Privacy Policy

Cover-More Insurance Services Limited Privacy Policy

Cover-More Insurance Services Limited and its associated companies (‘we’ or ‘us’ or ‘our’) are committed to protecting your privacy and personal information at all times and ensure that all Personal Data processed by us is done in compliance with the relevant data protection legislation. Cover-More Insurance Services Limited is a company registered in England. Our registered address is Parkview, 82 Oxford Road, Uxbridge, UB8 1UK and registration number is 03088762.

When we talk about Cover-More UK in this notice we are talking about Cover-More Insurance Services Limited and any company brand, business name or domain within the Cover-More Group to which this policy will apply. Cover-More Insurance Services Limited whose sole shareholder is Cover-More Australia PTY Ltd (Registered in Australia ACN 091 977 721), is ultimately owned by Zurich Insurance Group AG (CN CHE 101.236.480). This notice provides you with the necessary information regarding your rights and our obligations, and explains how, why and when we process your Personal Data.

Unless otherwise stated, Cover-More Insurance Services are the Data Controller of your Personal Data for all purposes outlined in this policy. If you have any queries regarding this notice you can contact us at dataprotection.uk@covermore.com.

As an insurance intermediary we sell and administer the insurance policy on behalf of the Underwriter/Insurer and/or their handling agent (Insurance Provider). Where you have purchased an insurance product through us, the Insurance Provider of your chosen product/service also becomes the Data Controller of your Personal Data for the purposes outlined in their privacy policy. You will find further information on the Insurance Provider’s Privacy Policy within your policy document and also on their website.

It is important that you read this Policy and show it to anyone else who is insured under your policy of insurance or that you have provided information on, as it also applies to them.

In circumstances where you provide Personal Data including Special Categories of Personal Data or sensitive data relating to persons other than you who are or will be insured under your policy of insurance, you are confirming that you have obtained the consent of such other persons to the processing of their Personal Data and Special Categories of Personal Data for the purposes set out in this Policy.

Data Protection Definitions

Personal Data means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Special Categories of Personal Data includes information revealing a person's racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

Data Controller means the entity which, by itself or jointly with others, determines the purposes and means of processing Personal Data.

Information That We Collect

As an Insurance Intermediary we need to collect many categories of Personal Data (about you and other insured persons) for the purposes set out in this notice. Personal data means any information from which that person can be identified. The types of data we collect will depend on the product or service you are using. While subject to change over time the following list provides an indicative list of the different types of data we may collect from you:

Individual Details:	Name, address, age, date of birth, email address, contact number, gender, marital status and bank account details or credit/debit card details
Policy Data:	Individual details, Vehicle details, details of any previous claims and claims occurring during the term of a policy arranged by us.
Special Categories of Personal Data:	Including information about your health such as pre-existing medical conditions as required under the terms of the policy being purchased.

We may collect your Personal Data from a number of different sources such as but not limited to:

You, joint policy holder(s), any representative nominated by you to act on your behalf such as a family member or legal representative, your insurance company, Anti-fraud databases, sanctions lists, court judgements and other databases, other insurance market participants, law enforcement agencies such as The Police & Criminal Assets Bureau, publicly available information including social media websites, electoral register, online content, TV, radio, and other media content, your device when you access and use our website. In the event of a claim, third parties including the other party to the claim (claimant / defendant), witnesses, experts (including medical experts), loss adjustors, solicitors, insurers and claims handlers.

We may use your Personal Data to identify you as a customer, for the provision and administration of insurance products and related services. We may also use your information for marketing purposes where you have given us your consent to do so. Should you be unable to provide us with the required Personal Data, we will be unable to provide you with insurance. By going ahead with a quotation or policy or by giving us Personal Data you will be explicitly agreeing to us, the Underwriter/Insurer and other persons described in this notice processing it for all relevant purposes.

If you give us information about someone else, we will use it in the ways described in this Privacy Policy. Before you disclose information to us about another person, you should be sure that you have their agreement to do so. You should also show them this policy. You need to ensure they confirm that they know you are sharing their Personal Data with us for the purposes described in this Privacy Policy.

Phone calls may be recorded for quality and training purposes (including verification).

How We Use Your Personal Data

The main purposes for which we use your Personal Data is to provide a quote, verify the accuracy of the information we receive, setup, administer and manage your policy along with for market research, analytics and if you consent marketing purposes. We take your privacy very seriously and will never disclose, share or sell your Personal Data without your consent, unless required to do so by law or due to contractual obligations. Where you have consented to us providing you with promotional offers and marketing, you are free to withdraw this consent at any time.

