Privacy Notice

Our Privacy Notice

Our Privacy Notice

1. Who we are and our approach to your privacy

In this Privacy Notice, ‘we’, ‘us’ and ‘our’ refers to one or more of the subsidiary companies of Ageas (UK) Limited. This includes Ageas Insurance Limited (data controller registration number Z5472176) and Ageas Retail Limited (data controller registration number Z5667691) and their various trading entities. If you want to know more about the Ageas group and Ageas brands please go to www.ageas.co.uk.

The privacy and security of your personal information is very important to us so we want to assure you that your information will be properly managed and protected whilst in our hands. Please read this notice carefully as it explains how we and/or carefully selected third parties we work with, collect and use your personal information.  

You can ask for further information about our use of your personal information or complain about its use, by contacting our Data Protection Officer at: Ageas House, Hampshire Corporate Park, Templars Way, Eastleigh, Hampshire, SO53 3YA or by emailing thedpo@ageas.co.uk.

2. What information do we collect and where do we get it from?

In order for us to provide our services to you and to manage those services we will ask you to share your personal information with us. The circumstances in which we use your information, the reasons why we ask for it and details of how we will use it are explained in section 3 of this notice. The information we collect about you varies depending on your particular circumstances and requirements and may include, for example:

  • general information about you such as your name, address, contact details and date of birth;
  • information about what and/or who you want to insure, such as vehicle details and named drivers, your home, travel details and companions;
  • your claims and credit history;
  • criminal convictions;
  • financial details, such as bank account and card details;
  • special categories of personal information (previously known as ‘sensitive personal information’), such as information about your health;
  • information about your use of our websites such as your IP address, which is a unique number identifying your computer.

We may collect personal information from the following sources:

  • you or someone connected to you as part of a quotation or claim; 
  • databases containing details of any products quoted by or purchased from other Ageas brands;
  • your previous insurer or intermediary in order to confirm your no claims bonus entitlement;
  • third parties where you have provided permission to benefit from an offer or service e.g. reward scheme; 
  • credit reference agencies;
  • publicly available sources of information, such as the open electoral register and social media and networking sites;
  • third party databases made available to the insurance industry (for example, anti-fraud databases and government agencies such as the DVLA), as well as databases where you have given your permission to share information with a third party like us. For more information about these sources, please contact the Data Protection Officer using the details set out in section 1 of this notice;
  • price comparison websites, where they have sent your personal information to us to see whether we are able to provide a quotation or as part of other products and services that they offer.  The information you provided is shared with us and used for the purposes set out in section 3 of this policy. The information in this notice will apply in addition to any information given to you by that price comparison website about the use of your personal information.
  • Rias may capture some more sensitive details about you, if you specifically allow us. This is to make your dealings with us more tailored to your needs and simpler for you. We will only do this after an explicit conversation with you about this, and you can always remove these details at any time. Otherwise, it will be removed from your file either two years after your policy finishes, or if applicable, seven years after any claim or three years after any complaint.

If you have provided information to us about someone else, you would have confirmed that you have the consent of these individuals to share their personal information with us. You should share this Privacy Notice with all individuals whose personal information you have shared with us as it may also apply to them.

3. Why do we collect this information and how will we use it?

We and/or our carefully selected third parties may collect and use your personal information under the following circumstances or for the following reasons:

To provide you services relating to an insurance quotation and/or insurance policy such as:

  • assessing your insurance application and arranging your insurance policy, such as checking databases showing no claims discount entitlement and driving licence records;
  • assessing your ability to pay your insurance premium at the point of quote by using internal analytical models;
  • managing your insurance policy including claims handling and issuing policy documentation to you;
  • providing you with the services described in your policy documents;
  • assessing your ability to pay your insurance premium and repay any credit we may offer you when you’ve agreed to take the option of credit and to pay monthly;
  • repay any credit associated with your insurance premium.

The collection and use of information such as your name, address, date of birth, email domain name (i.e. the web address that comes after the @ symbol), claims history, what/who you would like to insure, conviction details and medical conditions for travel insurance is necessary to provide you with a quotation and/or policy. In addition, the credit data we obtain from credit reference agencies is also used to help us assess the insurance risk or whether there is a likelihood of a customer making a claim against their policy. Without this information, we will be unable to assess your application and/or provide claims services.  If any special categories of personal information are not to be used to provide you with a quotation and/or policy, we will always ask for your consent to process this information.

