In this Privacy Notice, ‘we’, ‘us’ and ‘our’ refers to one or more of the subsidiary companies of Ageas (UK) Limited. This includes Ageas Insurance Limited (data controller registrations number Z5472176) and Ageas Retail Limited (data controller registration number Z5667691) and their various trading entities. If you want to know more about the Ageas group and Ageas brands please go to www.ageas.co.uk.
The privacy and security of your personal information is very important to us so we want to assure you that your information will be properly managed and protected whilst in our hands. Please read this notice carefully as it explains how we and/or carefully selected third parties we work with, collect and use your personal information.
You can ask for further information about our use of your personal information or complain about its use, by contacting our Data Protection Officer at: Ageas House, Hampshire Corporate Park, Templars Way, Eastleigh, Hampshire, SO53 3YA or by emailing firstname.lastname@example.org.
In order for us to provide our services to you and to manage those services we will ask you to share your personal information with us. The circumstances in which we use your information, the reasons why we ask for it and details of how we will use it are explained in section 3 of this notice. The information we collect about you varies depending on your particular circumstances and requirements and may include, for example:
- general information about you such as your name, address, contact details and date of birth;
- information about what and/or who you want to insure, such as vehicle details and named drivers, your home, travel details and companions;
- your claims and credit history;
- criminal convictions;
- financial details, such as bank account and card details;
- special categories of personal information (previously known as ‘sensitive personal information’), such as information about your health;
- information about your use of our websites such as your IP address, which is a unique number identifying your computer.
We may collect personal information from the following sources:
- you or someone connected to you as part of a quotation or claim;
- databases containing details of any products quoted by or purchased from other Ageas brands;
- your previous insurer or intermediary in order to confirm your no claims bonus entitlement;
- third parties where you have provided permission to benefit from an offer or service e.g. reward scheme;
- publically available sources of information, such as the open electoral register and social media and networking sites;
- third party databases made available to the insurance industry (for example, anti-fraud databases and government agencies such as the DVLA), as well as databases where you have given your permission to share information with a third party like us. For more information about these sources, please contact the Data Protection Officer using the details set out in section 1 of this notice;
- price comparison websites, where they have sent your personal information to us to see whether we are able to provide a quotation. Where we have not been able to provide a quotation, we will only retain your data for a maximum of 30 days. The information you provided is shared with us and used for the purposes set out in section 3 of this notice. The information in this notice will apply in addition to any information given to you by that price comparison website about the use of your personal information.
If you have provided information to us about someone else, you would have confirmed that you have the consent of these individuals to share their personal information with us. You should share this privacy notice with all individuals whose personal information you have shared with us as it may also apply to them.
We and/or our carefully selected third parties may collect and use your personal information under the following circumstances or for the following reasons:
a) To provide you services relating to an insurance quotation and/or insurance policy such as:
- assessing your insurance application and arranging your insurance policy, such as checking databases showing no claims discount entitlement and driving licence records;
- managing your insurance policy including claims handling and issuing policy documentation to you;
- providing you with the services described in your policy documents.
The collection and use of information such as your name, address, date of birth, claims history, what/who you would like to insure, convictions details and medical conditions for travel insurance is necessary to provide you with a quotation and/or policy. Without this information, we will be unable to assess your application and/or provide claims services. If any special categories of personal information are not to be used to provide you with a quotation and/or policy, we will always ask for your consent to process this information.
Our assessment of your insurance application will involve an automated decision to determine whether we are able to provide a quotation and/or the price. An automated decision involves processing personal information without any human involvement. The decisions involve the use of systems, such as our price rating and acceptability tools, and are dependent on the information you provide us (for example: post code and vehicle type, for motor insurance, health details for travel insurance and/or type of property for home insurance) to produce a result as to whether we are able to provide a quotation and/or what the relevant price for your policy should be. If you object to an automated decision that is required to determine your insurance premium then we will be unable to provide you with an insurance quotation or renewal.
b) Where we have a justifiable reason (also known as a legitimate interest), such as:
- keeping records about you and our correspondence with you as well as your current and past insurance policies and history of insurance claims. This is so that we can appropriately and effectively manage our relationship with you as well as satisfy any legal and regulatory obligations we may have to keep such records.