We use and share your data as detailed below:

We may use your Personal Data as necessary in relation to providing you with an insurance quotation, and/or the purchase of an insurance product including the provision of your renewal notice, expiry notice and anything else considered as important information regarding your insurance policy.
We may use your health data to enable us to ensure the cover we provide meets your needs.
We may use your Personal Data to communicate with you, including some or all of the following:
- Contact you via email to provide details of the quote you have received.
- Contact you via email to remind you if you received a quote but did not complete your purchase.
- Contact you by SMS and/or telephone (including mobile) regarding the quotation you have received on our website. This is a standard part of our service which enables us to follow up on the service provided, to correct inaccurate information provided during the quote process online and/or to answer any queries you may have.
- Contact you via SMS to provide details of Important telephone numbers and/or to advise of the expiry of your insurance policy
- Contact you via SMS to remind you of the automatic renewal of your insurance policy (if applicable)
- Contact you via telephone (including mobile) prior to the expiry of your policy to discuss your renewal notice.
- Contact you via email inviting you to provide a public review of our service on a third-party website.
- Contact you via email inviting you to take part in a survey or provide a review.
We may use your Personal Data for the purpose of market research, customer satisfaction surveys, and data analytics, including profiling, to develop and enhance the customer relationship and journey as part of our business strategy,
We may use your Personal Data to contact you via email, SMS or telephone (including mobile) If you have consented to us using your Personal Data for the purpose of marketing and providing you with promotional offers, discounts and information about any products or services we offer (you are free to withdraw this consent at any time).
We may also use your Personal Data to contact you by email, SMS or telephone (including mobile) to provide you with a quotation and/or loyalty discount for a specific product if you agreed and provided us with your insurance renewal month for that product at the time of using one of our services (you are free to withdraw this consent at any time).

We may share your Personal Data with the following:

Companies within the Cover-More Group and, if necessary, companies within the wider Zurich Insurance Group as part of our ultimate parent company.
Government, Statutory and Regulatory Bodies, such as Information Commissioner’s, HMRC, the Financial Conduct Authority and the Financial Ombudsman Service
Law Enforcement Agencies such as The Police & the National Crime Agency
We may share your Personal Data with or seek Personal Data from your comparison company (if applicable), travel agent or insurance broker (if applicable), third party agent (if applicable) or anyone authorised by you to act on your behalf
We may share Personal Data with or seek Personal Data from the Underwriter/Insurer and/or their handling agent (Insurance Provider), the claims provider, medical screening company, repairers and other claims handling agents, emergency assistance team, medical practitioners, engineers, and legal practitioners.
We may share your Personal Data with our employees, agents and contractors including companies that provide services in relation to telecommunications and postage, data storage, document production and destruction, IT and IT security, fraud detection, making and receiving payments, data analysis and management information, credit checking, risk analysis, complaints handling, marketing and market research.
We may share your Personal Data with distributors for the purpose of delivering promotional items.
We may share limited Personal Data with external companies to enable you the facility to review our service.
We may share your personal information with any party you have given us permission to speak to or in certain circumstances other people insured under your policy of insurance and other people or companies associated with you
We may share your Personal Data with Banks to assist in the detection and prevention of fraud.

Contacting you

We may contact you about an enquiry you have made or a quotation you have received, regarding the administration of your insurance policy, to tell you about any important changes to your insurance policy, to provide you with renewal terms on an existing policy, to conduct a customer survey on the products and services we provide or to conduct market research, to handle any customer service queries or complaints or where there is another genuine reason for doing so. We may contact you by means of email, SMS, telephone (including mobile) or post.

Marketing Consent

Once you have consented to us contacting you for direct marketing purposes, we may contact you from time to time with promotional/discounted offers and information on insurance products or services from the Cover-More Group, along with information we think may be of interest to you.

We may contact you by means of email, SMS or telephone (including mobile) for direct marketing purposes.

If you change your mind about receiving direct marketing from us, you can opt-out at any stage by contacting us. You also have the option to unsubscribe from a specific product directly from the electronic correspondence you receive from us.

