We are a Data Controller, which means that we determine the purposes and the means of processing your personal information. We are registered directly with the Information Commissioner's Office (ICO) and our registration number is Z8548842.
If you have any questions about how we may use your personal information you can contact us by using the details on our website or in the Contact us section.
Date last updated: 30/03/2020
- What personal information do we collect?
- How do we collect your personal information?
- How we use your personal information?
- Automated Decision Making
- Who do we share your information with?
- Fraud Prevention Agencies
- Sharing your information outside of the EEA
- How we may contact you about the products and services we provide to you
- Your Rights
- How long do we keep your personal information for?
- Marketing communications and your marketing preferences?
- Other types of advertising
- Recording Calls
- Contact Us
What personal information do we collect?
The personal information we collect from you depends on the product you apply for, or the service that we provide to you. We will only collect information that we actually need, or where we’re required to collect the information to enable us to perform our legal or contractual obligations necessary to provide you with the products or services, or where we have your permission.
This will likely include the collection of:
- your personal details (e.g. name, date of birth)
- address details
- contact details (e.g. phone number, email)
- special personal information* (e.g. health information)
- financial information
- employment information
- information on how you use our website(s) and products and services
*Special Personal Information
We may collect special personal information that will depend on the product or service you are applying for.
The data protection law defines some personal information as “sensitive data” or “special categories of data”. This includes information about physical or mental health, sexual life, religious beliefs, race or ethnic origin, political opinions, trade union membership or biometric data.
Any personal information about you relating to criminal convictions or offences may only be used by us when authorised by law.
Information about other people
If you provide personal information about someone else, for example when a joint application is made, you must do so with the permission of the other person. If you apply for a product or service jointly with another person (for example, a joint insurance application), your personal information and any information about the service provided to you will be shared with the other person.
How do we collect your personal information?
We can collect your information in a number of ways.
- When you make an application or enquiry to us either by phone, email, our websites, by a third party or by any other means
- Information received from a third party, for example when we run checks with a third party, such as a fraud prevention agency, or where you have previously agreed for your information to be shared with us, for example, if you have been introduced to us by another company
- When you participate in market research, competitions and promotions provided by us, or on our behalf
- By adding reviews or interacting with us using social media such as Twitter or Facebook etc
- When we may need to obtain up to date information about you to meet our legal or regulatory obligations
- Where you have given permission for your information to be provided to us
How we use your personal information
We can only use your personal information where it falls into one or more of the following categories:
- it is necessary to enter into or fulfil a contract we have with you;
- you have provided your consent;
- we have a legal or regulatory obligation to do so;
- it is necessary to carry out a task which is in the public interest;
- it is necessary to protect your vital interests; or
- it is in our legitimate interest to do so and it is not against your rights.
How your personal information will be used will depend on the product or service being provided to you. You can select from the products below to see how your personal data will be used. If you decide not to go ahead with any of the services we provide we will still process your personal information we have collected for the purposes set out in Other Purposes for Processing your Personal Data.
We have previously provided insurance brokerage services for life insurance products, home, motor and gadget insurance. If you have previously taken an insurance product through us, your personal information will be processed as set out below.
What personal data do we need to collect?
For insurance policies previously provided by Think Insure, the following categories of personal information are collected:
This is required to enable us to continue to administer your insurance policy. We also need to use this information to fulfil our legal obligations.
Who will the data be shared with?
We will share your personal information with insurers so that they can administer the insurance policy. You can find the insurers who we work with on our website.
Regulators, such as the Financial Conduct Authority, the Information Commissioners Office or any other regulatory body or authority may request certain information as part of supervising us. We have a legal or regulatory obligation to provide this.
How long will your data be stored for?
Whilst you continue to be our customer, we will keep a record of your personal data to ensure that we provide you with the best service possible and where we’re required to keep your personal information to meet our legal and regulatory obligations. This will normally be kept for at least 6 years, starting from the date when we are no longer providing you with a service. Telephone calls will be retained for at least 6 years from the date the call was made.
After this time, we will delete the information or anonymise the data so that it cannot be linked back to you.
+Other Purposes for Processing your Personal Data
Websites and marketing
To help us understand you better and provide you with information about other products which may be suitable and relevant, we will use your personal information to create a profile of you and your circumstances. This allows us to provide more relevant, accurate and tailored services to you. We believe we have a legitimate interest to do this and that it is not against your rights. However, if you don’t want us to profile your personal information this way, to then better enable us to tailor any marketing communications to you, you can contact us to let us know that you wish for your personal data not to be used in this way.
