STRIDE INSURANCE GROUP PRIVACY STATEMENT wef 25.5.18

Click here to download this Privacy Statement as a PDF

BACKGROUND:

Stride Insurance Group understands that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of all of our customers and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the law.

  1. Information About Us
  • Stride Limited t/a Stride Insurance Group
  • Limited company registered in England, company number 1122247.
  • Main trading address: Birch House, Parklands Business Park, Forest Road, Waterlooville, Hampshire PO7 6XP
  • Registered address: 3 Acorn Business Centre, Northarbour Road, Portsmouth, Hampshire PO6 3TH
  • Email address: info@stride-group.co.uk
  • Telephone number: 023 9224 8790
  • Stride Limited is authorised and regulated by the Financial Conduct Authority, reference number 304823.
  1. What Does This Notice Cover?

This Privacy Information explains how we use your personal data: how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.

  1. What is Personal Data?

Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier’.

Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.

The personal data that we use is set out in Part 5, below.

  1. What Are My Rights?

Under the GDPR, you have the following rights, which we will always work to uphold:

  1. The right to be informed about our collection and use of your personal data. This Privacy Notice should tell you everything you need to know, but you can always contact us to find out more or to ask any questions using the details in Part 11.
  2. The right to access the personal data we hold about you. Part 10 will tell you how to do this.
  3. The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Part 11 to find out more.
  4. The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we Please contact us using the details in Part 11 to find out more.
  5. The right to restrict (i.e. prevent) the processing of your personal data.
  6. The right to object to us using your personal data for a particular purpose or purposes.
  7. The right to data portability. This means that, if you have provided personal data to us directly, we am using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
  8. Rights relating to automated decision-making and profiling. Part 6 explains more about how we use your personal data, including automated decision-making and profiling

You may make a Subject Access Request (SAR) to exercise any of the above rights by completing the SAR form online here: https://tinyurl.com/sig-sar

For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 11.

Further information about your rights can also be obtained from the Information Commissioner’s Office website https://ico.org.uk or your local Citizens Advice Bureau.

If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Information Commissioner’s Office.

  1. What Personal Data Do You Collect?

we may collect some or all of the following personal data (this may vary according to your relationship with us, the insurance products you have applied for and the circumstances of any claim you make or have made in the past):

  • General personal information such as your name, your date of birth, your gender, your occupation and relationship to the applicant or policyholder
  • Your address, risk address (where different) and UK residency status;
  • Contact details such as your email address and telephone number(s);
  • Ownership and occupation details of your home or other property such as let or commercial property (where applicable);
  • Details of tenants and joint applicants (where applicable);
  • Your property details (e.g. the buildings and/or contents where applicable);
  • Details of the nature and size of your business, your stock and the associated risks, etc. (where applicable)
  • Vehicle ownership, driving licence and driving history (where applicable, for example for fleet policies);
  • Information relevant to any claim or complaint you may make;
  • Financial information such as your bank details, payment details and information obtained as a result of our credit checks. This may include details of any bankruptcy orders, individual voluntary arrangements or county court judgments.
  • Information we obtain as a result of checking sanctions lists.
  • Other data obtained during recorded telephone conversations (all our calls are recorded)
  • Information such as your IP address and browsing history obtained through our use of cookies. You can find more information about this in our cookies policy which can be found here: http://www.stride-group.co.uk/cookies-policy/ 
  1. How Do You Use My Personal Data?

Under the GDPR, we must always have a lawful basis for using personal data. This may be because the data is necessary for our performance of a contract with you, because you have consented to our use of your personal data, or because it is in our legitimate business interests to use it, for preventing and investigating fraud or to comply with our own legal and regulatory obligations.

Your personal data may be used for one or more of the following purposes:

  • Arranging your insurance – your personal details are required in order for us to enter into and fulfil a contract with you
  • Verifying your identity and creditworthiness (for example, to prevent fraud)
  • Where we have a legal or regulatory obligation to use your personal information (for example for tax and accounting purposes)
  • Where we have an legitimate business need to use your personal information (for example, for maintaining our business records, training, quality assurance, product development or analysis of the performance of an insurance scheme)
  • Providing your insurance documentation and managing your account (e.g. at renewal)
  • Communicating with you with regards to your quotations and/or policies (e.g. by email, post, telephone, fax, SMS and social media)
  • Personalising and tailoring our products and services to you.
  • To invite you to review or participate in surveys regarding our services
  • With your permission and/or where permitted by law, we may also use your personal data for marketing purposes, which may include contacting you by email and/or telephone and/or post with information, news, and offers on our insurance products and related services. You will not be sent any unlawful marketing or spam and we will always work to fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003. You will always have the opportunity to opt-out by:
  1. Clicking the unsubscribe link provided in the footer of every marketing email or
  1. Writing to:
    Jonathan Walker, Marketing Director
    Stride Insurance Group
    Birch House, Parklands Business Park
    Forest Road
    Waterlooville
    Hampshire
    PO7 6XP

we make decisions using automated means where such decisions are necessary in relation to your insurance policy. The automated process will use the information that you provide us (for example, details of the vehicle that you wish to insure, your driving record and claims history), as well as other related information such the frequency of claims for drivers with a similar occupation, to determine whether your application for insurance can be accepted and the level of premium payable.

we will not make automated decisions using your sensitive personal information without first asking for your consent.

