Car Insurance privacy and security
- Collecting Information
- How your information will be used
- Fraud prevention and detection notice
- Device Reputation Service
- How to opt out of receiving marketing messages
This Privacy Statement will help you understand how we (the esure group of companies) collect, use and protect your personal information when you interact with us. You should also show this notice to anyone else who may be insured to drive under your policy or is financially associated to you. You acknowledge that by providing your personal information to us, you consent to its processing in accordance with this Privacy Statement. We are unable to offer you insurance unless you provide explicit consent for the collection and use of your data including sensitive data as defined in the Data Protection Act 1998.
We will collect your personal information when:
You ask for a quote
You purchase our products and services
You make customer enquiries
You register for information or other services
You register a claim
You respond to communications or surveys
When providing information about others who may be insured you confirm that you have the consent of these individuals to supply their personal information.
The type of information we may collect could include:
Name and address, date of birth and gender
Telephone numbers and email address
Credit/ debit card details
Lifestyle and other information
We may also collect information defined as "sensitive data" within the Data Protection Act 1998. This includes:
- Medical history
We may also monitor or record calls, emails, text messages or other communications in accordance with UK law, and in particular for:
- Business purposes such as quality control and training
- Processing necessary for entering into or performance of a contract
- Prevention of unauthorised use of our telecommunication systems and websites
- Ensuring effective systems operation
- Meeting any legal obligation
- Protecting your vital interests
- Prevention or detection of crime
- For our other legitimate interests
All personal information will be held in confidence and used only for the purposes for which we collect it.
How your information will be used
Please take time to read the following as it contains important information relating to the details you have given or should give to us. You should show this notice to anyone insured under your policy, or anyone else whose data has been supplied to us in connection with your policy (including anyone who may pay your premiums on your behalf, or anyone who is financially associated with you).
We, certain third parties and our agents worldwide will hold and use information we have collected for:
- Processing your quote and subsequent renewal
- Administering your policy including claims handling
- Fraud prevention and detection
- Credit scoring or other automated decision-making systems
- Administering debt recoveries
- Fact checking (including identity and address verification)
- Undertaking market research and statistical analysis
- Keeping you informed about promotions and new developments by e-mail, telephone or post
- The delivery of the products and services bought by you. For example, we may disclose personal information to a credit card company to validate credit card details and obtain payment. It may also be necessary for us to pass your information to the organisation from whom you have bought any products and service such as breakdown cover
- The development of our relationship with you
- Analysing information about you including your searching and browsing data on a personalised or aggregated basis
We and other esure group companies may also use your information to keep you informed by post, email, phone or SMS (text message) of other products and services we believe may interest you. If you do not want your personal information used this way please email DPO_Opt_Out@esure.com or write to the Data Protection Officer, esure, The Observatory, Reigate RH2 0SG who will ensure that your information is not used for these purposes. Please include your full name, address, date of birth and policy number (if you have one). If you choose to contact us by e-mail, please note we are unable to accept any liability for data which is lost/abused in transit to us.
In the event that we undergo reorganisation, transfer the business to a third party or are sold you agree that any personal information we hold about you may be transferred to that re-organised entity or third party.
Any payments or refunds will be made to the account / card which was used to make the latest payment. By providing the account or card details you and / or the account / card holder consent to us doing this.
We make searches about you and anyone financially associated with you at credit reference agencies and with other databases which will provide us with information including the Electoral Register credit information and information relating to your vehicle. The agencies may record details of the search whether or not your application proceeds.
We, or parties on our behalf may run searches to verify the identity of you, any named drivers and those financially associated with you, assess your application and to administer your quotation and policy. Credit searches and other information which is collected by or on behalf of us about you, any named drivers and those with whom you are linked financially may also be used for debt tracing and the prevention of financial crime as well as the administration of your policy, including any claims.
We may pass Aggregated Data to third parties, such as advertisers, content providers and business partners or prospective business partners, to give them a better understanding of our business and to bring you a better service, products or user experience.
