Reading Time: 8 minutes

Privacy Notice

The security and privacy of your information is important to us, while providing you with products and services we will collect and process information.

This notice explains who we are, what kind of information we collect, how we use it, who we share it with, how long we keep it and how we safeguard it. This notice also informs you of your individual rights under the Data Protection Act 2018.

About us

Onesure, Compare HGV Insurance, Spitfire Insurance, Staveley Head, Unicom Insurance Services, tradewiseinsurance.com and Insurance4MotorTrade are trading names of One Sure Insurance Ltd (also referred to as “we”, “us”, or “our”) which is a registered company in England (Company no. 05649077).
Our registered address is Spitfire House, 142-154 Congleton Road, Talke, Stoke On Trent, Staffordshire, ST7 1LX.

What is personal data?             

Personal data is information relating to an identified or identifiable natural person. Examples include an individual’s name, age, address, date of birth, their gender and contact details.

Personal data may contain information which is known as special categories of personal data. Examples include information relating to health, racial or ethnic origin, genetic and biometric data.

Personal data may also contain data relating to criminal convictions and offences.

What information do we collect and where do we get it from?

For us to arrange and administer insurance for you we will collect and process personal data about you and others connected to your policy, such as additional drivers. Where you disclose the personal data of others, you must ensure you are entitled to do so.

As a provider of insurance services, we will collect and process the following categories of data:

  • Personal data such as names, addresses, date of birth, gender, contact details and details of historic claims.
  • Special categories of personal data such as health and details on historic claims resulting in injury (physical and physiological)
  • Financial details, such as bank accounts and card details.
  • Data relating to criminal convictions and offences such as details of driving offences or insurance fraud.

If you object to the collection, sharing and use of your personal data we may be unable to provide you with our products and services.

  • We will collect your personal data when you visit our website, where we will collect your unique online electronic identifier; this is commonly known as an IP address.
  • We will also collect electronic personal data when you first visit our website where we will place a small text file that is commonly known as a cookie on your computer. Cookies are used to identify visitors and to simplify accessibility, and to monitor visitor behaviour when viewing website content, navigating our website and when using features. For more information, please refer to our cookie list, available on our website.
  • We may monitor and record calls, emails, text messages and any other forms of communication.
  • We also collect personal data through the use of telematics or similar locational tracking services, where you have agreed to the use of this particular service.
  • We will collect your personal data where you request information about our services, customer events, promotions and campaigns.

In most circumstances, you, or someone you have authorised to act on your behalf will provide us with this information when completing online quote or contact forms, when contacting us via the telephone, when writing to us or where we provide you with paper-based forms for completion or we complete a form in conjunction with you. We may also obtain information from third parties, such as credit reference agencies in order to verify your identity.

Where we collect data directly from you, we are the controller of that data. A data ‘controller’ is an individual or organisation which, alone or jointly with others, determines the purposes and means of the processing of personal data.

Where we use third parties to process your data, these parties are known as ‘processors’ of your personal data. A data ‘processor’ is an individual or organisation which processes personal data on behalf of the controller.

Where formal arrangements exist between us and those processors for them to process data purely under our instruction and not on their own behalf, they will be Data Processors.

Where there are other parties involved in underwriting or administering your insurance, they may also process your data in which circumstance we will be a joint data controller of your personal data.

For the purposes of meeting the Data Protection Act 2018 territorial scope requirements, the United Kingdom is identified as the named territory where the processing of personal data takes place.

Why do we need your information and how do we use it?

We will use your personal data for the performance of our contract with you, to quote for and provide you with insurance products and services, to process claims and renewals, to administer your policy and our business, to respond to any requests from you about services we provide and to process complaints.

We will also use your personal data to manage your account, perform statistical analysis on the data we collect, for financial planning and business forecasting purposes and to develop new and market existing products and services.

We will use any special category and criminal conviction data we collect about you for the performance of our contract with you which is deemed to be necessary for reasons of substantial public interest. This allows us to quote for and provide you with insurance products and services, to process claims and renewals and to administer your policy.

Your personal data and debit/credit card data will be processed for the necessary performance of the contract you will be entering into or have entered in to.

We monitor and record calls, emails, text messages and any other forms of communication for training and monitoring purposes and to meet our legal and regulatory obligations.

In purchasing our products and services you should understand that you are forming a contract with us. If you contact us for a quote or request details on the services we provide, we consider ourselves as having a legitimate business interest to provide you with further information about our services.

You should be aware that we may use automated decision-making services, tools or techniques to provide you with a quotation, or to check for customer suitability to our products. You have the right to receive information about the logic involved in relation to the decision and the right to human intervention. You can do this by contacting our data privacy representative.

In some situations, we may request your consent to market our products and services to you, to share your data or to transfer your data outside the European Economic Area. Where we require consent, your rights and what you are consenting to will be clearly communicated to you. Where you provide consent, you can withdraw this at any time by contacting our data privacy representative by e-mailing Datarequests@onesureinsurance.co.uk.

How is the information shared?

