Introduction

One Guarantee are the Data Controllers responsible for complying with data protection laws and are committed to ensuring your privacy and personal information is protected.

This privacy notice describes how One Guarantee handle your personal information collected from providing our services to you as well as services via our websites. All entities are registered with the Information Commissioners Office (ICO) and can be found on the Data Protection Public Register via https://ico.org.uk/esdwebpages/search.

This privacy notice should be brought to the attention of other parties who have an interest in the insurance policy who have given their consent to you to act on their behalf.

Privacy policy amendments

From time to time, it may be necessary for us to change this privacy policy, so we suggest that you check here periodically.

If, at some time in the future, we wish to use your personal data in ways other than those set out in this privacy notice, then we will notify you about this and if required seek your permission to do so.

IP addresses and cookies

Reverse IP Lookup

We also use the IP address of website visitors to identify how our website visitors interact with our website. We do this for two purposes:

1. To build an understanding of how our website content is performing, so that we can identify areas that could provide a better experience for website visitors.

2. To identify the names of businesses visiting our website, so that we have the option to reach out to those who didn’t make contact with us. This information identifies only the business name related to an IP address. It does not identify any individuals within the business and no personally identifiable data is captured.

How we collect your Personal Information

We will collect your personal information in a number of ways, mainly from what you tell us yourself but also from other organisations and people who share your information with us. This will include written information from forms you have completed, notes from conversations via telephone calls, emails, details provided via our websites or social media and information from credit agencies or finance providers.

Our Services and How we use your Personal Information

What personal information we collect will depend on what service we are providing you. Our main aim in gathering your personal information is to provide you with a customised service.

The type of personal information that we may collect will be:

Contact details such as your name, postal address, email address and contact telephone numbers. Details such as your date of birth, national insurance number, occupation, passport and driving licence details if required. Also details about the persons to be covered under an insurance policy and their relationship with you as the policyholder. Other information surrounding your policy which may be details of your vehicle, your travel plans and previous claims in connection with the insurance requested. Financial information such as your bank or credit card details. Sensitive personal information (now known as ‘special categories’) may also be collected which would be health information, marital status, details of previous or alleged criminal offences or proceedings and convictions or County Court Judgements and bankruptcies.

We may collect the following via our websites:

Name, postal address, phone number, occupation, other contact information, online identifier, interest you have in relation to our services or our practice areas, any information that you may volunteer by completing and submitting forms on our websites and details of your visits to and usage of our website.

We may use your personal information in order to fulfil our contractual obligations to you:

a) For the purposes of insurance administration by us in response to your requests for quotations and renewal of insurance contracts where data will be shared with Insurers, providers and agents

b) To provide you with a claims service where data will be shared to facilitate this service with insurers, surveyors, loss adjustors, claims administrative support services

c) Where we have a specific legal exemption to process ‘special categories’ data for insurance purposes as an essential part of the insurance cover for example criminal convictions and health data

d) To provide you with premium payment options to enable finance companies to provide you with a greater choice in making premium payments;

e) To deal with complaints made by you relating to our services or websites

For Legitimate Interest:

a) To correspond with you, notify you of events or changes to our service or otherwise to fulfil your requests and respond to your queries and requests for information which may include marketing to you

b) For our business purposes such as data analysis, audits, to help us better understand our customers and improve our customer engagement in developing new products, enhancing, improving or modifying our websites, identifying usage trends, determining the effectiveness of our promotional campaigns and operating and expanding our business activities or for staff training purposes.

c) Where we have Introducers for the purposes of accounting for commission payments to them

For Legal Reasons:

a) To meet any applicable legal or regulatory obligations

b) To meet compliance requirements with our regulators (e.g. Financial Conduct Authority)

c) To comply with law enforcement and to manage legal claims, and

For Public Task/Interest:

a) We may need to use personal information to carry out anti-money laundering checks & Financial Sanction checks.