Why we Process Your Personal Data / Lawful Purpose

The following section details the purpose for which we process your Personal Data and the legal basis for which we do this

Purpose/Activity	Legal basis for processing
To provide you with a quote for an insurance product and to provide you with insurance cover if you decide to purchase a product.	Processing is necessary for the performance of a contract and in order to take steps at your request prior to entering into a contract;
Collect your special category health data to perform health screening, to provide you with a quote for an insurance product and/or to manage and assist you with the Insurance Claims process	Explicit Consent. The Data Subject provides their consent for the processing to perform health screening in order to provide an insurance quote and enable you to purchase a policy and to manage and assist you with the Insurance Claims process where necessary.
Processing of health data to ensure the cover we provide meets your needs	Processing is necessary for compliance with a legal obligation to which the controller is subject. Processing is necessary for reasons of substantial public interest, on the basis of UK law which shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject.
To provide a customer service follow up to the quotation provided online	In our legitimate interests or those of a relevant third party in managing our business (to ensure information accuracy, build customer relationship and grow our business)
To verify your identity or the identity of your authorised representative	Processing is necessary for the performance of a contract and in order to take steps at your request prior to entering into a contract; To comply with legal obligations
To respond to your queries and to provide you with the information you request from us in relation to our services.	Processing is necessary for the performance of a contract and in order to take steps at your request prior to entering into a contract; To comply with legal obligations In our legitimate interests or those of a relevant third party (to keep our records updated, build customer relationship and grow our business)
To administer your insurance policy, make any midterm adjustments, answer any queries you may have, provide updates, process a cancellation or process a renewal.	Processing is necessary for the performance of a contract and in order to take steps at your request prior to entering into a contract;
To manage payments, fees and charges in respect of insurance premiums, and to collect and recover money owed to us.	Processing is necessary for the performance of a contract and in order to take steps at your request prior to entering into a contract; In our legitimate interests or those of a relevant third party (to recover debts due to us) To comply with legal obligations
To manage our relationship with you, including notifying you about changes to the services.	Processing is necessary for the performance of a contract and in order to take steps at your request prior to entering into a contract; To comply with legal obligations In our legitimate interests or those of a relevant third party
To manage and assist you with the Insurance Claims process	Processing is necessary for the performance of a contract and in order to take steps at your request prior to entering into a contract;
Recording telephone calls (for quality, training and verification purposes)	In our legitimate interests or those of a relevant third party (for quality, training and verification purposes
To provide you with marketing communication about other services we feel may interest you.	Consent In our legitimate interests or those of a relevant third party (to develop and grow our business)
To carry out statistical analysis including internal or market level research exercises	In our Legitimate interests or those of a relevant third party (to improve our processes, products and services)
To provide you with the opportunity to take part in a customer survey and/or provide a review.	In our Legitimate interests or those of a relevant third party (to improve our processes, products and services)
To allow you to participate in competitions, prize draws and other promotions.	Processing is necessary for the performance of a contract and in order to take steps at your request prior to entering into a contract; In our legitimate interests or those of a relevant third party (to promote and grow our business)
To prevent detect and report fraud, money laundering and other offences. To assist the Police or any other authorised body with investigations.	In our legitimate interests or those of a relevant third party (to protect our business, risk management and security purposes) To comply with legal obligations
To manage and investigate any complaints, feedback and queries	Processing is necessary for the performance of a contract and in order to take steps at your request prior to entering into a contract; To comply with legal obligations In our legitimate interests or those of a relevant third party (to build on customer relationships, improve services and products provided)
To comply with laws, regulations and regulatory requirements	To comply with legal obligations
Transferring books of business, company sales and reorganisations	In our legitimate interests or those of a relevant third party (to structure our business appropriately)
To establish and defend legal rights	Processing is necessary for the performance of a contract and in order to take steps at your request prior to entering into a contract; To comply with legal obligations In our legitimate interests or those of a relevant third party (to protect our business)
To manage our business operations and IT infrastructure	Processing is necessary for the performance of a contract and in order to take steps at your request prior to entering into a contract; To comply with legal obligations In our legitimate interests or those of a relevant third party (to develop, improve and grow our business)
To use data analytics to improve or optimise our websites, marketing, customer relationships and experiences.	In our legitimate interests (to define types of customers for our products and services, to keep our Site and the Services updated and relevant, to develop and grow our business and inform our marketing strategy).

Withdraw Consent / Unsubscribe / Opt-Outs

Where you have provided consent, this can be withdrawn at any time by contacting us or by selecting the unsubscribing option in the specific product email marketing correspondence you receive from us.

Links to Third Party Websites

If we provide a link on any of our websites to a third-party website, the content, accuracy and function of such websites are outside of our control, and we cannot accept responsibility for same. Any dealings you have with such third-party websites shall be on the terms and conditions of that website operator. If you have a concern regarding the way your personal information will be used on other sites, then you are advised to contact the company concerned to request a copy of their privacy policy if not available to you via their website.

