insurance eligibility We will keep this information for a maximum of 6 years. – For insurance quote – we may contact you via email and phone to follow up on your quote request. We will keep this information for a maximum of 18 months. – To fulfil a reward or special offer We will keep this information for a maximum of 18 months. – To help you with an enquiry We will keep this information for a maximum of 18 months. – To tell you about our products and any special offers that may be of interest. We will keep this information for a maximum of 18 months. – To show you advertising. We may use some of your personal information (for example what articles you have viewed or products you have clicked on our website) to show you advertising we think is relevant to your interests, both on our website and elsewhere on the Internet. You can control this by managing your cookies.
4. Sharing and safeguarding your personal data
All personal data supplied to us is stored on secure servers and only accessed and used in line with our data protection policies and procedures. Your personal data will only be accessed by our employees or authorised third parties who require the information for their business purposes. In circumstances where it is necessary to share your personal data with a third party, there are contractual agreements in place to ensure the security and confidentiality of your personal data and the information will only be used for the specific purpose for which it has been provided to them. Protecting your data outside the EEA The EEA includes all EU Member countries as well as Iceland, Liechtenstein and Norway. We may transfer personal data that we collect from you to third-party data processors in countries that are outside the EEA. If we do this, we have procedures in place to ensure your data receives the same protection as if it were being processed inside the EEA. For example, our contracts with third parties stipulate the standards they must follow at all times. If you wish for more information about these contracts please contact our Data Protection Officer. Any transfer of your personal data will follow applicable laws and we will treat the information under the guiding principles of this Privacy Notice. Authorised third parties We may also be required to allow authorised third parties, including service providers and suppliers, access to your personal data, for the purposes stated in section 2 of this notice. Any data sharing with third parties will be in compliance with applicable data protection laws and these companies will not share your information with any other company or use it for any other purpose. Governmental, legal and regulatory authorities It may be necessary for us to share your personal data with financial and regulatory organisations (e.g. the Financial Ombudsman Service, the Financial Conduct Authority, the Information Commissioner’s Office) or law enforcement agencies (including courts) in order to assist them with enquiries, investigations or proceedings and ensure our compliance with our regulatory and legal requirements. As a financial services company, we are required to have certain processes in place with regards to anti-bribery and corruption, money laundering and fraud. If any criminal offence is detected or suspected, we may share data with third parties (e.g. law enforcement agencies, fraud prevention agencies, anti-money laundering agencies) in order to prevent crime or aid investigations if crime is identified. We may also access this data as part of our ‘Know Your Client’ procedures to establish the parties we are dealing with and when assessing a claim payment in order to prevent criminal offences.
We would like to send you information about our products and services If you have consented to receive marketing, you may opt out at a later date. If you no longer wish to be contacted by us or to update your information you can let us know by emailing our Customer Services team firstname.lastname@example.org All marketing emails have a clear unsubscribe link and if you click it then we will automatically unsubscribe you and you will not receive any further marketing emails.
6. Your Rights
Our policy complies with the EU General Data Protection Regulation. The law requires us to tell you about your rights and our obligations with regards to the processing and control of your personal data, however not all of the following may be applicable in our business dealings: The right to be informed; The right to access your personal data; The right to rectification; The right to erasure; The right to restrict processing; The right to data portability; The right to object to processing; The right to withdraw consent; Rights related to automated decision making including profiling; There are some circumstances where we may be required to restrict your rights in order to safeguard the public or our own interests. For further information regarding your rights, please visit the Information Commissioner’s Office’s website or click on the links provided above. If you have any questions regarding privacy or how we use personal data, you may contact our Data Protection Officer: Email: email@example.com Postal Address: City Compliance, Tech Marina, Terra Nova Way, Cardiff Bay, Wales. CF64 1SA You have the right to get a copy of the information we hold about you. This is known as a subject access request. If you wish to make a subject access request, then please contact us in writing by email at firstname.lastname@example.org or post (details below). You must provide your full name, address and a contact telephone number. If you want us to stop using your personal information then please contact us in writing by (details below) or email email@example.com explaining why you object to its use and what you want us to do. We will then respond appropriately to your request. Please note that if you do not provide us with your personal information or object to us using it then this may prevent us from fulfilling certain requests (for example we cannot provide accurate information on the insurance policies where you live without your postcode and we cannot help you with certain enquiries without your contact details).
7. Other websites
9. Your right to complain
Should you have any concerns regarding how we process your personal data, then you have the right to report your concern to the Information Commissioner’s Office. For more information, please visit their website – www.ico.org.uk
10. Contact Details
Address – Homelyfe, 25 Christopher Street, Ground Floor, London, EC2A 2BS Email – firstname.lastname@example.org Telephone – 020 3870 3330