Our assessment of your insurance application will involve an automated decision to determine whether we are able to provide a quotation and/or the price.  An automated decision involves processing personal information without any human involvement.  The decisions involve the use of systems, such as our price rating and acceptability tools, and are dependent on the information you provide us (for example: post code and vehicle type, for motor insurance, health details for travel insurance and/or type of property for home insurance) to produce a result as to whether we are able to provide a quotation and/or what the relevant price for your policy should be.  If you object to an automated decision that is required to determine your insurance premium then we will be unable to provide you with an insurance quotation or renewal.

Where we have a justifiable reason (also known as a legitimate interest), such as:

  • keeping records about you and our correspondence with you as well as your current and past insurance policies and history of insurance claims. This is so that we can appropriately and effectively manage our relationship with you as well as satisfy any legal and regulatory obligations we may have to keep such records.
  • preventing and detecting fraud, financial crime and money laundering. We may use your personal information to prevent fraud and in doing so may:
  • collect personal information about you from databases as described in this notice and from publicly available sources (such as the open electoral register and social media and networking sites);
  • check your personal information against databases including databases showing no claims discount entitlement and driving licence records;
  • share your personal information with fraud prevention agencies. Your personal information will be checked with and recorded by a fraud prevention agency. If false or inaccurate information is provided and fraud is identified, details will be passed to the fraud prevention agency. This information will be accessed and used by us, law enforcement agencies and other organisations to prevent fraud and money laundering, for example: when checking details on applications for credit and credit related or other facilities; managing credit and credit related accounts or facilities; recording debt; checking details on proposals and claims for all types of insurance; and checking details of job applicants and employees. Other organisations may search the databases held by these fraud prevention agencies when you make an application to them for financial products. If such companies suspect fraud, we will share your personal information with them. The information we share may be used by those companies when making decisions about you. We and other organisations may access and use, from other countries, the information recorded by fraud prevention agencies. You can find out more about how these agencies use your data at: https://www.transunion.co.uk/legal/privacy-centre and www.cifas.org.uk/fpn;
  • share your personal information with operators or registers available to the insurance industry to check information you provide. These include the UK Claims and Underwriting Exchange Register and UK Motor Insurance Anti-Fraud and Theft Register. We may pass information relating to your insurance policy and any incident to the operators of these registers, their agents and suppliers;
  • (for Motor Insurance only) share with the Motor Insurers’ Bureau (MIB) and associated not-for-profit companies who provide several services on behalf of the insurance industry. At every stage of your insurance journey, the MIB will be processing your personal information and more details about this can be found via their website: www.mib.org.uk. Set out below are brief details of the sorts of activity the MIB undertake:
    •  
      Checking your driving license number against the DVLA driver database to obtain driving license data (including driving conviction data) to help calculate your insurance quote and prevent fraud
    • Checking your ‘No Claims Bonus’ entitlement and claims history
       
    • Prevent, detect and investigate fraud and other crime, including, by carrying out fraud checks
       
    • Maintaining databases of:
      • Insured vehicles (Motor Insurance Policy Database or Motor Insurance Database/MID)
      • Vehicles which are stolen or not legally permitted on the road (Vehicle Salvage & Theft Data or MIAFTR)
      • Motor, personal injury and home claims (CUE)
      • Employers’ Liability Insurance Policies (Employers’ Liability Database)
    • Managing insurance claims relating to untraced and uninsured drivers in the UK and abroad
    • Working with law enforcement to prevent uninsured drivers in the UK and abroad
    • Supporting insurance claim processes
  • use any personal information obtained about you, or anyone you have provided us information about, to carry out the above profiling activity as part of our investigations into fraudulent behaviour. Should fraud be identified as a result of such profiling activity, this could result in the rejection of an application for insurance, a claim and/or voidance of your policy.
  • providing sales information to third parties such as a price comparison website which you may have used to purchase a policy with us, so that we can fulfil our contractual responsibilities to them.
  • carrying out processes such as analysis and modelling which may include computerised processes which profile you, as well as statistical, trend and market research in relation to our products and/or services to better understand, predict and forecast our customer’s or prospective customer’s preferences and behaviour and to develop and improve the products and services we offer.  Where we do carry out market research we may communicate with you by post, e-mail, SMS and/or telephone to ask you to participate, unless you have told us you do not want us to.  If you do not want us to contact you in relation to market research, you may ask us to stop contacting you at any time.  Please refer to section 4 of this notice for contact details.
  • communicating with you about our similar products and services. Please refer to section 4 of this notice for further information
  • using information collected from databases we use together with the personal information you give us, to help us to improve and develop our internal databases and systems (such as those used for assessing the risks we insure and communicating with you) in order to improve the products and services we offer.
  • we may anonymise and combine the information you have given us to understand more about you, create new products and services as well as helping us with our marketing.
  • recording and monitoring calls for training purposes, using speech and text analytics software, to improve the quality of our service, to help us deal with queries or complaints from you, to prevent and detect fraud and financial crime and to protect our mutual interests. We may also use CCTV recording equipment in and around our premises for monitoring and security purposes.
  • to support the remote training of staff, the use of audio and video communication tools provided by a third parties are used
  • testing using personal data may occur in rare circumstances but only where there is a justification to do so. We will always ensure adequate and effective measures are in place to securely protect your data during any periods of testing