Data Subject Rights

The following is a list of your rights in connection with your Personal Data (Personal Information) under Data Protection legislation:

You have the right to request a copy of your personal data that we hold on you
To have any incorrect personal data we hold on you corrected
You have the right to withdraw your consent for the processing of your personal data
You have the right to object to the processing of your personal data
To request to have your personal data erased or the processing of your data restricted
You have the right to data portability for insurance purposes
You also have the right to lodge a complaint with the Data Protection Commissioner

Please note that withdrawing consent and requests for restriction/erasure or objection to the processing of your Personal Data may affect our ability to provide you with insurance. Some of the above rights are subject to limitations in order for us to comply with our regulatory obligations.

The withdrawal of consent will not affect the lawfulness of processing based on the consent before its withdrawal.

If we receive a request from you to exercise any of the above rights, we may ask you to verify your identity before acting on the request; this is to ensure that your Personal Data is protected and kept secure.

Sharing and Disclosing Your Personal Information / Third Party Sharing

We may use third party companies to assist in the provision of the services we provide or the general running of our business, companies such as (but not limited to) Stripe to provide a secure payment facility, Dot Digital for the provision of marketing communication and Genesys for the provision of our telephone, email ticketing and webchat service. We may also use the services of other entities within the Cover-More Group and Zurich Insurance Group to assist with the general operation of our business including but not limited to the provision of website management, marketing and IT services. The third-party companies we use are not limited to those listed above; however, all processors acting on our behalf only process your Personal Data in accordance with instructions from us and comply fully with this privacy notice, the data protection laws and any other appropriate confidentiality and security measures.

Up to date Information

In order for us to keep your information accurate and up to date, please keep us informed if any of your details change. You can contact us using the contact details provided on the website for the specific product you have purchased.

What will happen if we change our privacy policy?

This privacy policy may change from time to time, and any changes will be posted on our website and will be effective when posted. Please review this privacy policy each time you use our website or our services.

Safeguarding Measures

We take your privacy seriously and take every reasonable measure and precaution to protect and secure your Personal Data. We work hard to protect you and your Personal Data from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place, including but not limited to digital certificates, data encryption, firewalls and anti-virus/malware.

Cookie Notice

For further information on our use of cookies please refer to our separate Cookies Policy.

Transfers Outside the UK and EU

Personal Data may be accessed/hosted/stored in countries outside of the UK and European Union by us and some of the service providers we use. Where this is the case, we will take certain steps to ensure that the necessary level of protection for your information is used and are complying with the relevant data protection laws. These steps can include at least one of the follow safeguards: the provision of the International Data Transfer Addendum to EU Standard Contractual Clauses issued by the UK Information Commissioner (the "ICO") or ensuring that the privacy laws of the non-EEA country give the same protection as the EEA. Certain Underwriters/Insurers that are also a Data Controller may also access/host/store Personal Data outside of the UK or European Union.

Automated Decision-Making Including Profiling

Automated individual decision making, including profiling, may take place when you request a quote through one of our websites. The insurance providers we provide quotes on behalf of carry out this automated individual decision making. Using the information provided to us in your online quote form we run your Personal Data through algorithms and internal models either agreed with or set by each of the insurance providers to determine your risk profile and calculate your insurance premium. For example, some factors that insurance providers would use for a pet insurance policy are your address, the breed, age, neutered status, sex and value of your pet, along with the policy type selected.

You have the right to request human intervention to express your interests and contest automated decisions. If for any reason you are not satisfied with the quote obtained via our website, please contact our office to discuss your quote. Our contact numbers are clearly set out during the sales process. For Further information on individual insurance providers automated decision-making processes, please refer to their privacy policy.

How Long We Keep Your Data

We only retain your Personal Data for as long as is necessary for the purposes of providing insurance products and related services to you and so as to comply with legal and regulatory requirements. Generally, we will keep information for the following periods:

Type of Information	Retention Period
Quote Information (where a policy has not been purchased)	15 months
Policy Information	8 years

However, in certain cases we may need to keep Personal Data longer than the above periods such as long running disputes. If you have consented to us using your details for direct marketing, we will keep such Personal Data until you notify us otherwise and/or withdraw your consent.

Queries and Complaints

If you are unhappy with the way we have handled your Personal Data or if you have any queries regarding this notice you can contact us at dataprotection.uk@covermore.com.

Alternatively, you have the right to lodge a complaint with the ICO. Their contact details are as follows: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5 AF. Telephone: 0303 123 1113 (local rate) or 01625 545 745 (national rate) or alternatively visit their website: www.ico.org.uk

CMIS_PRIV_UK_Sept_25