Reviews and Market Research
Where we have a copy of your personal information we may contact you to ask you to provide a review about the services you’ve received or where we are carrying out market research which may help us design future products and services or to help improve our current services. Although this information would really help us, you wouldn’t be required to provide us with this information unless you’re happy to. We consider that this is in our legitimate interests to contact you in this way for market research purposes.
Legal or Regulatory Obligation
We are required to process your personal information where we have a legal or regulatory obligation to do so, for example, to adhere to anti-money laundering or our regulatory obligations.
Responding to complaints or enquiries
If you make an enquiry or complaint with us we will use your personal information to investigate the complaint and deal with your enquiry. We have a legal and regulatory obligation to deal with your complaint appropriately.
As part of our legitimate interest to develop our business and our products we will use your personal information to assess our performance as a business and for statistical analysis. We will use your personal information to assess our performance as a business and for statistical analysis. We will use as little personal data as we can to achieve this. We may also share this analysis with third parties who provide us with services and where we have a contractual obligation to do so.
We also use personal information to help us create groups of people which may then be used to help us understand our products and help tailor our marketing more appropriately. If we work with a third party for these purposes a contract will be in place to ensure your personal data is used only for these purposes and is processed securely.
Automated Decision Making
An automated decision is one which we rely on a computer or system to assess the information you provide to us to make a decision about you. This may include:
- detecting any fraudulent activity which may be taking place, or there is a risk that it could take place
- checking identity and residency statuses
If we do make an automated decision about you, in some cases you have the right to ask that we do not make our final decision based solely on the automated decision, and you can also object to the automated decision and ask that someone reviews it. If you want to do this you’d need to contact us, or use the contact information which will be provided to you once you’ve received the automated decision.
Who do we share your information with?
In addition to the companies, organisations and other third parties set out in Section 3, we may also share your personal information with the following organisations:
- IT Service Providers who provide IT platforms or other IT services
- Payment Service companies that process transactions such as Direct Debits or card transactions (where applicable)
- Communication providers (e.g. telephone line providers and email and text service providers)
- Printers who print the letters and information packs which we send to you
- Advertisers and social media companies such as Facebook, Google and Twitter for our social media accounts or where we can contact you using your social media account
- Market Research companies such as Feefo to help us improve our products and services.
- Third party partners who may have introduced you to our services or where we may introduce you to, or promote their financial products or services.
These companies help us to provide our services to you. We will have a contract in place with any provider who directly provides us with such direct services to ensure that they comply with their data protection obligations and ensure that they have appropriate security measures in place. We regularly monitor our service providers to ensure they comply with our contractual obligations in relation to the processing and security of your personal information.
We may also share your personal information where we have your consent to do so or where we’re required to do so under a legal or regulatory obligation or court order, such as the police, local authorities or the courts.
Using Fraud Prevention Agencies
The personal information we have collected from you may be shared with fraud prevention agencies who will use it to prevent fraud, money-laundering and terrorist financing and to verify your identity. If fraud is detected, you could be refused certain services, finance or employment. Further details of how your information will be used by us and these fraud prevention agencies, and your data protection rights, can be found by contacting us or email us at [email protected]
Where we do share your personal information outside the UK or the European Economic Area (EEA), we will only do this where we have your consent; to comply with a legal obligation; or where we work with a business partner to enable us to provide you with our services, and they process information outside of the UK or the EEA.
If we do share any of your personal information outside of the UK or the EEA, we will make sure that it is protected in the same way as if it was being used in the UK or in the EEA to ensure appropriate safeguards are in place. This may include putting in place a contract with the business partner that means they must protect the personal data to the same standards as it would within the UK or the EEA (this may include model clauses), or only share the data to a business partner outside the UK or in a non-EEA country where the privacy laws provide the same protection as within the UK or the EEA or where they are part of a Privacy Shield.
More information on this can be found on the European Commission Justice Website or the Information Commissioner's Office website.
We take the protection of personal information very seriously and we will maintain appropriate measures to maintain the confidentiality, integrity and availability of the information you have provided. Such measures include:
- Company security policies and standards
- staff security awareness
- role based access controls to prevent unauthorised access to the information
- encryption and anonymisation technology
- anti-malware technologies
- security monitoring
- security testing
- secure archiving and deletion
- compliance with industry regulation and legislation
How we may contact you about the products and services we provide to you
To help us keep you up to date about the products and services that we provide to you and to ensure that you’re kept fully informed, we may contact you by letter, telephone, email, text message or other electronic means.