Where you have given us your permission, such as:

  • using personal or special categories of personal information about a child in order to provide you with a quote related to travel insurance or fulfil the services outlined in your policy documents, such as handling a claim.
  • where an individual does not have a contractual relationship with us but has given us their permission to process their personal information (for example as a witness to an accident).  Please refer to our Third Party Privacy Notice on our website.

For details about how we use your personal information to communicate our similar products and/or services, your use of our websites and email communications, please refer to section 4 of this notice.

We may share your personal information with third parties in order to carry out the activities detailed in section 3b) above. For further details about who we might share your personal information with, please refer to section 5 of this notice.

4. How we communicate with you about our similar products and services and information about your use of our websites

We may contact you, in order to communicate products and/or services which we believe may be of interest to you and which relate to your general insurance needs. We may do this by post, email, SMS, telephone and/or digital methods such as social media and online advertising, unless you have told us you do not want us to. 

When you get a quote and/or buy a policy from us, we will tell you how we intend to communicate our other products and services to you and give you the option to opt out of all or specific communication channels. We will also always provide an option to opt out within each marketing communication we send. You cannot opt out of receiving service communications such as policy or renewals communications.

Alternatively, you may ask us to stop contacting you about our products and services at any time by:

  • email – thedpo@ageas.co.uk
  • post – Ageas House, Hampshire Corporate Park, Templars Way, Eastleigh, Hampshire, SO53 3YA

Where you no longer hold a policy with us or we have previously provided you with a quotation, we will keep you informed about our products and services for a period of up to 5 years from the date you last obtained the quotation or your policy lapsed.

Our carefully selected business partners may use your personal information to only make our promotional offers available to you and manage those offers on our behalf.

We may develop and enhance the information we hold about you with the aim of improving the products and services we offer.  We may share your personal information with carefully selected third party databases which, when combined with the personal information you have given us, helps us to target and tailor both our marketing communications and website content to make them more timely, relevant and personalised to you.  For further information about the third party databases we use, please contact the Data Protection Officer using the details set out in section 1 of this notice.

We may also contact you if you fail to complete an online quotation to see if we can offer you any help with this.

There may be times where you have provided your consent to receive information about the products and services we offer, such as:

  • if you have bought your insurance product via an alternative third party platform (or channel) such as Amazon and where that third party is the Data Controller and has determined that your consent is required for us to contact you;
  • where the product or service is not similar to those that we currently provide to you but we believe you may be interested in it.

Use of your personal information when using our websites and email communications:

When you visit one of our websites we may collect information from you such as, your email address, IP address and other online identifiers. This helps us to track unique visits and monitor patterns of customer website traffic, such as who visits and why they visit. We use third parties to collate IP addresses to help us understand our Internet traffic data and data regarding your browser type and computer.  We also record activity on our websites such as mouse movement and clicks, page scrolling and text keyed into website forms. The information recorded does not include bank details or other sensitive personal information and is only used internally to help us to improve the usability of our websites

We may use cookies and/or pixel tags on some pages of our website. A cookie is a small text file sent to your computer. A pixel tag is an invisible tag placed on certain pages of our website but not on your computer. Pixel tags usually work together with cookies to assist us to provide you with a more tailored service. We also use cookies and pixel tags in our email communication to personalise the email and track whether the email has been opened and whether the recipient has used any website links contained in the email communication. This allows us to monitor and improve our email communications and website. Useful information about cookies, including how to remove them, can be found at: http://allaboutcookies.org.

Internet browsers normally accept cookies by default, although it is possible to set a browser to reject cookies. We will ask your permission before using any cookie that is not essential to the email or the use of the website. However, refusing to accept cookies may restrict your use of our website and/or delay or affect the way in which our website operates. Further information is set out in our Cookie Policy http://www.rias.co.uk/privacy-and-cookies/.

