At SAGIC we recognise our responsibility to treat your personal information with care and to comply with all relevant legislation, in particular, the Data Protection Act 2018 and the EU General Data Protection Regulation (GDPR). This notice covers our requirement to provide you with information on how and why we use your personal data and of your rights under GDPR.
We have provided you with a quotation and/or administer your insurance policy and are classed as the “data controller” which means we process your data. Your data may be passed to other parties, including Reinsurers & Loss Adjuster for the administration of claims. These parties could also be a data controller and where necessary will issue their own Data Protection & Privacy Policies.
Personal Information & Legal Basis
We are required to have a lawful basis (as defined in GDPR) in order to process your personal data, the reasons we collect personal data and the relevant bases which we use are shown in the table below:-
|Why we collect your data||Lawful basis||Information collected|
|Provide you with a quotation for Insurance.||Necessary for the performance of an insurance contract.||– Basic personal details such as name, address, email, telephone, date of birth.
– Information on your insurance requirements, including details about your home/property.
– Your insurance history, including claims data and other insurance policies you have had.
– Sensitive personal information, including previous unspent criminal convictions
– Your marketing preferences
– Payment details to enable payment of insurance premium.
|Arrange and administer your policy if you buy one through us.||Necessary for the performance of an insurance contract.|
|To notify you of changes in our service.||Our legitimate interests|
|Marketing||Your explicit consent – in accordance with preference you have expressed|
|Statistical analysis.||Our legitimate interests – to refine and enhance the products and pricing which we can offer.|
|To provide improved quality and training for SAGIC staff.||Our Legal and Regulatory obligations.|
|Prevent, detect and investigate crime, including fraud and money laundering, and analyse and manage other commercial risks.||Our Legal and Regulatory obligations.|
|Resolve complaints, and handle requests for data access or correction.||Our Legal and Regulatory obligations.|
|Comply with applicable laws and regulatory obligations, such as those relating to anti-money laundering and anti-terrorism.||Our Legal and Regulatory obligations.|
Some of the personal information we ask you to provide may be sensitive (special category) as defined in GDPR, e.g. you may have to give us information about your medical history, criminal convictions and driving offences. We are allowed under GDPR to collect such information for specified “insurance purposes” without your specific consent but it will only be used for the purposes set out above. If you give us information about another person, in doing so you confirm that they have given you permission to provide it to us and that we may use their personal data in the same way as your own as set out in this notice.
Where the lawful basis of processing your data is ‘Your explicit consent’ then this consent can be withdrawn at any time by contacting us.
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyse web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
Overall, cookies help us provide you with a better website by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us.
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
SAGIC is committed to protecting the security of your personal information. We use a variety of security technologies and procedures to help protect your personal information from unauthorised access, use, or disclosure.
Disclosure of your Personal Information
As a necessary part of providing you with the services described above, we may need to disclose your personal data to other third parties. These include: Computer bureaux/Software Houses, Insurers, other Insurance Intermediaries, Loss Adjusters, Insurance Industry databases, Government databases, Regulatory authorities and the Police/other law enforcement bodies and this will be to assist with fraud prevention and detection.
Your data will not be retained for longer than is necessary and will be managed in accordance with our data retention policy. In most cases, the period will be for a maximum of 7 years following the expiry of an insurance contract unless we are required to retain the data for a longer period due to business, legal or regulatory requirements.
International transfers of data
We will ensure that we do not transfer your personal data to destinations outside the European Economic Area (EEA).
Under GDPR you have the following rights in relation to our processing of your personal data:-
- The right to be informed about how we use your personal data (This Privacy Notice);
- The right to see a copy of the personal information we hold about you;
- The right to have personal information rectified if inaccurate or incomplete;
- The right of erasure of your personal information where there is no compelling reason for its continued processing;
- The right to restrict processing in certain circumstances, e.g. if its accuracy is being contested;
- The right to data portability which, subject to certain conditions, allows you to obtain and reuse your personal data across different services;
- The right to object to certain processing including for the purposes of direct marketing;
- Rights to information in relation to automated decision making and profiling.
For further information on this Privacy Notice, to access your personal information or to exercise any of your other rights, please contact
The Data Protection Officer,
Salvation Army General Insurance Corporation,
23-24 Lovat Lane,
London, EC3R 8EB
Telephone:- 0300 030 1865
If you have a complaint about how we use your personal information please contact us at the address above. You also have the right to lodge a complaint with the Information Commissioner’s office at any time.