We will share your personal data within our firm and with business partners. This is normal practice within the insurance industry where it is necessary to share information to place, quantify and underwrite risks, to assess overall risk exposure and to process claims. It is also necessary to determine the premium payable and to administer our business.

We also share personal data with authorised third parties; this is necessary where we are required to do so by law, where we need to administer our business, to quote for, source, place and administer your insurances (including arranging insurance premium finance), to perform underwriting activities and to process claims. Some examples are:

  • Insurers;
  • Underwriters;
  • Premium finance providers;
  • Credit reference agencies;
  • Debt recovery agencies;
  • Claims handling companies;
  • Loss adjusters;
  • Insurance brokers;
  • The Financial Ombudsman
  • DVLA
  • Law enforcement agencies
  • Reinsurers;

If you require more information about our insurance processes or further details on how we collect personal data and with whom we share data with, please contact our data privacy representative by e-mailing Datarequests@onesureinsurance.co.uk.

International transfers of personal data

We will transfer your data to third parties based outside the European Economic Area. This is necessary for the purposes of administering our business and underwriting and claims processing purposes. Such parties are not permitted to use your personal data for any other purpose than for what has been agreed with us. These parties are also required to safeguard your personal data through the use of appropriate technical and organisational data security measures and are prohibited from disclosing or sharing your data with other third parties without our prior authorisation, or unless as required by law.

Please contact our data privacy representative for a list of countries and organisations your personal data is transferred to.

In the event that One Sure Insurance Ltd undergo re-organisation or One Sure Insurance is sold to a third party, any data we hold about you will be transferred to that re-organisation entity or third party.

How long do we keep your information?

Any data we hold about you will remain with One Sure Insurance for a reasonable amount of time. For situations where no contract is entered in to; we will hold your data for a period of 3 years, and for any insurance contract that is entered in to; your data will be held on file for a period  up to 40 years. The retaining of data is necessary where required for contractual, legal or regulatory purposes or for our legitimate business interests for statistical analysis (profiling), product development and marketing purposes.
Sometimes we may need to retain your data for longer, for example if we are representing you or defending ourselves in a legal dispute or as required by law or where evidence exists that a future claim may occur.

Protecting your information

One Sure Insurance is committed to high standards of information security, privacy, and transparency. We place a high priority on protecting and managing data and we have established and implemented robust frameworks to ensure security to the best of our ability. The policies and procedures we have in place range from:

  • Physical and logical access controls to encrypt data/firewalls
  • Providing employee awareness through mandatory training covering information security, data protection and fraud awareness
  • Monitoring of key partners to manage information security risks
  • Disposal of confidential waste procedures
  • Paperless desk policies

For the purposes of safeguarding and processing criminal conviction and offence data responsibly, this data is treated in the same manner as special categories of personal data, where we are legally required to comply with specific data processing requirements.

Your rights

Under the Data Protection Act 2018, you have individual rights including:

  • The right to be informed about the personal data being processed – The right to be informed encompasses our obligation to provide you with ‘fair processing information’ by way of this privacy notice.
  • Your right of access – You have the right to ask us for copies of your personal information.
  • Your right to rectification – You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure – You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing – You have the right to ask us to restrict the processing of your personal information in certain circumstances.
  • Your right to object to processing – You have the the right to object to the processing of your personal information in certain circumstances.
  • Rights in relation to automated decision making and profiling – You have the right to receive information about the logic involved in relation to the decision and the right to human intervention in certain circumstances.

We will not charge a fee to process these requests, however, if your request is considered to be repetitive, manifestly unfounded and/or excessive, we are entitled to refuse to comply with the request or charge a reasonable administration fee.

A response to your request will be provided to you within 30 days of us receiving a valid request. We do have the authority to extend these requests; following ICO guidance. If we do need to do this, we will write to you to confirm this within 30 days of receiving your original request to explain our reasons why.

The flow of data within the insurance sector is complex and we ask you to keep this in mind when exercising your ‘right of access’.  Where we may be reliant on other organisations to help satisfy your request this may impact on timescales.

In exercising your Individual Rights, you should understand that in some situations we may be unable to fully meet your request, for example if you make a request for us to delete all your personal data, we may be required to retain some data for taxation, prevention of crime and for regulatory and other statutory purposes.

You should understand that when exercising your rights, a substantial public or vital interest may take precedence over any request you make. In addition, where these interests apply, we are required by law to grant access to this data for law enforcement, legal and/or health related matters.

Complaints

If you are dissatisfied with any aspect of the way in which we process your personal data, please contact our Data Privacy Representative on the address noted below. You also have the right to complain to the UK’s data protection supervisory authority, the Information Commissioner’s Office (ICO). One Sure Insurance’s ICO registration number is: Z9366683. The ICO may be contacted via its website which is https://ico.org.uk/concerns or by calling their helpline on 0303 123 1113.

How to contact us

If you have any questions regarding this notice, the use of your data or your Individual Rights please contact our Data Privacy Representative at:

One Sure Insurance

Spitfire House

142-154 Congleton Road

Talke

Stoke on Trent

ST7 1LX

Or by e-mailing Datarequests@onesureinsurance.co.uk or by telephoning 01782880140