- preventing and detecting fraud, financial crime and anti-money laundering. We may use your personal information to prevent fraud and in doing so may:
- collect personal information about you from databases as described in this notice and from publically available sources (such as the open electoral register and social media and networking sites);
- check your personal information against databases including databases showing no claims discount entitlement and driving licence records;
- share your personal information with fraud prevention agencies. Your personal information will be checked with and recorded by a fraud prevention agency. If false or inaccurate information is provided and fraud is identified, details will be passed to the fraud prevention agency. This information will be accessed and used by us, law enforcement agencies and other organisations to prevent fraud and money laundering, for example: when checking details on applications for credit and credit related or other facilities; managing credit and credit related accounts or facilities; recording debt; checking details on proposals and claims for all types of insurance; and checking details of job applicants and employees. Other organisations may search the databases held by these fraud prevention agencies when you make an application to them for financial products. If such companies suspect fraud, we will share your personal information with them. The information we share may be used by those companies when making decisions about you. We and other organisations may access and use, from other countries, the information recorded by fraud prevention agencies;
- share your personal information with operators or registers available to the insurance industry to check information you provide. These include the Claims and Underwriting Exchange Register and Motor Insurance Anti-Fraud and Theft Register. We may pass information relating to your insurance policy and any incident to the operators of these registers, their agents and suppliers;
- (for Motor Insurance only) share it with the Motor Insurance Database (MID) which may be used to establish whether a driver is insured to drive a vehicle and/or for preventing or detecting crime. If you are involved in an accident in the UK or abroad, the MID may be searched to obtain relevant policy information. You can find out more at www.mib.org.uk;
- use any personal information obtained about you, or anyone you have provided us information about, to carry out the above profiling activity as part of our investigations into fraudulent behaviour. Should fraud be identified as a result of such profiling activity, this could result in the rejection of an application for insurance, a claim and/or voidance of your policy.
- providing sales information to third parties such as a price comparison website which you may have used to purchase a policy with us, so that we can fulfil our contractual responsibilities to them.
- carrying out processes such as analysis and modelling which may include computerised processes which profile you, as well as statistical, trend and market research in relation to our products and/or services to better understand, predict and forecast our customer’s or prospective customer’s preferences and behaviour and to develop and improve the products and services we offer. We may communicate with you by post, e-mail, SMS and/or telephone to ask you to participate in this research, unless you have told us you do not want us to. If you do not want us to contact you in relation to market research, you may ask us to stop contacting you at any time. Please refer to section 4 of this notice for contact details.
- using information collected from databases we use together with the personal information you give us, to help us to improve and develop our internal databases and systems (such as those used for assessing the risks we insure and communicating with you) in order to improve the products and services we offer. For more information about how we communicate our products and services, please refer to section 4 of this notice.
- we may anonymise and combine the information you have given us to understand more about you, create new products and services as well as helping us with our marketing.
- recording and monitoring calls for training purposes, to improve the quality of our service, to help us deal with queries or complaints from you, to prevent and detect fraud and financial crime and to protect our mutual interests. We may also use CCTV recording equipment in and around our premises for monitoring and security purposes.
c) Where you have given us your permission, such as:
- using personal or special categories of personal information about a child in order to provide you with a quote related to travel insurance or fulfil the services outlined in your policy documents, such as handling a claim.
For details about how we use your personal information to communicate our similar products and/or services, your use of our websites and email communications, please refer to section 4 of this notice.
We may share your personal information with third parties in order to carry out the activities detailed in section 3b) above. For further details about who we might share your personal information with, please refer to section 5 of this notice.
We will contact you, in order to communicate products and/or services which we believe may be of interest to you and which relate to your general insurance needs.
There may be times when we will require your permission to provide information about products and services to you, such as:
- where the product or service is not similar to those that we currently provide to you but we believe you may be interested in it; or
- when you have opted out of us sending details of or contacting you in relation to the products and services we offer.
We may communicate with you by post, email, SMS, telephone and/or digital methods such as social media and online advertising, unless you have told us you do not want us to. Where you no longer hold a policy with us or we have previously provided you with a quotation, we will keep you informed about our products and services for a period of up to 5 years from the date you last obtained the quotation or your policy lapsed. If you do not want us to do this, you may ask us to stop contacting you about our products and services at any time by:
- email – email@example.com
- post – Ageas House, Hampshire Corporate Park, Templars Way, Eastleigh, Hampshire, SO53 3YA or
- calling us – 0345 234 0117
Our carefully selected business partners may use your personal information to only make our promotional offers available to you and manage those offers on our behalf.
We may develop and enhance the information we hold about you with the aim of improving the products and services we offer. We may share your personal information with carefully selected third party databases which, when combined with the personal information you have given us, helps us to target and tailor both our marketing communications and website content to make them more timely, relevant and personalised to you. For further information about the third party databases we use, please contact the Data Protection Officer using the details set out in section 1 of this notice.
We may also contact you if you fail to complete an online quotation to see if we can offer you any help with this.
Use of your personal information when using our websites and email communications:
When you visit one of our websites we may collect information from you such as, your email address, IP address and other online identifiers. This helps us to track unique visits and monitor patterns of customer website traffic, such as who visits and why they visit. We use third parties to collate IP addresses to help us understand our Internet traffic data and data regarding your browser type and computer.
The open nature of the internet is such that data may flow over networks without security measures, and may be accessed and used by people other than those for whom the data is intended. Whilst this is outside of our control, we do take the protection of your information very seriously and aim to apply appropriate levels of security at all times.
We may share your personal information with:
- other companies or brands within the Ageas group, namely Ageas Insurance Limited, Ageas Retail Limited, Ageas Services (UK) Limited and Ageas Law LLP. For example, your personal information may be shared for our general business administration, where we are unable to provide you with an insurance product, we will check whether they have an insurance product which may suit your needs or for efficiency and accuracy purposes.