If you do not want to be contacted in a particular way then you can request this at any time, but if we are providing a service to you we do need to be able to send you communications. This can often be due to a legal or regulatory requirement.
It is important that you keep us up to date when you change your contact details or any other personal information, to ensure that we use your up to date contact information and that we use accurate information about you.
You have certain rights under data protection legislation. These include:
Access to your personal information
You have the right to request from us a copy of the personal information that we may hold about you. This is often called a “Data Subject Access Request”. You can request this information by contacting us as set out below. Before providing this information to you or to another person or company where you have requested this personal information to be sent to, we may ask for proof of identity or ask sufficient questions to enable us to locate the information and ensure that we're only providing it where you have given your agreement.
Right to have your personal information corrected
If the personal information we hold about you is incorrect you have the right to request that we correct this.
Right to stop or limit the processing of the data we carry out
You have the right to stop us from using your personal information or limit the way in which we process your information at any time if we are no longer entitled to do so. You may also request that your personal information is deleted. There may be occasions where we are unable to delete the data due to our legal or regulatory obligations however we will discuss this with you if you request for your information to be deleted.
In some cases you may be able to request for your information to be provided to yourself or another company in a format that can be processed electronically by yourself or the other company. If you want to request this you’ll need to contact us and we may ask for proof of identity or ask sufficient questions to enable us to locate the information and ensure that we’re only providing this information were you have given your consent to do so.
How long do we keep your personal information for?
Whilst you continue to be our customer or where you have successfully taken an insurance product, we will keep a record of your personal information to ensure that we provide you with the best service possible and where we’re required to keep your personal information to meet our legal and regulatory obligations. The product specific information will set out how long your personal information will normally be kept for.
Your personal information will normally be kept for at least 6 years, starting from the date when we are no longer providing you with a service. Telephone calls will be retained for at least 6 years from the date the call was made.
After this time we will delete the information or anonymise the data so that it cannot be linked back to you.
Marketing communications and you marketing preferences?
If you have provided us with your consent or where we are legally entitled to do so, we may contact you to let you know about other offers, products and services that we provide which we think you may be interested or that may benefit you. We may do this through post, emails, text messages, telephone, push notifications, social media or other electronic means.
You can easily let us know at any time if you would no longer like to receive these messages. You can contact us by using the details on our website, or unsubscribing using the link or information within recent marketing messages you have received from us. Alternatively you can opt out of receiving marketing emails by contacting us at: [email protected]
Other types of advertising
We do not have any control over the advertisements you see on other third party websites however you can request to opt out or customise these advertisements by using the Google Ads Preference Manager.
We will record any telephone calls you make to us or we make to you or any other third party. This is for training, monitoring and quality purposes and to meet our legal and regulatory obligations. Some telephone calls may be observed by staff for training and development purposes.
We may keep a copy of the telephone calls for at least 6 years from the date the telephone call was made.
If you have any questions or queries about how we use your personal information you can contact us or our Data Protection Officer using the address or email below:
Data Protection Officer
Email: [email protected]
If you are unhappy and would like to make a complaint in relation to how we handle your personal data, please contact our Customer Relations Team at [email protected].
If you’re not happy with how we have dealt with your complaint you have the right to lodge a complaint directly with the Information Commissioner’s Office. You can find their details on their website at https://ico.org.uk/
When using this website, some information may be collected automatically using 'cookies'. These are small text files that facilitate the processing of your data and enable us to analyse how the website is being used. Cookies can be temporary or permanent.
Temporary cookies form part of the security process while you are using the website; permanent cookies identify the link you used to find our website, check your browser so that we can make sure that our website and services work well with your computer and to help us monitor traffic on our website.
Why are cookies used?
They help visitors. Cookies allow sites to do things like provide personalised content and remember their log-in details and settings. You can turn them off - this won't stop a website from working, but it might mean it won't work as well as it could, or that you have to do the same thing more than once.
They help website owners. Cookies tell website owners things like: what search engine a visitor used to find the website, how often they've visited it, how long they've spent on it, and so on.
For further information on the Cookies we use, please see our Cookies Policy