With your Consent:

a) If you have indicated by opting into receiving marketing information which does not fall under the legitimate Interest basis

b) Where you have consented to this for a specific purpose and this has been recorded. Without your consent we may not be able to provide you with the services requested or you may not be able to benefit from some of our services.

c) Where a third party is involved we will need you to confirm that they have provided their consent for you to act on their behalf.

You may at any time withdraw your consent by contacting us either by phone, email or by post to the registered office address.

The information we collect about you is used solely for the purposes outlined above. We will only use it for additional purposes if we have received your prior consent to do so.

Sharing of personal information

The information you provide us with may be shared with employees throughout One Guarantee and will be processed in accordance with this privacy policy, the General Data Protection Regulations and other applicable UK legislation.

We may use personal information we hold about you across One Guarantee for general business administration, to help us identify and tailor products and services that may be of interest to you. We will do this in accordance with any marketing preferences you have provided to us. We may continue to do this after your policy has ended.

We may also share the information you provide with third parties such as insurers, their associated companies and agents for the purpose of insurance and claims administration which could include loss adjusters, suppliers and providers of goods and services associated with your insurances, finance companies where you have requested this payment option and selected companies that provide technical assistance and support to perform functions that support our marketing or website hosting activities.

We may share your personal information with relatives or guardians (on your behalf where you are incapacitated or unable) or other people or organisations associated with you such as your legal representative. Also, where you have named an alternative contact to deal with your insurances on your behalf.

If required, we will also share your information with the Financial Ombudsman service and regulatory authorities such as the Financial Conduct Authority and the Information Commissioner’s office.

Credit Searches

To ensure the Insurer has the necessary facts to assess your insurance risk, verify your identity, help prevent fraud and provide you with our best premium and payment options, the Insurer may need to obtain information relating to you at quotation, renewal and in certain circumstances where policy amendments are requested. The Insurer or their agents may:

  • Undertake checks against publicly available information (such as electoral roll, county court judgments, bankruptcy orders or repossession(s). Similar checks may be made when assessing claims,
  • Carry out a quotation search from a credit reference agency (CRA) which will appear on your credit report and be visible to other credit providers. It will be clear that this is a quotation search rather than a credit application.

Where you agree to pay monthly under an Insurers credit agreement, the status of your quotation search from the Insurer’s credit reference agency (CRA) will be updated to reflect your credit application and this will be visible to other credit providers. CRA’s may keep a record of this search.

In order to assess your application, the Insurer will supply your personal information to their CRA and they will give Insurers information about you, such as about your financial history. They do this to assess creditworthiness and product suitability, check your identity, manage your account, trace and recover debts and prevent criminal activity. They will also continue to exchange information about you with CRA’s on an ongoing basis, including about your settled accounts and any debts not fully repaid on time. CRA’s will share your information with other organisations. Your data will also be linked to the data of your spouse, any joint applicants or other financial associates.

The identity of their CRA and the ways in which they use and share personal information, are explained in more detail at www.callcredit.co.uk/crain.

The information we collect about you is used solely for the purposes outlined above. We will only use it for additional purposes if we have received your prior consent to do so.

We do not currently envisage our wishing to transfer personal information about you outside of the European Economic Area but may wish to do so in the future. The data protection and other laws of those countries may not be as comprehensive as those in the UK and the European Economic Area, but we will take steps to ensure that your privacy rights are respected and that your data is treated securely and in accordance with this privacy policy.

We may disclose your personal information to third parties in the event:

a) selected third parties in connection with the sale, transfer or disposal of our business

b) we are under a duty to disclose or share your personal data in order to comply with UK law which may include laws outside your country of residence to respond to requests from courts, law enforcement agencies, regulatory agencies and other public and government authorities.

c) of any legal proceedings or to establish, exercise or defend our legal rights (including exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction).

d) to third parties involved with events that you register for or accept invitations for to facilitate your participation in those events

We will have in place safeguards through organisational and technical measures to ensure that your personal information is protected from unauthorised use or disclosure. We ensure that where your data is shared there are procedures and contractual arrangements in place to keep your data confidential.

