Plus Insurance Partners Limited (also known as Plus Insurance) is strongly committed to protecting your personal data. We will always treat your personal details with the utmost care and respect. We will only use the information that we collect about you lawfully and transparently.
This statement explains how we collect, use and store personal data (this is any information relating to an identified or identifiable living person). The statement also explains the rights of anyone whose personal data we hold. Personal data may be obtained from individuals themselves or from others.
We hope that this statement will answer any questions you may have, but please do contact us if you require further information. Contact details can be found under the ‘Contact Details’ section of this statement.
The Legal Bases for Collecting and Processing Personal Data
Data protection laws set out a number of bases on which companies can collect and process personal data. We use the following:
1. Consent – in some cases, we rely on your consent to collect and process data. An example is when you agree to receive our newsletters by email.
2. Contractual obligations – sometimes, we need your personal data to comply with our contractual obligations. For example, for us to enter in to a contract for insurance services with you, we need to know your date of birth.
3. Legal compliance – we may need to collect and process your personal data if required by law.
4. Legitimate interest – in some cases, we use your data in accordance with our need to run the company efficiently and effectively and serve you as a customer.
When Do We Collect Your Personal Data?
- When you visit our website.
- When you contact us by any means to obtain a quotation or to buy a policy.
- When you ask us to provide information to you by email.
- When you complete customer feedback surveys we send you.
- When you complete one of our forms.
- When you’ve given a third-party permission to share with us the information they hold about you.
What Sort of Personal Data Do We Collect?
We do not sell or otherwise trade customers’ data to or with any organisation.
We only provide customers’ personal data to other organisations in the course of fulfilling our contractual obligations to you, when delivering our services to you or if required to do so by legal or other governmental and regulatory bodies.
The type of information we will collect about you includes your:
- Telephone numbers
- Email address
- Bank details
- Date of birth
- Your health
- Your marital status
- Your car registration number (for Breakdown Insurance only)
We also hold copies of documents you send to us.
We will never collect sensitive information about you without your prior consent.
Why Do We Collect and Process Personal Data?
We will contact you by post, by telephone, by email or by text message or by the use of any similar technology in accordance with our need to run the company efficiently and effectively and serve you as a customer. If you have given us your consent to contact you, this can be withdrawn at any time by emailing us at firstname.lastname@example.org or by letter.
We collect and process your data to:
1. meet our contractual obligations to you;
- issue an insurance policy;
- Notify you of changes to our services;
- deal with any claims or requests for assistance you may have;
- service your policy (including claims and policy administration, payments, policy renewals and other transactions); and
- comply with the laws and regulations that apply to our activities.
Our Use of Computer Cookies
The rules on the use of computer cookies mean we need to ask for your consent to send them to your computer.
Cookies are small files stored on your computer which hold information specific to your use of particular websites. In our case, cookies allow the Plus Insurance server to store your preferences so that the next time you visit our site the pages are tailored to your preferences, without you having to express those preferences again. You can usually modify your browser to prevent this happening. The information collected in this way could be used to identify visitors to our site, although as a matter of strict principle we do not do so.
A good example of the use of a cookie would be that if you give us consent to store cookies on your machine now, we will not have to ask you again because our server will know from information stored in your cookie that consent has been given already.
In addition, we may also use web server logs to evaluate our web site and discover for example which pages are most frequently visited. Information collected in this way will remain anonymous.
Further information on cookies can be found at https://www.aboutcookies.org.
Personal data will be held securely in accordance with our internal security policy and the law. We will not transfer your information outside the EEA (European Economic Area), except in a limited number of cases where we use essential services from non-EU third party companies (one example of which is Rocket Science Group LLP (otherwise known as MailChimp), a company we use to send our emails). We will only use processors certified as compliant with the EU Privacy Shield and committed to complying with the provisions of GDPR. For further information on the third party companies we use, please email us at email@example.com.
Our policies, procedures and training cover data protection, confidentiality and security of data. We conduct regular reviews to ensure that that we continue to hold data securely.
When and How We Share Personal Data
We will occasionally share personal data with third parties when legally permitted to do so. Contractual arrangements and security measures are put in place to ensure that data is protected and to ensure that our data protection, confidentiality and security standards are met.
Personal data held by us may be transferred to:
1. Trusted third party organisations that assist us in providing goods, services or information. An example of such an organisation would be a claims handling company appointed by the Insurer to process claims.
We provide only the specific data the third party needs to provide their services and that data can only be used for the purposes set out in our contract with them. If we stop using their services, the data held by the third party will either be destroyed or anonymised.
2. Accountants and other professional advisers.
3. Legal or other governmental and regulatory bodies or other third parties where we are required to do so by the law or the regulations under which we operate.
How Long Will We Keep Your Personal Data?
We will need to keep and process your personal information for the duration of the policy and will store the personal data for seven years after its expiry so that we can meet our regulatory obligations or to deal with any reasonable requests from our regulators and other authorities.
Changes to This Privacy Statement
We recognise our ongoing responsibility to ensure we treat your personal details with the utmost care and respect. Accordingly, this statement will be reviewed on an ongoing basis. Any change will take effect once the revised privacy statement is available on our website.
This privacy statement was last updated on 20th May 2023.
You have rights over your personal data which must be fulfilled by Plus Insurance (as a Data Controller) at your request. The rights you have over your personal data include:
1. Access to your personal data:
You have the right to access the personal data we hold about you, which can be done by emailing us at firstname.lastname@example.org. We may charge for a request for access if the law permits us to do so. We will respond to any requests for data promptly and within the legally required time limit of one month from receipt of the request. If the request is complex or we receive a number of requests from you, that time limit may be extended by a further two months, in which case we will write to you within the first month to explain why the extension is necessary.
2. Amendment of personal data:
If you tell us that any personal data processed by us is no longer accurate, we will make amendments based on the information you provide us.
Your data can be updated in the following ways:
By email: email@example.com
By telephone: 01234 716002
In writing to:
PO Box 1653
3. Withdrawing your consent:
If you have given us your consent to process your data, you can withdraw consent at any time. For example, we will only send you promotional emails if you have given us your consent to do so. To withdraw your consent, please email us at firstname.lastname@example.org or, to stop receiving emails, please click on the unsubscribe link that appears in our emails.
4. Other rights:
You may also have other data subject rights, including the right to erasure or deletion of personal data, to object to or restrict our processing of personal data and finally a right to data portability. If you want to exercise these rights, please email us at email@example.com or write to us at:
PO Box 1653
If you want to make a complaint about how we process your personal data, please contact us by email at firstname.lastname@example.org or send us a letter to the address above. We will investigate and respond to any complaints we receive as quickly as possible.
You can also raise a complaint with the Information Commissioner’s Office (or ICO), which is the UK data protection regulator. More information on your rights and how to complain to the ICO can be found at https://ico.org.uk or by telephoning 0303 123 1113.
If you have questions about any aspect of this statement or how we process personal data, please contact us:
In writing at:
PO Box 1653
By email: email@example.com
By telephone: 01234 716002