- Aggregating information about you and your use of the website with information about other users of the website in order to identify trends
- Aggregated data will not contain information from which you may be personally identified
We will treat your personal information as private and confidential. We would like to bring to your attention our obligations to disclose information in the following four exceptional cases permitted by law, and the other situations set out below. These are:-
- Where we are legally compelled to do so
- Where there is a duty to the public to disclose
- Where the disclosure is required to protect our interest
- Where disclosure is made at your request or with your consent
Also from time to time we will employ agents and subcontractors to process your personal information on our behalf. The same duty of confidentiality and security will apply to them and all processing will be carried out under our instruction. If you make a complaint about the service we have provided we may be obliged to forward details about your complaint to the relevant ombudsman. In the unfortunate event that you have to make a claim then we will need to disclose that information with any other party involved in that claim. This may include:
- Third parties involved with the claim, their insurer, solicitor or representative
- Medical teams, the police or other investigators
If necessary we may also have to investigate your claims and convictions history in the course of administering your claim. You can be assured that we will keep such investigations strictly confidential.
Insurers pass information to the Claims and Underwriting Exchange (CUE) register and the Motor Insurance Anti-Fraud and Theft Register (MIAFTR) both managed by the Motor Insurers’ Bureau (MIB). This helps insurers check information and prevent fraudulent claims. When we deal with your request for insurance we may search these registers. Under the conditions of your policy you must tell us about any incident (such as an accident or theft) which may give rise to a claim. When you tell us about an incident we will pass the information to the Registers.
Your policy details will be added to the Motor Insurance Database (MID) run by the Motor Insurers' Bureau (MIB). MID data may be used by the DVLA and the DVLNI for Electronic Vehicle Licensing and by the Police for establishing whether a driver's use of a vehicle is likely to be covered by a motor insurance policy and/or for preventing and detecting crime. If you are involved in an accident (in the UK or abroad) other UK insurers and the MIB may search the MID to obtain policy information. Persons pursuing a claim in respect of a road traffic accident (including citizens of another country) may also obtain information which is held on the MID. Find out more at www.mib.org.uk.
Fraud prevention and detection notice
In order to prevent and detect fraud insurers may at any time share information about you and anyone insured, or who has paid for the policy, with fraud prevention databases and public bodies including the Police and the DVLA.
If false or inaccurate information is provided and fraud is identified details will be passed to fraud detection agencies. Law enforcement agencies may access and use this information. We and other organisations may also access and use this information to prevent fraud and money laundering, for example when:
- Checking details on and making decisions about applications for credit and credit related services.
- Recovering debt
- Checking details on proposals
- Checking details of job applicants and employees
- Tracing debtors and beneficiaries and to manage your account or insurance policy
Please write to the Data Protection Officer, Sheilas' Wheels, The Observatory, Reigate, Surrey, RH2 0SG if you want to receive details of the relevant fraud prevention agencies.
We and other organisations may access and use, from other countries, the information recorded by fraud prevention agencies.
Device Reputation Service
To protect both you and us, we use services provided by a third-party to help decide whether to accept transactions from personal computers, mobile phones, or other devices that visit our website. The third-party service checks whether these devices have been identified with fraudulent or abusive transactions in the past, such as reported instances of identity theft, account takeovers, or malware attacks. For this purpose, a cookie file or flash storage token may be placed on your device to identify it in the future when you visit our website. On connection with our site, we will transmit that device identification code to the third-party’s server, along with data concerning certain technical attributes of your device such as the model, operating system, and browser version, as well as the IP address, all of which are used to confirm device identification. The third-party’s server responds with a code recommending that transactions be accepted, denied, or reviewed, according to settings we have selected. We also report to the third-party if we conclude that a device has been used in connection with a fraudulent or abusive transaction with us. If you set your browser or device to reject these cookies or tokens, you may not be able to conclude some transactions through our website. We share with the third-party referenced above only information about the device you are using, which may also have been used or appropriated by others, and do not identify you or reveal the details of your transaction to that third-party. If your requested transaction is declined, or if you have questions about our use of this “device reputation” service, please contact our Fraud Team via email FinancialCrimeInsight@esure.com.
How to opt out of receiving marketing messages
If you want to opt out of receiving marketing messages please email DPO_Opt_Out@esure.com or write to the Data Protection Officer. esure, The Observatory, Reigate RH2 0SG who will ensure that your information is not used for these purposes. Please include your full name, address, date of birth and policy number (if you have one). If you choose to contact us by e-mail, please note we are unable to accept any liability for data which is lost/abused in transit to us.