The open nature of the internet is such that data may flow over networks without security measures, and may be accessed and used by people other than those for whom the data is intended. Whilst this is outside of our control, we do take the protection of your information very seriously and aim to apply appropriate levels of security at all times.

5. Who might we share your information with?

We may share your personal information with:

  • other companies or brands within Ageas UK, namely Ageas Insurance Limited, Ageas Retail Limited, Ageas Services (UK) Limited and Ageas Law LLP. For example, your personal information may be shared for our general business administration, for analysis or insight of past polices sold and to improve or acquire future sales, or where we are unable to provide you with an insurance product, we will check whether they have an insurance product which may suit your needs or for efficiency and accuracy purposes.
  • other insurers, reinsurers, business partners, agents or carefully selected third parties providing a service to us or on our behalf, such as: processing our mail, assisting with our marketing activity in order to help improve our pricing for customers, providing IT systems and administrative services, claims handling services (which may include using providers outside of the UK, for example, for the purposes of dealing with your claim or repatriating you), providing a reward scheme for customers and the development and improvement of our internal databases.
  • organisations that have a specific role laid out in law such as statutory bodies, regulatory authorities and other authorised bodies.
  • other organisations where we have a duty to or are permitted to disclose your personal information by law (e.g. if we received a valid request from the police or other third party organisation in the interest of preventing and detecting crime).
  • other companies where we provide insurance services in partnership with them.
  • fraud prevention agencies and operators of registers available to the insurance industry to check information and prevent fraud. This is outlined in more detail under section 3 of this Privacy Notice.
  • credit reference agencies to check your credit history and to help us to confirm your identity and whether or not you are a reliable borrower. This ‘general’ check for insurance quotation purposes will be recorded on your credit reference file without affecting your ability to apply for credit or other financial products – this is referred to as a ‘soft’ footprint or ‘soft’ credit check.

Where we are able to make an offer of credit, such as paying for your insurance by instalments or by Direct Debit, we will use credit reference agencies (CRA) as part of our Regulatory obligation to assess your ability to repay the credit being offered, and to ensure we don’t lend to you in manner which may not be affordable to you.  The CRA will send us certain information about your financial history so that we can make that assessment of whether or not you will be able to make repayments towards your insurance premium finance as they fall due.  When you agree to take the credit offered, we will perform those additional checks and a ‘hard’ footprint will be left on your personal credit file (or credit report), and those footprints can be seen by you and other lenders when they search against your credit file. 

** It is important to note, that where an application for credit is performed with a CRA, and a hard footprint is made, this might negatively affect your credit score and your ability to get credit in the future.  A ‘soft’ search will not have the same affect

Where you have chosen to take the credit offered by us (i.e. a credit agreement), then certain information about you and that credit agreement is shared with the CRA including any missed payments.  If we can’t offer you credit to pay for your insurance, then any decision not to lend will not be shared with the CRA.  We will continue to exchange your information with the CRA where for example a payment has been missed or a debt hasn’t been fully

paid on time.  The CRA that we use for this type of search is TransUnion, and they offer some helpful guidance about your credit information which you can find by following this link or visiting their website - Understanding your credit information and how lenders use it’

For more information about how the three main credit reference agencies in the UK use and share personal data, please refer to The Credit Reference Agency Information Notice (CRAIN), which may be found on the credit reference agencies’ websites:

  • transunion.co.uk/crain
  • equifax.co.uk/crain
  • experian.co.uk/crain
  • third parties where you have provided permission, or have agreed to benefit from an offer or service e.g. reward scheme. Where this occurs we will receive personal information from the third party to validate that you are a policy  
  • third parties we use to recover money you may owe us or to whom we may sell your debt.
  • other insurers, insurance brokers or intermediaries to whom we may decide to sell or migrate any specific insurance policies or book of business. Before any migration, we will contact you to give you the opportunity to object. Certain information that may include personal data may be shared with the third party before migration to allow for necessary due diligence and analysis. We will always ensure that only the minimum amount of data is shared for limited purposes and appropriate safeguards are in place. If you decide not to migrate and we have already shared your data, we will ensure this is appropriately deleted by the third party.
  • another company, if our business or part of it is bought or taken over by that company to ensure your insurance policy can continue to be serviced or as part of preliminary discussions with that company about a possible sale or take over.
  • other companies when we are trialling their products and services which we consider may improve our services to you or our business processes.
  • other third parties if you have given us your permission to do so or there is sufficient reason to believe they are acting on your behalf.
  • On occasions we may share limited personal details with other third parties, such as price comparison websites.  This would be to provide actionable insight, but we will only do this where we have a legitimate basis to do so.