Security of your personal data via the internet

The Internet is not a secure medium of communication and we cannot guarantee the security of any information transmitted via the Internet. However, once received we will take reasonable technical and organisational precautions to prevent the loss, misuse, alteration of, or unauthorised access to your personal data.

Data Retention

Data is retained for the period necessary in order to fulfil the purposes outlined in this privacy policy unless a longer retention period is required or permitted by law. This is usually between three and ten years and it will depend on the nature of the personal information and what we do with it.

In the absence of a specific business case supporting a longer period One Guarantee will retain client data, accounts data and complaints data from the date of the complaint, for seven years, quotation data for 3 years and subsidence claims records for 10 years. Liability insurance products will often be kept for extended periods.

Your rights

You have the right to access your personal data. We may ask for verification of identity in order to ensure your privacy is protected. We will not generally charge for this service but if any are attributed these will only be to the extent that current regulations allow and you will be advised.

If any personal data held is inaccurate or incomplete you have the right to request rectification. Any refusal will be fully explained together with your rights to complaint to the supervisory authority and to legal remedy.

You may also have the right to request erasure of your personal data held; where this is no longer necessary for the purpose originally intended; if you have withdrawn consent; if we have no legitimate reason to hold the data or there is no legal reason. However, there are some specific circumstances where the right of erasure does not apply, and we may be able to refuse your request on certain grounds under current regulations.

Also, you may be able to withdraw your consent for further use of your personal information although we may not be able to process your insurance request if you do this in some circumstances.

You may have the right to object to processing your data unless we can demonstrate compelling legitimate grounds for the processing, which override the interests, rights and freedoms of the individual or the processing is for the establishment, exercise or defence of legal claims.

We will inform you of your right to object at the point of first communication with you.

You have the right not to be subject to automated decision making where decisions are made by inputting data into a system or computer and the decision is calculated using automated means without any human involvement. Insurers will often use this method when deciding on the premium to charge where they use data to determine rates and they may also use it for fraud prevention where they check against lists and may reject applicants on the basis they are likely to defraud the Company. Scoring methods are also used to assess applications and exclusions will be applied for a scheme depending on information collected. Examples of such data will be age, postcode, lifestyle (eg. smokers or non-smokers) and medical history. If you don’t consent to processing your data in this way this may limited our ability to facilitate the provision of certain insurance covers for you.

You have the right to lodge a complaint to the Information Commissioner’s Office (ICO) at any time if you object to the way we use your personal information. Further information can be found at http://ico.org.uk/

Exercising any of the above rights may mean we cannot continue to deal with your insurances and may result in policy cancellations. You will therefore lose the right to bring any claim or receive any benefit under the policy and you may also lose benefits under the policy for an event prior to you exercising your rights as well, if the ability to deal with the claim has been prejudiced.

Marketing

We will only contact you if you have agreed that we can to tell you about products and services that we feel you will benefit from or may interest you.

You may unsubscribe to receiving emails or marketing communications at any time by contacting us to update your preferences. In such circumstances we will continue to send you service related communications which are non-marketing where necessary.

However, we may run specific marketing campaigns through social media and digital marketing where individuals personal data is not used for the campaign and in such situations you will need to adjust your social media and cookie browser settings to adjust your preferences.

When submitting your personal information via our website you are given the option to opt-in to the use of your personal information for marketing purposes. However, you may instruct us not to process your personal information for marketing purposes at any time using the contact details stated below.

Contacting us

If you have any questions, wish to exercise any of your rights detailed in this privacy policy or update your marketing preferences please contact the Compliance Manager:

By phone : 01603 760511

Email : hello@oneguarantee.co.uk

By Post : Lakeside 300 Old Chapel Way Broadland business Park Norwich NR7 0WG

Or via our contact us page on our websites

If you have a complaint or concern about how we use your personal information, please contact us in the first instance and we will attempt to resolve the issue as soon as possible. You also have the right to lodge a complaint with the Information Commissioners Office at any time.