- other insurers, reinsurers, business partners, agents or carefully selected third parties providing a service to us or on our behalf, such as: processing our mail, assisting with our marketing activity in order to help improve our pricing for customers, providing IT systems and administrative services, claims handling services, providing a reward scheme for customers and the development and improvement of our internal databases.
- organisations that have a specific role laid out in law such as statutory bodies, regulatory authorities and other authorised bodies.
- other organisations where we have a duty to or are permitted to disclose your personal information by law (e.g. if we received a valid request from the police or other third party organisation in the interest of preventing and detecting crime).
- other companies where we provide insurance services in partnership with them.
- fraud prevention agencies and operators of registers available to the insurance industry to check information and prevent fraud. This is outlined in more detail under section 3 of this privacy notice.
- credit reference agencies to check your credit history. This check will be recorded on your credit reference file without affecting your ability to apply for credit or other financial products. For more information about how the three main credit reference agencies in the UK use and share personal data, please refer to The Credit Reference Agency Information Notice (CRAIN), which may be found on the credit reference agencies’ websites:
- third parties where you have provided permission, or have agreed to benefit from an offer or service e.g. reward scheme. Where this occurs we will receive personal information from the third party to validate that you are a policyholder.
- third parties we use to recover money you may owe us or to whom we may sell your debt.
- other insurers, insurance brokers or intermediaries to whom we may decide to sell any specific insurance policies. Should we want to do this, we will advise you in good time, so that you can object.
- another company, if our business or part of it is bought or taken over by that company to ensure your insurance policy can continue to be serviced or as part of preliminary discussions with that company about a possible sale or take over.
- other companies when we are trialling their products and services which we consider may improve our services to you or our business processes.
- other third parties if you have given us your permission to do so or there is sufficient reason to believe they are acting on your behalf.
Unless required by law, we would never share your personal data without the appropriate and necessary care and safeguards being in place. Please contact the Data Protection Officer using the details set out in section 1 of this notice should you require further details about with whom we may share your personal information.
We will keep your information only for as long as is reasonably necessary for the purposes set out in this privacy notice and to fulfil our legal and regulatory obligations. For further information about how long we will keep your information, please contact the Data Protection Officer using the contact details outlined in section 1 of this notice.
The personal information we and our carefully selected third parties collect from you may be transferred to, stored and processed outside the European Economic Area (EEA). We or our service providers may use cloud based computer systems (i.e. network of remote servers hosted on the internet which process and store your information) to which foreign law enforcement agencies may have the power to require access. We will not transfer your information outside the EEA unless it was to a country our information regulator has assessed as having adequate data protection laws, or we had taken all reasonable steps to ensure the firm has the necessary privacy and security controls in place to protect your information as if it were in the EEA. Our contracts with these firms will detail the necessary requirements to ensure your information is protected. We will assess these firms’ security arrangements from time to time ensuring that they are only using your information as agreed. Should you wish to obtain further information about the safeguards we have in place, please contact the Data Protection Officer whose contact details are outlined in section 1 of this notice.
To help manage your insurance policy we will deal with individuals you nominate, including third parties we reasonably believe to be acting on your behalf provided they are able to answer our security questions. However, for your protection, we will need to speak to either you directly, your legal representative, someone you have nominated and given us permission to discuss your personal details with, or your Power of Attorney, should you require changes to your contact address or policy coverage, if you wish to make a claim or to cancel the policy.
You have a number of rights concerning the personal information we use, these include the right to:
- object to the processing of your personal information for the justifiable reasons detailed in section 3b). Please note that should you wish us to stop using your personal information for processing a claim or sending a renewal invitation, we will no longer be able to provide you with an insurance product or service.
- ask for access to and a copy of your personal information.
- ask us to correct your personal information.
- ask us to delete your personal information. Please be aware that there may be certain circumstances where we may not be able to do this, for example, where the processing of your personal information is necessary for us to comply with a legal obligation.
- ask us to restrict the use of your personal information at any time, except where we have a justifiable reason to use it.
- ask us to move, copy or transfer your personal information to a third party (known as ‘data portability’).
- where you have previously given us your permission to use your personal information for marketing purposes, withdraw that permission. Where your permission is withdrawn, your previous consent will remain valid in respect of our use of your information prior to the date you withdrew it, or if any marketing material has been sent prior to you advising that you do not wish us to contact you again.
- complain to the Information Commissioner’s Office at any time if you object to the way we use your personal information or if you believe we have breached the requirements of the General Data Protection Regulations. For more information please go to www.ico.org.uk.
- object to an automated decision including profiling. For details about the profiling activity we undertake, please refer to section 3 of this notice.
To discuss your rights or make a request, please contact the Data Protection Officer using the details outlined in section 1 of this notice.
Please note that in some cases even when you make a request concerning your personal information, we may not be required, or may not be able, to honour it as this may result in us not being able to fulfil our legal and regulatory obligations or there is a minimum statutory period of time for which we have to keep your information. If this is the case then we will let you know our reasons.
Last updated 29.03.19