Unless required by law, we would never share your personal data without the appropriate and necessary care and safeguards being in place.  Please contact the Data Protection Officer using the details set out in section 1 of this notice should you require further details about with whom we may share your personal information.

6. How long will we keep your information?

We will keep your personal information only for as long as is reasonably necessary for the purposes set out in this Privacy Notice (for example, processing claims and for marketing purposes) and to fulfil our legal, regulatory, tax and accounting obligations.  We retain personal information for between 3 and 7 years after the expiry of your policy or, where you have requested a quotation, we retain you information for a period of 5 years, in order to respond to any dissatisfaction that may be raised at a later date.  In relation to personal information concerning claims, we retain data for between 10 and 60 years depending upon the nature of the claim.  The exact time periods will depend on the nature of the personal information and what we do with it.   

Should you require further information about how long we will keep your information, please contact the Data Protection Officer using the contact details outlined in section 1 of this notice.

7. Use and storage of your information overseas

The personal information we and our carefully selected third parties collect from you may be transferred to, stored and processed outside the UK. For example:

  • we may need to send/receive your personal information in relation to travel or motor claims where you have travelled outside of the UK in accordance with your policy cover.
  • we or our third parties may process your personal information outside of the UK where our or their operations or systems are based.

We or our service providers may use cloud based computer systems (i.e. network of remote servers hosted on the internet which process and store your information) to which foreign law enforcement agencies may have the power to require access. We will not transfer your information outside the UK unless it was to a country the UK Government has assessed as having adequate data protection laws, or we had taken all reasonable steps to ensure the firm has the necessary privacy and security controls in place to protect your information as if it were in the UK. We will endeavour to ensure that our contracts with these firms will detail the necessary requirements to ensure your information is protected. We will assess these firms’ security arrangements from time to time ensuring that they are only using your information as agreed. Should you wish to obtain further information about the safeguards we have in place, please contact the Data Protection Officer whose contact details are outlined in section 1 of this notice.

8. How will we deal with others acting on your behalf?

To help manage your insurance policy we will deal with individuals you nominate, including third parties we reasonably believe to be acting on your behalf provided they are able to answer our security questions. However, for your protection, we will need to speak to either you directly, your legal representative, your named driver, someone you have nominated and given us permission to discuss your personal details with, or your Power of Attorney, should you need to make changes to your contact address or policy coverage, to make a claim or cancel the policy. We will also speak with your named driver in the event of a claim being made on your policy by them, but we will contact you by SMS and email/letter to notify you of this.

9. Your rights

You have a number of rights concerning the personal information we use, these include the right to:

  • object to the processing of your personal information for the justifiable reasons detailed in section 3b). Please note that should you wish us to stop using your personal information for processing a claim or sending a renewal invitation, we will no longer be able to provide you with an insurance product or service.
  • ask for access to and a copy of your personal information.
  • ask us to correct your personal information.
  • ask us to delete your personal information. Please be aware that there may be certain circumstances where we may not be able to do this, for example, where the processing of your personal information is necessary for us to comply with a legal obligation.
  • ask us to restrict the use of your personal information at any time, except where we have a justifiable reason to use it.
  • ask us to move, copy or transfer your personal information to a third party (known as ‘data portability’).
  • where you have previously given us your permission to use your personal information for marketing purposes, withdraw that permission. Where your permission is withdrawn, your previous consent will remain valid in respect of our use of your information prior to the date you withdrew it, or if any marketing material has been sent prior to you advising that you do not wish us to contact you again.
  • complain to the Information Commissioner’s Office at any time if you object to the way we use your personal information or if you believe we have breached the requirements of the General Data Protection Regulations. For more information please go to ico.org.uk.
  • object to an automated decision including For details about the profiling activity we undertake, please refer to section 3 of this notice.

To make a request as detailed above, please use the link below to complete our form:

Individual Rights Form

You can also make a request when speaking with us on the phone or via email as well.

Please note that in some cases even when you make a request concerning your personal information, we may not be required, or may not be able, to honour it as this may result in us not being able to fulfil our legal and regulatory obligations or there is a minimum statutory period of time for which we have to keep your information.  If this is the case then we will let you know our reasons.

10. Privacy Notice Updates

We may update this Privacy Notice from time to time without prior notice. We therefore encourage you to periodically review this Privacy Notice to ensure you understand how we will collect, use and retain your data.

View our Travel Privacy Notice

Version 7.3
Last updated 16.08.24