If you have been subject to an automated decision and do not agree with the outcome, you can contact us using the details set out in Part 11.

we may also, when appropriate and where we have a lawful basis to market to you, use automated profiling to determine the content, frequency and delivery method of marketing material sent to you.

  1. How Long Will You Keep My Personal Data?

we will not keep your personal data for any longer than it is reasonably necessary in the context of the reason(s) for which it was first collected.

Unless we are performing a contract with you, your personal data will typically be kept for:

  • 13 months after an insurance quotation not taken up or
  • 25 months after the expiry of an insurance policy or
  • For longer if we are required to keep certain information in order to comply with our legal and regulatory obligations or
  • For longer if we are required to keep certain information in order to fulfil an insurance claim, settle a dispute, resolve a complaint or investigate fraud

If you would like further information regarding the periods for which your personal information will be stored, please contact us using the details in Part 11.

  1. How and Where Do You Store or Transfer My Personal Data?

The security of your personal data is essential to us, and to protect your data, we take a number of important technical and organisational measures, including the following:

  • Data encryption, password protection, system access controls
  • Anti-virus & malware scanning and system “hardening” measures e.g. firewalls
  • Regular system maintenance (i.e. security patches and updates)
  • Physical security measures
  • Staff data security training, privacy and cyber-crime awareness
  • Secure data back-ups and disaster recovery planning

We have been awarded the Cyber Essentials accreditation https://www.cyberessentials.ncsc.gov.uk/

we will only store or transfer your personal data within the EU member states. This means that your personal data will be fully protected by law.

  1. Do You Share My Personal Data?

we may share your personal information with third parties where relevant for the purposes explained in Part 6 (such as the provision of an insurance quotation or the fulfilment of an insurance policy). We will keep your personal information secure and confidential and only share it where necessary with:

our insurance and reinsurance partners such as brokers, other (re)insurers or other companies who act as (re)insurance distributors;

other third parties who assist in the administration of your insurance policy or claim, such as loss adjusters, claims handlers, accountants, auditors, banks, lawyers and other experts including medical experts;

companies who provide you with certain services such as home emergency cover and legal expenses cover;

our regulators;

fraud detection agencies and other third parties who operate and maintain fraud detection registers (including the Motor Insurance Database) or undertake investigations in cases of suspected insurance fraud;

the police and other third parties (such as banks or other insurance companies) where reasonably necessary for the prevention or detection of crime;

other insurers who provide our own insurance;

credit referencing agencies and third parties who carry out sanctions checks on our behalf;

our third-party service providers, such as IT suppliers and auditors

third parties who handle our direct marketing on our behalf (this includes, for example, inclusion or suppression of your personal information from our contact lists, sending marketing communications, and analysis of responses to our marketing communications);

third parties in connection with any sale, transfer or disposal of our business;

where necessary, courts and other alternative dispute resolution providers (such as arbitrators, mediators and the Financial Ombudsman Service).

If you would like further information regarding the disclosures of your personal information, please contact us using the details in Part 11.

If any of your personal data is required by a third party, as described above, we will take steps to ensure that your personal data is handled safely, securely, and in accordance with your rights, our obligations, and the third party’s obligations under the law, as described above in Part 8.

  1. How Can I Access My Personal Data?

Under EU data protection law you have certain rights in relation to the personal information that we hold about you, including the right of access to your data. You may exercise these rights at any time by completing this form: https://tinyurl.com/sig-sar

which is the easiest way to tell us everything we need to know to respond to your request as quickly as possible. Alternatively you may contact us using the details in Part 11.

In some cases we may not be able to comply with your request (for example, where there is an ongoing contract between us, an outstanding claim or a conflict with our own obligations to comply with other legal or regulatory requirements). However, we will always respond to any request you make and if we can’t comply with your request, we will tell you why;

we will respond to your subject access request within 40 calendar days of receiving it.. Normally, we aim to provide a complete response within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. If this is the case, you will be kept fully informed of our progress.

There is not normally any charge for a subject access request. If your request is ‘manifestly unfounded or excessive’ (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs to respond.

  1. How Do I Contact You?

To contact us about anything to do with your personal data and data protection, including to make a subject access request, please visit click here:
https://tinyurl.com/sig-sar

or contact:

Dilys Gale, Compliance and Audit Manager
Stride Insurance Group
Birch House, Parklands Business Park
Forest Road
Waterlooville
Hampshire
PO7 6XP

Email address: dilys.gale@stride-group.co.uk

Telephone number: 023 9224 8746

  1. Changes to this Privacy Notice

we may change this Privacy Notice from time to time. This may be necessary, for example, if the law changes, or if we change our business in a way that affects personal data protection. Any changes will be made available on the Stride Group website: http://www.stride-group.co.uk/privacy/

Click here to download this Privacy Statement as a PDF

 Document ref: Stride Group GDPR PS v1 wef 25.05.18